469,148 Members | 1,316 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,148 developers. It's quick & easy.

xor for text

Anyone have a good function for byte-by-byte XOR of text or varchar data
(or does one exist already in pg which I missed in the documentation)?

~Berend Tober


---------------------------(end of broadcast)---------------------------
TIP 8: explain analyze is your friend

Nov 12 '05 #1
3 3323
Hi Berend,

bt****@seaworthysys.com wrote:
Anyone have a good function for byte-by-byte XOR of text or varchar data
(or does one exist already in pg which I missed in the documentation)?

~Berend Tober


You should have a look at pg_crypt which offers a wider range
of cryptographic functions for postgres. I dont think there
is a xor yet, but otoh, xor is inherently insecure if its
cryptography you are trying.

However you might be able to use the examples to write
your own XOR function or use one of the other language
modules to do so.

HTH
Tino Wildenhain
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 12 '05 #2
> bt****@seaworthysys.com wrote:
Anyone have a good function for byte-by-byte XOR of text or varchar
data (or does one exist already in pg which I missed in the
documentation)?
You should have a look at pg_crypt which offers a wider range
of cryptographic functions for postgres.


Are you referring to contrib/pgcrypto here, which has the functions

encrypt(data::bytea, key::bytea, type::text)::bytea
decrypt(data::bytea, key::bytea, type::text)::bytea

or to something else? I do see a reference in some older documentation
for CREATE USER that says "...For more details on how this authentication
system functions see pg_crypt(3)", but I can't really figure out exactly
what documentation that refers to. Further guidance would be appreciated.
. I dont think there
is a xor yet, but otoh, xor is inherently insecure if its
cryptography you are trying.


I'm not sure exactly about the details of where I'm going yet, because
the customer has not layed out specifically what they want, so I'm just
developing some preliminary ideas. I'm preparing to support customer
request that sounds like what they'll want to do is to store
authentication credentials (username and password) in the database. These
credentials are not the database login credentials, but might be username
and passwords for other places employees need passwords for, like web
sites, other other network resources. Eash user would store whatever
passwords they want in a central repository (the database) and then have
to remember only a single password in able to get a list of their stored
passwords. I'm thinking their going to want the credentials stored in the
database to not be in plain text, so yea, I was thinking about simply
xoring them with the respective user's single, non-stored password, or
more likely xoring against an md5 hash of that single, master password.

~Berend Tober


---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Nov 12 '05 #3
On Sat, Dec 06, 2003 at 15:48:44 -0500,
bt****@seaworthysys.com wrote:
database to not be in plain text, so yea, I was thinking about simply
xoring them with the respective user's single, non-stored password, or
more likely xoring against an md5 hash of that single, master password.


It isn't a good idea to xor multiple plain text strings against the same
key string. If it is worth going to the trouble to encrypt the strings
in the first place, it will almost certainly be worth using some more
standard encryption as the cost will be a small amount of cpu time.

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Nov 12 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

3 posts views Thread by Xerxes | last post: by
2 posts views Thread by Macsicarr | last post: by
4 posts views Thread by Arif Çimen | last post: by
3 posts views Thread by jweinberg1975 | last post: by
3 posts views Thread by bbepristis | last post: by
10 posts views Thread by bluemountain | last post: by
1 post views Thread by CARIGAR | last post: by
1 post views Thread by Mortomer39 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.