| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Stephen Frost <sfrost(at)snowman(dot)net>, Masahiko Sawada <masahiko(dot)sawada(at)2ndquadrant(dot)com> |
| Subject: | Re: Key management with tests |
| Date: | 2021-01-08 00:39:28 |
| Message-ID: | 20210108003928.GA18394@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jan 7, 2021 at 04:08:49PM -0300, Álvaro Herrera wrote:
> On 2021-Jan-07, Bruce Momjian wrote:
>
> > All the tests pass now. The current src/test directory is 19MB, and
> > adding these tests takes it to 23MB, or a 20% increase. That seems like
> > a lot. It is testing 128-bit and 256-bit keys --- should we do fewer
> > tests, or just test 256, or use gzip to compress the tests by 50%?
> > (Does every platform have gzip?)
>
> So the tests are about 95% of the patch ... do we really need that many
> tests?
No, I don't think so. Stephen imported the entire NIST test suite. It
was so comperhensive, it detected several OpenSSL bugs for zero-length
strings, which I already reported, but we would never be encrypting
zero-length strings, so there wasn't a lot of value to it.
Anyway, I think we need to figure out how to trim. The first part would
be to figure out whether we need 128 _and_ 256-bit tests, and then see
what items are really useful. Stephen, do you have any ideas on that?
We currently have 10296 tests, and I think we could get away with 100.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2021-01-08 00:46:23 | Re: Key management with tests |
| Previous Message | Tomas Vondra | 2021-01-08 00:14:39 | Re: list of extended statistics on psql |