|From:||Michael Paquier <michael(at)paquier(dot)xyz>|
|To:||Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>|
|Cc:||Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>, Daniel Gustafsson <daniel(at)yesql(dot)se>|
|Subject:||Re: Refactor SCRAM code to dynamically handle hash type and key length|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
On Thu, Dec 15, 2022 at 04:59:52AM +0900, Michael Paquier wrote:
> However, that's only half of the picture. The key length and the hash
> type (or just the hash type to know what's the digest/key length to
> use but that's more invasive) still need to be sent across the
> internal routines of SCRAM and attached to the state data of the
> frontend and the backend or we won't be able to do the hash and HMAC
> computations dependent on that.
Attached is a patch to do exactly that, and as a result v2 is half the
size of v1:
- SCRAM_KEY_LEN is now named SCRAM_MAX_KEY_LEN, adding a note that
this should be kept in sync as the maximum digest size of the
supported hash methods. This is used as the method to size all the
internal buffers of the SCRAM routines.
- SCRAM_SHA_256_KEY_LEN is used to track the key length for
SCRAM-SHA-256, the one initialized with the state data.
- No changes in the internal, the buffers are just resized based on
the max defined.
I'd like to move on with that in the next couple of days (still need
to study more the other areas of the code to see what else could be
made more pluggable), so let me know if there are any objections..
|Next Message||Michael Paquier||2022-12-17 03:27:30||Re: Raising the SCRAM iteration count|
|Previous Message||Peter Geoghegan||2022-12-17 02:44:11||Re: New strategies for freezing, advancing relfrozenxid early|