Re: Refactoring HMAC in the core code

Bruce Momjian <bruce@momjian.us>

From: Bruce Momjian <bruce@momjian.us>
To: Michael Paquier <michael@paquier.xyz>
Cc: Postgres hackers <pgsql-hackers@lists.postgresql.org>, Daniel Gustafsson <daniel@yesql.se>
Date: 2021-04-02T14:10:36Z
Lists: pgsql-hackers
On Fri, Apr  2, 2021 at 07:04:18PM +0900, Michael Paquier wrote:
> On Mon, Feb 15, 2021 at 08:25:27PM +0900, Michael Paquier wrote:
> > Again a new rebase, giving v5:
> > - Fixed the APIs to return -1 if the caller gives NULL in input, to be
> > consistent with cryptohash.
> > - Added a length argument to pg_hmac_final(), wiht sanity checks.
> 
> So, this patch has been around for a couple of weeks now, and I would
> like to get this part done in 14 to close the loop with the parts of
> the code that had better rely on what the crypto libs have.  The main
> advantage of this change is for SCRAM so as it does not use its own
> implementation of HMAC whenever possible.
> 
> Any objections?

Works for me.

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  If only the physical world exists, free will is an illusion.




Commits

  1. Refactor HMAC implementations