Re: Refactoring HMAC in the core code
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Bruce Momjian <bruce@momjian.us>
Cc: Postgres hackers <pgsql-hackers@lists.postgresql.org>, Daniel Gustafsson <daniel@yesql.se>
Date: 2020-12-18T06:46:42Z
Lists: pgsql-hackers
Attachments
- v2-0001-Refactor-HMAC-implementations.patch (text/x-diff) patch v2-0001
- hmacfuncs.tar.gz (application/gzip)
On Fri, Dec 18, 2020 at 08:41:01AM +0900, Michael Paquier wrote: > Knowing that we are in a period of vacations for a lot of people, and > that this is a sensitive area of the code that involves > authentication, I think that it is better to let this thread brew > longer and get more eyes to look at it. As this also concerns > external SSL libraries like libnss, making sure that the APIs have a > shape flexible enough would be good. Based on my own checks with > OpenSSL and libnss, I think that's more than enough. But let's be > sure. FWIW, I got my eyes on this stuff again today, and please find attached a v2, where I have fixed a certain number of issues: - Fixed a memory leak with the shrink buffer in the fallback implementation. - Fixed a couple of incorrect comments. - The logic around the resowner was a bit busted with OpenSSL <= 1.0.2. So I haev reorganized the code a bit. This has been tested on Windows and Linux across all the versions of OpenSSL we support on HEAD. I am also attaching a small module called hmacfuncs that I used as a way to validate this patch across all the versions of OpenSSL and the fallback implementation. As a reference, this matches with the results from Wikipedia here: https://en.wikipedia.org/wiki/HMAC#Examples -- Michael
Commits
-
Refactor HMAC implementations
- e6bdfd9700eb 14.0 landed