| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Bernd Helmle <mailings(at)oopsware(dot)de> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Modern SHA2- based password hashes for pgcrypto |
| Date: | 2025-01-02 15:28:50 |
| Message-ID: | 0967A746-3CB8-4195-916D-5E1B29D0AD36@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 2 Jan 2025, at 16:17, Bernd Helmle <mailings(at)oopsware(dot)de> wrote:
>
> Am Donnerstag, dem 02.01.2025 um 15:57 +0100 schrieb Daniel Gustafsson:
>>> I adapted the code from the publicly available reference
>>> implementation
>>> at [1]. It's based on our existing OpenSSL infrastructure in
>>> pgcrypto
>>> and produces compatible password hashes with crypt() and "openssl
>>> passwd" with "-5" and "-6" switches.
>>
>> Potentially daft question, but since we require OpenSSL to build
>> pgcrypto, why
>> do we need to include sha2 code instead of using the sha2
>> implementation in
>> libcrypto? How complicated would it be to use the OpenSSL API
>> instead?
>
> Not sure i got you, but i use OpenSSL and the SHA2 implementation
> there. See the pgcrypto px_* API (px.h and openssl.c respectively) i am
> using to create the digests.
Sorry, skimming the patch I misread it, nevermind.
--
Daniel Gustafsson
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Matheus Alcantara | 2025-01-02 15:29:30 | read stream on amcheck |
| Previous Message | Bernd Helmle | 2025-01-02 15:17:40 | Re: Modern SHA2- based password hashes for pgcrypto |