Re: contrib/pgcrypto functions not IMMUTABLE?

From: Marko Kreen <marko(at)l-t(dot)ee>
To: Michael Fuhr <mike(at)fuhr(dot)org>
Cc: Russell Smith <mr-russ(at)pws(dot)com(dot)au>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: contrib/pgcrypto functions not IMMUTABLE?
Date: 2005-07-03 14:43:18
Message-ID: 20050703144318.GA23919@l-t.ee
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Sun, Jul 03, 2005 at 07:54:47AM -0600, Michael Fuhr wrote:
> I'll submit a patch. Does the following look right?
>
> digest IMMUTABLE STRICT
> digest_exists IMMUTABLE STRICT
> hmac IMMUTABLE STRICT
> hmac_exists IMMUTABLE STRICT
> crypt IMMUTABLE STRICT
> gen_salt VOLATILE STRICT
> encrypt IMMUTABLE
> decrypt IMMUTABLE
> encrypt_iv IMMUTABLE
> decrypt_iv IMMUTABLE
> cipher_exists IMMUTABLE STRICT

Nice overview. Now that I have them before me, I think crypt() should
stay also non-strict, as it also has delicate security properties.

Everything else is OK.

> In the functions marked STRICT, should I leave the PG_ARGISNULL()
> checks in place as a precaution? Removing those checks could cause
> problems if people use the new code but have old (non-STRICT) catalog
> entries.

Good point. Let them be.

Rather, could you make crypt, encrypt, decrypt return error for
NULL input? With nice message, eg. "NULL input"...

Then this topic would be solved in one go.

--
marko

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2005-07-03 15:49:32 Re: Checkpoint cost, looks like it is WAL/CRC
Previous Message Michael Fuhr 2005-07-03 13:54:47 Re: contrib/pgcrypto functions not IMMUTABLE?