| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Neil Chen <carpenter(dot)nail(dot)cz(at)gmail(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Masahiko Sawada <masahiko(dot)sawada(at)2ndquadrant(dot)com> |
| Subject: | Re: Proposed patch for key managment |
| Date: | 2020-12-15 17:00:08 |
| Message-ID: | 20201215170008.GF14596@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Dec 15, 2020 at 10:36:56AM +0800, Neil Chen wrote:
> 2. I tried to add support for AES_CTR mode, and the code for encrypting buffer
> blocks. In the process I found that in pg_cipher_ctx_create, the key length is
> declared as "byte". However, in the CryptoKey structure, the length is stored
> as "bit", which leads me to use a form similar to Key->klen / 8 when I call
> this function. Maybe we should unify the two to avoid unnecessary confusion.
Yes, I would also like to get opinions on this. We certainly have to
have the key length be in _bit_ units when visible by users, but I see a
lot of cases where we allocate arrays based on bytes. I am unclear
where the proper units should be. At a minimum, we should specify the
units in the function parameter names.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Simon Riggs | 2020-12-15 17:00:45 | Re: SQL/JSON: functions |
| Previous Message | Konstantin Knizhnik | 2020-12-15 16:42:39 | Re: On login trigger: take three |