pgsql: Remove hardcoded dependency to cryptohash type in the internals

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: pgsql-committers(at)lists(dot)postgresql(dot)org
Subject: pgsql: Remove hardcoded dependency to cryptohash type in the internals
Date: 2022-12-19 23:57:57
Message-ID: E1p7Q16-004TDK-MY@gemulon.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

Remove hardcoded dependency to cryptohash type in the internals of SCRAM

SCRAM_KEY_LEN was a variable used in the internal routines of SCRAM to
size a set of fixed-sized arrays used in the SHA and HMAC computations
during the SASL exchange or when building a SCRAM password. This had a
hard dependency on SHA-256, reducing the flexibility of SCRAM when it
comes to the addition of more hash methods. A second issue was that
SHA-256 is assumed as the cryptohash method to use all the time.

This commit renames SCRAM_KEY_LEN to a more generic SCRAM_KEY_MAX_LEN,
which is used as the size of the buffers used by the internal routines
of SCRAM. This is aimed at tracking centrally the maximum size
necessary for all the hash methods supported by SCRAM. A global
variable has the advantage of keeping the code in its simplest form,
reducing the need of more alloc/free logic for all the buffers used in
the hash calculations.

A second change is that the key length (SHA digest length) and hash
types are now tracked by the state data in the backend and the frontend,
the common portions being extended to handle these as arguments by the
internal routines of SCRAM. There are a few RFC proposals floating
around to extend the SCRAM protocol, including some to use stronger
cryptohash algorithms, so this lifts some of the existing restrictions
in the code.

The code in charge of parsing and building SCRAM secrets is extended to
rely on the key length and on the cryptohash type used for the exchange,
assuming currently that only SHA-256 is supported for the moment. Note
that the mock authentication simply enforces SHA-256.

Author: Michael Paquier
Reviewed-by: Peter Eisentraut, Jonathan Katz
Discussion: https://postgr.es/m/Y5k3Qiweo/1g9CG6(at)paquier(dot)xyz

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/b3bb7d12af97f035c3aa3ad8dd41b44d01e2defa

Modified Files
--------------
src/backend/libpq/auth-scram.c | 141 +++++++++++++++++++++--------------
src/backend/libpq/crypt.c | 10 ++-
src/common/scram-common.c | 84 ++++++++++++---------
src/include/common/scram-common.h | 31 +++++---
src/include/libpq/scram.h | 6 +-
src/interfaces/libpq/fe-auth-scram.c | 65 +++++++++-------
6 files changed, 206 insertions(+), 131 deletions(-)

Browse pgsql-committers by date

  From Date Subject
Next Message Amit Kapila 2022-12-20 03:27:55 Re: pgsql: Doc: Explain about Column List feature.
Previous Message Robert Haas 2022-12-19 21:02:32 pgsql: Fix comment that was missing a word.