On Sun, Jul 03, 2005 at 03:59:51PM +0300, Marko Kreen wrote:
> On Sun, Jul 03, 2005 at 12:43:32AM -0600, Michael Fuhr wrote:
> >
> > Yeah, I see that gen_salt() needs to be volatile, but I was thinking
> > about functions like digest(), encrypt(), decrypt(), etc., that
> > would be expected to return the same output given the same input.
> > For example, the core md5() function is immutable, but pgcrypto's
> > digest() is volatile. I was wondering if that's intentional or
> > just an oversight.
>
> Just an oversight.
>
> Could you send a patch to -patches that fixes it? It would take
> some time to do it myself, as I am coding an additional feature
> to the PGP functions, and all my free time goes to that.
>
> And if you decide to do it, please make them all STRICT too,
> _except_ encrypt/decrypt functions. Thats an additional change
> I have in the air for pgcrypto.sql.in.
I'll submit a patch. Does the following look right?
digest IMMUTABLE STRICT
digest_exists IMMUTABLE STRICT
hmac IMMUTABLE STRICT
hmac_exists IMMUTABLE STRICT
crypt IMMUTABLE STRICT
gen_salt VOLATILE STRICT
encrypt IMMUTABLE
decrypt IMMUTABLE
encrypt_iv IMMUTABLE
decrypt_iv IMMUTABLE
cipher_exists IMMUTABLE STRICT
In the functions marked STRICT, should I leave the PG_ARGISNULL()
checks in place as a precaution? Removing those checks could cause
problems if people use the new code but have old (non-STRICT) catalog
entries.
--
Michael Fuhr
http://www.fuhr.org/~mfuhr/
