Postgres Pro
Downloads
Home   >   mailing lists

Re: Key management with tests - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: Key management with tests
Date
Msg-id 20210108203423.GW27507@tamriel.snowman.net
Whole thread Raw
In response to Re: Key management with tests  (Bruce Momjian <bruce@momjian.us>)
Responses Re: Key management with tests  (Bruce Momjian <bruce@momjian.us>)
List pgsql-hackers
Tree view 
Greetings Bruce,

* Bruce Momjian (bruce@momjian.us) wrote:
> On Fri, Jan  1, 2021 at 01:07:50AM -0500, Bruce Momjian wrote:
> > On Thu, Dec 31, 2020 at 11:50:47PM -0500, Bruce Momjian wrote:
> > > I have completed the key management patch with tests created by Stephen
> > > Frost.  Original patch by Masahiko Sawada.  It requires the hex
> > > reorganization patch first.  The key patch is now 2.1MB because of the
> > > tests, so attaching it here seems unwise:
> > >
> > >     https://github.com/postgres/postgres/compare/master...bmomjian:hex.diff
> > >     https://github.com/postgres/postgres/compare/master...bmomjian:key.diff
> > >
> > > I will add it to the commitfest.  I think we need to figure out how much
> > > of the tests we want to add.
> >
> > I am getting regression test errors using OpenSSL 1.1.1d  10 Sep 2019
> > with zero-length input data (no -p), while Stephen is able for those
> > tests to pass.   This needs more research, plus I think higher-level
> > tests.
>
> I have found the cause of the failure, which I added as a C comment:
>
>     /*
>      * OpenSSL 1.1.1d and earlier crashes on some zero-length plaintext
>      * and ciphertext strings.  It crashes on an encryption call to
>      * EVP_EncryptFinal_ex(() in GCM mode of zero-length strings if
>      * plaintext is NULL, even though plaintext_len is zero.  Setting
>      * plaintext to non-NULL allows it to work.  In KW/KWP mode,
>      * zero-length strings fail if plaintext_len = 0 and plaintext is
>      * non-NULL (the opposite).  OpenSSL 1.1.1e+ is fine with all options.
>      */
>     else if (cipher == PG_CIPHER_AES_GCM)
>     {
>         plaintext_len = 0;
>         plaintext = pg_malloc0(1);
>     }
>
> All the tests pass now.  The current src/test directory is 19MB, and
> adding these tests takes it to 23MB, or a 20% increase.  That seems like
> a lot.  It is testing 128-bit and 256-bit keys --- should we do fewer
> tests, or just test 256, or use gzip to compress the tests by 50%?
> (Does every platform have gzip?)

Thanks a lot for working on this and figuring out what the issue was and
fixing it!  That's great that we got all those cases passing for you
too.

Thanks again,

Stephen
Attachment

pgsql-hackers by date:

Previous
From: Stephen Frost
Date:
Subject: Re: Key management with tests
Next
From: Bruce Momjian
Date:
Subject: Re: Key management with tests