Home > mailing lists

Re: Proposed patch for key managment - Mailing list pgsql-hackers

From	Neil Chen
Subject	Re: Proposed patch for key managment
Date	December 10, 2020 14:26:48
Msg-id	CAA3qoJkvH7Dae529cmJ8Ws4bPon+FF7=V5M-Txht_4u3=ALkOQ@mail.gmail.com Whole thread Raw
In response to	Proposed patch for key managment (Bruce Momjian <bruce@momjian.us>)
Responses	Re: Proposed patch for key managment
List	pgsql-hackers

Tree view

Hi, everyone

I have read the patch and did some simple tests. I'm not entirely sure about some code segments; e.g.:

In the BootStrapKmgr() we generate a data encryption key by:
key = generate_crypto_key(file_encryption_keylen);

However, I found that the file_encryption_keylen is always 0 in bootstrap mode because there exitst another variable bootstrap_file_encryption_keylen in xlog.c and bootstrap.c.

We get the REL/WAL key by KmgrGetKey() call and it works like:
return (const CryptoKey *) &(KmgrShmem->intlKeys[id]);

But in bootstrap mode, the KmgrShmem are not assigned. So, if we want to use it to encrypt something in bootstrap mode, I suggest we make the following changes:
if ( in bootstrap mode)
return intlKeys[id]; // a static variable which contains key
else
reutrn (const CryptoKey *) &(KmgrShmem->intlKeys[id]);

There is no royal road to learning.

Highgo Software Co.

pgsql-hackers by date:

From: Dilip Kumar
Date: 10 December 2020, 14:18:55
Subject: Re: Parallel Inserts in CREATE TABLE AS

From: Bharath Rupireddy
Date: 10 December 2020, 14:29:50
Subject: Re: Parallel Inserts in CREATE TABLE AS

Re: Proposed patch for key managment - Mailing list pgsql-hackers

Previous

Next