Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Optimize SALT #504

Open
jesperpedersen opened this issue Mar 1, 2025 · 3 comments · May be fixed by #505
Open

Optimize SALT #504

jesperpedersen opened this issue Mar 1, 2025 · 3 comments · May be fixed by #505
Assignees
@n0rbed
Labels
enhancement Improvement to an existing feature

Comments

@jesperpedersen
Copy link
Collaborator

Optimize the SALT implementation, and see how it affects iteration count.

https://www.postgresql.org/message-id/flat/Z6BsNAadbID%2Bk2L4%40bass1 can be used for ideas
@jesperpedersen jesperpedersen added the enhancement Improvement to an existing feature label Mar 1, 2025
@n0rbed
Copy link

n0rbed commented Mar 1, 2025

Hmm /src/common/hmac.c isnt in this repo, nor is scram_SaltedPassword. only scram_sha256 exists here

@jesperpedersen
Copy link
Collaborator Author

@n0rbed You have to learn our implementation in mainly security.c. The email thread is just for the general idea, none of its source code will apply to pgagroal's code base

@jesperpedersen
Copy link
Collaborator Author

Take a look at https://datatracker.ietf.org/doc/html/rfc7677 and friends

@n0rbed n0rbed linked a pull request Mar 1, 2025 that will close this issue
Open
n0rbed added a commit to n0rbed/pgagroal that referenced this issue Mar 2, 2025
@n0rbed
[agroal#504] Optimize SALT
ea3f50b 
We do this by removing the independent HMAC context initializations from the HMAC iterations present in salted_password

Signed-off-by: Yassin ElBedwihy <eng.yassin.elbedwihy@gmail.com>
n0rbed added a commit to n0rbed/pgagroal that referenced this issue Mar 2, 2025
@n0rbed
[agroal#504] Optimize SALT
1d52ec5 
We do this by removing the independent HMAC context initializations from the HMAC iterations present in salted_password

Signed-off-by: Yassin ElBedwihy <eng.yassin.elbedwihy@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@n0rbed n0rbed

Labels
enhancement Improvement to an existing feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Optimize SALT n0rbed/pgagroal
2 participants
@jesperpedersen @n0rbed