[agroal#504] Optimize SALT

We do this by removing the independent HMAC context initializations from the HMAC iterations present in salted_password Signed-off-by: Yassin ElBedwihy <eng.yassin.elbedwihy@gmail.com>
n0rbed · Mar 2, 2025 · ea3f50b · ea3f50b
1 parent 400e019
commit ea3f50b
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 19 deletions.
diff --git a/AUTHORS b/AUTHORS
@@ -16,3 +16,4 @@ Haoran Zhang <andrewzhr9911@gmail.com>
 Mohanad Khaled <mohanadkhaled87@gmail.com>
 Christian Englert <code@c.roboticbrain.de>
 Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
+Yassin ElBedwihy <eng.yassin.elbedwihy@gmail.com>
diff --git a/doc/manual/97-acknowledgement.md b/doc/manual/97-acknowledgement.md
@@ -23,6 +23,7 @@ Mohanad Khaled <mohanadkhaled87@gmail.com>
 Haoran Zhang <andrewzhr9911@gmail.com>
 Christian Englert <code@c.roboticbrain.de>
 Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
+Yassin ElBedwihy <eng.yassin.elbedwihy@gmail.com>
 ```
 
 ## Committers

diff --git a/doc/manual/advanced/97-acknowledgement.md b/doc/manual/advanced/97-acknowledgement.md
@@ -23,6 +23,7 @@ Mohanad Khaled <mohanadkhaled87@gmail.com>
 Haoran Zhang <andrewzhr9911@gmail.com>
 Christian Englert <code@c.roboticbrain.de>
 Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
+Yassin ElBedwihy <eng.yassin.elbedwihy@gmail.com>
 ```
 
 ## Committers

diff --git a/src/libpgagroal/security.c b/src/libpgagroal/security.c
@@ -3826,31 +3826,31 @@ salted_password(char* password, char* salt, int salt_length, int iterations, uns
 
    for (int i = 2; i <= iterations; i++)
    {
-      if (HMAC_CTX_reset(ctx) != 1)
+      for (int j = 0; j < size; j++)
       {
-         goto error;
+         *(r + j) ^= *(Ui + j);
       }
+      memcpy(&Ui_prev[0], &Ui[0], size);
+   }
 
-      if (HMAC_Init_ex(ctx, password, password_length, EVP_sha256(), NULL) != 1)
-      {
-         goto error;
-      }
+   if (HMAC_CTX_reset(ctx) != 1)
+   {
+      goto error;
+   }
 
-      if (HMAC_Update(ctx, &Ui_prev[0], size) != 1)
-      {
-         goto error;
-      }
+   if (HMAC_Init_ex(ctx, password, password_length, EVP_sha256(), NULL) != 1)
+   {
+      goto error;
+   }
 
-      if (HMAC_Final(ctx, &Ui[0], &Ui_length) != 1)
-      {
-         goto error;
-      }
+   if (HMAC_Update(ctx, &Ui_prev[0], size) != 1)
+   {
+      goto error;
+   }
 
-      for (int j = 0; j < size; j++)
-      {
-         *(r + j) ^= *(Ui + j);
-      }
-      memcpy(&Ui_prev[0], &Ui[0], size);
+   if (HMAC_Final(ctx, &Ui[0], &Ui_length) != 1)
+   {
+      goto error;
    }
 
    *result = r;