Improve error handling of HMAC computations

Enterprise / PostgreSQL - Michael Paquier [] - 13 January 2022 07:17 UTC

This is similar to b69aba7, except that this completes the work for HMAC with a new routine called pg_hmac_error() that would provide more context about the type of error that happened during a HMAC computation:- The fallback HMAC implementation in hmac.c relies on cryptohashes, so in some code paths it is necessary to return back the error generated by cryptohashes.- For the OpenSSL implementation (hmac_openssl.c), the logic is very similar to cryptohash_openssl.c, where the error context comes from OpenSSL if one of its internal routines failed, with different error codes if something internal to hmac_openssl.c failed or was incorrect.

Any in-core code paths that use the centralized HMAC interface are related to SCRAM, for errors that are unlikely going to happen, with only SHA-256. It would be possible to see errors when computing some HMACs with MD5 for example and OpenSSL FIPS enabled, and this commit would help in reporting the correct errors but nothing in core uses that. So, at the end, no backpatch to v14 is done, at least for now.

Errors in SCRAM related to the computation of the server key, stored key, etc. need to pass down the potential error context string across more layers of their respective call stacks for the frontend and the backend, so each surrounding routine is adapted for this purpose.

5513dc6a30 Improve error handling of HMAC computations
src/backend/libpq/auth-scram.c | 22 +++++----
src/common/hmac.c | 64 +++++++++++++++++++++++++
src/common/hmac_openssl.c | 90 ++++++++++++++++++++++++++++++++++++
src/common/scram-common.c | 68 ++++++++++++++++++++-------
src/include/common/hmac.h | 1 +
src/include/common/scram-common.h | 14 ++++--
src/interfaces/libpq/fe-auth-scram.c | 76 ++++++++++++++++++++++--------
src/interfaces/libpq/fe-auth.c | 10 ++--
src/interfaces/libpq/fe-auth.h | 3 +-
src/tools/pgindent/typedefs.list | 1 +
10 files changed, 294 insertions(+), 55 deletions(-)


  • Share