1
0
mirror of https://github.com/postgres/postgres.git synced 2025-10-25 13:17:41 +03:00

pgcrypto update:

Reserve px_get_random_bytes() for strong randomness,
add new function px_get_pseudo_random_bytes() for
weak randomness and use it in gen_salt().

On openssl case, use RAND_pseudo_bytes() for
px_get_pseudo_random_bytes().

Final result is that is user has not configured random
souce but kept the 'silly' one, gen_salt() keeps
working, but pgp_encrypt() will throw error.

Marko Kreen
This commit is contained in:
Neil Conway
2005-03-21 05:22:14 +00:00
parent 1ea9169b42
commit 19b676869a
4 changed files with 48 additions and 16 deletions

View File

@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.10 2005/03/21 05:19:55 neilc Exp $ * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.11 2005/03/21 05:22:14 neilc Exp $
*/ */
#include <postgres.h> #include <postgres.h>
@@ -171,7 +171,7 @@ px_gen_salt(const char *salt_type, char *buf, int rounds)
return PXE_BAD_SALT_ROUNDS; return PXE_BAD_SALT_ROUNDS;
} }
res = px_get_random_bytes(rbuf, g->input_len); res = px_get_pseudo_random_bytes(rbuf, g->input_len);
if (res < 0) if (res < 0)
return res; return res;

View File

@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.10 2005/03/21 05:19:55 neilc Exp $ * $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.11 2005/03/21 05:22:14 neilc Exp $
*/ */
#include <postgres.h> #include <postgres.h>
@@ -56,6 +56,7 @@ static const struct error_desc px_err_list[] = {
{PXE_UNKNOWN_SALT_ALGO, "Unknown salt algorithm"}, {PXE_UNKNOWN_SALT_ALGO, "Unknown salt algorithm"},
{PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"}, {PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"},
{PXE_MCRYPT_INTERNAL, "mcrypt internal error"}, {PXE_MCRYPT_INTERNAL, "mcrypt internal error"},
{PXE_NO_RANDOM, "No strong random source"},
{0, NULL}, {0, NULL},
}; };

View File

@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.11 2005/03/21 05:19:55 neilc Exp $ * $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.12 2005/03/21 05:22:14 neilc Exp $
*/ */
#ifndef __PX_H #ifndef __PX_H
@@ -83,6 +83,7 @@ void px_free(void *p);
#define PXE_UNKNOWN_SALT_ALGO -14 #define PXE_UNKNOWN_SALT_ALGO -14
#define PXE_BAD_SALT_ROUNDS -15 #define PXE_BAD_SALT_ROUNDS -15
#define PXE_MCRYPT_INTERNAL -16 #define PXE_MCRYPT_INTERNAL -16
#define PXE_NO_RANDOM -17
typedef struct px_digest PX_MD; typedef struct px_digest PX_MD;
typedef struct px_alias PX_Alias; typedef struct px_alias PX_Alias;
@@ -168,6 +169,7 @@ int px_find_cipher(const char *name, PX_Cipher ** res);
int px_find_combo(const char *name, PX_Combo ** res); int px_find_combo(const char *name, PX_Combo ** res);
int px_get_random_bytes(uint8 *dst, unsigned count); int px_get_random_bytes(uint8 *dst, unsigned count);
int px_get_pseudo_random_bytes(uint8 *dst, unsigned count);
const char *px_strerror(int err); const char *px_strerror(int err);

View File

@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.9 2005/03/21 05:19:55 neilc Exp $ * $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.10 2005/03/21 05:22:14 neilc Exp $
*/ */
@@ -78,10 +78,16 @@ px_get_random_bytes(uint8 *dst, unsigned count)
return res; return res;
} }
int
px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
{
return px_get_random_bytes(dst, count);
}
#elif defined(RAND_SILLY) #elif defined(RAND_SILLY)
int int
px_get_random_bytes(uint8 *dst, unsigned count) px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
{ {
int i; int i;
@@ -90,6 +96,12 @@ px_get_random_bytes(uint8 *dst, unsigned count)
return i; return i;
} }
int
px_get_random_bytes(uint8 *dst, unsigned count)
{
return PXE_NO_RANDOM;
}
#elif defined(RAND_OPENSSL) #elif defined(RAND_OPENSSL)
#include <openssl/evp.h> #include <openssl/evp.h>
@@ -99,22 +111,24 @@ px_get_random_bytes(uint8 *dst, unsigned count)
static int openssl_random_init = 0; static int openssl_random_init = 0;
/*
* OpenSSL random should re-feeded occasionally. From /dev/urandom
* preferably.
*/
static void init_openssl()
{
if (RAND_get_rand_method() == NULL)
RAND_set_rand_method(RAND_SSLeay());
openssl_random_init = 1;
}
int int
px_get_random_bytes(uint8 *dst, unsigned count) px_get_random_bytes(uint8 *dst, unsigned count)
{ {
int res; int res;
if (!openssl_random_init) if (!openssl_random_init)
{ init_openssl();
if (RAND_get_rand_method() == NULL)
RAND_set_rand_method(RAND_SSLeay());
openssl_random_init = 1;
}
/*
* OpenSSL random should re-feeded occasionally. From /dev/urandom
* preferably.
*/
res = RAND_bytes(dst, count); res = RAND_bytes(dst, count);
if (res == 1) if (res == 1)
@@ -123,6 +137,21 @@ px_get_random_bytes(uint8 *dst, unsigned count)
return PXE_OSSL_RAND_ERROR; return PXE_OSSL_RAND_ERROR;
} }
int
px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
{
int res;
if (!openssl_random_init)
init_openssl();
res = RAND_pseudo_bytes(dst, count);
if (res == 0 || res == 1)
return count;
return PXE_OSSL_RAND_ERROR;
}
#else #else
#error "Invalid random source" #error "Invalid random source"
#endif #endif