1
0
mirror of https://github.com/postgres/postgres.git synced 2025-07-27 12:41:57 +03:00

"Annual" pgcrypto update from Marko Kreen:

Few cleanups and couple of new things:

 - add SHA2 algorithm to older OpenSSL
 - add BIGNUM math to have public-key cryptography work on non-OpenSSL
   build.
 - gen_random_bytes() function

The status of SHA2 algoritms and public-key encryption can now be
changed to 'always available.'

That makes pgcrypto functionally complete and unless there will be new
editions of AES, SHA2 or OpenPGP standards, there is no major changes
planned.
This commit is contained in:
Neil Conway
2006-07-13 04:15:25 +00:00
parent 99ac1e69ba
commit 1abf76e82c
22 changed files with 4397 additions and 374 deletions

View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/internal.c,v 1.23 2005/10/15 02:49:06 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/internal.c,v 1.24 2006/07/13 04:15:24 neilc Exp $
*/
#include "postgres.h"
@ -77,9 +77,11 @@
static void init_md5(PX_MD * h);
static void init_sha1(PX_MD * h);
static void init_sha256(PX_MD * h);
static void init_sha384(PX_MD * h);
static void init_sha512(PX_MD * h);
void init_sha224(PX_MD * h);
void init_sha256(PX_MD * h);
void init_sha384(PX_MD * h);
void init_sha512(PX_MD * h);
struct int_digest
{
@ -91,6 +93,7 @@ static const struct int_digest
int_digest_list[] = {
{"md5", init_md5},
{"sha1", init_sha1},
{"sha224", init_sha224},
{"sha256", init_sha256},
{"sha384", init_sha384},
{"sha512", init_sha512},
@ -193,150 +196,6 @@ int_sha1_free(PX_MD * h)
px_free(h);
}
/* SHA256 */
static unsigned
int_sha256_len(PX_MD * h)
{
return SHA256_DIGEST_LENGTH;
}
static unsigned
int_sha256_block_len(PX_MD * h)
{
return SHA256_BLOCK_LENGTH;
}
static void
int_sha256_update(PX_MD * h, const uint8 *data, unsigned dlen)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_Update(ctx, data, dlen);
}
static void
int_sha256_reset(PX_MD * h)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_Init(ctx);
}
static void
int_sha256_finish(PX_MD * h, uint8 *dst)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_Final(dst, ctx);
}
static void
int_sha256_free(PX_MD * h)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
/* SHA384 */
static unsigned
int_sha384_len(PX_MD * h)
{
return SHA384_DIGEST_LENGTH;
}
static unsigned
int_sha384_block_len(PX_MD * h)
{
return SHA384_BLOCK_LENGTH;
}
static void
int_sha384_update(PX_MD * h, const uint8 *data, unsigned dlen)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_Update(ctx, data, dlen);
}
static void
int_sha384_reset(PX_MD * h)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_Init(ctx);
}
static void
int_sha384_finish(PX_MD * h, uint8 *dst)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_Final(dst, ctx);
}
static void
int_sha384_free(PX_MD * h)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
/* SHA512 */
static unsigned
int_sha512_len(PX_MD * h)
{
return SHA512_DIGEST_LENGTH;
}
static unsigned
int_sha512_block_len(PX_MD * h)
{
return SHA512_BLOCK_LENGTH;
}
static void
int_sha512_update(PX_MD * h, const uint8 *data, unsigned dlen)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_Update(ctx, data, dlen);
}
static void
int_sha512_reset(PX_MD * h)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_Init(ctx);
}
static void
int_sha512_finish(PX_MD * h, uint8 *dst)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_Final(dst, ctx);
}
static void
int_sha512_free(PX_MD * h)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
/* init functions */
static void
@ -379,66 +238,6 @@ init_sha1(PX_MD * md)
md->reset(md);
}
static void
init_sha256(PX_MD * md)
{
SHA256_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
memset(ctx, 0, sizeof(*ctx));
md->p.ptr = ctx;
md->result_size = int_sha256_len;
md->block_size = int_sha256_block_len;
md->reset = int_sha256_reset;
md->update = int_sha256_update;
md->finish = int_sha256_finish;
md->free = int_sha256_free;
md->reset(md);
}
static void
init_sha384(PX_MD * md)
{
SHA384_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
memset(ctx, 0, sizeof(*ctx));
md->p.ptr = ctx;
md->result_size = int_sha384_len;
md->block_size = int_sha384_block_len;
md->reset = int_sha384_reset;
md->update = int_sha384_update;
md->finish = int_sha384_finish;
md->free = int_sha384_free;
md->reset(md);
}
static void
init_sha512(PX_MD * md)
{
SHA512_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
memset(ctx, 0, sizeof(*ctx));
md->p.ptr = ctx;
md->result_size = int_sha512_len;
md->block_size = int_sha512_block_len;
md->reset = int_sha512_reset;
md->update = int_sha512_update;
md->finish = int_sha512_finish;
md->free = int_sha512_free;
md->reset(md);
}
/*
* ciphers generally
*/
@ -821,19 +620,12 @@ px_find_cipher(const char *name, PX_Cipher ** res)
*/
/*
* Use libc for all 'public' bytes.
*
* That way we don't expose bytes from Fortuna
* to the public, in case it has some bugs.
* Use always strong randomness.
*/
int
px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
{
int i;
for (i = 0; i < count; i++)
*dst++ = random();
return i;
return px_get_random_bytes(dst, count);
}
static time_t seed_time = 0;