mirror of
https://github.com/postgres/postgres.git
synced 2025-07-27 12:41:57 +03:00
"Annual" pgcrypto update from Marko Kreen:
Few cleanups and couple of new things: - add SHA2 algorithm to older OpenSSL - add BIGNUM math to have public-key cryptography work on non-OpenSSL build. - gen_random_bytes() function The status of SHA2 algoritms and public-key encryption can now be changed to 'always available.' That makes pgcrypto functionally complete and unless there will be new editions of AES, SHA2 or OpenPGP standards, there is no major changes planned.
This commit is contained in:
@ -26,7 +26,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $PostgreSQL: pgsql/contrib/pgcrypto/internal.c,v 1.23 2005/10/15 02:49:06 momjian Exp $
|
||||
* $PostgreSQL: pgsql/contrib/pgcrypto/internal.c,v 1.24 2006/07/13 04:15:24 neilc Exp $
|
||||
*/
|
||||
|
||||
#include "postgres.h"
|
||||
@ -77,9 +77,11 @@
|
||||
|
||||
static void init_md5(PX_MD * h);
|
||||
static void init_sha1(PX_MD * h);
|
||||
static void init_sha256(PX_MD * h);
|
||||
static void init_sha384(PX_MD * h);
|
||||
static void init_sha512(PX_MD * h);
|
||||
|
||||
void init_sha224(PX_MD * h);
|
||||
void init_sha256(PX_MD * h);
|
||||
void init_sha384(PX_MD * h);
|
||||
void init_sha512(PX_MD * h);
|
||||
|
||||
struct int_digest
|
||||
{
|
||||
@ -91,6 +93,7 @@ static const struct int_digest
|
||||
int_digest_list[] = {
|
||||
{"md5", init_md5},
|
||||
{"sha1", init_sha1},
|
||||
{"sha224", init_sha224},
|
||||
{"sha256", init_sha256},
|
||||
{"sha384", init_sha384},
|
||||
{"sha512", init_sha512},
|
||||
@ -193,150 +196,6 @@ int_sha1_free(PX_MD * h)
|
||||
px_free(h);
|
||||
}
|
||||
|
||||
/* SHA256 */
|
||||
|
||||
static unsigned
|
||||
int_sha256_len(PX_MD * h)
|
||||
{
|
||||
return SHA256_DIGEST_LENGTH;
|
||||
}
|
||||
|
||||
static unsigned
|
||||
int_sha256_block_len(PX_MD * h)
|
||||
{
|
||||
return SHA256_BLOCK_LENGTH;
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha256_update(PX_MD * h, const uint8 *data, unsigned dlen)
|
||||
{
|
||||
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
|
||||
|
||||
SHA256_Update(ctx, data, dlen);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha256_reset(PX_MD * h)
|
||||
{
|
||||
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
|
||||
|
||||
SHA256_Init(ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha256_finish(PX_MD * h, uint8 *dst)
|
||||
{
|
||||
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
|
||||
|
||||
SHA256_Final(dst, ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha256_free(PX_MD * h)
|
||||
{
|
||||
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
|
||||
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
px_free(ctx);
|
||||
px_free(h);
|
||||
}
|
||||
|
||||
/* SHA384 */
|
||||
|
||||
static unsigned
|
||||
int_sha384_len(PX_MD * h)
|
||||
{
|
||||
return SHA384_DIGEST_LENGTH;
|
||||
}
|
||||
|
||||
static unsigned
|
||||
int_sha384_block_len(PX_MD * h)
|
||||
{
|
||||
return SHA384_BLOCK_LENGTH;
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha384_update(PX_MD * h, const uint8 *data, unsigned dlen)
|
||||
{
|
||||
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
|
||||
|
||||
SHA384_Update(ctx, data, dlen);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha384_reset(PX_MD * h)
|
||||
{
|
||||
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
|
||||
|
||||
SHA384_Init(ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha384_finish(PX_MD * h, uint8 *dst)
|
||||
{
|
||||
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
|
||||
|
||||
SHA384_Final(dst, ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha384_free(PX_MD * h)
|
||||
{
|
||||
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
|
||||
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
px_free(ctx);
|
||||
px_free(h);
|
||||
}
|
||||
|
||||
/* SHA512 */
|
||||
|
||||
static unsigned
|
||||
int_sha512_len(PX_MD * h)
|
||||
{
|
||||
return SHA512_DIGEST_LENGTH;
|
||||
}
|
||||
|
||||
static unsigned
|
||||
int_sha512_block_len(PX_MD * h)
|
||||
{
|
||||
return SHA512_BLOCK_LENGTH;
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha512_update(PX_MD * h, const uint8 *data, unsigned dlen)
|
||||
{
|
||||
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
|
||||
|
||||
SHA512_Update(ctx, data, dlen);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha512_reset(PX_MD * h)
|
||||
{
|
||||
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
|
||||
|
||||
SHA512_Init(ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha512_finish(PX_MD * h, uint8 *dst)
|
||||
{
|
||||
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
|
||||
|
||||
SHA512_Final(dst, ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
int_sha512_free(PX_MD * h)
|
||||
{
|
||||
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
|
||||
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
px_free(ctx);
|
||||
px_free(h);
|
||||
}
|
||||
|
||||
/* init functions */
|
||||
|
||||
static void
|
||||
@ -379,66 +238,6 @@ init_sha1(PX_MD * md)
|
||||
md->reset(md);
|
||||
}
|
||||
|
||||
static void
|
||||
init_sha256(PX_MD * md)
|
||||
{
|
||||
SHA256_CTX *ctx;
|
||||
|
||||
ctx = px_alloc(sizeof(*ctx));
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
|
||||
md->p.ptr = ctx;
|
||||
|
||||
md->result_size = int_sha256_len;
|
||||
md->block_size = int_sha256_block_len;
|
||||
md->reset = int_sha256_reset;
|
||||
md->update = int_sha256_update;
|
||||
md->finish = int_sha256_finish;
|
||||
md->free = int_sha256_free;
|
||||
|
||||
md->reset(md);
|
||||
}
|
||||
|
||||
static void
|
||||
init_sha384(PX_MD * md)
|
||||
{
|
||||
SHA384_CTX *ctx;
|
||||
|
||||
ctx = px_alloc(sizeof(*ctx));
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
|
||||
md->p.ptr = ctx;
|
||||
|
||||
md->result_size = int_sha384_len;
|
||||
md->block_size = int_sha384_block_len;
|
||||
md->reset = int_sha384_reset;
|
||||
md->update = int_sha384_update;
|
||||
md->finish = int_sha384_finish;
|
||||
md->free = int_sha384_free;
|
||||
|
||||
md->reset(md);
|
||||
}
|
||||
|
||||
static void
|
||||
init_sha512(PX_MD * md)
|
||||
{
|
||||
SHA512_CTX *ctx;
|
||||
|
||||
ctx = px_alloc(sizeof(*ctx));
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
|
||||
md->p.ptr = ctx;
|
||||
|
||||
md->result_size = int_sha512_len;
|
||||
md->block_size = int_sha512_block_len;
|
||||
md->reset = int_sha512_reset;
|
||||
md->update = int_sha512_update;
|
||||
md->finish = int_sha512_finish;
|
||||
md->free = int_sha512_free;
|
||||
|
||||
md->reset(md);
|
||||
}
|
||||
|
||||
/*
|
||||
* ciphers generally
|
||||
*/
|
||||
@ -821,19 +620,12 @@ px_find_cipher(const char *name, PX_Cipher ** res)
|
||||
*/
|
||||
|
||||
/*
|
||||
* Use libc for all 'public' bytes.
|
||||
*
|
||||
* That way we don't expose bytes from Fortuna
|
||||
* to the public, in case it has some bugs.
|
||||
* Use always strong randomness.
|
||||
*/
|
||||
int
|
||||
px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < count; i++)
|
||||
*dst++ = random();
|
||||
return i;
|
||||
return px_get_random_bytes(dst, count);
|
||||
}
|
||||
|
||||
static time_t seed_time = 0;
|
||||
|
Reference in New Issue
Block a user