"Annual" pgcrypto update from Marko Kreen:

Few cleanups and couple of new things: - add SHA2 algorithm to older OpenSSL - add BIGNUM math to have public-key cryptography work on non-OpenSSL build. - gen_random_bytes() function The status of SHA2 algoritms and public-key encryption can now be changed to 'always available.' That makes pgcrypto functionally complete and unless there will be new editions of AES, SHA2 or OpenPGP standards, there is no major changes planned.
2025-07-30 11:03:19 +03:00 · 2006-07-13 04:15:25 +00:00
parent 99ac1e69ba
commit 1abf76e82c
22 changed files with 4397 additions and 374 deletions
--- a/contrib/pgcrypto/pgcrypto.c
+++ b/contrib/pgcrypto/pgcrypto.c
@ -26,7 +26,7 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- * $PostgreSQL: pgsql/contrib/pgcrypto/pgcrypto.c,v 1.21 2006/05/30 22:12:13 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/pgcrypto.c,v 1.22 2006/07/13 04:15:25 neilc Exp $
 */

 #include "postgres.h"
@ -537,6 +537,34 @@ pg_decrypt_iv(PG_FUNCTION_ARGS)
 	PG_RETURN_BYTEA_P(res);
 }

+/* SQL function: pg_random_bytes(int4) returns bytea */
+PG_FUNCTION_INFO_V1(pg_random_bytes);
+
+Datum
+pg_random_bytes(PG_FUNCTION_ARGS)
+{
+	int err;
+	int len = PG_GETARG_INT32(0);
+	bytea *res;
+
+	if (len < 1 || len > 1024)
+		ereport(ERROR,
+				(errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
+				 errmsg("Length not in range")));
+
+	res = palloc(VARHDRSZ + len);
+	VARATT_SIZEP(res) = VARHDRSZ + len;
+
+	/* generate result */
+	err = px_get_random_bytes((uint8*)VARDATA(res), len);
+	if (err < 0)
+		ereport(ERROR,
+				(errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
+				 errmsg("Random generator error: %s", px_strerror(err))));
+
+	PG_RETURN_BYTEA_P(res);
+}
+
 /* SQL function: pg_cipher_exists(text) returns bool */
 PG_FUNCTION_INFO_V1(pg_cipher_exists);