database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-28 23:42:10 +03:00
Code Activity

Standard pgindent run for 8.1.

Browse Source
This commit is contained in:
Bruce Momjian
2005-10-15 02:49:52 +00:00
parent 790c01d280
commit 1dc3498251
770 changed files with 34334 additions and 32507 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
contrib/pgcrypto/crypt-blowfish.c
View File

@ -520,7 +520,6 @@ extern void _BF_body_r(BF_ctx * ctx);
#define BF_body() \
_BF_body_r(&data.ctx);
#else
#define BF_body() \
@ -712,7 +711,7 @@ _crypt_blowfish_rn(const char *key, const char *setting,
memcpy(output, setting, 7 + 22 - 1);
output[7 + 22 - 1] = BF_itoa64[(int)
BF_atoi64[(int) setting[7 + 22 - 1] - 0x20] & 0x30];
BF_atoi64[(int) setting[7 + 22 - 1] - 0x20] & 0x30];
/* This has to be bug-compatible with the original implementation, so
* only encode 23 of the 24 bytes. :-) */

48
contrib/pgcrypto/crypt-des.c
View File

@ -246,8 +246,8 @@ des_init(void)
}
/*
* Convert the inverted S-boxes into 4 arrays of 8 bits. Each will
* handle 12 bits of the S-box input.
* Convert the inverted S-boxes into 4 arrays of 8 bits. Each will handle
* 12 bits of the S-box input.
*/
for (b = 0; b < 4; b++)
for (i = 0; i < 64; i++)
@ -267,8 +267,8 @@ des_init(void)
}
/*
* Invert the key permutation and initialise the inverted key
* compression permutation.
* Invert the key permutation and initialise the inverted key compression
* permutation.
*/
for (i = 0; i < 56; i++)
{
@ -284,8 +284,8 @@ des_init(void)
inv_comp_perm[comp_perm[i] - 1] = i;
/*
* Set up the OR-mask arrays for the initial and final permutations,
* and for the key initial and compression permutations.
* Set up the OR-mask arrays for the initial and final permutations, and
* for the key initial and compression permutations.
*/
for (k = 0; k < 8; k++)
{
@ -347,8 +347,8 @@ des_init(void)
}
/*
* Invert the P-box permutation, and convert into OR-masks for
* handling the output of the S-box arrays setup above.
* Invert the P-box permutation, and convert into OR-masks for handling
* the output of the S-box arrays setup above.
*/
for (i = 0; i < 32; i++)
un_pbox[pbox[i] - 1] = i;
@ -411,9 +411,9 @@ des_setkey(const char *key)
&& rawkey1 == old_rawkey1)
{
/*
* Already setup for this key. This optimisation fails on a zero
* key (which is weak and has bad parity anyway) in order to
* simplify the starting conditions.
* Already setup for this key. This optimisation fails on a zero key
* (which is weak and has bad parity anyway) in order to simplify the
* starting conditions.
*/
return (0);
}
@ -560,16 +560,16 @@ do_des(uint32 l_in, uint32 r_in, uint32 *l_out, uint32 *r_out, int count)
| ((r & 0x80000000) >> 31);
/*
* Do salting for crypt() and friends, and XOR with the
* permuted key.
* Do salting for crypt() and friends, and XOR with the permuted
* key.
*/
f = (r48l ^ r48r) & saltbits;
r48l ^= f ^ *kl++;
r48r ^= f ^ *kr++;
/*
* Do sbox lookups (which shrink it back to 32 bits) and do
* the pbox permutation at the same time.
* Do sbox lookups (which shrink it back to 32 bits) and do the
* pbox permutation at the same time.
*/
f = psbox[0][m_sbox[0][r48l >> 12]]
| psbox[1][m_sbox[1][r48l & 0xfff]]
@ -660,8 +660,8 @@ px_crypt_des(const char *key, const char *setting)
/*
* Copy the key, shifting each character up by one bit and padding
* with zeros.
* Copy the key, shifting each character up by one bit and padding with
* zeros.
*/
q = (uint8 *) keybuf;
while (q - (uint8 *) keybuf - 8)
@ -706,10 +706,10 @@ px_crypt_des(const char *key, const char *setting)
strncpy(output, setting, 9);
/*
* Double check that we weren't given a short setting. If we were,
* the above code will probably have created wierd values for
* count and salt, but we don't really care. Just make sure the
* output string doesn't have an extra NUL in it.
* Double check that we weren't given a short setting. If we were, the
* above code will probably have created wierd values for count and
* salt, but we don't really care. Just make sure the output string
* doesn't have an extra NUL in it.
*/
output[9] = '\0';
p = output + strlen(output);
@ -728,9 +728,9 @@ px_crypt_des(const char *key, const char *setting)
output[0] = setting[0];
/*
* If the encrypted password that the salt was extracted from is
* only 1 character long, the salt will be corrupted. We need to
* ensure that the output string doesn't have an extra NUL in it!
* If the encrypted password that the salt was extracted from is only
* 1 character long, the salt will be corrupted. We need to ensure
* that the output string doesn't have an extra NUL in it!
*/
output[1] = setting[1] ? setting[1] : output[0];

8
contrib/pgcrypto/crypt-gensalt.c
View File

@ -22,7 +22,7 @@ unsigned char _crypt_itoa64[64 + 1] =
char *
_crypt_gensalt_traditional_rn(unsigned long count,
const char *input, int size, char *output, int output_size)
const char *input, int size, char *output, int output_size)
{
if (size < 2 || output_size < 2 + 1 || (count && count != 25))
{
@ -40,7 +40,7 @@ _crypt_gensalt_traditional_rn(unsigned long count,
char *
_crypt_gensalt_extended_rn(unsigned long count,
const char *input, int size, char *output, int output_size)
const char *input, int size, char *output, int output_size)
{
unsigned long value;
@ -76,7 +76,7 @@ _crypt_gensalt_extended_rn(unsigned long count,
char *
_crypt_gensalt_md5_rn(unsigned long count,
const char *input, int size, char *output, int output_size)
const char *input, int size, char *output, int output_size)
{
unsigned long value;
@ -158,7 +158,7 @@ BF_encode(char *dst, const BF_word * src, int size)
char *
_crypt_gensalt_blowfish_rn(unsigned long count,
const char *input, int size, char *output, int output_size)
const char *input, int size, char *output, int output_size)
{
if (size < 16 || output_size < 7 + 22 + 1 ||
(count && (count < 4 || count > 31)))

8
contrib/pgcrypto/crypt-md5.c
View File

@ -8,7 +8,7 @@
*
* $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.5 1999/12/17 20:21:45 peter Exp $
*
* $PostgreSQL: pgsql/contrib/pgcrypto/crypt-md5.c,v 1.5 2005/09/24 19:14:04 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/crypt-md5.c,v 1.6 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -24,9 +24,9 @@
char *
px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
{
static char *magic = "$1$"; /* This string is magic for this
* algorithm. Having it this way, we can
* get get better later on */
static char *magic = "$1$"; /* This string is magic for this algorithm.
* Having it this way, we can get get better
* later on */
static char *p;
static const char *sp,
*ep;

146
contrib/pgcrypto/fortuna.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/fortuna.c,v 1.4 2005/07/18 17:12:54 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/fortuna.c,v 1.5 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -43,16 +43,16 @@
* Why Fortuna-like: There does not seem to be any definitive reference
* on Fortuna in the net. Instead this implementation is based on
* following references:
*
*
* http://en.wikipedia.org/wiki/Fortuna_(PRNG)
* - Wikipedia article
* - Wikipedia article
* http://jlcooke.ca/random/
* - Jean-Luc Cooke Fortuna-based /dev/random driver for Linux.
* - Jean-Luc Cooke Fortuna-based /dev/random driver for Linux.
*/
/*
* There is some confusion about whether and how to carry forward
* the state of the pools. Seems like original Fortuna does not
* the state of the pools. Seems like original Fortuna does not
* do it, resetting hash after each request. I guess expecting
* feeding to happen more often that requesting. This is absolutely
* unsuitable for pgcrypto, as nothing asynchronous happens here.
@ -76,7 +76,7 @@
* How many pools.
*
* Original Fortuna uses 32 pools, that means 32'th pool is
* used not earlier than in 13th year. This is a waste in
* used not earlier than in 13th year. This is a waste in
* pgcrypto, as we have very low-frequancy seeding. Here
* is preferable to have all entropy usable in reasonable time.
*
@ -89,12 +89,12 @@
#define NUM_POOLS 23
/* in microseconds */
#define RESEED_INTERVAL 100000 /* 0.1 sec */
#define RESEED_INTERVAL 100000 /* 0.1 sec */
/* for one big request, reseed after this many bytes */
#define RESEED_BYTES (1024*1024)
/*
/*
* Skip reseed if pool 0 has less than this many
* bytes added since last reseed.
*/
@ -114,17 +114,18 @@
#define MD_CTX SHA256_CTX
#define CIPH_CTX rijndael_ctx
struct fortuna_state {
uint8 counter[CIPH_BLOCK];
uint8 result[CIPH_BLOCK];
uint8 key[BLOCK];
MD_CTX pool[NUM_POOLS];
CIPH_CTX ciph;
unsigned reseed_count;
struct timeval last_reseed_time;
unsigned pool0_bytes;
unsigned rnd_pos;
int counter_init;
struct fortuna_state
{
uint8 counter[CIPH_BLOCK];
uint8 result[CIPH_BLOCK];
uint8 key[BLOCK];
MD_CTX pool[NUM_POOLS];
CIPH_CTX ciph;
unsigned reseed_count;
struct timeval last_reseed_time;
unsigned pool0_bytes;
unsigned rnd_pos;
int counter_init;
};
typedef struct fortuna_state FState;
@ -137,29 +138,35 @@ typedef struct fortuna_state FState;
* - No memory allocations.
*/
static void ciph_init(CIPH_CTX *ctx, const uint8 *key, int klen)
static void
ciph_init(CIPH_CTX * ctx, const uint8 *key, int klen)
{
rijndael_set_key(ctx, (const uint32 *)key, klen, 1);
rijndael_set_key(ctx, (const uint32 *) key, klen, 1);
}
static void ciph_encrypt(CIPH_CTX *ctx, const uint8 *in, uint8 *out)
static void
ciph_encrypt(CIPH_CTX * ctx, const uint8 *in, uint8 *out)
{
rijndael_encrypt(ctx, (const uint32 *)in, (uint32 *)out);
rijndael_encrypt(ctx, (const uint32 *) in, (uint32 *) out);
}
static void md_init(MD_CTX *ctx)
static void
md_init(MD_CTX * ctx)
{
SHA256_Init(ctx);
}
static void md_update(MD_CTX *ctx, const uint8 *data, int len)
static void
md_update(MD_CTX * ctx, const uint8 *data, int len)
{
SHA256_Update(ctx, data, len);
}
static void md_result(MD_CTX *ctx, uint8 *dst)
static void
md_result(MD_CTX * ctx, uint8 *dst)
{
SHA256_CTX tmp;
SHA256_CTX tmp;
memcpy(&tmp, ctx, sizeof(*ctx));
SHA256_Final(dst, &tmp);
memset(&tmp, 0, sizeof(tmp));
@ -168,9 +175,11 @@ static void md_result(MD_CTX *ctx, uint8 *dst)
/*
* initialize state
*/
static void init_state(FState *st)
static void
init_state(FState * st)
{
int i;
int i;
memset(st, 0, sizeof(*st));
for (i = 0; i < NUM_POOLS; i++)
md_init(&st->pool[i]);
@ -180,9 +189,11 @@ static void init_state(FState *st)
* Endianess does not matter.
* It just needs to change without repeating.
*/
static void inc_counter(FState *st)
static void
inc_counter(FState * st)
{
uint32 *val = (uint32*)st->counter;
uint32 *val = (uint32 *) st->counter;
if (++val[0])
return;
if (++val[1])
@ -195,7 +206,8 @@ static void inc_counter(FState *st)
/*
* This is called 'cipher in counter mode'.
*/
static void encrypt_counter(FState *st, uint8 *dst)
static void
encrypt_counter(FState * st, uint8 *dst)
{
ciph_encrypt(&st->ciph, st->counter, dst);
inc_counter(st);
@ -206,12 +218,13 @@ static void encrypt_counter(FState *st, uint8 *dst)
* The time between reseed must be at least RESEED_INTERVAL
* microseconds.
*/
static int too_often(FState *st)
static int
too_often(FState * st)
{
int ok;
int ok;
struct timeval tv;
struct timeval *last = &st->last_reseed_time;
gettimeofday(&tv, NULL);
ok = 0;
@ -229,19 +242,19 @@ static int too_often(FState *st)
/*
* generate new key from all the pools
*/
static void reseed(FState *st)
static void
reseed(FState * st)
{
unsigned k;
unsigned n;
MD_CTX key_md;
uint8 buf[BLOCK];
unsigned k;
unsigned n;
MD_CTX key_md;
uint8 buf[BLOCK];
/* set pool as empty */
st->pool0_bytes = 0;
/*
* Both #0 and #1 reseed would use only pool 0.
* Just skip #0 then.
* Both #0 and #1 reseed would use only pool 0. Just skip #0 then.
*/
n = ++st->reseed_count;
@ -249,7 +262,8 @@ static void reseed(FState *st)
* The goal: use k-th pool only 1/(2^k) of the time.
*/
md_init(&key_md);
for (k = 0; k < NUM_POOLS; k++) {
for (k = 0; k < NUM_POOLS; k++)
{
md_result(&st->pool[k], buf);
md_update(&key_md, buf, BLOCK);
@ -272,11 +286,12 @@ static void reseed(FState *st)
}
/*
* Pick a random pool. This uses key bytes as random source.
* Pick a random pool. This uses key bytes as random source.
*/
static unsigned get_rand_pool(FState *st)
static unsigned
get_rand_pool(FState * st)
{
unsigned rnd;
unsigned rnd;
/*
* This slightly prefers lower pools - thats OK.
@ -293,11 +308,12 @@ static unsigned get_rand_pool(FState *st)
/*
* update pools
*/
static void add_entropy(FState *st, const uint8 *data, unsigned len)
static void
add_entropy(FState * st, const uint8 *data, unsigned len)
{
unsigned pos;
uint8 hash[BLOCK];
MD_CTX md;
unsigned pos;
uint8 hash[BLOCK];
MD_CTX md;
/* hash given data */
md_init(&md);
@ -305,14 +321,13 @@ static void add_entropy(FState *st, const uint8 *data, unsigned len)
md_result(&md, hash);
/*
* Make sure the pool 0 is initialized,
* then update randomly.
* Make sure the pool 0 is initialized, then update randomly.
*/
if (st->reseed_count == 0 && st->pool0_bytes < POOL0_FILL)
pos = 0;
else
pos = get_rand_pool(st);
md_update( &st->pool[pos], hash, BLOCK);
md_update(&st->pool[pos], hash, BLOCK);
if (pos == 0)
st->pool0_bytes += len;
@ -324,7 +339,8 @@ static void add_entropy(FState *st, const uint8 *data, unsigned len)
/*
* Just take 2 next blocks as new key
*/
static void rekey(FState *st)
static void
rekey(FState * st)
{
encrypt_counter(st, st->key);
encrypt_counter(st, st->key + CIPH_BLOCK);
@ -336,7 +352,8 @@ static void rekey(FState *st)
* In case it does not, slow down the attacker by initialising
* the couter to random value.
*/
static void init_counter(FState *st)
static void
init_counter(FState * st)
{
/* Use next block as counter. */
encrypt_counter(st, st->counter);
@ -348,10 +365,11 @@ static void init_counter(FState *st)
st->counter_init = 1;
}
static void extract_data(FState *st, unsigned count, uint8 *dst)
static void
extract_data(FState * st, unsigned count, uint8 *dst)
{
unsigned n;
unsigned block_nr = 0;
unsigned n;
unsigned block_nr = 0;
/* Can we reseed? */
if (st->pool0_bytes >= POOL0_FILL && !too_often(st))
@ -361,7 +379,8 @@ static void extract_data(FState *st, unsigned count, uint8 *dst)
if (!st->counter_init)
init_counter(st);
while (count > 0) {
while (count > 0)
{
/* produce bytes */
encrypt_counter(st, st->result);
@ -391,9 +410,10 @@ static void extract_data(FState *st, unsigned count, uint8 *dst)
*/
static FState main_state;
static int init_done = 0;
static int init_done = 0;
void fortuna_add_entropy(const uint8 *data, unsigned len)
void
fortuna_add_entropy(const uint8 *data, unsigned len)
{
if (!init_done)
{
@ -405,7 +425,8 @@ void fortuna_add_entropy(const uint8 *data, unsigned len)
add_entropy(&main_state, data, len);
}
void fortuna_get_bytes(unsigned len, uint8 *dst)
void
fortuna_get_bytes(unsigned len, uint8 *dst)
{
if (!init_done)
{
@ -416,4 +437,3 @@ void fortuna_get_bytes(unsigned len, uint8 *dst)
return;
extract_data(&main_state, len, dst);
}

7
contrib/pgcrypto/fortuna.h
View File

@ -26,14 +26,13 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/fortuna.h,v 1.2 2005/07/18 17:12:54 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/fortuna.h,v 1.3 2005/10/15 02:49:06 momjian Exp $
*/
#ifndef __FORTUNA_H
#define __FORTUNA_H
void fortuna_get_bytes(unsigned len, uint8 *dst);
void fortuna_add_entropy(const uint8 *data, unsigned len);
void fortuna_get_bytes(unsigned len, uint8 *dst);
void fortuna_add_entropy(const uint8 *data, unsigned len);
#endif

75
contrib/pgcrypto/internal.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/internal.c,v 1.22 2005/07/18 17:12:54 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/internal.c,v 1.23 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -52,7 +52,7 @@
/*
* The chance is x/256 that the reseed happens.
*/
#define SYSTEM_RESEED_CHANCE (4) /* 256/4 * 10min ~ 10h */
#define SYSTEM_RESEED_CHANCE (4) /* 256/4 * 10min ~ 10h */
/*
* If this much time has passed, force reseed.
@ -88,13 +88,13 @@ struct int_digest
};
static const struct int_digest
int_digest_list[] = {
{ "md5", init_md5 },
{ "sha1", init_sha1 },
{ "sha256", init_sha256 },
{ "sha384", init_sha384 },
{ "sha512", init_sha512 },
{ NULL, NULL }
int_digest_list[] = {
{"md5", init_md5},
{"sha1", init_sha1},
{"sha256", init_sha256},
{"sha384", init_sha384},
{"sha512", init_sha512},
{NULL, NULL}
};
/* MD5 */
@ -210,7 +210,7 @@ int_sha256_block_len(PX_MD * h)
static void
int_sha256_update(PX_MD * h, const uint8 *data, unsigned dlen)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_Update(ctx, data, dlen);
}
@ -218,7 +218,7 @@ int_sha256_update(PX_MD * h, const uint8 *data, unsigned dlen)
static void
int_sha256_reset(PX_MD * h)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_Init(ctx);
}
@ -226,7 +226,7 @@ int_sha256_reset(PX_MD * h)
static void
int_sha256_finish(PX_MD * h, uint8 *dst)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_Final(dst, ctx);
}
@ -234,12 +234,13 @@ int_sha256_finish(PX_MD * h, uint8 *dst)
static void
int_sha256_free(PX_MD * h)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
/* SHA384 */
static unsigned
@ -257,7 +258,7 @@ int_sha384_block_len(PX_MD * h)
static void
int_sha384_update(PX_MD * h, const uint8 *data, unsigned dlen)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_Update(ctx, data, dlen);
}
@ -265,7 +266,7 @@ int_sha384_update(PX_MD * h, const uint8 *data, unsigned dlen)
static void
int_sha384_reset(PX_MD * h)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_Init(ctx);
}
@ -273,7 +274,7 @@ int_sha384_reset(PX_MD * h)
static void
int_sha384_finish(PX_MD * h, uint8 *dst)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_Final(dst, ctx);
}
@ -281,7 +282,7 @@ int_sha384_finish(PX_MD * h, uint8 *dst)
static void
int_sha384_free(PX_MD * h)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
@ -305,7 +306,7 @@ int_sha512_block_len(PX_MD * h)
static void
int_sha512_update(PX_MD * h, const uint8 *data, unsigned dlen)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_Update(ctx, data, dlen);
}
@ -313,7 +314,7 @@ int_sha512_update(PX_MD * h, const uint8 *data, unsigned dlen)
static void
int_sha512_reset(PX_MD * h)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_Init(ctx);
}
@ -321,7 +322,7 @@ int_sha512_reset(PX_MD * h)
static void
int_sha512_finish(PX_MD * h, uint8 *dst)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_Final(dst, ctx);
}
@ -329,7 +330,7 @@ int_sha512_finish(PX_MD * h, uint8 *dst)
static void
int_sha512_free(PX_MD * h)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
@ -381,7 +382,7 @@ init_sha1(PX_MD * md)
static void
init_sha256(PX_MD * md)
{
SHA256_CTX *ctx;
SHA256_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
memset(ctx, 0, sizeof(*ctx));
@ -401,7 +402,7 @@ init_sha256(PX_MD * md)
static void
init_sha384(PX_MD * md)
{
SHA384_CTX *ctx;
SHA384_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
memset(ctx, 0, sizeof(*ctx));
@ -421,7 +422,7 @@ init_sha384(PX_MD * md)
static void
init_sha512(PX_MD * md)
{
SHA512_CTX *ctx;
SHA512_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
memset(ctx, 0, sizeof(*ctx));
@ -752,12 +753,12 @@ struct int_cipher
};
static const struct int_cipher
int_ciphers[] = {
{ "bf-cbc", bf_cbc_load },
{ "bf-ecb", bf_ecb_load },
{ "aes-128-cbc", rj_128_cbc },
{ "aes-128-ecb", rj_128_ecb },
{ NULL, NULL }
int_ciphers[] = {
{"bf-cbc", bf_cbc_load},
{"bf-ecb", bf_ecb_load},
{"aes-128-cbc", rj_128_cbc},
{"aes-128-ecb", rj_128_ecb},
{NULL, NULL}
};
static const PX_Alias int_aliases[] = {
@ -828,7 +829,7 @@ px_find_cipher(const char *name, PX_Cipher ** res)
int
px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
{
int i;
int i;
for (i = 0; i < count; i++)
*dst++ = random();
@ -838,12 +839,13 @@ px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
static time_t seed_time = 0;
static time_t check_time = 0;
static void system_reseed(void)
static void
system_reseed(void)
{
uint8 buf[1024];
int n;
time_t t;
int skip = 1;
uint8 buf[1024];
int n;
time_t t;
int skip = 1;
t = time(NULL);
@ -890,4 +892,3 @@ px_add_entropy(const uint8 *data, unsigned count)
fortuna_add_entropy(data, count);
return 0;
}

45
contrib/pgcrypto/mbuf.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/mbuf.c,v 1.2 2005/07/11 15:07:59 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/mbuf.c,v 1.3 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -166,7 +166,8 @@ mbuf_grab(MBuf * mbuf, int len, uint8 **data_p)
return len;
}
int mbuf_rewind(MBuf *mbuf)
int
mbuf_rewind(MBuf * mbuf)
{
mbuf->read_pos = mbuf->data;
return 0;
@ -175,7 +176,7 @@ int mbuf_rewind(MBuf *mbuf)
int
mbuf_steal_data(MBuf * mbuf, uint8 **data_p)
{
int len = mbuf_size(mbuf);
int len = mbuf_size(mbuf);
mbuf->no_write = 1;
mbuf->own_data = 0;
@ -193,7 +194,7 @@ mbuf_steal_data(MBuf * mbuf, uint8 **data_p)
struct PullFilter
{
PullFilter *src;
PullFilter *src;
const PullFilterOps *op;
int buflen;
uint8 *buf;
@ -204,7 +205,7 @@ struct PullFilter
int
pullf_create(PullFilter ** pf_p, const PullFilterOps * op, void *init_arg, PullFilter * src)
{
PullFilter *pf;
PullFilter *pf;
void *priv;
int res;
@ -260,13 +261,14 @@ pullf_free(PullFilter * pf)
int
pullf_read(PullFilter * pf, int len, uint8 **data_p)
{
int res;
int res;
if (pf->op->pull)
{
if (pf->buflen && len > pf->buflen)
len = pf->buflen;
res = pf->op->pull(pf->priv, pf->src, len, data_p,
pf->buf, pf->buflen);
pf->buf, pf->buflen);
}
else
res = pullf_read(pf->src, len, data_p);
@ -276,8 +278,9 @@ pullf_read(PullFilter * pf, int len, uint8 **data_p)
int
pullf_read_max(PullFilter * pf, int len, uint8 **data_p, uint8 *tmpbuf)
{
int res, total;
uint8 *tmp;
int res,
total;
uint8 *tmp;
res = pullf_read(pf, len, data_p);
if (res <= 0 || res == len)
@ -288,8 +291,9 @@ pullf_read_max(PullFilter * pf, int len, uint8 **data_p, uint8 *tmpbuf)
*data_p = tmpbuf;
len -= res;
total = res;
while (len > 0) {
while (len > 0)
{
res = pullf_read(pf, len, &tmp);
if (res < 0)
{
@ -308,10 +312,12 @@ pullf_read_max(PullFilter * pf, int len, uint8 **data_p, uint8 *tmpbuf)
/*
* caller wants exatly len bytes and dont bother with references
*/
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
int
pullf_read_fixed(PullFilter * src, int len, uint8 *dst)
{
int res;
uint8 *p;
int res;
uint8 *p;
res = pullf_read_max(src, len, &p, dst);
if (res < 0)
return res;
@ -330,9 +336,10 @@ int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
*/
static int
pull_from_mbuf(void *arg, PullFilter * src, int len,
uint8 **data_p, uint8 *buf, int buflen)
uint8 **data_p, uint8 *buf, int buflen)
{
MBuf *mbuf = arg;
return mbuf_grab(mbuf, len, data_p);
}
@ -364,7 +371,7 @@ struct PushFilter
int
pushf_create(PushFilter ** mp_p, const PushFilterOps * op, void *init_arg, PushFilter * next)
{
PushFilter *mp;
PushFilter *mp;
void *priv;
int res;
@ -419,7 +426,7 @@ pushf_free(PushFilter * mp)
void
pushf_free_all(PushFilter * mp)
{
PushFilter *tmp;
PushFilter *tmp;
while (mp)
{
@ -549,8 +556,8 @@ static const struct PushFilterOps mbuf_filter = {
NULL, push_into_mbuf, NULL, NULL
};
int pushf_create_mbuf_writer(PushFilter **res, MBuf *dst)
int
pushf_create_mbuf_writer(PushFilter ** res, MBuf * dst)
{
return pushf_create(res, &mbuf_filter, dst, NULL);
}

45
contrib/pgcrypto/mbuf.h
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/mbuf.h,v 1.1 2005/07/10 13:46:28 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/mbuf.h,v 1.2 2005/10/15 02:49:06 momjian Exp $
*/
#ifndef __PX_MBUF_H
@ -40,32 +40,36 @@ typedef struct PullFilterOps PullFilterOps;
struct PushFilterOps
{
/* should return needed buffer size, 0- no buffering, <0 on error
* if NULL, no buffering, and priv=init_arg
/*
* should return needed buffer size, 0- no buffering, <0 on error if NULL,
* no buffering, and priv=init_arg
*/
int (*init) (PushFilter * next, void *init_arg, void **priv_p);
/* send data to next. should consume all?
* if null, it will be simply copied (in-place)
* returns 0 on error
/*
* send data to next. should consume all? if null, it will be simply
* copied (in-place) returns 0 on error
*/
int (*push) (PushFilter * next, void *priv,
const uint8 *src, int len);
const uint8 *src, int len);
int (*flush) (PushFilter * next, void *priv);
void (*free) (void *priv);
};
struct PullFilterOps
{
/* should return needed buffer size, 0- no buffering, <0 on error
* if NULL, no buffering, and priv=init_arg
/*
* should return needed buffer size, 0- no buffering, <0 on error if NULL,
* no buffering, and priv=init_arg
*/
int (*init) (void **priv_p, void *init_arg, PullFilter * src);
/* request data from src, put result ptr to data_p
* can use ptr from src or use buf as work area
* if NULL in-place copy
/*
* request data from src, put result ptr to data_p can use ptr from src or
* use buf as work area if NULL in-place copy
*/
int (*pull) (void *priv, PullFilter * src, int len,
uint8 **data_p, uint8 *buf, int buflen);
uint8 **data_p, uint8 *buf, int buflen);
void (*free) (void *priv);
};
@ -86,8 +90,8 @@ int mbuf_free(MBuf * mbuf);
/*
* Push filter
*/
int pushf_create(PushFilter ** res, const PushFilterOps * ops, void *init_arg,
PushFilter * next);
int pushf_create(PushFilter ** res, const PushFilterOps * ops, void *init_arg,
PushFilter * next);
int pushf_write(PushFilter * mp, const uint8 *data, int len);
void pushf_free_all(PushFilter * mp);
void pushf_free(PushFilter * mp);
@ -98,13 +102,13 @@ int pushf_create_mbuf_writer(PushFilter ** mp_p, MBuf * mbuf);
/*
* Pull filter
*/
int pullf_create(PullFilter ** res, const PullFilterOps * ops,
void *init_arg, PullFilter * src);
int pullf_create(PullFilter ** res, const PullFilterOps * ops,
void *init_arg, PullFilter * src);
int pullf_read(PullFilter * mp, int len, uint8 **data_p);
int pullf_read_max(PullFilter * mp, int len,
uint8 **data_p, uint8 *tmpbuf);
int pullf_read_max(PullFilter * mp, int len,
uint8 **data_p, uint8 *tmpbuf);
void pullf_free(PullFilter * mp);
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst);
int pullf_read_fixed(PullFilter * src, int len, uint8 *dst);
int pullf_create_mbuf_reader(PullFilter ** pf_p, MBuf * mbuf);
@ -118,4 +122,3 @@ int pullf_create_mbuf_reader(PullFilter ** pf_p, MBuf * mbuf);
} while (0)
#endif /* __PX_MBUF_H */

2
contrib/pgcrypto/md5.h
View File

@ -1,4 +1,4 @@
/* $PostgreSQL: pgsql/contrib/pgcrypto/md5.h,v 1.8 2003/11/29 22:39:28 pgsql Exp $ */
/* $PostgreSQL: pgsql/contrib/pgcrypto/md5.h,v 1.9 2005/10/15 02:49:06 momjian Exp $ */
/* $KAME: md5.h,v 1.3 2000/02/22 14:01:18 itojun Exp $ */
/*

34
contrib/pgcrypto/openssl.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/openssl.c,v 1.25 2005/07/12 20:27:42 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/openssl.c,v 1.26 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -47,14 +47,13 @@
#define MAX_IV (128/8)
/*
* Does OpenSSL support AES?
* Does OpenSSL support AES?
*/
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
/* Yes, it does. */
#include <openssl/aes.h>
#else /* old OPENSSL */
#else /* old OPENSSL */
/*
* No, it does not. So use included rijndael code to emulate it.
@ -91,8 +90,7 @@
memcpy(iv, (src) + (len) - 16, 16); \
} \
} while (0)
#endif /* old OPENSSL */
#endif /* old OPENSSL */
/*
* Compatibility with older OpenSSL API for DES.
@ -157,8 +155,8 @@ digest_finish(PX_MD * h, uint8 *dst)
EVP_DigestFinal(ctx, dst, NULL);
/*
* Some builds of 0.9.7x clear all of ctx in EVP_DigestFinal.
* Fix it by reinitializing ctx.
* Some builds of 0.9.7x clear all of ctx in EVP_DigestFinal. Fix it by
* reinitializing ctx.
*/
EVP_DigestInit(ctx, md);
}
@ -246,7 +244,9 @@ typedef struct
} des;
struct
{
DES_key_schedule k1, k2, k3;
DES_key_schedule k1,
k2,
k3;
} des3;
CAST_KEY cast_key;
AES_KEY aes_key;
@ -597,12 +597,12 @@ ossl_aes_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
ossldata *od = c->ptr;
unsigned bs = gen_ossl_block_size(c);
if (klen <= 128/8)
od->klen = 128/8;
else if (klen <= 192/8)
od->klen = 192/8;
else if (klen <= 256/8)
od->klen = 256/8;
if (klen <= 128 / 8)
od->klen = 128 / 8;
else if (klen <= 192 / 8)
od->klen = 192 / 8;
else if (klen <= 256 / 8)
od->klen = 256 / 8;
else
return PXE_KEY_TOO_BIG;
@ -825,7 +825,8 @@ static int openssl_random_init = 0;
* OpenSSL random should re-feeded occasionally. From /dev/urandom
* preferably.
*/
static void init_openssl_rand(void)
static void
init_openssl_rand(void)
{
if (RAND_get_rand_method() == NULL)
RAND_set_rand_method(RAND_SSLeay());
@ -871,4 +872,3 @@ px_add_entropy(const uint8 *data, unsigned count)
RAND_add(data, count, 0);
return 0;
}

4
contrib/pgcrypto/pgcrypto.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgcrypto.c,v 1.19 2005/09/24 19:14:04 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgcrypto.c,v 1.20 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -244,7 +244,7 @@ pg_gen_salt_rounds(PG_FUNCTION_ARGS)
if (len < 0)
ereport(ERROR,
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
errmsg("gen_salt: %s", px_strerror(len))));
errmsg("gen_salt: %s", px_strerror(len))));
res = (text *) palloc(len + VARHDRSZ);
VARATT_SIZEP(res) = len + VARHDRSZ;

26
contrib/pgcrypto/pgp-armor.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-armor.c,v 1.2 2005/07/11 15:07:59 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-armor.c,v 1.3 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -40,7 +40,7 @@
*/
static const unsigned char _base64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static int
b64_encode(const uint8 *src, unsigned len, uint8 *dst)
@ -96,13 +96,13 @@ static int
b64_decode(const uint8 *src, unsigned len, uint8 *dst)
{
const uint8 *srcend = src + len,
*s = src;
*s = src;
uint8 *p = dst;
char c;
unsigned b = 0;
unsigned long buf = 0;
int pos = 0,
end = 0;
end = 0;
while (s < srcend)
{
@ -242,11 +242,13 @@ static const uint8 *
find_str(const uint8 *data, const uint8 *data_end, const char *str, int strlen)
{
const uint8 *p = data;
if (!strlen)
return NULL;
if (data_end - data < strlen)
return NULL;
while (p < data_end) {
while (p < data_end)
{
p = memchr(p, str[0], data_end - p);
if (p == NULL)
return NULL;
@ -261,7 +263,7 @@ find_str(const uint8 *data, const uint8 *data_end, const char *str, int strlen)
static int
find_header(const uint8 *data, const uint8 *datend,
const uint8 **start_p, int is_end)
const uint8 **start_p, int is_end)
{
const uint8 *p = data;
static const char *start_sep = "-----BEGIN";
@ -285,7 +287,7 @@ find_header(const uint8 *data, const uint8 *datend,
/* check if header text ok */
for (; p < datend && *p != '-'; p++)
{
/* various junk can be there, but definitely not line-feed */
/* various junk can be there, but definitely not line-feed */
if (*p >= ' ')
continue;
return PXE_PGP_CORRUPT_ARMOR;
@ -313,7 +315,8 @@ pgp_armor_decode(const uint8 *src, unsigned len, uint8 *dst)
const uint8 *p = src;
const uint8 *data_end = src + len;
long crc;
const uint8 *base64_start, *armor_end;
const uint8 *base64_start,
*armor_end;
const uint8 *base64_end = NULL;
uint8 buf[4];
int hlen;
@ -329,7 +332,7 @@ pgp_armor_decode(const uint8 *src, unsigned len, uint8 *dst)
hlen = find_header(p, data_end, &armor_end, 1);
if (hlen <= 0)
goto out;
/* skip comments - find empty line */
while (p < armor_end && *p != '\n' && *p != '\r')
{
@ -341,7 +344,7 @@ pgp_armor_decode(const uint8 *src, unsigned len, uint8 *dst)
p++;
}
base64_start = p;
/* find crc pos */
for (p = armor_end; p >= base64_start; p--)
if (*p == '=')
@ -355,7 +358,7 @@ pgp_armor_decode(const uint8 *src, unsigned len, uint8 *dst)
/* decode crc */
if (b64_decode(p + 1, 4, buf) != 3)
goto out;
crc = (((long)buf[0]) << 16) + (((long)buf[1]) << 8) + (long)buf[2];
crc = (((long) buf[0]) << 16) + (((long) buf[1]) << 8) + (long) buf[2];
/* decode data */
res = b64_decode(base64_start, base64_end - base64_start, dst);
@ -378,4 +381,3 @@ pgp_armor_dec_len(unsigned len)
{
return b64_dec_len(len);
}

59
contrib/pgcrypto/pgp-cfb.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-cfb.c,v 1.2 2005/07/11 15:07:59 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-cfb.c,v 1.3 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -35,7 +35,7 @@
#include "px.h"
#include "pgp.h"
typedef int (*mix_data_t)(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst);
typedef int (*mix_data_t) (PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst);
struct PGP_CFB
{
@ -50,12 +50,12 @@ struct PGP_CFB
};
int
pgp_cfb_create(PGP_CFB **ctx_p, int algo, const uint8 *key, int key_len,
int resync, uint8 *iv)
pgp_cfb_create(PGP_CFB ** ctx_p, int algo, const uint8 *key, int key_len,
int resync, uint8 *iv)
{
int res;
PX_Cipher *ciph;
PGP_CFB *ctx;
int res;
PX_Cipher *ciph;
PGP_CFB *ctx;
res = pgp_load_cipher(algo, &ciph);
if (res < 0)
@ -82,7 +82,7 @@ pgp_cfb_create(PGP_CFB **ctx_p, int algo, const uint8 *key, int key_len,
}
void
pgp_cfb_free(PGP_CFB *ctx)
pgp_cfb_free(PGP_CFB * ctx)
{
px_cipher_free(ctx->ciph);
memset(ctx, 0, sizeof(*ctx));
@ -90,12 +90,13 @@ pgp_cfb_free(PGP_CFB *ctx)
}
/*
* Data processing for normal CFB. (PGP_PKT_SYMENCRYPTED_DATA_MDC)
* Data processing for normal CFB. (PGP_PKT_SYMENCRYPTED_DATA_MDC)
*/
static int
mix_encrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
mix_encrypt_normal(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst)
{
int i;
int i;
for (i = ctx->pos; i < ctx->pos + len; i++)
*dst++ = ctx->encbuf[i] = ctx->fre[i] ^ (*data++);
ctx->pos += len;
@ -103,9 +104,10 @@ mix_encrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
}
static int
mix_decrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
mix_decrypt_normal(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst)
{
int i;
int i;
for (i = ctx->pos; i < ctx->pos + len; i++)
{
ctx->encbuf[i] = *data++;
@ -122,9 +124,11 @@ mix_decrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
* thus its all concentrated here.
*/
static int
mix_encrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
mix_encrypt_resync(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst)
{
int i,n;
int i,
n;
/* block #2 is 2 bytes long */
if (ctx->block_no == 2)
{
@ -152,9 +156,11 @@ mix_encrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
}
static int
mix_decrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
mix_decrypt_resync(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst)
{
int i,n;
int i,
n;
/* block #2 is 2 bytes long */
if (ctx->block_no == 2)
{
@ -190,11 +196,11 @@ mix_decrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
* common code for both encrypt and decrypt.
*/
static int
cfb_process(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst,
mix_data_t mix_data)
cfb_process(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst,
mix_data_t mix_data)
{
int n;
int res;
int n;
int res;
while (len > 0 && ctx->pos > 0)
{
@ -243,16 +249,17 @@ cfb_process(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst,
*/
int
pgp_cfb_encrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
pgp_cfb_encrypt(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst)
{
mix_data_t mix = ctx->resync ? mix_encrypt_resync : mix_encrypt_normal;
mix_data_t mix = ctx->resync ? mix_encrypt_resync : mix_encrypt_normal;
return cfb_process(ctx, data, len, dst, mix);
}
int
pgp_cfb_decrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
pgp_cfb_decrypt(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst)
{
mix_data_t mix = ctx->resync ? mix_decrypt_resync : mix_decrypt_normal;
mix_data_t mix = ctx->resync ? mix_decrypt_resync : mix_decrypt_normal;
return cfb_process(ctx, data, len, dst, mix);
}

60
contrib/pgcrypto/pgp-compress.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-compress.c,v 1.4 2005/07/18 17:09:01 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-compress.c,v 1.5 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -180,12 +180,12 @@ compress_free(void *priv)
}
static const PushFilterOps
compress_filter = {
compress_filter = {
compress_init, compress_process, compress_flush, compress_free
};
int
pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst)
pgp_compress_filter(PushFilter ** res, PGP_Context * ctx, PushFilter * dst)
{
return pushf_create(res, &compress_filter, ctx, dst);
}
@ -195,8 +195,8 @@ pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst)
*/
struct DecomprData
{
int buf_len; /* = ZIP_OUT_BUF */
int buf_data; /* available data */
int buf_len; /* = ZIP_OUT_BUF */
int buf_data; /* available data */
uint8 *pos;
z_stream stream;
int eof;
@ -204,14 +204,14 @@ struct DecomprData
};
static int
decompress_init(void **priv_p, void *arg, PullFilter *src)
decompress_init(void **priv_p, void *arg, PullFilter * src)
{
PGP_Context *ctx = arg;
struct DecomprData *dec;
int res;
int res;
if (ctx->compress_algo != PGP_COMPR_ZLIB
&& ctx->compress_algo != PGP_COMPR_ZIP)
&& ctx->compress_algo != PGP_COMPR_ZIP)
return PXE_PGP_UNSUPPORTED_COMPR;
dec = px_alloc(sizeof(*dec));
@ -232,15 +232,16 @@ decompress_init(void **priv_p, void *arg, PullFilter *src)
px_debug("decompress_init: inflateInit error");
return PXE_PGP_COMPRESSION_ERROR;
}
return 0;
}
static int decompress_read(void *priv, PullFilter *src, int len,
uint8 **data_p, uint8 *buf, int buflen)
static int
decompress_read(void *priv, PullFilter * src, int len,
uint8 **data_p, uint8 *buf, int buflen)
{
int res;
int flush;
int res;
int flush;
struct DecomprData *dec = priv;
restart:
@ -256,24 +257,26 @@ restart:
if (dec->eof)
return 0;
if (dec->stream.avail_in == 0) {
uint8 *tmp;
if (dec->stream.avail_in == 0)
{
uint8 *tmp;
res = pullf_read(src, 8192, &tmp);
if (res < 0)
return res;
dec->stream.next_in = tmp;
dec->stream.avail_in = res;
}
dec->stream.next_out = dec->buf;
dec->stream.avail_out = dec->buf_len;
dec->pos = dec->buf;
/*
* Z_SYNC_FLUSH is tell zlib to output as much as possible.
* It should do it anyway (Z_NO_FLUSH), but seems to reserve
* the right not to. So lets follow the API.
* Z_SYNC_FLUSH is tell zlib to output as much as possible. It should do
* it anyway (Z_NO_FLUSH), but seems to reserve the right not to. So lets
* follow the API.
*/
flush = dec->stream.avail_in ? Z_SYNC_FLUSH : Z_FINISH;
res = inflate(&dec->stream, flush);
@ -289,39 +292,38 @@ restart:
goto restart;
}
static void decompress_free(void *priv)
static void
decompress_free(void *priv)
{
struct DecomprData *dec = priv;
inflateEnd(&dec->stream);
memset(dec, 0, sizeof(*dec));
px_free(dec);
}
static const PullFilterOps
decompress_filter = {
decompress_filter = {
decompress_init, decompress_read, decompress_free
};
int
pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src)
pgp_decompress_filter(PullFilter ** res, PGP_Context * ctx, PullFilter * src)
{
return pullf_create(res, &decompress_filter, ctx, src);
}
#else /* DISABLE_ZLIB */
#else /* DISABLE_ZLIB */
int
pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst)
pgp_compress_filter(PushFilter ** res, PGP_Context * ctx, PushFilter * dst)
{
return PXE_PGP_UNSUPPORTED_COMPR;
}
int
pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src)
pgp_decompress_filter(PullFilter ** res, PGP_Context * ctx, PullFilter * src)
{
return PXE_PGP_UNSUPPORTED_COMPR;
}
#endif

281
contrib/pgcrypto/pgp-decrypt.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-decrypt.c,v 1.5 2005/09/24 19:14:04 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-decrypt.c,v 1.6 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -80,7 +80,7 @@ parse_new_len(PullFilter * src, int *len_p)
len = 1 << (b & 0x1F);
pkttype = PKT_STREAM;
}
if (len < 0 || len > MAX_CHUNK)
{
px_debug("parse_new_len: weird length");
@ -130,7 +130,7 @@ pgp_parse_pkt_hdr(PullFilter * src, uint8 *tag, int *len_p, int allow_ctx)
{
int lentype;
int res;
uint8 *p;
uint8 *p;
/* EOF is normal here, thus we dont use GETBYTE */
res = pullf_read(src, 1, &p);
@ -165,15 +165,17 @@ pgp_parse_pkt_hdr(PullFilter * src, uint8 *tag, int *len_p, int allow_ctx)
/*
* Packet reader
*/
struct PktData {
int type;
int len;
struct PktData
{
int type;
int len;
};
static int pktreader_pull(void *priv, PullFilter *src, int len,
uint8 **data_p, uint8 *buf, int buflen)
static int
pktreader_pull(void *priv, PullFilter * src, int len,
uint8 **data_p, uint8 *buf, int buflen)
{
int res;
int res;
struct PktData *pkt = priv;
/* PKT_CONTEXT means: whatever there is */
@ -207,6 +209,7 @@ static void
pktreader_free(void *priv)
{
struct PktData *pkt = priv;
memset(pkt, 0, sizeof(*pkt));
px_free(pkt);
}
@ -217,11 +220,12 @@ static struct PullFilterOps pktreader_filter = {
/* needs helper function to pass several parameters */
int
pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len,
int pkttype, PGP_Context *ctx)
pgp_create_pkt_reader(PullFilter ** pf_p, PullFilter * src, int len,
int pkttype, PGP_Context * ctx)
{
int res;
int res;
struct PktData *pkt = px_alloc(sizeof(*pkt));
pkt->type = pkttype;
pkt->len = len;
res = pullf_create(pf_p, &pktreader_filter, pkt, src);
@ -234,13 +238,14 @@ pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len,
* Prefix check filter
*/
static int prefix_init(void **priv_p, void *arg, PullFilter *src)
static int
prefix_init(void **priv_p, void *arg, PullFilter * src)
{
PGP_Context *ctx = arg;
int len;
int res;
uint8 *buf;
uint8 tmpbuf[PGP_MAX_BLOCK + 2];
int len;
int res;
uint8 *buf;
uint8 tmpbuf[PGP_MAX_BLOCK + 2];
len = pgp_get_cipher_block_size(ctx->cipher_algo);
if (len > sizeof(tmpbuf))
@ -259,20 +264,19 @@ static int prefix_init(void **priv_p, void *arg, PullFilter *src)
if (buf[len - 2] != buf[len] || buf[len - 1] != buf[len + 1])
{
px_debug("prefix_init: corrupt prefix");
/*
* The original purpose of the 2-byte check was
* to show user a friendly "wrong key" message.
* This made following possible:
* The original purpose of the 2-byte check was to show user a
* friendly "wrong key" message. This made following possible:
*
* "An Attack on CFB Mode Encryption As Used By OpenPGP"
* by Serge Mister and Robert Zuccherato
* "An Attack on CFB Mode Encryption As Used By OpenPGP" by Serge Mister
* and Robert Zuccherato
*
* To avoid being 'oracle', we delay reporting, which
* basically means we prefer to run into corrupt packet
* header.
* To avoid being 'oracle', we delay reporting, which basically means we
* prefer to run into corrupt packet header.
*
* We _could_ throw PXE_PGP_CORRUPT_DATA here, but
* there is possibility of attack via timing, so we don't.
* We _could_ throw PXE_PGP_CORRUPT_DATA here, but there is possibility
* of attack via timing, so we don't.
*/
ctx->corrupt_prefix = 1;
}
@ -289,9 +293,10 @@ static struct PullFilterOps prefix_filter = {
* Decrypt filter
*/
static int decrypt_init(void **priv_p, void *arg, PullFilter *src)
static int
decrypt_init(void **priv_p, void *arg, PullFilter * src)
{
PGP_CFB *cfb = arg;
PGP_CFB *cfb = arg;
*priv_p = cfb;
@ -299,15 +304,17 @@ static int decrypt_init(void **priv_p, void *arg, PullFilter *src)
return 4096;
}
static int decrypt_read(void *priv, PullFilter *src, int len,
uint8 **data_p, uint8 *buf, int buflen)
static int
decrypt_read(void *priv, PullFilter * src, int len,
uint8 **data_p, uint8 *buf, int buflen)
{
PGP_CFB *cfb = priv;
uint8 *tmp;
int res;
PGP_CFB *cfb = priv;
uint8 *tmp;
int res;
res = pullf_read(src, len, &tmp);
if (res > 0) {
if (res > 0)
{
pgp_cfb_decrypt(cfb, tmp, res, buf);
*data_p = buf;
}
@ -323,28 +330,33 @@ struct PullFilterOps pgp_decrypt_filter = {
* MDC hasher filter
*/
static int mdc_init(void **priv_p, void *arg, PullFilter *src)
static int
mdc_init(void **priv_p, void *arg, PullFilter * src)
{
PGP_Context *ctx = arg;
*priv_p = ctx;
return pgp_load_digest(PGP_DIGEST_SHA1, &ctx->mdc_ctx);
}
static void mdc_free(void *priv)
static void
mdc_free(void *priv)
{
PGP_Context *ctx = priv;
if (ctx->use_mdcbuf_filter)
return;
px_md_free(ctx->mdc_ctx);
ctx->mdc_ctx = NULL;
}
static int mdc_finish(PGP_Context *ctx, PullFilter *src,
int len, uint8 **data_p)
static int
mdc_finish(PGP_Context * ctx, PullFilter * src,
int len, uint8 **data_p)
{
int res;
uint8 hash[20];
uint8 tmpbuf[22];
int res;
uint8 hash[20];
uint8 tmpbuf[22];
if (len + 1 > sizeof(tmpbuf))
return PXE_BUG;
@ -362,7 +374,7 @@ static int mdc_finish(PGP_Context *ctx, PullFilter *src,
}
return 0;
}
/* safety check */
if (ctx->in_mdc_pkt > 1)
{
@ -370,14 +382,14 @@ static int mdc_finish(PGP_Context *ctx, PullFilter *src,
return PXE_PGP_CORRUPT_DATA;
}
ctx->in_mdc_pkt++;
/* is the packet sane? */
if (res != 20)
{
px_debug("mdc_finish: read failed, res=%d", res);
return PXE_PGP_CORRUPT_DATA;
}
/*
* ok, we got the hash, now check
*/
@ -394,10 +406,11 @@ static int mdc_finish(PGP_Context *ctx, PullFilter *src,
return len;
}
static int mdc_read(void *priv, PullFilter *src, int len,
uint8 **data_p, uint8 *buf, int buflen)
static int
mdc_read(void *priv, PullFilter * src, int len,
uint8 **data_p, uint8 *buf, int buflen)
{
int res;
int res;
PGP_Context *ctx = priv;
/* skip this filter? */
@ -434,18 +447,20 @@ static struct PullFilterOps mdc_filter = {
* packet, which is silly.
*/
#define MDCBUF_LEN 8192
struct MDCBufData {
struct MDCBufData
{
PGP_Context *ctx;
int eof;
int buflen;
int avail;
uint8 *pos;
int mdc_avail;
uint8 mdc_buf[22];
uint8 buf[MDCBUF_LEN];
int eof;
int buflen;
int avail;
uint8 *pos;
int mdc_avail;
uint8 mdc_buf[22];
uint8 buf[MDCBUF_LEN];
};
static int mdcbuf_init(void **priv_p, void *arg, PullFilter *src)
static int
mdcbuf_init(void **priv_p, void *arg, PullFilter * src)
{
PGP_Context *ctx = arg;
struct MDCBufData *st;
@ -462,10 +477,11 @@ static int mdcbuf_init(void **priv_p, void *arg, PullFilter *src)
return 0;
}
static int mdcbuf_finish(struct MDCBufData *st)
static int
mdcbuf_finish(struct MDCBufData * st)
{
uint8 hash[20];
int res;
uint8 hash[20];
int res;
st->eof = 1;
@ -486,25 +502,29 @@ static int mdcbuf_finish(struct MDCBufData *st)
return res;
}
static void mdcbuf_load_data(struct MDCBufData *st, uint8 *src, int len)
static void
mdcbuf_load_data(struct MDCBufData * st, uint8 *src, int len)
{
uint8 *dst = st->pos + st->avail;
uint8 *dst = st->pos + st->avail;
memcpy(dst, src, len);
px_md_update(st->ctx->mdc_ctx, src, len);
st->avail += len;
}
static void mdcbuf_load_mdc(struct MDCBufData *st, uint8 *src, int len)
static void
mdcbuf_load_mdc(struct MDCBufData * st, uint8 *src, int len)
{
memmove(st->mdc_buf + st->mdc_avail, src, len);
st->mdc_avail += len;
}
static int mdcbuf_refill(struct MDCBufData *st, PullFilter *src)
static int
mdcbuf_refill(struct MDCBufData * st, PullFilter * src)
{
uint8 *data;
int res;
int need;
uint8 *data;
int res;
int need;
/* put avail data in start */
if (st->avail > 0 && st->pos != st->buf)
@ -530,7 +550,8 @@ static int mdcbuf_refill(struct MDCBufData *st, PullFilter *src)
}
else
{
int canmove = st->mdc_avail + res - 22;
int canmove = st->mdc_avail + res - 22;
if (canmove > 0)
{
mdcbuf_load_data(st, st->mdc_buf, canmove);
@ -542,11 +563,12 @@ static int mdcbuf_refill(struct MDCBufData *st, PullFilter *src)
return 0;
}
static int mdcbuf_read(void *priv, PullFilter *src, int len,
uint8 **data_p, uint8 *buf, int buflen)
static int
mdcbuf_read(void *priv, PullFilter * src, int len,
uint8 **data_p, uint8 *buf, int buflen)
{
struct MDCBufData *st = priv;
int res;
int res;
if (!st->eof && len > st->avail)
{
@ -568,6 +590,7 @@ static void
mdcbuf_free(void *priv)
{
struct MDCBufData *st = priv;
px_md_free(st->ctx->mdc_ctx);
st->ctx->mdc_ctx = NULL;
memset(st, 0, sizeof(*st));
@ -583,29 +606,30 @@ static struct PullFilterOps mdcbuf_filter = {
* Decrypt separate session key
*/
static int
decrypt_key(PGP_Context *ctx, const uint8 *src, int len)
decrypt_key(PGP_Context * ctx, const uint8 *src, int len)
{
int res;
uint8 algo;
PGP_CFB *cfb;
int res;
uint8 algo;
PGP_CFB *cfb;
res = pgp_cfb_create(&cfb, ctx->s2k_cipher_algo,
ctx->s2k.key, ctx->s2k.key_len, 0, NULL);
ctx->s2k.key, ctx->s2k.key_len, 0, NULL);
if (res < 0)
return res;
pgp_cfb_decrypt(cfb, src, 1, &algo);
src ++;
len --;
src++;
len--;
pgp_cfb_decrypt(cfb, src, len, ctx->sess_key);
pgp_cfb_free(cfb);
ctx->sess_key_len = len;
ctx->cipher_algo = algo;
if (pgp_get_cipher_key_size(algo) != len) {
if (pgp_get_cipher_key_size(algo) != len)
{
px_debug("sesskey bad len: algo=%d, expected=%d, got=%d",
algo, pgp_get_cipher_key_size(algo), len);
algo, pgp_get_cipher_key_size(algo), len);
return PXE_PGP_CORRUPT_DATA;
}
return 0;
@ -643,7 +667,7 @@ parse_symenc_sesskey(PGP_Context * ctx, PullFilter * src)
* generate key from password
*/
res = pgp_s2k_process(&ctx->s2k, ctx->s2k_cipher_algo,
ctx->sym_key, ctx->sym_key_len);
ctx->sym_key, ctx->sym_key_len);
if (res < 0)
return res;
@ -684,21 +708,23 @@ parse_symenc_sesskey(PGP_Context * ctx, PullFilter * src)
}
static int
copy_crlf(MBuf *dst, uint8 *data, int len, int *got_cr)
copy_crlf(MBuf * dst, uint8 *data, int len, int *got_cr)
{
uint8 *data_end = data + len;
uint8 tmpbuf[1024];
uint8 *tmp_end = tmpbuf + sizeof(tmpbuf);
uint8 *p;
int res;
uint8 *data_end = data + len;
uint8 tmpbuf[1024];
uint8 *tmp_end = tmpbuf + sizeof(tmpbuf);
uint8 *p;
int res;
p = tmpbuf;
if (*got_cr) {
if (*got_cr)
{
if (*data != '\n')
*p++ = '\r';
*got_cr = 0;
}
while (data < data_end) {
while (data < data_end)
{
if (*data == '\r')
{
if (data + 1 < data_end)
@ -779,8 +805,9 @@ parse_literal_data(PGP_Context * ctx, MBuf * dst, PullFilter * pkt)
ctx->unicode_mode = (type == 'u') ? 1 : 0;
/* read data */
while (1) {
res = pullf_read(pkt, 32*1024, &buf);
while (1)
{
res = pullf_read(pkt, 32 * 1024, &buf);
if (res <= 0)
break;
@ -797,8 +824,8 @@ parse_literal_data(PGP_Context * ctx, MBuf * dst, PullFilter * pkt)
}
/* process_data_packets and parse_compressed_data call each other */
static int process_data_packets(PGP_Context * ctx, MBuf * dst,
PullFilter * src, int allow_compr, int need_mdc);
static int process_data_packets(PGP_Context * ctx, MBuf * dst,
PullFilter * src, int allow_compr, int need_mdc);
static int
parse_compressed_data(PGP_Context * ctx, MBuf * dst, PullFilter * pkt)
@ -822,7 +849,7 @@ parse_compressed_data(PGP_Context * ctx, MBuf * dst, PullFilter * pkt)
if (res >= 0)
{
res = process_data_packets(ctx, dst, pf_decompr,
NO_COMPR, NO_MDC);
NO_COMPR, NO_MDC);
pullf_free(pf_decompr);
}
break;
@ -850,7 +877,7 @@ process_data_packets(PGP_Context * ctx, MBuf * dst, PullFilter * src,
int got_data = 0;
int got_mdc = 0;
PullFilter *pkt = NULL;
uint8 *tmp;
uint8 *tmp;
while (1)
{
@ -951,12 +978,12 @@ static int
parse_symenc_data(PGP_Context * ctx, PullFilter * pkt, MBuf * dst)
{
int res;
PGP_CFB *cfb = NULL;
PGP_CFB *cfb = NULL;
PullFilter *pf_decrypt = NULL;
PullFilter *pf_prefix = NULL;
res = pgp_cfb_create(&cfb, ctx->cipher_algo,
ctx->sess_key, ctx->sess_key_len, 1, NULL);
ctx->sess_key, ctx->sess_key_len, 1, NULL);
if (res < 0)
goto out;
@ -985,11 +1012,11 @@ static int
parse_symenc_mdc_data(PGP_Context * ctx, PullFilter * pkt, MBuf * dst)
{
int res;
PGP_CFB *cfb = NULL;
PGP_CFB *cfb = NULL;
PullFilter *pf_decrypt = NULL;
PullFilter *pf_prefix = NULL;
PullFilter *pf_mdc = NULL;
uint8 ver;
uint8 ver;
GETBYTE(pkt, ver);
if (ver != 1)
@ -999,7 +1026,7 @@ parse_symenc_mdc_data(PGP_Context * ctx, PullFilter * pkt, MBuf * dst)
}
res = pgp_cfb_create(&cfb, ctx->cipher_algo,
ctx->sess_key, ctx->sess_key_len, 0, NULL);
ctx->sess_key, ctx->sess_key_len, 0, NULL);
if (res < 0)
goto out;
@ -1034,49 +1061,52 @@ out:
* skip over packet contents
*/
int
pgp_skip_packet(PullFilter *pkt)
pgp_skip_packet(PullFilter * pkt)
{
int res = 1;
uint8 *tmp;
while (res > 0)
res = pullf_read(pkt, 32*1024, &tmp);
return res < 0 ? res : 0;
int res = 1;
uint8 *tmp;
while (res > 0)
res = pullf_read(pkt, 32 * 1024, &tmp);
return res < 0 ? res : 0;
}
/*
* expect to be at packet end, any data is error
*/
int
pgp_expect_packet_end(PullFilter *pkt)
pgp_expect_packet_end(PullFilter * pkt)
{
int res = 1;
uint8 *tmp;
while (res > 0)
int res = 1;
uint8 *tmp;
while (res > 0)
{
res = pullf_read(pkt, 32*1024, &tmp);
res = pullf_read(pkt, 32 * 1024, &tmp);
if (res > 0)
{
px_debug("pgp_expect_packet_end: got data");
return PXE_PGP_CORRUPT_DATA;
}
}
return res < 0 ? res : 0;
return res < 0 ? res : 0;
}
int
pgp_decrypt(PGP_Context * ctx, MBuf * msrc, MBuf * mdst)
{
int res;
int res;
PullFilter *src = NULL;
PullFilter *pkt = NULL;
uint8 tag;
int len;
int got_key = 0;
int got_data = 0;
uint8 tag;
int len;
int got_key = 0;
int got_data = 0;
res = pullf_create_mbuf_reader(&src, msrc);
while (res >= 0) {
while (res >= 0)
{
res = pgp_parse_pkt_hdr(src, &tag, &len, NO_CTX_SIZE);
if (res <= 0)
break;
@ -1086,7 +1116,8 @@ pgp_decrypt(PGP_Context * ctx, MBuf * msrc, MBuf * mdst)
break;
res = PXE_PGP_CORRUPT_DATA;
switch (tag) {
switch (tag)
{
case PGP_PKT_MARKER:
res = pgp_skip_packet(pkt);
break;
@ -1097,10 +1128,11 @@ pgp_decrypt(PGP_Context * ctx, MBuf * msrc, MBuf * mdst)
break;
case PGP_PKT_SYMENCRYPTED_SESSKEY:
if (got_key)
/* Theoretically, there could be several keys,
* both public and symmetric, all of which
* encrypt same session key. Decrypt should try
* with each one, before failing.
/*
* Theoretically, there could be several keys, both public
* and symmetric, all of which encrypt same session key.
* Decrypt should try with each one, before failing.
*/
px_debug("pgp_decrypt: using first of several keys");
else
@ -1154,4 +1186,3 @@ pgp_decrypt(PGP_Context * ctx, MBuf * msrc, MBuf * mdst)
return res;
}

101
contrib/pgcrypto/pgp-encrypt.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-encrypt.c,v 1.2 2005/07/11 15:07:59 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-encrypt.c,v 1.3 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -65,9 +65,11 @@ render_newlen(uint8 *h, int len)
return h;
}
static int write_tag_only(PushFilter *dst, int tag)
static int
write_tag_only(PushFilter * dst, int tag)
{
uint8 hdr = 0xC0 | tag;
uint8 hdr = 0xC0 | tag;
return pushf_write(dst, &hdr, 1);
}
@ -121,7 +123,7 @@ mdc_flush(PushFilter * dst, void *priv)
* create mdc pkt
*/
pkt[0] = 0xD3;
pkt[1] = 0x14; /* MDC_DIGEST_LEN */
pkt[1] = 0x14; /* MDC_DIGEST_LEN */
px_md_update(md, pkt, 2);
px_md_finish(md, pkt + 2);
@ -150,7 +152,7 @@ static const PushFilterOps mdc_filter = {
struct EncStat
{
PGP_CFB *ciph;
uint8 buf[ENCBUF];
uint8 buf[ENCBUF];
};
static int
@ -158,28 +160,29 @@ encrypt_init(PushFilter * next, void *init_arg, void **priv_p)
{
struct EncStat *st;
PGP_Context *ctx = init_arg;
PGP_CFB *ciph;
int resync = 1;
int res;
PGP_CFB *ciph;
int resync = 1;
int res;
/* should we use newer packet format? */
if (ctx->disable_mdc == 0)
{
uint8 ver = 1;
uint8 ver = 1;
resync = 0;
res = pushf_write(next, &ver, 1);
if (res < 0)
return res;
}
res = pgp_cfb_create(&ciph, ctx->cipher_algo,
ctx->sess_key, ctx->sess_key_len, resync, NULL);
ctx->sess_key, ctx->sess_key_len, resync, NULL);
if (res < 0)
return res;
st = px_alloc(sizeof(*st));
memset(st, 0, sizeof(*st));
st->ciph = ciph;
*priv_p = st;
return ENCBUF;
}
@ -189,11 +192,12 @@ encrypt_process(PushFilter * next, void *priv, const uint8 *data, int len)
{
int res;
struct EncStat *st = priv;
int avail = len;
int avail = len;
while (avail > 0)
{
int tmplen = avail > ENCBUF ? ENCBUF : avail;
int tmplen = avail > ENCBUF ? ENCBUF : avail;
res = pgp_cfb_encrypt(st->ciph, data, tmplen, st->buf);
if (res < 0)
return res;
@ -303,9 +307,11 @@ static const PushFilterOps pkt_stream_filter = {
pkt_stream_init, pkt_stream_process, pkt_stream_flush, pkt_stream_free
};
int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p)
int
pgp_create_pkt_writer(PushFilter * dst, int tag, PushFilter ** res_p)
{
int res;
int res;
res = write_tag_only(dst, tag);
if (res < 0)
return res;
@ -320,17 +326,19 @@ int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p)
static int
crlf_process(PushFilter * dst, void *priv, const uint8 *data, int len)
{
const uint8 * data_end = data + len;
const uint8 * p2, * p1 = data;
int line_len;
static const uint8 crlf[] = { '\r', '\n' };
int res = 0;
const uint8 *data_end = data + len;
const uint8 *p2,
*p1 = data;
int line_len;
static const uint8 crlf[] = {'\r', '\n'};
int res = 0;
while (p1 < data_end)
{
p2 = memchr(p1, '\n', data_end - p1);
if (p2 == NULL)
p2 = data_end;
line_len = p2 - p1;
/* write data */
@ -363,13 +371,13 @@ static const PushFilterOps crlf_filter = {
* Initialize literal data packet
*/
static int
init_litdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
init_litdata_packet(PushFilter ** pf_res, PGP_Context * ctx, PushFilter * dst)
{
int res;
int hdrlen;
uint8 hdr[6];
uint32 t;
PushFilter *pkt;
PushFilter *pkt;
int type;
/*
@ -382,10 +390,10 @@ init_litdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
type = 'b';
/*
* Store the creation time into packet.
* The goal is to have as few known bytes as possible.
* Store the creation time into packet. The goal is to have as few known
* bytes as possible.
*/
t = (uint32)time(NULL);
t = (uint32) time(NULL);
hdr[0] = type;
hdr[1] = 0;
@ -418,10 +426,10 @@ init_litdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
* Initialize compression filter
*/
static int
init_compress(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
init_compress(PushFilter ** pf_res, PGP_Context * ctx, PushFilter * dst)
{
int res;
uint8 type = ctx->compress_algo;
int res;
uint8 type = ctx->compress_algo;
PushFilter *pkt;
res = write_tag_only(dst, PGP_PKT_COMPRESSED_DATA);
@ -446,7 +454,7 @@ init_compress(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
* Initialize encdata packet
*/
static int
init_encdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
init_encdata_packet(PushFilter ** pf_res, PGP_Context * ctx, PushFilter * dst)
{
int res;
int tag;
@ -467,7 +475,7 @@ init_encdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
* write prefix
*/
static int
write_prefix(PGP_Context *ctx, PushFilter * dst)
write_prefix(PGP_Context * ctx, PushFilter * dst)
{
uint8 prefix[PGP_MAX_BLOCK + 2];
int res,
@ -491,17 +499,17 @@ write_prefix(PGP_Context *ctx, PushFilter * dst)
*/
static int
symencrypt_sesskey(PGP_Context *ctx, uint8 *dst)
symencrypt_sesskey(PGP_Context * ctx, uint8 *dst)
{
int res;
PGP_CFB *cfb;
uint8 algo = ctx->cipher_algo;
int res;
PGP_CFB *cfb;
uint8 algo = ctx->cipher_algo;
res = pgp_cfb_create(&cfb, ctx->s2k_cipher_algo,
ctx->s2k.key, ctx->s2k.key_len, 0, NULL);
ctx->s2k.key, ctx->s2k.key_len, 0, NULL);
if (res < 0)
return res;
pgp_cfb_encrypt(cfb, &algo, 1, dst);
pgp_cfb_encrypt(cfb, ctx->sess_key, ctx->sess_key_len, dst + 1);
@ -511,12 +519,12 @@ symencrypt_sesskey(PGP_Context *ctx, uint8 *dst)
/* 5.3: Symmetric-Key Encrypted Session-Key */
static int
write_symenc_sesskey(PGP_Context *ctx, PushFilter *dst)
write_symenc_sesskey(PGP_Context * ctx, PushFilter * dst)
{
uint8 pkt[256];
int pktlen;
int res;
uint8 *p = pkt;
uint8 *p = pkt;
*p++ = 4; /* 5.3 - version number */
*p++ = ctx->s2k_cipher_algo;
@ -564,13 +572,14 @@ init_s2k_key(PGP_Context * ctx)
return res;
return pgp_s2k_process(&ctx->s2k, ctx->s2k_cipher_algo,
ctx->sym_key, ctx->sym_key_len);
ctx->sym_key, ctx->sym_key_len);
}
static int
init_sess_key(PGP_Context *ctx)
init_sess_key(PGP_Context * ctx)
{
int res;
int res;
if (ctx->use_sess_key || ctx->pub_key)
{
ctx->sess_key_len = pgp_get_cipher_key_size(ctx->cipher_algo);
@ -596,7 +605,8 @@ pgp_encrypt(PGP_Context * ctx, MBuf * src, MBuf * dst)
int res;
int len;
uint8 *buf;
PushFilter *pf, *pf_tmp;
PushFilter *pf,
*pf_tmp;
/*
* do we have any key
@ -618,7 +628,7 @@ pgp_encrypt(PGP_Context * ctx, MBuf * src, MBuf * dst)
if (res < 0)
goto out;
}
res = init_sess_key(ctx);
if (res < 0)
goto out;
@ -674,7 +684,7 @@ pgp_encrypt(PGP_Context * ctx, MBuf * src, MBuf * dst)
goto out;
pf = pf_tmp;
/* text conversion? */
if (ctx->text_mode && ctx->convert_crlf)
{
@ -696,4 +706,3 @@ out:
pushf_free_all(pf);
return res;
}

52
contrib/pgcrypto/pgp-info.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-info.c,v 1.3 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-info.c,v 1.4 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -34,9 +34,10 @@
#include "mbuf.h"
#include "pgp.h"
static int read_pubkey_keyid(PullFilter *pkt, uint8 *keyid_buf)
static int
read_pubkey_keyid(PullFilter * pkt, uint8 *keyid_buf)
{
int res;
int res;
PGP_PubKey *pk = NULL;
res = _pgp_read_public_key(pkt, &pk);
@ -66,10 +67,11 @@ err:
return res;
}
static int read_pubenc_keyid(PullFilter *pkt, uint8 *keyid_buf)
static int
read_pubenc_keyid(PullFilter * pkt, uint8 *keyid_buf)
{
uint8 ver;
int res;
uint8 ver;
int res;
GETBYTE(pkt, ver);
if (ver != 3)
@ -87,45 +89,50 @@ static const char hextbl[] = "0123456789ABCDEF";
static int
print_key(uint8 *keyid, char *dst)
{
int i;
unsigned c;
for (i = 0; i < 8; i++) {
int i;
unsigned c;
for (i = 0; i < 8; i++)
{
c = keyid[i];
*dst++ = hextbl[(c >> 4) & 0x0F];
*dst++ = hextbl[c & 0x0F];
}
*dst = 0;
return 8*2;
return 8 * 2;
}
static const uint8 any_key[] =
{ 0, 0, 0, 0, 0, 0, 0, 0 };
static const uint8 any_key[] =
{0, 0, 0, 0, 0, 0, 0, 0};
/*
* dst should have room for 17 bytes
*/
int
pgp_get_keyid(MBuf *pgp_data, char *dst)
pgp_get_keyid(MBuf * pgp_data, char *dst)
{
int res;
int res;
PullFilter *src;
PullFilter *pkt = NULL;
int len;
uint8 tag;
int got_pub_key=0, got_symenc_key=0, got_pubenc_key=0;
int got_data=0;
uint8 keyid_buf[8];
int got_main_key=0;
int len;
uint8 tag;
int got_pub_key = 0,
got_symenc_key = 0,
got_pubenc_key = 0;
int got_data = 0;
uint8 keyid_buf[8];
int got_main_key = 0;
res = pullf_create_mbuf_reader(&src, pgp_data);
if (res < 0)
return res;
while (1) {
while (1)
{
res = pgp_parse_pkt_hdr(src, &tag, &len, 0);
if (res <= 0)
break;
break;
res = pgp_create_pkt_reader(&pkt, src, len, res, NULL);
if (res < 0)
break;
@ -226,4 +233,3 @@ pgp_get_keyid(MBuf *pgp_data, char *dst)
return res;
}

18
contrib/pgcrypto/pgp-mpi-internal.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-mpi-internal.c,v 1.3 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-mpi-internal.c,v 1.4 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -35,27 +35,27 @@
#include "pgp.h"
int
pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *_m,
PGP_MPI **c1_p, PGP_MPI **c2_p)
pgp_elgamal_encrypt(PGP_PubKey * pk, PGP_MPI * _m,
PGP_MPI ** c1_p, PGP_MPI ** c2_p)
{
return PXE_PGP_NO_BIGNUM;
}
int
pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *_c1, PGP_MPI *_c2,
PGP_MPI **msg_p)
pgp_elgamal_decrypt(PGP_PubKey * pk, PGP_MPI * _c1, PGP_MPI * _c2,
PGP_MPI ** msg_p)
{
return PXE_PGP_NO_BIGNUM;
}
int pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c)
int
pgp_rsa_encrypt(PGP_PubKey * pk, PGP_MPI * m, PGP_MPI ** c)
{
return PXE_PGP_NO_BIGNUM;
}
int pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *c, PGP_MPI **m)
int
pgp_rsa_decrypt(PGP_PubKey * pk, PGP_MPI * c, PGP_MPI ** m)
{
return PXE_PGP_NO_BIGNUM;
}

180
contrib/pgcrypto/pgp-mpi-openssl.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-mpi-openssl.c,v 1.3 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-mpi-openssl.c,v 1.4 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -37,15 +37,16 @@
#include "pgp.h"
static BIGNUM *
mpi_to_bn(PGP_MPI *n)
mpi_to_bn(PGP_MPI * n)
{
BIGNUM *bn = BN_bin2bn(n->data, n->bytes, NULL);
BIGNUM *bn = BN_bin2bn(n->data, n->bytes, NULL);
if (!bn)
return NULL;
if (BN_num_bits(bn) != n->bits)
{
px_debug("mpi_to_bn: bignum conversion failed: mpi=%d, bn=%d",
n->bits, BN_num_bits(bn));
n->bits, BN_num_bits(bn));
BN_clear_free(bn);
return NULL;
}
@ -55,8 +56,8 @@ mpi_to_bn(PGP_MPI *n)
static PGP_MPI *
bn_to_mpi(BIGNUM *bn)
{
int res;
PGP_MPI *n;
int res;
PGP_MPI *n;
res = pgp_mpi_alloc(BN_num_bits(bn), &n);
if (res < 0)
@ -65,7 +66,7 @@ bn_to_mpi(BIGNUM *bn)
if (BN_num_bytes(bn) != n->bytes)
{
px_debug("bn_to_mpi: bignum conversion failed: bn=%d, mpi=%d",
BN_num_bytes(bn), n->bytes);
BN_num_bytes(bn), n->bytes);
pgp_mpi_free(n);
return NULL;
}
@ -81,7 +82,7 @@ bn_to_mpi(BIGNUM *bn)
*
* Until I research it further, I just mimic gpg behaviour.
* It has a special mapping table, for values <= 5120,
* above that it uses 'arbitrary high number'. Following
* above that it uses 'arbitrary high number'. Following
* algorihm hovers 10-70 bits above gpg values. And for
* larger p, it uses gpg's algorihm.
*
@ -98,20 +99,20 @@ decide_k_bits(int p_bits)
}
int
pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *_m,
PGP_MPI **c1_p, PGP_MPI **c2_p)
pgp_elgamal_encrypt(PGP_PubKey * pk, PGP_MPI * _m,
PGP_MPI ** c1_p, PGP_MPI ** c2_p)
{
int res = PXE_PGP_MATH_FAILED;
int k_bits;
BIGNUM *m = mpi_to_bn(_m);
BIGNUM *p = mpi_to_bn(pk->pub.elg.p);
BIGNUM *g = mpi_to_bn(pk->pub.elg.g);
BIGNUM *y = mpi_to_bn(pk->pub.elg.y);
BIGNUM *k = BN_new();
BIGNUM *yk = BN_new();
BIGNUM *c1 = BN_new();
BIGNUM *c2 = BN_new();
BN_CTX *tmp = BN_CTX_new();
int res = PXE_PGP_MATH_FAILED;
int k_bits;
BIGNUM *m = mpi_to_bn(_m);
BIGNUM *p = mpi_to_bn(pk->pub.elg.p);
BIGNUM *g = mpi_to_bn(pk->pub.elg.g);
BIGNUM *y = mpi_to_bn(pk->pub.elg.y);
BIGNUM *k = BN_new();
BIGNUM *yk = BN_new();
BIGNUM *c1 = BN_new();
BIGNUM *c2 = BN_new();
BN_CTX *tmp = BN_CTX_new();
if (!m || !p || !g || !y || !k || !yk || !c1 || !c2 || !tmp)
goto err;
@ -124,8 +125,7 @@ pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *_m,
goto err;
/*
* c1 = g^k
* c2 = m * y^k
* c1 = g^k c2 = m * y^k
*/
if (!BN_mod_exp(c1, g, k, p, tmp))
goto err;
@ -140,35 +140,44 @@ pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *_m,
if (*c1_p && *c2_p)
res = 0;
err:
if (tmp) BN_CTX_free(tmp);
if (c2) BN_clear_free(c2);
if (c1) BN_clear_free(c1);
if (yk) BN_clear_free(yk);
if (k) BN_clear_free(k);
if (y) BN_clear_free(y);
if (g) BN_clear_free(g);
if (p) BN_clear_free(p);
if (m) BN_clear_free(m);
if (tmp)
BN_CTX_free(tmp);
if (c2)
BN_clear_free(c2);
if (c1)
BN_clear_free(c1);
if (yk)
BN_clear_free(yk);
if (k)
BN_clear_free(k);
if (y)
BN_clear_free(y);
if (g)
BN_clear_free(g);
if (p)
BN_clear_free(p);
if (m)
BN_clear_free(m);
return res;
}
int
pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *_c1, PGP_MPI *_c2,
PGP_MPI **msg_p)
pgp_elgamal_decrypt(PGP_PubKey * pk, PGP_MPI * _c1, PGP_MPI * _c2,
PGP_MPI ** msg_p)
{
int res = PXE_PGP_MATH_FAILED;
BIGNUM *c1 = mpi_to_bn(_c1);
BIGNUM *c2 = mpi_to_bn(_c2);
BIGNUM *p = mpi_to_bn(pk->pub.elg.p);
BIGNUM *x = mpi_to_bn(pk->sec.elg.x);
BIGNUM *c1x = BN_new();
BIGNUM *div = BN_new();
BIGNUM *m = BN_new();
BN_CTX *tmp = BN_CTX_new();
int res = PXE_PGP_MATH_FAILED;
BIGNUM *c1 = mpi_to_bn(_c1);
BIGNUM *c2 = mpi_to_bn(_c2);
BIGNUM *p = mpi_to_bn(pk->pub.elg.p);
BIGNUM *x = mpi_to_bn(pk->sec.elg.x);
BIGNUM *c1x = BN_new();
BIGNUM *div = BN_new();
BIGNUM *m = BN_new();
BN_CTX *tmp = BN_CTX_new();
if (!c1 || !c2 || !p || !x || !c1x || !div || !m || !tmp)
goto err;
/*
* m = c2 / (c1^x)
*/
@ -184,26 +193,34 @@ pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *_c1, PGP_MPI *_c2,
if (*msg_p)
res = 0;
err:
if (tmp) BN_CTX_free(tmp);
if (m) BN_clear_free(m);
if (div) BN_clear_free(div);
if (c1x) BN_clear_free(c1x);
if (x) BN_clear_free(x);
if (p) BN_clear_free(p);
if (c2) BN_clear_free(c2);
if (c1) BN_clear_free(c1);
if (tmp)
BN_CTX_free(tmp);
if (m)
BN_clear_free(m);
if (div)
BN_clear_free(div);
if (c1x)
BN_clear_free(c1x);
if (x)
BN_clear_free(x);
if (p)
BN_clear_free(p);
if (c2)
BN_clear_free(c2);
if (c1)
BN_clear_free(c1);
return res;
}
int
pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *_m, PGP_MPI **c_p)
pgp_rsa_encrypt(PGP_PubKey * pk, PGP_MPI * _m, PGP_MPI ** c_p)
{
int res = PXE_PGP_MATH_FAILED;
BIGNUM *m = mpi_to_bn(_m);
BIGNUM *e = mpi_to_bn(pk->pub.rsa.e);
BIGNUM *n = mpi_to_bn(pk->pub.rsa.n);
BIGNUM *c = BN_new();
BN_CTX *tmp = BN_CTX_new();
int res = PXE_PGP_MATH_FAILED;
BIGNUM *m = mpi_to_bn(_m);
BIGNUM *e = mpi_to_bn(pk->pub.rsa.e);
BIGNUM *n = mpi_to_bn(pk->pub.rsa.n);
BIGNUM *c = BN_new();
BN_CTX *tmp = BN_CTX_new();
if (!m || !e || !n || !c || !tmp)
goto err;
@ -218,23 +235,28 @@ pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *_m, PGP_MPI **c_p)
if (*c_p)
res = 0;
err:
if (tmp) BN_CTX_free(tmp);
if (c) BN_clear_free(c);
if (n) BN_clear_free(n);
if (e) BN_clear_free(e);
if (m) BN_clear_free(m);
if (tmp)
BN_CTX_free(tmp);
if (c)
BN_clear_free(c);
if (n)
BN_clear_free(n);
if (e)
BN_clear_free(e);
if (m)
BN_clear_free(m);
return res;
}
int
pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *_c, PGP_MPI **m_p)
pgp_rsa_decrypt(PGP_PubKey * pk, PGP_MPI * _c, PGP_MPI ** m_p)
{
int res = PXE_PGP_MATH_FAILED;
BIGNUM *c = mpi_to_bn(_c);
BIGNUM *d = mpi_to_bn(pk->sec.rsa.d);
BIGNUM *n = mpi_to_bn(pk->pub.rsa.n);
BIGNUM *m = BN_new();
BN_CTX *tmp = BN_CTX_new();
int res = PXE_PGP_MATH_FAILED;
BIGNUM *c = mpi_to_bn(_c);
BIGNUM *d = mpi_to_bn(pk->sec.rsa.d);
BIGNUM *n = mpi_to_bn(pk->pub.rsa.n);
BIGNUM *m = BN_new();
BN_CTX *tmp = BN_CTX_new();
if (!m || !d || !n || !c || !tmp)
goto err;
@ -249,11 +271,15 @@ pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *_c, PGP_MPI **m_p)
if (*m_p)
res = 0;
err:
if (tmp) BN_CTX_free(tmp);
if (m) BN_clear_free(m);
if (n) BN_clear_free(n);
if (d) BN_clear_free(d);
if (c) BN_clear_free(c);
if (tmp)
BN_CTX_free(tmp);
if (m)
BN_clear_free(m);
if (n)
BN_clear_free(n);
if (d)
BN_clear_free(d);
if (c)
BN_clear_free(c);
return res;
}

53
contrib/pgcrypto/pgp-mpi.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-mpi.c,v 1.3 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-mpi.c,v 1.4 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -34,10 +34,12 @@
#include "mbuf.h"
#include "pgp.h"
int pgp_mpi_alloc(int bits, PGP_MPI **mpi)
int
pgp_mpi_alloc(int bits, PGP_MPI ** mpi)
{
PGP_MPI *n;
int len = (bits + 7) / 8;
PGP_MPI *n;
int len = (bits + 7) / 8;
if (bits < 0 || bits > 0xFFFF)
{
px_debug("pgp_mpi_alloc: unreasonable request: bits=%d", bits);
@ -46,15 +48,16 @@ int pgp_mpi_alloc(int bits, PGP_MPI **mpi)
n = px_alloc(sizeof(*n) + len);
n->bits = bits;
n->bytes = len;
n->data = (uint8*)(n) + sizeof(*n);
n->data = (uint8 *) (n) + sizeof(*n);
*mpi = n;
return 0;
}
int pgp_mpi_create(uint8 *data, int bits, PGP_MPI **mpi)
int
pgp_mpi_create(uint8 *data, int bits, PGP_MPI ** mpi)
{
int res;
PGP_MPI *n;
int res;
PGP_MPI *n;
res = pgp_mpi_alloc(bits, &n);
if (res < 0)
@ -64,7 +67,8 @@ int pgp_mpi_create(uint8 *data, int bits, PGP_MPI **mpi)
return 0;
}
int pgp_mpi_free(PGP_MPI *mpi)
int
pgp_mpi_free(PGP_MPI * mpi)
{
if (mpi == NULL)
return 0;
@ -73,17 +77,18 @@ int pgp_mpi_free(PGP_MPI *mpi)
return 0;
}
int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi)
int
pgp_mpi_read(PullFilter * src, PGP_MPI ** mpi)
{
int res;
uint8 hdr[2];
int bits;
PGP_MPI *n;
int res;
uint8 hdr[2];
int bits;
PGP_MPI *n;
res = pullf_read_fixed(src, 2, hdr);
if (res < 0)
return res;
bits = ((unsigned)hdr[0] << 8) + hdr[1];
bits = ((unsigned) hdr[0] << 8) + hdr[1];
res = pgp_mpi_alloc(bits, &n);
if (res < 0)
@ -97,10 +102,11 @@ int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi)
return res;
}
int pgp_mpi_write(PushFilter *dst, PGP_MPI *n)
int
pgp_mpi_write(PushFilter * dst, PGP_MPI * n)
{
int res;
uint8 buf[2];
int res;
uint8 buf[2];
buf[0] = n->bits >> 8;
buf[1] = n->bits & 0xFF;
@ -110,9 +116,10 @@ int pgp_mpi_write(PushFilter *dst, PGP_MPI *n)
return res;
}
int pgp_mpi_hash(PX_MD *md, PGP_MPI *n)
int
pgp_mpi_hash(PX_MD * md, PGP_MPI * n)
{
uint8 buf[2];
uint8 buf[2];
buf[0] = n->bits >> 8;
buf[1] = n->bits & 0xFF;
@ -122,9 +129,10 @@ int pgp_mpi_hash(PX_MD *md, PGP_MPI *n)
return 0;
}
unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI *n)
unsigned
pgp_mpi_cksum(unsigned cksum, PGP_MPI * n)
{
int i;
int i;
cksum += n->bits >> 8;
cksum += n->bits & 0xFF;
@ -133,4 +141,3 @@ unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI *n)
return cksum & 0xFFFF;
}

199
contrib/pgcrypto/pgp-pgsql.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-pgsql.c,v 1.5 2005/09/24 19:14:04 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-pgsql.c,v 1.6 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -42,20 +42,20 @@
/*
* public functions
*/
Datum pgp_sym_encrypt_text(PG_FUNCTION_ARGS);
Datum pgp_sym_encrypt_bytea(PG_FUNCTION_ARGS);
Datum pgp_sym_decrypt_text(PG_FUNCTION_ARGS);
Datum pgp_sym_decrypt_bytea(PG_FUNCTION_ARGS);
Datum pgp_sym_encrypt_text(PG_FUNCTION_ARGS);
Datum pgp_sym_encrypt_bytea(PG_FUNCTION_ARGS);
Datum pgp_sym_decrypt_text(PG_FUNCTION_ARGS);
Datum pgp_sym_decrypt_bytea(PG_FUNCTION_ARGS);
Datum pgp_pub_encrypt_text(PG_FUNCTION_ARGS);
Datum pgp_pub_encrypt_bytea(PG_FUNCTION_ARGS);
Datum pgp_pub_decrypt_text(PG_FUNCTION_ARGS);
Datum pgp_pub_decrypt_bytea(PG_FUNCTION_ARGS);
Datum pgp_pub_encrypt_text(PG_FUNCTION_ARGS);
Datum pgp_pub_encrypt_bytea(PG_FUNCTION_ARGS);
Datum pgp_pub_decrypt_text(PG_FUNCTION_ARGS);
Datum pgp_pub_decrypt_bytea(PG_FUNCTION_ARGS);
Datum pgp_key_id_w(PG_FUNCTION_ARGS);
Datum pgp_key_id_w(PG_FUNCTION_ARGS);
Datum pg_armor(PG_FUNCTION_ARGS);
Datum pg_dearmor(PG_FUNCTION_ARGS);
Datum pg_armor(PG_FUNCTION_ARGS);
Datum pg_dearmor(PG_FUNCTION_ARGS);
/* function headers */
@ -89,9 +89,10 @@ PG_FUNCTION_INFO_V1(pg_dearmor);
/*
* Mix a block of data into RNG.
*/
static void add_block_entropy(PX_MD *md, text *data)
static void
add_block_entropy(PX_MD * md, text *data)
{
uint8 sha1[20];
uint8 sha1[20];
px_md_reset(md);
px_md_update(md, (uint8 *) VARDATA(data), VARSIZE(data) - VARHDRSZ);
@ -103,13 +104,14 @@ static void add_block_entropy(PX_MD *md, text *data)
}
/*
* Mix user data into RNG. It is for user own interests to have
* Mix user data into RNG. It is for user own interests to have
* RNG state shuffled.
*/
static void add_entropy(text *data1, text *data2, text *data3)
static void
add_entropy(text *data1, text *data2, text *data3)
{
PX_MD *md;
uint8 rnd[3];
PX_MD *md;
uint8 rnd[3];
if (!data1 && !data2 && !data3)
return;
@ -122,9 +124,9 @@ static void add_entropy(text *data1, text *data2, text *data3)
/*
* Try to make the feeding unpredictable.
*
* Prefer data over keys, as it's rather likely
* that key is same in several calls.
*
* Prefer data over keys, as it's rather likely that key is same in several
* calls.
*/
/* chance: 7/8 */
@ -146,14 +148,15 @@ static void add_entropy(text *data1, text *data2, text *data3)
/*
* returns src in case of no conversion or error
*/
static text *convert_charset(text *src, int cset_from, int cset_to)
static text *
convert_charset(text *src, int cset_from, int cset_to)
{
int src_len = VARSIZE(src) - VARHDRSZ;
int dst_len;
int src_len = VARSIZE(src) - VARHDRSZ;
int dst_len;
unsigned char *dst;
unsigned char *csrc = (unsigned char *) VARDATA(src);
text *res;
text *res;
dst = pg_do_encoding_conversion(csrc, src_len, cset_from, cset_to);
if (dst == csrc)
return src;
@ -166,12 +169,14 @@ static text *convert_charset(text *src, int cset_from, int cset_to)
return res;
}
static text *convert_from_utf8(text *src)
static text *
convert_from_utf8(text *src)
{
return convert_charset(src, PG_UTF8, GetDatabaseEncoding());
}
static text *convert_to_utf8(text *src)
static text *
convert_to_utf8(text *src)
{
return convert_charset(src, GetDatabaseEncoding(), PG_UTF8);
}
@ -186,20 +191,22 @@ clear_and_pfree(text *p)
/*
* expect-* arguments storage
*/
struct debug_expect {
int debug;
int expect;
int cipher_algo;
int s2k_mode;
int s2k_cipher_algo;
int s2k_digest_algo;
int compress_algo;
int use_sess_key;
int disable_mdc;
int unicode_mode;
struct debug_expect
{
int debug;
int expect;
int cipher_algo;
int s2k_mode;
int s2k_cipher_algo;
int s2k_digest_algo;
int compress_algo;
int use_sess_key;
int disable_mdc;
int unicode_mode;
};
static void fill_expect(struct debug_expect *ex, int text_mode)
static void
fill_expect(struct debug_expect * ex, int text_mode)
{
ex->debug = 0;
ex->expect = 0;
@ -222,7 +229,8 @@ static void fill_expect(struct debug_expect *ex, int text_mode)
if (ex->arg >= 0 && ex->arg != ctx->arg) EX_MSG(arg); \
} while (0)
static void check_expect(PGP_Context *ctx, struct debug_expect *ex)
static void
check_expect(PGP_Context * ctx, struct debug_expect * ex)
{
EX_CHECK(cipher_algo);
EX_CHECK(s2k_mode);
@ -235,15 +243,18 @@ static void check_expect(PGP_Context *ctx, struct debug_expect *ex)
EX_CHECK(unicode_mode);
}
static void show_debug(const char *msg)
static void
show_debug(const char *msg)
{
ereport(NOTICE, (errmsg("dbg: %s", msg)));
}
static int set_arg(PGP_Context *ctx, char *key, char*val,
struct debug_expect *ex)
static int
set_arg(PGP_Context * ctx, char *key, char *val,
struct debug_expect * ex)
{
int res = 0;
int res = 0;
if (strcmp(key, "cipher-algo") == 0)
res = pgp_set_cipher_algo(ctx, val);
else if (strcmp(key, "disable-mdc") == 0)
@ -314,11 +325,12 @@ static int set_arg(PGP_Context *ctx, char *key, char*val,
}
/*
* Find next word. Handle ',' and '=' as words. Skip whitespace.
* Find next word. Handle ',' and '=' as words. Skip whitespace.
* Put word info into res_p, res_len.
* Returns ptr to next word.
*/
static char *getword(char *p, char **res_p, int *res_len)
static char *
getword(char *p, char **res_p, int *res_len)
{
/* whitespace at start */
while (*p && (*p == ' ' || *p == '\t' || *p == '\n'))
@ -330,12 +342,12 @@ static char *getword(char *p, char **res_p, int *res_len)
p++;
else
while (*p && !(*p == ' ' || *p == '\t' || *p == '\n'
|| *p == '=' || *p == ','))
|| *p == '=' || *p == ','))
p++;
/* word end */
*res_len = p - *res_p;
/* whitespace at end */
while (*p && (*p == ' ' || *p == '\t' || *p == '\n'))
p++;
@ -346,11 +358,15 @@ static char *getword(char *p, char **res_p, int *res_len)
/*
* Convert to lowercase asciiz string.
*/
static char *downcase_convert(const uint8 *s, int len)
static char *
downcase_convert(const uint8 *s, int len)
{
int c, i;
char *res = palloc(len + 1);
for (i = 0; i < len; i++) {
int c,
i;
char *res = palloc(len + 1);
for (i = 0; i < len; i++)
{
c = s[i];
if (c >= 'A' && c <= 'Z')
c += 'a' - 'A';
@ -360,14 +376,17 @@ static char *downcase_convert(const uint8 *s, int len)
return res;
}
static int parse_args(PGP_Context *ctx, uint8 *args, int arg_len,
struct debug_expect *ex)
static int
parse_args(PGP_Context * ctx, uint8 *args, int arg_len,
struct debug_expect * ex)
{
char *str = downcase_convert(args, arg_len);
char *key, *val;
int key_len, val_len;
int res = 0;
char *p = str;
char *str = downcase_convert(args, arg_len);
char *key,
*val;
int key_len,
val_len;
int res = 0;
char *p = str;
while (*p)
{
@ -403,10 +422,10 @@ create_mbuf_from_vardata(text *data)
}
static void
init_work(PGP_Context **ctx_p, int is_text,
text *args, struct debug_expect *ex)
init_work(PGP_Context ** ctx_p, int is_text,
text *args, struct debug_expect * ex)
{
int err = pgp_init(ctx_p);
int err = pgp_init(ctx_p);
fill_expect(ex, is_text);
@ -429,17 +448,18 @@ init_work(PGP_Context **ctx_p, int is_text,
static bytea *
encrypt_internal(int is_pubenc, int is_text,
text *data, text *key, text *args)
text *data, text *key, text *args)
{
MBuf *src, *dst;
uint8 tmp[VARHDRSZ];
uint8 *restmp;
bytea *res;
int res_len;
MBuf *src,
*dst;
uint8 tmp[VARHDRSZ];
uint8 *restmp;
bytea *res;
int res_len;
PGP_Context *ctx;
int err;
int err;
struct debug_expect ex;
text *tmp_data = NULL;
text *tmp_data = NULL;
/*
* Add data and key info RNG.
@ -470,15 +490,16 @@ encrypt_internal(int is_pubenc, int is_text,
*/
if (is_pubenc)
{
MBuf *kbuf = create_mbuf_from_vardata(key);
MBuf *kbuf = create_mbuf_from_vardata(key);
err = pgp_set_pubkey(ctx, kbuf,
NULL, 0, 0);
NULL, 0, 0);
mbuf_free(kbuf);
}
else
err = pgp_set_symkey(ctx, (uint8 *) VARDATA(key),
VARSIZE(key) - VARHDRSZ);
/*
* encrypt
*/
@ -520,17 +541,18 @@ encrypt_internal(int is_pubenc, int is_text,
static bytea *
decrypt_internal(int is_pubenc, int need_text, text *data,
text *key, text *keypsw, text *args)
text *key, text *keypsw, text *args)
{
int err;
MBuf *src = NULL, *dst = NULL;
uint8 tmp[VARHDRSZ];
uint8 *restmp;
bytea *res;
int res_len;
int err;
MBuf *src = NULL,
*dst = NULL;
uint8 tmp[VARHDRSZ];
uint8 *restmp;
bytea *res;
int res_len;
PGP_Context *ctx = NULL;
struct debug_expect ex;
int got_unicode = 0;
int got_unicode = 0;
init_work(&ctx, need_text, args, &ex);
@ -543,15 +565,16 @@ decrypt_internal(int is_pubenc, int need_text, text *data,
* reserve room for header
*/
mbuf_append(dst, tmp, VARHDRSZ);
/*
* set key
*/
if (is_pubenc)
{
uint8 *psw = NULL;
int psw_len = 0;
MBuf *kbuf;
uint8 *psw = NULL;
int psw_len = 0;
MBuf *kbuf;
if (keypsw)
{
psw = (uint8 *) VARDATA(keypsw);
@ -608,7 +631,8 @@ out:
if (need_text && got_unicode)
{
text *utf = convert_from_utf8(res);
text *utf = convert_from_utf8(res);
if (utf != res)
{
clear_and_pfree(res);
@ -927,4 +951,3 @@ pgp_key_id_w(PG_FUNCTION_ARGS)
PG_FREE_IF_COPY(data, 0);
PG_RETURN_TEXT_P(res);
}

72
contrib/pgcrypto/pgp-pubdec.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-pubdec.c,v 1.4 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-pubdec.c,v 1.5 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -35,24 +35,25 @@
#include "pgp.h"
/*
* padded msg = 02 || PS || 00 || M
* padded msg = 02 || PS || 00 || M
* PS - pad bytes
* M - msg
*/
static uint8 *
check_eme_pkcs1_v15(uint8 *data, int len)
{
uint8 *data_end = data + len;
uint8 *p = data;
int rnd = 0;
uint8 *data_end = data + len;
uint8 *p = data;
int rnd = 0;
if (len < 1 + 8 + 1)
return NULL;
if (*p++ != 2)
return NULL;
while (p < data_end && *p) {
while (p < data_end && *p)
{
p++;
rnd++;
}
@ -73,8 +74,9 @@ check_eme_pkcs1_v15(uint8 *data, int len)
static int
control_cksum(uint8 *msg, int msglen)
{
int i;
unsigned my_cksum, got_cksum;
int i;
unsigned my_cksum,
got_cksum;
if (msglen < 3)
return PXE_PGP_WRONG_KEY;
@ -83,8 +85,9 @@ control_cksum(uint8 *msg, int msglen)
for (i = 1; i < msglen - 2; i++)
my_cksum += msg[i];
my_cksum &= 0xFFFF;
got_cksum = ((unsigned)(msg[msglen-2]) << 8) + msg[msglen-1];
if (my_cksum != got_cksum) {
got_cksum = ((unsigned) (msg[msglen - 2]) << 8) + msg[msglen - 1];
if (my_cksum != got_cksum)
{
px_debug("pubenc cksum failed");
return PXE_PGP_WRONG_KEY;
}
@ -92,11 +95,11 @@ control_cksum(uint8 *msg, int msglen)
}
static int
decrypt_elgamal(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
decrypt_elgamal(PGP_PubKey * pk, PullFilter * pkt, PGP_MPI ** m_p)
{
int res;
PGP_MPI *c1 = NULL;
PGP_MPI *c2 = NULL;
int res;
PGP_MPI *c1 = NULL;
PGP_MPI *c2 = NULL;
if (pk->algo != PGP_PUB_ELG_ENCRYPT)
return PXE_PGP_WRONG_KEY;
@ -119,13 +122,13 @@ out:
}
static int
decrypt_rsa(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
decrypt_rsa(PGP_PubKey * pk, PullFilter * pkt, PGP_MPI ** m_p)
{
int res;
PGP_MPI *c;
int res;
PGP_MPI *c;
if (pk->algo != PGP_PUB_RSA_ENCRYPT
&& pk->algo != PGP_PUB_RSA_ENCRYPT_SIGN)
&& pk->algo != PGP_PUB_RSA_ENCRYPT_SIGN)
return PXE_PGP_WRONG_KEY;
/* read rsa encrypted data */
@ -142,28 +145,30 @@ decrypt_rsa(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
/* key id is missing - user is expected to try all keys */
static const uint8
any_key[] = {0, 0, 0, 0, 0, 0, 0, 0};
any_key[] = {0, 0, 0, 0, 0, 0, 0, 0};
int
pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt)
pgp_parse_pubenc_sesskey(PGP_Context * ctx, PullFilter * pkt)
{
int ver;
int algo;
int res;
uint8 key_id[8];
int ver;
int algo;
int res;
uint8 key_id[8];
PGP_PubKey *pk;
uint8 *msg;
int msglen;
PGP_MPI *m;
uint8 *msg;
int msglen;
PGP_MPI *m;
pk = ctx->pub_key;
if (pk == NULL) {
if (pk == NULL)
{
px_debug("no pubkey?");
return PXE_BUG;
}
GETBYTE(pkt, ver);
if (ver != 3) {
if (ver != 3)
{
px_debug("unknown pubenc_sesskey pkt ver=%d", ver);
return PXE_PGP_CORRUPT_DATA;
}
@ -175,7 +180,7 @@ pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt)
if (res < 0)
return res;
if (memcmp(key_id, any_key, 8) != 0
&& memcmp(key_id, pk->key_id, 8) != 0)
&& memcmp(key_id, pk->key_id, 8) != 0)
{
px_debug("key_id's does not match");
return PXE_PGP_WRONG_KEY;
@ -204,7 +209,8 @@ pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt)
* extract message
*/
msg = check_eme_pkcs1_v15(m->data, m->bytes);
if (msg == NULL) {
if (msg == NULL)
{
px_debug("check_eme_pkcs1_v15 failed");
res = PXE_PGP_WRONG_KEY;
goto out;
@ -228,5 +234,3 @@ out:
return res;
return pgp_expect_packet_end(pkt);
}

62
contrib/pgcrypto/pgp-pubenc.c
View File

@ -1,6 +1,6 @@
/*
* pgp-pubenc.c
* Encrypt session key with public key.
* Encrypt session key with public key.
*
* Copyright (c) 2005 Marko Kreen
* All rights reserved.
@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-pubenc.c,v 1.3 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-pubenc.c,v 1.4 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -40,9 +40,10 @@
static int
pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p)
{
int res;
uint8 *buf, *p;
int pad_len = res_len - 2 - data_len;
int res;
uint8 *buf,
*p;
int pad_len = res_len - 2 - data_len;
if (pad_len < 8)
return PXE_BUG;
@ -76,7 +77,7 @@ pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p)
px_free(buf);
return res;
}
buf[pad_len + 1] = 0;
memcpy(buf + pad_len + 2, data, data_len);
*res_p = buf;
@ -85,19 +86,20 @@ pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p)
}
static int
create_secmsg(PGP_Context *ctx, PGP_MPI **msg_p, int full_bytes)
create_secmsg(PGP_Context * ctx, PGP_MPI ** msg_p, int full_bytes)
{
uint8 *secmsg;
int res, i;
unsigned cksum = 0;
int klen = ctx->sess_key_len;
uint8 *padded = NULL;
PGP_MPI *m = NULL;
uint8 *secmsg;
int res,
i;
unsigned cksum = 0;
int klen = ctx->sess_key_len;
uint8 *padded = NULL;
PGP_MPI *m = NULL;
/* calc checksum */
for (i = 0; i < klen; i++)
cksum += ctx->sess_key[i];
/*
* create "secret message"
*/
@ -114,7 +116,8 @@ create_secmsg(PGP_Context *ctx, PGP_MPI **msg_p, int full_bytes)
if (res >= 0)
{
/* first byte will be 0x02 */
int full_bits = full_bytes * 8 - 6;
int full_bits = full_bytes * 8 - 6;
res = pgp_mpi_create(padded, full_bits, &m);
}
@ -133,10 +136,12 @@ create_secmsg(PGP_Context *ctx, PGP_MPI **msg_p, int full_bytes)
}
static int
encrypt_and_write_elgamal(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt)
encrypt_and_write_elgamal(PGP_Context * ctx, PGP_PubKey * pk, PushFilter * pkt)
{
int res;
PGP_MPI *m = NULL, *c1 = NULL, *c2 = NULL;
int res;
PGP_MPI *m = NULL,
*c1 = NULL,
*c2 = NULL;
/* create padded msg */
res = create_secmsg(ctx, &m, pk->pub.elg.p->bytes - 1);
@ -162,10 +167,11 @@ err:
}
static int
encrypt_and_write_rsa(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt)
encrypt_and_write_rsa(PGP_Context * ctx, PGP_PubKey * pk, PushFilter * pkt)
{
int res;
PGP_MPI *m = NULL, *c = NULL;
int res;
PGP_MPI *m = NULL,
*c = NULL;
/* create padded msg */
res = create_secmsg(ctx, &m, pk->pub.rsa.n->bytes - 1);
@ -186,15 +192,17 @@ err:
return res;
}
int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst)
int
pgp_write_pubenc_sesskey(PGP_Context * ctx, PushFilter * dst)
{
int res;
int res;
PGP_PubKey *pk = ctx->pub_key;
uint8 ver = 3;
uint8 ver = 3;
PushFilter *pkt = NULL;
uint8 algo = pk->algo;
uint8 algo = pk->algo;
if (pk == NULL) {
if (pk == NULL)
{
px_debug("no pubkey?\n");
return PXE_BUG;
}
@ -238,5 +246,3 @@ err:
return res;
}

167
contrib/pgcrypto/pgp-pubkey.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-pubkey.c,v 1.3 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-pubkey.c,v 1.4 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -34,16 +34,19 @@
#include "mbuf.h"
#include "pgp.h"
int pgp_key_alloc(PGP_PubKey **pk_p)
int
pgp_key_alloc(PGP_PubKey ** pk_p)
{
PGP_PubKey *pk;
pk = px_alloc(sizeof(*pk));
memset(pk, 0, sizeof(*pk));
*pk_p = pk;
return 0;
}
void pgp_key_free(PGP_PubKey *pk)
void
pgp_key_free(PGP_PubKey * pk)
{
if (pk == NULL)
return;
@ -79,13 +82,13 @@ void pgp_key_free(PGP_PubKey *pk)
}
static int
calc_key_id(PGP_PubKey *pk)
calc_key_id(PGP_PubKey * pk)
{
int res;
PX_MD *md;
int len;
uint8 hdr[3];
uint8 hash[20];
int res;
PX_MD *md;
int len;
uint8 hdr[3];
uint8 hash[20];
res = pgp_load_digest(PGP_DIGEST_SHA1, &md);
if (res < 0)
@ -121,7 +124,7 @@ calc_key_id(PGP_PubKey *pk)
px_md_update(md, &pk->ver, 1);
px_md_update(md, pk->time, 4);
px_md_update(md, &pk->algo, 1);
switch (pk->algo)
{
case PGP_PUB_ELG_ENCRYPT:
@ -152,9 +155,10 @@ calc_key_id(PGP_PubKey *pk)
return 0;
}
int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p)
int
_pgp_read_public_key(PullFilter * pkt, PGP_PubKey ** pk_p)
{
int res;
int res;
PGP_PubKey *pk;
res = pgp_key_alloc(&pk);
@ -163,11 +167,12 @@ int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p)
/* get version */
GETBYTE(pkt, pk->ver);
if (pk->ver != 4) {
if (pk->ver != 4)
{
res = PXE_PGP_NOT_V4_KEYPKT;
goto out;
}
/* read time */
res = pullf_read_fixed(pkt, 4, pk->time);
if (res < 0)
@ -176,16 +181,21 @@ int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p)
/* pubkey algorithm */
GETBYTE(pkt, pk->algo);
switch (pk->algo) {
switch (pk->algo)
{
case PGP_PUB_DSA_SIGN:
res = pgp_mpi_read(pkt, &pk->pub.dsa.p);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->pub.dsa.q);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->pub.dsa.g);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->pub.dsa.y);
if (res < 0) break;
if (res < 0)
break;
res = calc_key_id(pk);
break;
@ -194,9 +204,11 @@ int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p)
case PGP_PUB_RSA_ENCRYPT:
case PGP_PUB_RSA_ENCRYPT_SIGN:
res = pgp_mpi_read(pkt, &pk->pub.rsa.n);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->pub.rsa.e);
if (res < 0) break;
if (res < 0)
break;
res = calc_key_id(pk);
@ -206,11 +218,14 @@ int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p)
case PGP_PUB_ELG_ENCRYPT:
res = pgp_mpi_read(pkt, &pk->pub.elg.p);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->pub.elg.g);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->pub.elg.y);
if (res < 0) break;
if (res < 0)
break;
res = calc_key_id(pk);
@ -236,12 +251,12 @@ out:
#define HIDE_SHA1 254
static int
check_key_sha1(PullFilter *src, PGP_PubKey *pk)
check_key_sha1(PullFilter * src, PGP_PubKey * pk)
{
int res;
uint8 got_sha1[20];
uint8 my_sha1[20];
PX_MD *md;
int res;
uint8 got_sha1[20];
uint8 my_sha1[20];
PX_MD *md;
res = pullf_read_fixed(src, 20, got_sha1);
if (res < 0)
@ -282,17 +297,18 @@ err:
}
static int
check_key_cksum(PullFilter *src, PGP_PubKey *pk)
check_key_cksum(PullFilter * src, PGP_PubKey * pk)
{
int res;
unsigned got_cksum, my_cksum = 0;
uint8 buf[2];
int res;
unsigned got_cksum,
my_cksum = 0;
uint8 buf[2];
res = pullf_read_fixed(src, 2, buf);
if (res < 0)
return res;
got_cksum = ((unsigned)buf[0] << 8) + buf[1];
got_cksum = ((unsigned) buf[0] << 8) + buf[1];
switch (pk->algo)
{
case PGP_PUB_ELG_ENCRYPT:
@ -318,17 +334,19 @@ check_key_cksum(PullFilter *src, PGP_PubKey *pk)
return 0;
}
static int process_secret_key(PullFilter *pkt, PGP_PubKey **pk_p,
const uint8 *key, int key_len)
static int
process_secret_key(PullFilter * pkt, PGP_PubKey ** pk_p,
const uint8 *key, int key_len)
{
int res;
int hide_type;
int cipher_algo;
int bs;
uint8 iv[512];
PullFilter *pf_decrypt = NULL, *pf_key;
PGP_CFB *cfb = NULL;
PGP_S2K s2k;
int res;
int hide_type;
int cipher_algo;
int bs;
uint8 iv[512];
PullFilter *pf_decrypt = NULL,
*pf_key;
PGP_CFB *cfb = NULL;
PGP_S2K s2k;
PGP_PubKey *pk;
/* first read public key part */
@ -340,7 +358,8 @@ static int process_secret_key(PullFilter *pkt, PGP_PubKey **pk_p,
* is secret key encrypted?
*/
GETBYTE(pkt, hide_type);
if (hide_type == HIDE_SHA1 || hide_type == HIDE_CKSUM) {
if (hide_type == HIDE_SHA1 || hide_type == HIDE_CKSUM)
{
if (key == NULL)
return PXE_PGP_NEED_SECRET_PSW;
GETBYTE(pkt, cipher_algo);
@ -351,15 +370,17 @@ static int process_secret_key(PullFilter *pkt, PGP_PubKey **pk_p,
res = pgp_s2k_process(&s2k, cipher_algo, key, key_len);
if (res < 0)
return res;
bs = pgp_get_cipher_block_size(cipher_algo);
if (bs == 0) {
if (bs == 0)
{
px_debug("unknown cipher algo=%d", cipher_algo);
return PXE_PGP_UNSUPPORTED_CIPHER;
}
res = pullf_read_fixed(pkt, bs, iv);
if (res < 0)
return res;
/*
* create decrypt filter
*/
@ -370,26 +391,35 @@ static int process_secret_key(PullFilter *pkt, PGP_PubKey **pk_p,
if (res < 0)
return res;
pf_key = pf_decrypt;
} else if (hide_type == HIDE_CLEAR) {
}
else if (hide_type == HIDE_CLEAR)
{
pf_key = pkt;
} else {
}
else
{
px_debug("unknown hide type");
return PXE_PGP_KEYPKT_CORRUPT;
}
/* read secret key */
switch (pk->algo) {
switch (pk->algo)
{
case PGP_PUB_RSA_SIGN:
case PGP_PUB_RSA_ENCRYPT:
case PGP_PUB_RSA_ENCRYPT_SIGN:
res = pgp_mpi_read(pkt, &pk->sec.rsa.d);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->sec.rsa.p);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->sec.rsa.q);
if (res < 0) break;
if (res < 0)
break;
res = pgp_mpi_read(pkt, &pk->sec.rsa.u);
if (res < 0) break;
if (res < 0)
break;
break;
case PGP_PUB_ELG_ENCRYPT:
res = pgp_mpi_read(pf_key, &pk->sec.elg.x);
@ -426,31 +456,33 @@ static int process_secret_key(PullFilter *pkt, PGP_PubKey **pk_p,
}
static int
internal_read_key(PullFilter *src, PGP_PubKey **pk_p,
const uint8 *psw, int psw_len, int pubtype)
internal_read_key(PullFilter * src, PGP_PubKey ** pk_p,
const uint8 *psw, int psw_len, int pubtype)
{
PullFilter *pkt = NULL;
int res;
uint8 tag;
int len;
int res;
uint8 tag;
int len;
PGP_PubKey *enc_key = NULL;
PGP_PubKey *pk = NULL;
int got_main_key = 0;
int got_main_key = 0;
/*
* Search for encryption key.
*
* Error out on anything fancy.
*/
while (1) {
while (1)
{
res = pgp_parse_pkt_hdr(src, &tag, &len, 0);
if (res <= 0)
break;
res = pgp_create_pkt_reader(&pkt, src, len, res, NULL);
if (res < 0)
break;
switch (tag) {
switch (tag)
{
case PGP_PKT_PUBLIC_KEY:
case PGP_PKT_SECRET_KEY:
if (got_main_key)
@ -489,7 +521,7 @@ internal_read_key(PullFilter *src, PGP_PubKey **pk_p,
res = PXE_PGP_UNEXPECTED_PKT;
}
pullf_free(pkt);
pkt = NULL;
pkt = NULL;
if (pk != NULL)
{
@ -531,10 +563,10 @@ internal_read_key(PullFilter *src, PGP_PubKey **pk_p,
}
int
pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt,
const uint8 *key, int key_len, int pubtype)
pgp_set_pubkey(PGP_Context * ctx, MBuf * keypkt,
const uint8 *key, int key_len, int pubtype)
{
int res;
int res;
PullFilter *src;
PGP_PubKey *pk = NULL;
@ -550,4 +582,3 @@ pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt,
return res < 0 ? res : 0;
}

39
contrib/pgcrypto/pgp-s2k.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-s2k.c,v 1.3 2005/07/18 17:12:54 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp-s2k.c,v 1.4 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -36,7 +36,7 @@
#include "pgp.h"
static int
calc_s2k_simple(PGP_S2K * s2k, PX_MD *md, const uint8 *key,
calc_s2k_simple(PGP_S2K * s2k, PX_MD * md, const uint8 *key,
unsigned key_len)
{
unsigned md_bs,
@ -81,7 +81,7 @@ calc_s2k_simple(PGP_S2K * s2k, PX_MD *md, const uint8 *key,
}
static int
calc_s2k_salted(PGP_S2K * s2k, PX_MD *md, const uint8 *key, unsigned key_len)
calc_s2k_salted(PGP_S2K * s2k, PX_MD * md, const uint8 *key, unsigned key_len)
{
unsigned md_bs,
md_rlen;
@ -126,8 +126,8 @@ calc_s2k_salted(PGP_S2K * s2k, PX_MD *md, const uint8 *key, unsigned key_len)
}
static int
calc_s2k_iter_salted(PGP_S2K * s2k, PX_MD *md, const uint8 *key,
unsigned key_len)
calc_s2k_iter_salted(PGP_S2K * s2k, PX_MD * md, const uint8 *key,
unsigned key_len)
{
unsigned md_bs,
md_rlen;
@ -200,7 +200,7 @@ calc_s2k_iter_salted(PGP_S2K * s2k, PX_MD *md, const uint8 *key,
/*
* Decide S2K_ISALTED iteration count
*
*
* Too small: weak
* Too big: slow
* gpg defaults to 96 => 65536 iters
@ -213,15 +213,16 @@ decide_count(unsigned rand_byte)
}
int
pgp_s2k_fill(PGP_S2K *s2k, int mode,int digest_algo)
pgp_s2k_fill(PGP_S2K * s2k, int mode, int digest_algo)
{
int res = 0;
uint8 tmp;
int res = 0;
uint8 tmp;
s2k->mode = mode;
s2k->digest_algo = digest_algo;
switch (s2k->mode) {
switch (s2k->mode)
{
case 0:
break;
case 1:
@ -243,13 +244,14 @@ pgp_s2k_fill(PGP_S2K *s2k, int mode,int digest_algo)
}
int
pgp_s2k_read(PullFilter *src, PGP_S2K *s2k)
pgp_s2k_read(PullFilter * src, PGP_S2K * s2k)
{
int res = 0;
int res = 0;
GETBYTE(src, s2k->mode);
GETBYTE(src, s2k->digest_algo);
switch (s2k->mode) {
switch (s2k->mode)
{
case 0:
break;
case 1:
@ -267,10 +269,11 @@ pgp_s2k_read(PullFilter *src, PGP_S2K *s2k)
return res;
}
int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int key_len)
int
pgp_s2k_process(PGP_S2K * s2k, int cipher, const uint8 *key, int key_len)
{
int res;
PX_MD *md;
int res;
PX_MD *md;
s2k->key_len = pgp_get_cipher_key_size(cipher);
if (s2k->key_len <= 0)
@ -280,7 +283,8 @@ int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int key_len)
if (res < 0)
return res;
switch (s2k->mode) {
switch (s2k->mode)
{
case 0:
res = calc_s2k_simple(s2k, md, key, key_len);
break;
@ -296,4 +300,3 @@ int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int key_len)
px_md_free(md);
return res;
}

41
contrib/pgcrypto/pgp.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp.c,v 1.2 2005/07/11 15:07:59 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp.c,v 1.3 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -62,8 +62,8 @@ struct cipher_info
const char *name;
int code;
const char *int_name;
int key_len;
int block_len;
int key_len;
int block_len;
};
static const struct digest_info digest_list[] = {
@ -78,15 +78,15 @@ static const struct digest_info digest_list[] = {
};
static const struct cipher_info cipher_list[] = {
{"3des", PGP_SYM_DES3, "3des-ecb", 192/8, 64/8},
{"cast5", PGP_SYM_CAST5, "cast5-ecb", 128/8, 64/8},
{"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128/8, 64/8},
{"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128/8, 64/8},
{"aes", PGP_SYM_AES_128, "aes-ecb", 128/8, 128/8},
{"aes128", PGP_SYM_AES_128, "aes-ecb", 128/8, 128/8},
{"aes192", PGP_SYM_AES_192, "aes-ecb", 192/8, 128/8},
{"aes256", PGP_SYM_AES_256, "aes-ecb", 256/8, 128/8},
{"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256/8, 128/8},
{"3des", PGP_SYM_DES3, "3des-ecb", 192 / 8, 64 / 8},
{"cast5", PGP_SYM_CAST5, "cast5-ecb", 128 / 8, 64 / 8},
{"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
{"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
{"aes", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
{"aes128", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
{"aes192", PGP_SYM_AES_192, "aes-ecb", 192 / 8, 128 / 8},
{"aes256", PGP_SYM_AES_256, "aes-ecb", 256 / 8, 128 / 8},
{"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256 / 8, 128 / 8},
{NULL, 0, NULL}
};
@ -94,6 +94,7 @@ static const struct cipher_info *
get_cipher_info(int code)
{
const struct cipher_info *i;
for (i = cipher_list; i->name; i++)
if (i->code == code)
return i;
@ -104,6 +105,7 @@ int
pgp_get_digest_code(const char *name)
{
const struct digest_info *i;
for (i = digest_list; i->name; i++)
if (pg_strcasecmp(i->name, name) == 0)
return i->code;
@ -114,6 +116,7 @@ int
pgp_get_cipher_code(const char *name)
{
const struct cipher_info *i;
for (i = cipher_list; i->name; i++)
if (pg_strcasecmp(i->name, name) == 0)
return i->code;
@ -124,6 +127,7 @@ const char *
pgp_get_digest_name(int code)
{
const struct digest_info *i;
for (i = digest_list; i->name; i++)
if (i->code == code)
return i->name;
@ -134,6 +138,7 @@ const char *
pgp_get_cipher_name(int code)
{
const struct cipher_info *i = get_cipher_info(code);
if (i != NULL)
return i->name;
return NULL;
@ -143,6 +148,7 @@ int
pgp_get_cipher_key_size(int code)
{
const struct cipher_info *i = get_cipher_info(code);
if (i != NULL)
return i->key_len;
return 0;
@ -152,6 +158,7 @@ int
pgp_get_cipher_block_size(int code)
{
const struct cipher_info *i = get_cipher_info(code);
if (i != NULL)
return i->block_len;
return 0;
@ -300,6 +307,7 @@ int
pgp_set_cipher_algo(PGP_Context * ctx, const char *name)
{
int code = pgp_get_cipher_code(name);
if (code < 0)
return code;
ctx->cipher_algo = code;
@ -310,6 +318,7 @@ int
pgp_set_s2k_cipher_algo(PGP_Context * ctx, const char *name)
{
int code = pgp_get_cipher_code(name);
if (code < 0)
return code;
ctx->s2k_cipher_algo = code;
@ -320,6 +329,7 @@ int
pgp_set_s2k_digest_algo(PGP_Context * ctx, const char *name)
{
int code = pgp_get_digest_code(name);
if (code < 0)
return code;
ctx->s2k_digest_algo = code;
@ -327,20 +337,20 @@ pgp_set_s2k_digest_algo(PGP_Context * ctx, const char *name)
}
int
pgp_get_unicode_mode(PGP_Context *ctx)
pgp_get_unicode_mode(PGP_Context * ctx)
{
return ctx->unicode_mode;
}
int
pgp_set_unicode_mode(PGP_Context *ctx, int mode)
pgp_set_unicode_mode(PGP_Context * ctx, int mode)
{
ctx->unicode_mode = mode ? 1 : 0;
return 0;
}
int
pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int len)
pgp_set_symkey(PGP_Context * ctx, const uint8 *key, int len)
{
if (key == NULL || len < 1)
return PXE_ARGUMENT_ERROR;
@ -348,4 +358,3 @@ pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int len)
ctx->sym_key_len = len;
return 0;
}

201
contrib/pgcrypto/pgp.h
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp.h,v 1.3 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/pgp.h,v 1.4 2005/10/15 02:49:06 momjian Exp $
*/
enum
@ -55,7 +55,7 @@ enum
PGP_PKT_USER_ATTR = 17,
PGP_PKT_SYMENCRYPTED_DATA_MDC = 18,
PGP_PKT_MDC = 19,
PGP_PKT_PRIV_61 = 61 /* occurs in gpg secring */
PGP_PKT_PRIV_61 = 61 /* occurs in gpg secring */
} PGP_PKT_TYPE;
enum
@ -93,11 +93,11 @@ enum
enum
{
PGP_DIGEST_MD5 = 1, /* should, deprecated */
PGP_DIGEST_SHA1 = 2, /* must */
PGP_DIGEST_SHA1 = 2, /* must */
PGP_DIGEST_RIPEMD160 = 3,
PGP_DIGEST_XSHA = 4, /* obsolete */
PGP_DIGEST_XSHA = 4, /* obsolete */
PGP_DIGEST_MD2 = 5, /* obsolete */
PGP_DIGEST_TIGER192 = 6, /* obsolete */
PGP_DIGEST_TIGER192 = 6, /* obsolete */
PGP_DIGEST_HAVAL5_160 = 7, /* obsolete */
PGP_DIGEST_SHA256 = 8,
PGP_DIGEST_SHA384 = 9,
@ -114,14 +114,15 @@ typedef struct PGP_PubKey PGP_PubKey;
typedef struct PGP_Context PGP_Context;
typedef struct PGP_S2K PGP_S2K;
struct PGP_S2K {
uint8 mode;
uint8 digest_algo;
uint8 salt[8];
uint8 iter;
struct PGP_S2K
{
uint8 mode;
uint8 digest_algo;
uint8 salt[8];
uint8 iter;
/* calculated: */
uint8 key[PGP_MAX_KEY];
uint8 key_len;
uint8 key[PGP_MAX_KEY];
uint8 key_len;
};
@ -151,9 +152,9 @@ struct PGP_Context
int in_mdc_pkt;
int use_mdcbuf_filter;
PX_MD *mdc_ctx;
PGP_PubKey *pub_key; /* ctx owns it*/
const uint8 *sym_key; /* ctx does not own it */
PGP_PubKey *pub_key; /* ctx owns it */
const uint8 *sym_key; /* ctx does not own it */
int sym_key_len;
/*
@ -163,54 +164,64 @@ struct PGP_Context
unsigned sess_key_len;
};
struct PGP_MPI {
uint8 *data;
int bits;
int bytes;
struct PGP_MPI
{
uint8 *data;
int bits;
int bytes;
};
struct PGP_PubKey {
uint8 ver;
uint8 time[4];
uint8 algo;
struct PGP_PubKey
{
uint8 ver;
uint8 time[4];
uint8 algo;
/* public part */
union {
struct {
PGP_MPI *p;
PGP_MPI *g;
PGP_MPI *y;
} elg;
struct {
PGP_MPI *n;
PGP_MPI *e;
} rsa;
struct {
PGP_MPI *p;
PGP_MPI *q;
PGP_MPI *g;
PGP_MPI *y;
} dsa;
} pub;
union
{
struct
{
PGP_MPI *p;
PGP_MPI *g;
PGP_MPI *y;
} elg;
struct
{
PGP_MPI *n;
PGP_MPI *e;
} rsa;
struct
{
PGP_MPI *p;
PGP_MPI *q;
PGP_MPI *g;
PGP_MPI *y;
} dsa;
} pub;
/* secret part */
union {
struct {
PGP_MPI *x;
} elg;
struct {
PGP_MPI *d;
PGP_MPI *p;
PGP_MPI *q;
PGP_MPI *u;
} rsa;
struct {
PGP_MPI *x;
} dsa;
} sec;
union
{
struct
{
PGP_MPI *x;
} elg;
struct
{
PGP_MPI *d;
PGP_MPI *p;
PGP_MPI *q;
PGP_MPI *u;
} rsa;
struct
{
PGP_MPI *x;
} dsa;
} sec;
uint8 key_id[8];
int can_encrypt;
uint8 key_id[8];
int can_encrypt;
};
int pgp_init(PGP_Context ** ctx);
@ -236,11 +247,11 @@ int pgp_set_text_mode(PGP_Context * ctx, int mode);
int pgp_set_unicode_mode(PGP_Context * ctx, int mode);
int pgp_get_unicode_mode(PGP_Context * ctx);
int pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int klen);
int pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt,
const uint8 *key, int klen, int pubtype);
int pgp_set_symkey(PGP_Context * ctx, const uint8 *key, int klen);
int pgp_set_pubkey(PGP_Context * ctx, MBuf * keypkt,
const uint8 *key, int klen, int pubtype);
int pgp_get_keyid(MBuf *pgp_data, char *dst);
int pgp_get_keyid(MBuf * pgp_data, char *dst);
/* internal functions */
@ -249,55 +260,55 @@ int pgp_load_cipher(int c, PX_Cipher ** res);
int pgp_get_cipher_key_size(int c);
int pgp_get_cipher_block_size(int c);
int pgp_s2k_fill(PGP_S2K *s2k, int mode, int digest_algo);
int pgp_s2k_read(PullFilter *src, PGP_S2K *s2k);
int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int klen);
int pgp_s2k_fill(PGP_S2K * s2k, int mode, int digest_algo);
int pgp_s2k_read(PullFilter * src, PGP_S2K * s2k);
int pgp_s2k_process(PGP_S2K * s2k, int cipher, const uint8 *key, int klen);
typedef struct PGP_CFB PGP_CFB;
int pgp_cfb_create(PGP_CFB **ctx_p, int algo,
const uint8 *key, int key_len, int recync, uint8 *iv);
void pgp_cfb_free(PGP_CFB *ctx);
int pgp_cfb_encrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst);
int pgp_cfb_decrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst);
int
pgp_cfb_create(PGP_CFB ** ctx_p, int algo,
const uint8 *key, int key_len, int recync, uint8 *iv);
void pgp_cfb_free(PGP_CFB * ctx);
int pgp_cfb_encrypt(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst);
int pgp_cfb_decrypt(PGP_CFB * ctx, const uint8 *data, int len, uint8 *dst);
int pgp_armor_encode(const uint8 *src, unsigned len, uint8 *dst);
int pgp_armor_decode(const uint8 *src, unsigned len, uint8 *dst);
unsigned pgp_armor_enc_len(unsigned len);
unsigned pgp_armor_dec_len(unsigned len);
int pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst);
int pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src);
int pgp_compress_filter(PushFilter ** res, PGP_Context * ctx, PushFilter * dst);
int pgp_decompress_filter(PullFilter ** res, PGP_Context * ctx, PullFilter * src);
int pgp_key_alloc(PGP_PubKey **pk_p);
void pgp_key_free(PGP_PubKey *pk);
int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p);
int pgp_key_alloc(PGP_PubKey ** pk_p);
void pgp_key_free(PGP_PubKey * pk);
int _pgp_read_public_key(PullFilter * pkt, PGP_PubKey ** pk_p);
int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt);
int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len,
int pkttype, PGP_Context *ctx);
int pgp_parse_pubenc_sesskey(PGP_Context * ctx, PullFilter * pkt);
int pgp_create_pkt_reader(PullFilter ** pf_p, PullFilter * src, int len,
int pkttype, PGP_Context * ctx);
int pgp_parse_pkt_hdr(PullFilter * src, uint8 *tag, int *len_p,
int allow_ctx);
int allow_ctx);
int pgp_skip_packet(PullFilter *pkt);
int pgp_expect_packet_end(PullFilter *pkt);
int pgp_skip_packet(PullFilter * pkt);
int pgp_expect_packet_end(PullFilter * pkt);
int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst);
int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p);
int pgp_write_pubenc_sesskey(PGP_Context * ctx, PushFilter * dst);
int pgp_create_pkt_writer(PushFilter * dst, int tag, PushFilter ** res_p);
int pgp_mpi_alloc(int bits, PGP_MPI **mpi);
int pgp_mpi_create(uint8 *data, int bits, PGP_MPI **mpi);
int pgp_mpi_free(PGP_MPI *mpi);
int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi);
int pgp_mpi_write(PushFilter *dst, PGP_MPI *n);
int pgp_mpi_hash(PX_MD *md, PGP_MPI *n);
unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI *n);
int pgp_mpi_alloc(int bits, PGP_MPI ** mpi);
int pgp_mpi_create(uint8 *data, int bits, PGP_MPI ** mpi);
int pgp_mpi_free(PGP_MPI * mpi);
int pgp_mpi_read(PullFilter * src, PGP_MPI ** mpi);
int pgp_mpi_write(PushFilter * dst, PGP_MPI * n);
int pgp_mpi_hash(PX_MD * md, PGP_MPI * n);
unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI * n);
int pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *m,
PGP_MPI **c1, PGP_MPI **c2);
int pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *c1, PGP_MPI *c2,
PGP_MPI **m);
int pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c);
int pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *c, PGP_MPI **m);
int pgp_elgamal_encrypt(PGP_PubKey * pk, PGP_MPI * m,
PGP_MPI ** c1, PGP_MPI ** c2);
int pgp_elgamal_decrypt(PGP_PubKey * pk, PGP_MPI * c1, PGP_MPI * c2,
PGP_MPI ** m);
int pgp_rsa_encrypt(PGP_PubKey * pk, PGP_MPI * m, PGP_MPI ** c);
int pgp_rsa_decrypt(PGP_PubKey * pk, PGP_MPI * c, PGP_MPI ** m);
extern struct PullFilterOps pgp_decrypt_filter;

7
contrib/pgcrypto/px-crypt.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.14 2005/09/24 19:14:04 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.15 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -77,9 +77,9 @@ struct px_crypt_algo
};
static const struct px_crypt_algo
px_crypt_list[] = {
px_crypt_list[] = {
{"$2a$", 4, run_crypt_bf},
{"$2$", 3, NULL}, /* N/A */
{"$2$", 3, NULL}, /* N/A */
{"$1$", 3, run_crypt_md5},
{"_", 1, run_crypt_des},
{"", 0, run_crypt_des},
@ -164,4 +164,3 @@ px_gen_salt(const char *salt_type, char *buf, int rounds)
return strlen(p);
}

10
contrib/pgcrypto/px-crypt.h
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.h,v 1.8 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.h,v 1.9 2005/10/15 02:49:06 momjian Exp $
*/
#ifndef _PX_CRYPT_H
@ -65,13 +65,13 @@ extern char px_crypt_a64[];
/* crypt-gensalt.c */
char *_crypt_gensalt_traditional_rn(unsigned long count,
const char *input, int size, char *output, int output_size);
const char *input, int size, char *output, int output_size);
char *_crypt_gensalt_extended_rn(unsigned long count,
const char *input, int size, char *output, int output_size);
const char *input, int size, char *output, int output_size);
char *_crypt_gensalt_md5_rn(unsigned long count,
const char *input, int size, char *output, int output_size);
const char *input, int size, char *output, int output_size);
char *_crypt_gensalt_blowfish_rn(unsigned long count,
const char *input, int size, char *output, int output_size);
const char *input, int size, char *output, int output_size);
/* disable 'extended DES crypt' */
/* #define DISABLE_XDES */

34
contrib/pgcrypto/px.c
View File

@ -26,15 +26,16 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.14 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.15 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
#include "px.h"
struct error_desc {
int err;
struct error_desc
{
int err;
const char *desc;
};
@ -67,14 +68,14 @@ static const struct error_desc px_err_list[] = {
{PXE_PGP_UNEXPECTED_PKT, "Unexpected packet in key data"},
{PXE_PGP_NO_BIGNUM,
"public-key functions disabled - "
"pgcrypto needs OpenSSL for bignums"},
"pgcrypto needs OpenSSL for bignums"},
{PXE_PGP_MATH_FAILED, "Math operation failed"},
{PXE_PGP_SHORT_ELGAMAL_KEY, "Elgamal keys must be at least 1024 bits long"},
{PXE_PGP_RSA_UNSUPPORTED, "pgcrypto does not support RSA keys"},
{PXE_PGP_UNKNOWN_PUBALGO, "Unknown public-key encryption algorithm"},
{PXE_PGP_WRONG_KEY, "Wrong key"},
{PXE_PGP_MULTIPLE_KEYS,
"Several keys given - pgcrypto does not handle keyring"},
"Several keys given - pgcrypto does not handle keyring"},
{PXE_PGP_EXPECT_PUBLIC_KEY, "Refusing to encrypt with secret key"},
{PXE_PGP_EXPECT_SECRET_KEY, "Cannot decrypt with public key"},
{PXE_PGP_NOT_V4_KEYPKT, "Only V4 key packets are supported"},
@ -87,13 +88,15 @@ static const struct error_desc px_err_list[] = {
/* fake this as PXE_PGP_CORRUPT_DATA */
{PXE_MBUF_SHORT_READ, "Corrupt data"},
{0, NULL},
};
const char *px_strerror(int err)
const char *
px_strerror(int err)
{
const struct error_desc *e;
for (e = px_err_list; e->desc; e++)
if (e->err == err)
return e->desc;
@ -113,19 +116,24 @@ px_resolve_alias(const PX_Alias * list, const char *name)
return name;
}
static void (*debug_handler)(const char *) = NULL;
static void (*debug_handler) (const char *) = NULL;
void px_set_debug_handler(void (*handler)(const char *))
void
px_set_debug_handler(void (*handler) (const char *))
{
debug_handler = handler;
}
void px_debug(const char *fmt, ...)
void
px_debug(const char *fmt,...)
{
va_list ap;
va_list ap;
va_start(ap, fmt);
if (debug_handler) {
char buf[512];
if (debug_handler)
{
char buf[512];
vsnprintf(buf, sizeof(buf), fmt, ap);
debug_handler(buf);
}

23
contrib/pgcrypto/px.h
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.15 2005/08/13 02:06:20 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.16 2005/10/15 02:49:06 momjian Exp $
*/
#ifndef __PX_H
@ -90,12 +90,12 @@ void px_free(void *p);
#define PXE_PGP_CORRUPT_DATA -100
#define PXE_PGP_CORRUPT_ARMOR -101
#define PXE_PGP_UNSUPPORTED_COMPR -102
#define PXE_PGP_UNSUPPORTED_CIPHER -103
#define PXE_PGP_UNSUPPORTED_HASH -104
#define PXE_PGP_COMPRESSION_ERROR -105
#define PXE_PGP_NOT_TEXT -106
#define PXE_PGP_UNEXPECTED_PKT -107
#define PXE_PGP_UNSUPPORTED_COMPR -102
#define PXE_PGP_UNSUPPORTED_CIPHER -103
#define PXE_PGP_UNSUPPORTED_HASH -104
#define PXE_PGP_COMPRESSION_ERROR -105
#define PXE_PGP_NOT_TEXT -106
#define PXE_PGP_UNEXPECTED_PKT -107
#define PXE_PGP_NO_BIGNUM -108
#define PXE_PGP_MATH_FAILED -109
#define PXE_PGP_SHORT_ELGAMAL_KEY -110
@ -110,7 +110,7 @@ void px_free(void *p);
#define PXE_PGP_NO_USABLE_KEY -119
#define PXE_PGP_NEED_SECRET_PSW -120
#define PXE_PGP_BAD_S2K_MODE -121
#define PXE_PGP_UNSUPPORTED_PUBALGO -122
#define PXE_PGP_UNSUPPORTED_PUBALGO -122
#define PXE_PGP_MULTIPLE_SUBKEYS -123
@ -132,7 +132,7 @@ struct px_digest
union
{
unsigned code;
void *ptr;
void *ptr;
} p;
};
@ -207,9 +207,10 @@ const char *px_strerror(int err);
const char *px_resolve_alias(const PX_Alias * aliases, const char *name);
void px_set_debug_handler(void (*handler)(const char *));
void px_set_debug_handler(void (*handler) (const char *));
#ifdef PX_DEBUG
void px_debug(const char *fmt, ...);
void px_debug(const char *fmt,...);
#else
#define px_debug(...)
#endif

57
contrib/pgcrypto/random.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.15 2005/07/18 17:09:01 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.16 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -95,7 +95,6 @@ try_dev_random(uint8 *dst)
dst += res;
return dst;
}
#endif
/*
@ -111,22 +110,23 @@ try_dev_random(uint8 *dst)
/*
* this function is from libtomcrypt
*
*
* try to use Microsoft crypto API
*/
static uint8 * try_win32_genrand(uint8 *dst)
static uint8 *
try_win32_genrand(uint8 *dst)
{
int res;
HCRYPTPROV h = 0;
int res;
HCRYPTPROV h = 0;
res = CryptAcquireContext(&h, NULL, MS_DEF_PROV, PROV_RSA_FULL,
(CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET));
(CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET));
if (!res)
res = CryptAcquireContext(&h, NULL, MS_DEF_PROV, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET | CRYPT_NEWKEYSET);
CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET | CRYPT_NEWKEYSET);
if (!res)
return dst;
res = CryptGenRandom(h, RND_BYTES, dst);
if (res == TRUE)
dst += RND_BYTES;
@ -135,9 +135,10 @@ static uint8 * try_win32_genrand(uint8 *dst)
return dst;
}
static uint8 * try_win32_perfc(uint8 *dst)
static uint8 *
try_win32_perfc(uint8 *dst)
{
int res;
int res;
LARGE_INTEGER time;
res = QueryPerformanceCounter(&time);
@ -147,8 +148,7 @@ static uint8 * try_win32_perfc(uint8 *dst)
memcpy(dst, &time, sizeof(time));
return dst + sizeof(time);
}
#endif /* WIN32 */
#endif /* WIN32 */
/*
@ -174,33 +174,34 @@ static uint8 * try_win32_perfc(uint8 *dst)
static uint8 *
try_unix_std(uint8 *dst)
{
pid_t pid;
int x;
PX_MD *md;
pid_t pid;
int x;
PX_MD *md;
struct timeval tv;
int res;
int res;
/* process id */
pid = getpid();
memcpy(dst, (uint8*)&pid, sizeof(pid));
memcpy(dst, (uint8 *) &pid, sizeof(pid));
dst += sizeof(pid);
/* time */
gettimeofday(&tv, NULL);
memcpy(dst, (uint8*)&tv, sizeof(tv));
memcpy(dst, (uint8 *) &tv, sizeof(tv));
dst += sizeof(tv);
/* pointless, but should not hurt */
x = random();
memcpy(dst, (uint8*)&x, sizeof(x));
memcpy(dst, (uint8 *) &x, sizeof(x));
dst += sizeof(x);
/* let's be desperate */
res = px_find_digest("sha1", &md);
if (res >= 0) {
uint8 *ptr;
uint8 stack[8192];
int alloc = 32*1024;
if (res >= 0)
{
uint8 *ptr;
uint8 stack[8192];
int alloc = 32 * 1024;
px_md_update(md, stack, sizeof(stack));
ptr = px_alloc(alloc);
@ -215,7 +216,6 @@ try_unix_std(uint8 *dst)
return dst;
}
#endif
/*
@ -223,9 +223,11 @@ try_unix_std(uint8 *dst)
*
* dst should have room for 1024 bytes.
*/
unsigned px_acquire_system_randomness(uint8 *dst)
unsigned
px_acquire_system_randomness(uint8 *dst)
{
uint8 *p = dst;
uint8 *p = dst;
#ifdef TRY_DEV_RANDOM
p = try_dev_random(p);
#endif
@ -240,4 +242,3 @@ unsigned px_acquire_system_randomness(uint8 *dst)
#endif
return p - dst;
}

4
contrib/pgcrypto/rijndael.c
View File

@ -1,6 +1,6 @@
/* $OpenBSD: rijndael.c,v 1.6 2000/12/09 18:51:34 markus Exp $ */
/* $PostgreSQL: pgsql/contrib/pgcrypto/rijndael.c,v 1.11 2005/07/11 15:07:59 tgl Exp $ */
/* $PostgreSQL: pgsql/contrib/pgcrypto/rijndael.c,v 1.12 2005/10/15 02:49:06 momjian Exp $ */
/* This is an independent implementation of the encryption algorithm: */
/* */
@ -91,7 +91,6 @@ static void gen_tabs(void);
#include "rijndael.tbl"
#define tab_gen 1
#else /* !PRE_CALC_TABLES */
static u1byte pow_tab[256];
@ -143,7 +142,6 @@ static u4byte tab_gen = 0;
il_tab[1][byte((bi)[((n) + 3) & 3],1)] ^ \
il_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \
il_tab[3][byte((bi)[((n) + 1) & 3],3)] ^ *((k) + (n))
#else
#define ls_box(x) \

477
contrib/pgcrypto/sha2.c
View File

@ -3,7 +3,7 @@
/*
* FILE: sha2.c
* AUTHOR: Aaron D. Gifford <me@aarongifford.com>
*
*
* Copyright (c) 2000-2001, Aaron D. Gifford
* All rights reserved.
*
@ -11,18 +11,18 @@
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the copyright holder nor the names of contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
@ -33,7 +33,7 @@
*
* $From: sha2.c,v 1.1 2001/11/08 00:01:51 adg Exp adg $
*
* $PostgreSQL: pgsql/contrib/pgcrypto/sha2.c,v 1.4 2005/07/12 20:27:42 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/sha2.c,v 1.5 2005/10/15 02:49:06 momjian Exp $
*/
#include "postgres.h"
@ -48,11 +48,11 @@
* loop version for the hash transform rounds (defined using macros
* later in this file). Either define on the command line, for example:
*
* cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c
* cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c
*
* or define below:
*
* #define SHA2_UNROLL_TRANSFORM
* #define SHA2_UNROLL_TRANSFORM
*
*/
@ -69,16 +69,16 @@
* If your system does not define the above, then you can do so by
* hand like this:
*
* #define LITTLE_ENDIAN 1234
* #define BIG_ENDIAN 4321
* #define LITTLE_ENDIAN 1234
* #define BIG_ENDIAN 4321
*
* And for little-endian machines, add:
*
* #define BYTE_ORDER LITTLE_ENDIAN
* #define BYTE_ORDER LITTLE_ENDIAN
*
* Or for big-endian machines:
*
* #define BYTE_ORDER BIG_ENDIAN
* #define BYTE_ORDER BIG_ENDIAN
*
* The FreeBSD machine this was written on defines BYTE_ORDER
* appropriately by including <sys/types.h> (which in turn includes
@ -108,11 +108,11 @@
uint64 tmp = (w); \
tmp = (tmp >> 32) | (tmp << 32); \
tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \
((tmp & 0x00ff00ff00ff00ffULL) << 8); \
((tmp & 0x00ff00ff00ff00ffULL) << 8); \
(x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \
((tmp & 0x0000ffff0000ffffULL) << 16); \
((tmp & 0x0000ffff0000ffffULL) << 16); \
}
#endif /* BYTE_ORDER == LITTLE_ENDIAN */
#endif /* BYTE_ORDER == LITTLE_ENDIAN */
/*
* Macro for incrementally adding the unsigned 64-bit integer n to the
@ -130,13 +130,13 @@
/*
* Bit shifting and rotation (used by the six SHA-XYZ logical functions:
*
* NOTE: The naming of R and S appears backwards here (R is a SHIFT and
* S is a ROTATION) because the SHA-256/384/512 description document
* (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this
* same "backwards" definition.
* NOTE: The naming of R and S appears backwards here (R is a SHIFT and
* S is a ROTATION) because the SHA-256/384/512 description document
* (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this
* same "backwards" definition.
*/
/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */
#define R(b,x) ((x) >> (b))
#define R(b,x) ((x) >> (b))
/* 32-bit Rotate-right (used in SHA-256): */
#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b))))
/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */
@ -163,9 +163,9 @@
* library -- they are intended for private internal visibility/use
* only.
*/
void SHA512_Last(SHA512_CTX *);
void SHA256_Transform(SHA256_CTX *, const uint8 *);
void SHA512_Transform(SHA512_CTX *, const uint8 *);
void SHA512_Last(SHA512_CTX *);
void SHA256_Transform(SHA256_CTX *, const uint8 *);
void SHA512_Transform(SHA512_CTX *, const uint8 *);
/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
@ -272,7 +272,7 @@ static const uint64 sha512_initial_hash_value[8] = {
/*** SHA-256: *********************************************************/
void
SHA256_Init(SHA256_CTX *context)
SHA256_Init(SHA256_CTX * context)
{
if (context == NULL)
return;
@ -285,36 +285,46 @@ SHA256_Init(SHA256_CTX *context)
/* Unrolled SHA-256 round macros: */
#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) do { \
W256[j] = (uint32)data[3] | ((uint32)data[2] << 8) | \
((uint32)data[1] << 16) | ((uint32)data[0] << 24); \
data += 4; \
#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) do { \
W256[j] = (uint32)data[3] | ((uint32)data[2] << 8) | \
((uint32)data[1] << 16) | ((uint32)data[0] << 24); \
data += 4; \
T1 = (h) + Sigma1_256((e)) + Ch((e), (f), (g)) + K256[j] + W256[j]; \
(d) += T1; \
(h) = T1 + Sigma0_256((a)) + Maj((a), (b), (c)); \
j++; \
(d) += T1; \
(h) = T1 + Sigma0_256((a)) + Maj((a), (b), (c)); \
j++; \
} while(0)
#define ROUND256(a,b,c,d,e,f,g,h) do { \
s0 = W256[(j+1)&0x0f]; \
s0 = sigma0_256(s0); \
s1 = W256[(j+14)&0x0f]; \
s1 = sigma1_256(s1); \
T1 = (h) + Sigma1_256((e)) + Ch((e), (f), (g)) + K256[j] + \
(W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \
(d) += T1; \
(h) = T1 + Sigma0_256((a)) + Maj((a), (b), (c)); \
j++; \
#define ROUND256(a,b,c,d,e,f,g,h) do { \
s0 = W256[(j+1)&0x0f]; \
s0 = sigma0_256(s0); \
s1 = W256[(j+14)&0x0f]; \
s1 = sigma1_256(s1); \
T1 = (h) + Sigma1_256((e)) + Ch((e), (f), (g)) + K256[j] + \
(W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \
(d) += T1; \
(h) = T1 + Sigma0_256((a)) + Maj((a), (b), (c)); \
j++; \
} while(0)
void
SHA256_Transform(SHA256_CTX *context, const uint8 *data)
SHA256_Transform(SHA256_CTX * context, const uint8 *data)
{
uint32 a, b, c, d, e, f, g, h, s0, s1;
uint32 T1, *W256;
int j;
uint32 a,
b,
c,
d,
e,
f,
g,
h,
s0,
s1;
uint32 T1,
*W256;
int j;
W256 = (uint32 *)context->buffer;
W256 = (uint32 *) context->buffer;
/* Initialize registers with the prev. intermediate value */
a = context->state[0];
@ -327,28 +337,30 @@ SHA256_Transform(SHA256_CTX *context, const uint8 *data)
h = context->state[7];
j = 0;
do {
do
{
/* Rounds 0 to 15 (unrolled): */
ROUND256_0_TO_15(a,b,c,d,e,f,g,h);
ROUND256_0_TO_15(h,a,b,c,d,e,f,g);
ROUND256_0_TO_15(g,h,a,b,c,d,e,f);
ROUND256_0_TO_15(f,g,h,a,b,c,d,e);
ROUND256_0_TO_15(e,f,g,h,a,b,c,d);
ROUND256_0_TO_15(d,e,f,g,h,a,b,c);
ROUND256_0_TO_15(c,d,e,f,g,h,a,b);
ROUND256_0_TO_15(b,c,d,e,f,g,h,a);
ROUND256_0_TO_15(a, b, c, d, e, f, g, h);
ROUND256_0_TO_15(h, a, b, c, d, e, f, g);
ROUND256_0_TO_15(g, h, a, b, c, d, e, f);
ROUND256_0_TO_15(f, g, h, a, b, c, d, e);
ROUND256_0_TO_15(e, f, g, h, a, b, c, d);
ROUND256_0_TO_15(d, e, f, g, h, a, b, c);
ROUND256_0_TO_15(c, d, e, f, g, h, a, b);
ROUND256_0_TO_15(b, c, d, e, f, g, h, a);
} while (j < 16);
/* Now for the remaining rounds to 64: */
do {
ROUND256(a,b,c,d,e,f,g,h);
ROUND256(h,a,b,c,d,e,f,g);
ROUND256(g,h,a,b,c,d,e,f);
ROUND256(f,g,h,a,b,c,d,e);
ROUND256(e,f,g,h,a,b,c,d);
ROUND256(d,e,f,g,h,a,b,c);
ROUND256(c,d,e,f,g,h,a,b);
ROUND256(b,c,d,e,f,g,h,a);
do
{
ROUND256(a, b, c, d, e, f, g, h);
ROUND256(h, a, b, c, d, e, f, g);
ROUND256(g, h, a, b, c, d, e, f);
ROUND256(f, g, h, a, b, c, d, e);
ROUND256(e, f, g, h, a, b, c, d);
ROUND256(d, e, f, g, h, a, b, c);
ROUND256(c, d, e, f, g, h, a, b);
ROUND256(b, c, d, e, f, g, h, a);
} while (j < 64);
/* Compute the current intermediate hash value */
@ -364,17 +376,27 @@ SHA256_Transform(SHA256_CTX *context, const uint8 *data)
/* Clean up */
a = b = c = d = e = f = g = h = T1 = 0;
}
#else /* SHA2_UNROLL_TRANSFORM */
#else /* SHA2_UNROLL_TRANSFORM */
void
SHA256_Transform(SHA256_CTX *context, const uint8 *data)
SHA256_Transform(SHA256_CTX * context, const uint8 *data)
{
uint32 a, b, c, d, e, f, g, h, s0, s1;
uint32 T1, T2, *W256;
int j;
uint32 a,
b,
c,
d,
e,
f,
g,
h,
s0,
s1;
uint32 T1,
T2,
*W256;
int j;
W256 = (uint32 *)context->buffer;
W256 = (uint32 *) context->buffer;
/* Initialize registers with the prev. intermediate value */
a = context->state[0];
@ -387,9 +409,10 @@ SHA256_Transform(SHA256_CTX *context, const uint8 *data)
h = context->state[7];
j = 0;
do {
W256[j] = (uint32)data[3] | ((uint32)data[2] << 8) |
((uint32)data[1] << 16) | ((uint32)data[0] << 24);
do
{
W256[j] = (uint32) data[3] | ((uint32) data[2] << 8) |
((uint32) data[1] << 16) | ((uint32) data[0] << 24);
data += 4;
/* Apply the SHA-256 compression function to update a..h */
T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
@ -406,16 +429,17 @@ SHA256_Transform(SHA256_CTX *context, const uint8 *data)
j++;
} while (j < 16);
do {
do
{
/* Part of the message block expansion: */
s0 = W256[(j+1)&0x0f];
s0 = W256[(j + 1) & 0x0f];
s0 = sigma0_256(s0);
s1 = W256[(j+14)&0x0f];
s1 = W256[(j + 14) & 0x0f];
s1 = sigma1_256(s1);
/* Apply the SHA-256 compression function to update a..h */
T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
(W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0);
T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
(W256[j & 0x0f] += s1 + W256[(j + 9) & 0x0f] + s0);
T2 = Sigma0_256(a) + Maj(a, b, c);
h = g;
g = f;
@ -442,31 +466,35 @@ SHA256_Transform(SHA256_CTX *context, const uint8 *data)
/* Clean up */
a = b = c = d = e = f = g = h = T1 = T2 = 0;
}
#endif /* SHA2_UNROLL_TRANSFORM */
#endif /* SHA2_UNROLL_TRANSFORM */
void
SHA256_Update(SHA256_CTX *context, const uint8 *data, size_t len)
SHA256_Update(SHA256_CTX * context, const uint8 *data, size_t len)
{
size_t freespace, usedspace;
size_t freespace,
usedspace;
/* Calling with no data is valid (we do nothing) */
if (len == 0)
return;
usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH;
if (usedspace > 0) {
if (usedspace > 0)
{
/* Calculate how much free space is available in the buffer */
freespace = SHA256_BLOCK_LENGTH - usedspace;
if (len >= freespace) {
if (len >= freespace)
{
/* Fill the buffer completely and process it */
memcpy(&context->buffer[usedspace], data, freespace);
context->bitcount += freespace << 3;
len -= freespace;
data += freespace;
SHA256_Transform(context, context->buffer);
} else {
}
else
{
/* The buffer is not yet full */
memcpy(&context->buffer[usedspace], data, len);
context->bitcount += len << 3;
@ -475,14 +503,16 @@ SHA256_Update(SHA256_CTX *context, const uint8 *data, size_t len)
return;
}
}
while (len >= SHA256_BLOCK_LENGTH) {
while (len >= SHA256_BLOCK_LENGTH)
{
/* Process as many complete blocks as we can */
SHA256_Transform(context, data);
context->bitcount += SHA256_BLOCK_LENGTH << 3;
len -= SHA256_BLOCK_LENGTH;
data += SHA256_BLOCK_LENGTH;
}
if (len > 0) {
if (len > 0)
{
/* There's left-overs, so save 'em */
memcpy(context->buffer, data, len);
context->bitcount += len << 3;
@ -492,26 +522,32 @@ SHA256_Update(SHA256_CTX *context, const uint8 *data, size_t len)
}
void
SHA256_Final(uint8 digest[], SHA256_CTX *context)
SHA256_Final(uint8 digest[], SHA256_CTX * context)
{
unsigned int usedspace;
unsigned int usedspace;
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
if (digest != NULL)
{
usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH;
#if BYTE_ORDER == LITTLE_ENDIAN
/* Convert FROM host byte order */
REVERSE64(context->bitcount,context->bitcount);
REVERSE64(context->bitcount, context->bitcount);
#endif
if (usedspace > 0) {
if (usedspace > 0)
{
/* Begin padding with a 1 bit: */
context->buffer[usedspace++] = 0x80;
if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) {
if (usedspace <= SHA256_SHORT_BLOCK_LENGTH)
{
/* Set-up for the last transform: */
memset(&context->buffer[usedspace], 0, SHA256_SHORT_BLOCK_LENGTH - usedspace);
} else {
if (usedspace < SHA256_BLOCK_LENGTH) {
}
else
{
if (usedspace < SHA256_BLOCK_LENGTH)
{
memset(&context->buffer[usedspace], 0, SHA256_BLOCK_LENGTH - usedspace);
}
/* Do second-to-last transform: */
@ -520,7 +556,9 @@ SHA256_Final(uint8 digest[], SHA256_CTX *context)
/* And set-up for the last transform: */
memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH);
}
} else {
}
else
{
/* Set-up for the last transform: */
memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH);
@ -528,7 +566,7 @@ SHA256_Final(uint8 digest[], SHA256_CTX *context)
*context->buffer = 0x80;
}
/* Set the bit count: */
*(uint64 *)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
*(uint64 *) &context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
/* Final transform: */
SHA256_Transform(context, context->buffer);
@ -536,9 +574,11 @@ SHA256_Final(uint8 digest[], SHA256_CTX *context)
#if BYTE_ORDER == LITTLE_ENDIAN
{
/* Convert TO host byte order */
int j;
for (j = 0; j < 8; j++) {
REVERSE32(context->state[j],context->state[j]);
int j;
for (j = 0; j < 8; j++)
{
REVERSE32(context->state[j], context->state[j]);
}
}
#endif
@ -553,50 +593,60 @@ SHA256_Final(uint8 digest[], SHA256_CTX *context)
/*** SHA-512: *********************************************************/
void
SHA512_Init(SHA512_CTX *context)
SHA512_Init(SHA512_CTX * context)
{
if (context == NULL)
return;
memcpy(context->state, sha512_initial_hash_value, SHA512_DIGEST_LENGTH);
memset(context->buffer, 0, SHA512_BLOCK_LENGTH);
context->bitcount[0] = context->bitcount[1] = 0;
context->bitcount[0] = context->bitcount[1] = 0;
}
#ifdef SHA2_UNROLL_TRANSFORM
/* Unrolled SHA-512 round macros: */
#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) do { \
W512[j] = (uint64)data[7] | ((uint64)data[6] << 8) | \
((uint64)data[5] << 16) | ((uint64)data[4] << 24) | \
((uint64)data[3] << 32) | ((uint64)data[2] << 40) | \
((uint64)data[1] << 48) | ((uint64)data[0] << 56); \
data += 8; \
#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) do { \
W512[j] = (uint64)data[7] | ((uint64)data[6] << 8) | \
((uint64)data[5] << 16) | ((uint64)data[4] << 24) | \
((uint64)data[3] << 32) | ((uint64)data[2] << 40) | \
((uint64)data[1] << 48) | ((uint64)data[0] << 56); \
data += 8; \
T1 = (h) + Sigma1_512((e)) + Ch((e), (f), (g)) + K512[j] + W512[j]; \
(d) += T1; \
(h) = T1 + Sigma0_512((a)) + Maj((a), (b), (c)); \
j++; \
(d) += T1; \
(h) = T1 + Sigma0_512((a)) + Maj((a), (b), (c)); \
j++; \
} while(0)
#define ROUND512(a,b,c,d,e,f,g,h) do { \
s0 = W512[(j+1)&0x0f]; \
s0 = sigma0_512(s0); \
s1 = W512[(j+14)&0x0f]; \
s1 = sigma1_512(s1); \
T1 = (h) + Sigma1_512((e)) + Ch((e), (f), (g)) + K512[j] + \
(W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \
(d) += T1; \
(h) = T1 + Sigma0_512((a)) + Maj((a), (b), (c)); \
j++; \
#define ROUND512(a,b,c,d,e,f,g,h) do { \
s0 = W512[(j+1)&0x0f]; \
s0 = sigma0_512(s0); \
s1 = W512[(j+14)&0x0f]; \
s1 = sigma1_512(s1); \
T1 = (h) + Sigma1_512((e)) + Ch((e), (f), (g)) + K512[j] + \
(W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \
(d) += T1; \
(h) = T1 + Sigma0_512((a)) + Maj((a), (b), (c)); \
j++; \
} while(0)
void
SHA512_Transform(SHA512_CTX *context, const uint8 *data)
SHA512_Transform(SHA512_CTX * context, const uint8 *data)
{
uint64 a, b, c, d, e, f, g, h, s0, s1;
uint64 T1, *W512 = (uint64 *)context->buffer;
int j;
uint64 a,
b,
c,
d,
e,
f,
g,
h,
s0,
s1;
uint64 T1,
*W512 = (uint64 *) context->buffer;
int j;
/* Initialize registers with the prev. intermediate value */
a = context->state[0];
@ -609,27 +659,29 @@ SHA512_Transform(SHA512_CTX *context, const uint8 *data)
h = context->state[7];
j = 0;
do {
ROUND512_0_TO_15(a,b,c,d,e,f,g,h);
ROUND512_0_TO_15(h,a,b,c,d,e,f,g);
ROUND512_0_TO_15(g,h,a,b,c,d,e,f);
ROUND512_0_TO_15(f,g,h,a,b,c,d,e);
ROUND512_0_TO_15(e,f,g,h,a,b,c,d);
ROUND512_0_TO_15(d,e,f,g,h,a,b,c);
ROUND512_0_TO_15(c,d,e,f,g,h,a,b);
ROUND512_0_TO_15(b,c,d,e,f,g,h,a);
do
{
ROUND512_0_TO_15(a, b, c, d, e, f, g, h);
ROUND512_0_TO_15(h, a, b, c, d, e, f, g);
ROUND512_0_TO_15(g, h, a, b, c, d, e, f);
ROUND512_0_TO_15(f, g, h, a, b, c, d, e);
ROUND512_0_TO_15(e, f, g, h, a, b, c, d);
ROUND512_0_TO_15(d, e, f, g, h, a, b, c);
ROUND512_0_TO_15(c, d, e, f, g, h, a, b);
ROUND512_0_TO_15(b, c, d, e, f, g, h, a);
} while (j < 16);
/* Now for the remaining rounds up to 79: */
do {
ROUND512(a,b,c,d,e,f,g,h);
ROUND512(h,a,b,c,d,e,f,g);
ROUND512(g,h,a,b,c,d,e,f);
ROUND512(f,g,h,a,b,c,d,e);
ROUND512(e,f,g,h,a,b,c,d);
ROUND512(d,e,f,g,h,a,b,c);
ROUND512(c,d,e,f,g,h,a,b);
ROUND512(b,c,d,e,f,g,h,a);
do
{
ROUND512(a, b, c, d, e, f, g, h);
ROUND512(h, a, b, c, d, e, f, g);
ROUND512(g, h, a, b, c, d, e, f);
ROUND512(f, g, h, a, b, c, d, e);
ROUND512(e, f, g, h, a, b, c, d);
ROUND512(d, e, f, g, h, a, b, c);
ROUND512(c, d, e, f, g, h, a, b);
ROUND512(b, c, d, e, f, g, h, a);
} while (j < 80);
/* Compute the current intermediate hash value */
@ -645,15 +697,25 @@ SHA512_Transform(SHA512_CTX *context, const uint8 *data)
/* Clean up */
a = b = c = d = e = f = g = h = T1 = 0;
}
#else /* SHA2_UNROLL_TRANSFORM */
#else /* SHA2_UNROLL_TRANSFORM */
void
SHA512_Transform(SHA512_CTX *context, const uint8 *data)
SHA512_Transform(SHA512_CTX * context, const uint8 *data)
{
uint64 a, b, c, d, e, f, g, h, s0, s1;
uint64 T1, T2, *W512 = (uint64 *)context->buffer;
int j;
uint64 a,
b,
c,
d,
e,
f,
g,
h,
s0,
s1;
uint64 T1,
T2,
*W512 = (uint64 *) context->buffer;
int j;
/* Initialize registers with the prev. intermediate value */
a = context->state[0];
@ -666,11 +728,12 @@ SHA512_Transform(SHA512_CTX *context, const uint8 *data)
h = context->state[7];
j = 0;
do {
W512[j] = (uint64)data[7] | ((uint64)data[6] << 8) |
((uint64)data[5] << 16) | ((uint64)data[4] << 24) |
((uint64)data[3] << 32) | ((uint64)data[2] << 40) |
((uint64)data[1] << 48) | ((uint64)data[0] << 56);
do
{
W512[j] = (uint64) data[7] | ((uint64) data[6] << 8) |
((uint64) data[5] << 16) | ((uint64) data[4] << 24) |
((uint64) data[3] << 32) | ((uint64) data[2] << 40) |
((uint64) data[1] << 48) | ((uint64) data[0] << 56);
data += 8;
/* Apply the SHA-512 compression function to update a..h */
T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
@ -687,16 +750,17 @@ SHA512_Transform(SHA512_CTX *context, const uint8 *data)
j++;
} while (j < 16);
do {
do
{
/* Part of the message block expansion: */
s0 = W512[(j+1)&0x0f];
s0 = W512[(j + 1) & 0x0f];
s0 = sigma0_512(s0);
s1 = W512[(j+14)&0x0f];
s1 = sigma1_512(s1);
s1 = W512[(j + 14) & 0x0f];
s1 = sigma1_512(s1);
/* Apply the SHA-512 compression function to update a..h */
T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
(W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0);
(W512[j & 0x0f] += s1 + W512[(j + 9) & 0x0f] + s0);
T2 = Sigma0_512(a) + Maj(a, b, c);
h = g;
g = f;
@ -723,31 +787,35 @@ SHA512_Transform(SHA512_CTX *context, const uint8 *data)
/* Clean up */
a = b = c = d = e = f = g = h = T1 = T2 = 0;
}
#endif /* SHA2_UNROLL_TRANSFORM */
#endif /* SHA2_UNROLL_TRANSFORM */
void
SHA512_Update(SHA512_CTX *context, const uint8 *data, size_t len)
SHA512_Update(SHA512_CTX * context, const uint8 *data, size_t len)
{
size_t freespace, usedspace;
size_t freespace,
usedspace;
/* Calling with no data is valid (we do nothing) */
if (len == 0)
return;
usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
if (usedspace > 0) {
if (usedspace > 0)
{
/* Calculate how much free space is available in the buffer */
freespace = SHA512_BLOCK_LENGTH - usedspace;
if (len >= freespace) {
if (len >= freespace)
{
/* Fill the buffer completely and process it */
memcpy(&context->buffer[usedspace], data, freespace);
ADDINC128(context->bitcount, freespace << 3);
len -= freespace;
data += freespace;
SHA512_Transform(context, context->buffer);
} else {
}
else
{
/* The buffer is not yet full */
memcpy(&context->buffer[usedspace], data, len);
ADDINC128(context->bitcount, len << 3);
@ -756,14 +824,16 @@ SHA512_Update(SHA512_CTX *context, const uint8 *data, size_t len)
return;
}
}
while (len >= SHA512_BLOCK_LENGTH) {
while (len >= SHA512_BLOCK_LENGTH)
{
/* Process as many complete blocks as we can */
SHA512_Transform(context, data);
ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
len -= SHA512_BLOCK_LENGTH;
data += SHA512_BLOCK_LENGTH;
}
if (len > 0) {
if (len > 0)
{
/* There's left-overs, so save 'em */
memcpy(context->buffer, data, len);
ADDINC128(context->bitcount, len << 3);
@ -773,25 +843,30 @@ SHA512_Update(SHA512_CTX *context, const uint8 *data, size_t len)
}
void
SHA512_Last(SHA512_CTX *context)
SHA512_Last(SHA512_CTX * context)
{
unsigned int usedspace;
unsigned int usedspace;
usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
#if BYTE_ORDER == LITTLE_ENDIAN
/* Convert FROM host byte order */
REVERSE64(context->bitcount[0],context->bitcount[0]);
REVERSE64(context->bitcount[1],context->bitcount[1]);
REVERSE64(context->bitcount[0], context->bitcount[0]);
REVERSE64(context->bitcount[1], context->bitcount[1]);
#endif
if (usedspace > 0) {
if (usedspace > 0)
{
/* Begin padding with a 1 bit: */
context->buffer[usedspace++] = 0x80;
if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) {
if (usedspace <= SHA512_SHORT_BLOCK_LENGTH)
{
/* Set-up for the last transform: */
memset(&context->buffer[usedspace], 0, SHA512_SHORT_BLOCK_LENGTH - usedspace);
} else {
if (usedspace < SHA512_BLOCK_LENGTH) {
}
else
{
if (usedspace < SHA512_BLOCK_LENGTH)
{
memset(&context->buffer[usedspace], 0, SHA512_BLOCK_LENGTH - usedspace);
}
/* Do second-to-last transform: */
@ -800,7 +875,9 @@ SHA512_Last(SHA512_CTX *context)
/* And set-up for the last transform: */
memset(context->buffer, 0, SHA512_BLOCK_LENGTH - 2);
}
} else {
}
else
{
/* Prepare for final transform: */
memset(context->buffer, 0, SHA512_SHORT_BLOCK_LENGTH);
@ -808,27 +885,30 @@ SHA512_Last(SHA512_CTX *context)
*context->buffer = 0x80;
}
/* Store the length of input data (in bits): */
*(uint64 *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
*(uint64 *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0];
*(uint64 *) &context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
*(uint64 *) &context->buffer[SHA512_SHORT_BLOCK_LENGTH + 8] = context->bitcount[0];
/* Final transform: */
SHA512_Transform(context, context->buffer);
}
void
SHA512_Final(uint8 digest[], SHA512_CTX *context)
SHA512_Final(uint8 digest[], SHA512_CTX * context)
{
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
if (digest != NULL)
{
SHA512_Last(context);
/* Save the hash data for output: */
#if BYTE_ORDER == LITTLE_ENDIAN
{
/* Convert TO host byte order */
int j;
for (j = 0; j < 8; j++) {
REVERSE64(context->state[j],context->state[j]);
int j;
for (j = 0; j < 8; j++)
{
REVERSE64(context->state[j], context->state[j]);
}
}
#endif
@ -842,7 +922,7 @@ SHA512_Final(uint8 digest[], SHA512_CTX *context)
/*** SHA-384: *********************************************************/
void
SHA384_Init(SHA384_CTX *context)
SHA384_Init(SHA384_CTX * context)
{
if (context == NULL)
return;
@ -852,25 +932,28 @@ SHA384_Init(SHA384_CTX *context)
}
void
SHA384_Update(SHA384_CTX *context, const uint8 *data, size_t len)
SHA384_Update(SHA384_CTX * context, const uint8 *data, size_t len)
{
SHA512_Update((SHA512_CTX *)context, data, len);
SHA512_Update((SHA512_CTX *) context, data, len);
}
void
SHA384_Final(uint8 digest[], SHA384_CTX *context)
SHA384_Final(uint8 digest[], SHA384_CTX * context)
{
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
SHA512_Last((SHA512_CTX *)context);
if (digest != NULL)
{
SHA512_Last((SHA512_CTX *) context);
/* Save the hash data for output: */
#if BYTE_ORDER == LITTLE_ENDIAN
{
/* Convert TO host byte order */
int j;
for (j = 0; j < 6; j++) {
REVERSE64(context->state[j],context->state[j]);
int j;
for (j = 0; j < 6; j++)
{
REVERSE64(context->state[j], context->state[j]);
}
}
#endif

66
contrib/pgcrypto/sha2.h
View File

@ -1,10 +1,10 @@
/* $PostgreSQL: pgsql/contrib/pgcrypto/sha2.h,v 1.1 2005/07/10 13:46:29 momjian Exp $ */
/* $PostgreSQL: pgsql/contrib/pgcrypto/sha2.h,v 1.2 2005/10/15 02:49:06 momjian Exp $ */
/* $OpenBSD: sha2.h,v 1.2 2004/04/28 23:11:57 millert Exp $ */
/*
* FILE: sha2.h
* AUTHOR: Aaron D. Gifford <me@aarongifford.com>
*
*
* Copyright (c) 2000-2001, Aaron D. Gifford
* All rights reserved.
*
@ -12,18 +12,18 @@
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the copyright holder nor the names of contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
@ -42,39 +42,41 @@
/*** SHA-256/384/512 Various Length Definitions ***********************/
#define SHA256_BLOCK_LENGTH 64
#define SHA256_DIGEST_LENGTH 32
#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1)
#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1)
#define SHA384_BLOCK_LENGTH 128
#define SHA384_DIGEST_LENGTH 48
#define SHA384_DIGEST_STRING_LENGTH (SHA384_DIGEST_LENGTH * 2 + 1)
#define SHA384_DIGEST_STRING_LENGTH (SHA384_DIGEST_LENGTH * 2 + 1)
#define SHA512_BLOCK_LENGTH 128
#define SHA512_DIGEST_LENGTH 64
#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1)
#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1)
/*** SHA-256/384/512 Context Structures *******************************/
typedef struct _SHA256_CTX {
uint32 state[8];
uint64 bitcount;
uint8 buffer[SHA256_BLOCK_LENGTH];
} SHA256_CTX;
typedef struct _SHA512_CTX {
uint64 state[8];
uint64 bitcount[2];
uint8 buffer[SHA512_BLOCK_LENGTH];
} SHA512_CTX;
typedef struct _SHA256_CTX
{
uint32 state[8];
uint64 bitcount;
uint8 buffer[SHA256_BLOCK_LENGTH];
} SHA256_CTX;
typedef struct _SHA512_CTX
{
uint64 state[8];
uint64 bitcount[2];
uint8 buffer[SHA512_BLOCK_LENGTH];
} SHA512_CTX;
typedef SHA512_CTX SHA384_CTX;
void SHA256_Init(SHA256_CTX *);
void SHA256_Update(SHA256_CTX *, const uint8 *, size_t);
void SHA256_Final(uint8[SHA256_DIGEST_LENGTH], SHA256_CTX *);
void SHA256_Init(SHA256_CTX *);
void SHA256_Update(SHA256_CTX *, const uint8 *, size_t);
void SHA256_Final(uint8[SHA256_DIGEST_LENGTH], SHA256_CTX *);
void SHA384_Init(SHA384_CTX *);
void SHA384_Update(SHA384_CTX *, const uint8 *, size_t);
void SHA384_Final(uint8[SHA384_DIGEST_LENGTH], SHA384_CTX *);
void SHA384_Init(SHA384_CTX *);
void SHA384_Update(SHA384_CTX *, const uint8 *, size_t);
void SHA384_Final(uint8[SHA384_DIGEST_LENGTH], SHA384_CTX *);
void SHA512_Init(SHA512_CTX *);
void SHA512_Update(SHA512_CTX *, const uint8 *, size_t);
void SHA512_Final(uint8[SHA512_DIGEST_LENGTH], SHA512_CTX *);
void SHA512_Init(SHA512_CTX *);
void SHA512_Update(SHA512_CTX *, const uint8 *, size_t);
void SHA512_Final(uint8[SHA512_DIGEST_LENGTH], SHA512_CTX *);
#endif /* _SHA2_H */
#endif /* _SHA2_H */