Improve some code around cryptohash functions

This adjusts some code related to recent changes for cryptohash functions: - Add a variable in md5.h to track down the size of a computed result, moved from pgcrypto. Note that pg_md5_hash() assumed a result of this size already. - Call explicit_bzero() on the hashed data when freeing the context for fallback implementations. For MD5, particularly, it would be annoying to leave some non-zeroed data around. - Clean up some code related to recent changes of uuid-ossp. .gitignore still included md5.c and a comment was incorrect. Discussion: https://postgr.es/m/X9HXKTgrvJvYO7Oh@paquier.xyz
2025-04-21 12:05:57 +03:00 · 2020-12-14 12:38:13 +09:00 · 2020-12-14 12:38:13 +09:00 · 9b584953e7
commit 9b584953e7
parent df9274adf3
6 changed files with 27 additions and 8 deletions
--- a/contrib/pgcrypto/internal.c
+++ b/contrib/pgcrypto/internal.c
@ -41,10 +41,6 @@
 #include "common/cryptohash.h"
 #include "common/md5.h"

-#ifndef MD5_DIGEST_LENGTH
-#define MD5_DIGEST_LENGTH 16
-#endif
-
 #ifndef SHA1_DIGEST_LENGTH
 #ifdef SHA1_RESULTLEN
 #define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
--- a/contrib/uuid-ossp/.gitignore
+++ b/contrib/uuid-ossp/.gitignore
@ -1,4 +1,3 @@
-/md5.c
 /sha1.c
 # Generated subdirectories
 /log/
--- a/contrib/uuid-ossp/uuid-ossp.c
+++ b/contrib/uuid-ossp/uuid-ossp.c
@ -41,8 +41,8 @@
 #undef uuid_hash

 /*
- * Some BSD variants offer md5 and sha1 implementations but Linux does not,
- * so we use a copy of the ones from pgcrypto.  Not needed with OSSP, though.
+ * Some BSD variants offer sha1 implementation but Linux does not, so we use
+ * a copy from pgcrypto.  Not needed with OSSP, though.
 */
 #ifndef HAVE_UUID_OSSP
 #include "sha1.h"
--- a/src/common/cryptohash.c
+++ b/src/common/cryptohash.c
@ -197,6 +197,26 @@ pg_cryptohash_free(pg_cryptohash_ctx *ctx)
 {
 	if (ctx == NULL)
 		return;
+
+	switch (ctx->type)
+	{
+		case PG_MD5:
+			explicit_bzero(ctx->data, sizeof(pg_md5_ctx));
+			break;
+		case PG_SHA224:
+			explicit_bzero(ctx->data, sizeof(pg_sha224_ctx));
+			break;
+		case PG_SHA256:
+			explicit_bzero(ctx->data, sizeof(pg_sha256_ctx));
+			break;
+		case PG_SHA384:
+			explicit_bzero(ctx->data, sizeof(pg_sha384_ctx));
+			break;
+		case PG_SHA512:
+			explicit_bzero(ctx->data, sizeof(pg_sha512_ctx));
+			break;
+	}
+
 	FREE(ctx->data);
 	explicit_bzero(ctx, sizeof(pg_cryptohash_ctx));
 	FREE(ctx);
--- a/src/common/md5_common.c
+++ b/src/common/md5_common.c
@ -69,7 +69,7 @@ bytesToHex(uint8 b[16], char *s)
 bool
 pg_md5_hash(const void *buff, size_t len, char *hexsum)
 {
-	uint8		sum[16];
+	uint8		sum[MD5_DIGEST_LENGTH];
 	pg_cryptohash_ctx *ctx;

 	ctx = pg_cryptohash_create(PG_MD5);
--- a/src/include/common/md5.h
+++ b/src/include/common/md5.h
@ -16,6 +16,10 @@
 #ifndef PG_MD5_H
 #define PG_MD5_H

+/* Size of result generated by MD5 computation */
+#define MD5_DIGEST_LENGTH 16
+
+/* password-related data */
 #define MD5_PASSWD_CHARSET	"0123456789abcdef"
 #define MD5_PASSWD_LEN	35