Big thanks to Solar Designer who pointed out a bug in bcrypt

salt generation code. He also urged using better random source and making possible to choose using bcrypt and xdes rounds more easily. So, here's patch: * For all salt generation, use Solar Designer's own code. This is mostly due fact that his code is more fit for get_random_bytes() style interface. * New function: gen_salt(type, rounds). This lets specify iteration count for algorithm. * random.c: px_get_random_bytes() function. Supported randomness soure: /dev/urandom, OpenSSL PRNG, libc random() Default: /dev/urandom. * Draft description of C API for pgcrypto functions. New files: API, crypt-gensalt.c, random.c Marko Kreen
2025-07-27 12:41:57 +03:00 · 2001-09-23 04:12:44 +00:00
parent b75814aee3
commit ab56022864
13 changed files with 627 additions and 134 deletions
--- a/contrib/pgcrypto/pgcrypto.h
+++ b/contrib/pgcrypto/pgcrypto.h
@ -26,7 +26,7 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- * $Id: pgcrypto.h,v 1.4 2001/08/21 00:42:41 momjian Exp $
+ * $Id: pgcrypto.h,v 1.5 2001/09/23 04:12:44 momjian Exp $
 */

 #ifndef _PG_CRYPTO_H
@ -38,6 +38,7 @@ Datum		pg_digest_exists(PG_FUNCTION_ARGS);
 Datum		pg_hmac(PG_FUNCTION_ARGS);
 Datum		pg_hmac_exists(PG_FUNCTION_ARGS);
 Datum		pg_gen_salt(PG_FUNCTION_ARGS);
+Datum		pg_gen_salt_rounds(PG_FUNCTION_ARGS);
 Datum		pg_crypt(PG_FUNCTION_ARGS);
 Datum		pg_encrypt(PG_FUNCTION_ARGS);
 Datum		pg_decrypt(PG_FUNCTION_ARGS);