Big thanks to Solar Designer who pointed out a bug in bcrypt

salt generation code. He also urged using better random source and making possible to choose using bcrypt and xdes rounds more easily. So, here's patch: * For all salt generation, use Solar Designer's own code. This is mostly due fact that his code is more fit for get_random_bytes() style interface. * New function: gen_salt(type, rounds). This lets specify iteration count for algorithm. * random.c: px_get_random_bytes() function. Supported randomness soure: /dev/urandom, OpenSSL PRNG, libc random() Default: /dev/urandom. * Draft description of C API for pgcrypto functions. New files: API, crypt-gensalt.c, random.c Marko Kreen
2025-07-28 23:42:10 +03:00 · 2001-09-23 04:12:44 +00:00
parent b75814aee3
commit ab56022864
13 changed files with 627 additions and 134 deletions
--- a/contrib/pgcrypto/px.h
+++ b/contrib/pgcrypto/px.h
@ -26,7 +26,7 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- * $Id: px.h,v 1.1 2001/08/21 01:32:01 momjian Exp $
+ * $Id: px.h,v 1.2 2001/09/23 04:12:44 momjian Exp $
 */

 #ifndef __PX_H
@ -133,6 +133,8 @@ int px_find_hmac(const char *name, PX_HMAC **res);
 int px_find_cipher(const char *name, PX_Cipher **res);
 int px_find_combo(const char *name, PX_Combo **res);

+int px_get_random_bytes(uint8 *dst, unsigned count);
+
 const char *px_resolve_alias(const PX_Alias *aliases, const char *name);

 #define px_md_result_size(md)		(md)->result_size(md)