crypt.h File Reference

#include "datatype/timestamp.h"

Include dependency graph for crypt.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs
typedef enum PasswordType	PasswordType

Enumerations
enum	PasswordType { PASSWORD_TYPE_PLAINTEXT = 0 , PASSWORD_TYPE_MD5 , PASSWORD_TYPE_SCRAM_SHA_256 }

Functions
PasswordType	get_password_type (const char *shadow_pass)
char *	encrypt_password (PasswordType target_type, const char *role, const char *password)
char *	get_role_password (const char *role, const char **logdetail)
int	md5_crypt_verify (const char *role, const char *shadow_pass, const char *client_pass, const char *md5_salt, int md5_salt_len, const char **logdetail)
int	plain_crypt_verify (const char *role, const char *shadow_pass, const char *client_pass, const char **logdetail)

Typedef Documentation

PasswordType

typedef enum PasswordType PasswordType

Enumeration Type Documentation

PasswordType

enum PasswordType

Enumerator
PASSWORD_TYPE_PLAINTEXT
PASSWORD_TYPE_MD5
PASSWORD_TYPE_SCRAM_SHA_256

Definition at line 27 of file crypt.h.

{
    PASSWORD_TYPE_PLAINTEXT = 0,
    PASSWORD_TYPE_MD5,
    PASSWORD_TYPE_SCRAM_SHA_256,
} PasswordType;

Function Documentation

encrypt_password()

char* encrypt_password	(	PasswordType	target_type,
		const char *	role,
		const char *	password
	)

Definition at line 115 of file crypt.c.

{
    PasswordType guessed_type = get_password_type(password);
    char       *encrypted_password;
    const char *errstr = NULL;
 
    if (guessed_type != PASSWORD_TYPE_PLAINTEXT)
    {
        /*
         * Cannot convert an already-encrypted password from one format to
         * another, so return it as it is.
         */
        return pstrdup(password);
    }
 
    switch (target_type)
    {
        case PASSWORD_TYPE_MD5:
            encrypted_password = palloc(MD5_PASSWD_LEN + 1);
 
            if (!pg_md5_encrypt(password, role, strlen(role),
                                encrypted_password, &errstr))
                elog(ERROR, "password encryption failed: %s", errstr);
            return encrypted_password;
 
        case PASSWORD_TYPE_SCRAM_SHA_256:
            return pg_be_scram_build_secret(password);
 
        case PASSWORD_TYPE_PLAINTEXT:
            elog(ERROR, "cannot encrypt password with 'plaintext'");
    }
 
    /*
     * This shouldn't happen, because the above switch statements should
     * handle every combination of source and target password types.
     */
    elog(ERROR, "cannot encrypt password to requested type");
    return NULL;                /* keep compiler quiet */
}

References elog, ERROR, get_password_type(), MD5_PASSWD_LEN, palloc(), password, PASSWORD_TYPE_MD5, PASSWORD_TYPE_PLAINTEXT, PASSWORD_TYPE_SCRAM_SHA_256, pg_be_scram_build_secret(), pg_md5_encrypt(), and pstrdup().

Referenced by AlterRole(), and CreateRole().

get_password_type()

PasswordType get_password_type

(

const char *

shadow_pass

)

Definition at line 88 of file crypt.c.

{
    char       *encoded_salt;
    int         iterations;
    int         key_length = 0;
    pg_cryptohash_type hash_type;
    uint8       stored_key[SCRAM_MAX_KEY_LEN];
    uint8       server_key[SCRAM_MAX_KEY_LEN];
 
    if (strncmp(shadow_pass, "md5", 3) == 0 &&
        strlen(shadow_pass) == MD5_PASSWD_LEN &&
        strspn(shadow_pass + 3, MD5_PASSWD_CHARSET) == MD5_PASSWD_LEN - 3)
        return PASSWORD_TYPE_MD5;
    if (parse_scram_secret(shadow_pass, &iterations, &hash_type, &key_length,
                           &encoded_salt, stored_key, server_key))
        return PASSWORD_TYPE_SCRAM_SHA_256;
    return PASSWORD_TYPE_PLAINTEXT;
}

References iterations, MD5_PASSWD_CHARSET, MD5_PASSWD_LEN, parse_scram_secret(), PASSWORD_TYPE_MD5, PASSWORD_TYPE_PLAINTEXT, PASSWORD_TYPE_SCRAM_SHA_256, and SCRAM_MAX_KEY_LEN.

Referenced by AlterRole(), CheckPWChallengeAuth(), CreateRole(), encrypt_password(), md5_crypt_verify(), plain_crypt_verify(), RenameRole(), and scram_init().

get_role_password()

char* get_role_password	(	const char *	role,
		const char **	logdetail
	)

Definition at line 36 of file crypt.c.

{
    TimestampTz vuntil = 0;
    HeapTuple   roleTup;
    Datum       datum;
    bool        isnull;
    char       *shadow_pass;
 
    /* Get role info from pg_authid */
    roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(role));
    if (!HeapTupleIsValid(roleTup))
    {
        *logdetail = psprintf(_("Role \"%s\" does not exist."),
                              role);
        return NULL;            /* no such user */
    }
 
    datum = SysCacheGetAttr(AUTHNAME, roleTup,
                            Anum_pg_authid_rolpassword, &isnull);
    if (isnull)
    {
        ReleaseSysCache(roleTup);
        *logdetail = psprintf(_("User \"%s\" has no password assigned."),
                              role);
        return NULL;            /* user has no password */
    }
    shadow_pass = TextDatumGetCString(datum);
 
    datum = SysCacheGetAttr(AUTHNAME, roleTup,
                            Anum_pg_authid_rolvaliduntil, &isnull);
    if (!isnull)
        vuntil = DatumGetTimestampTz(datum);
 
    ReleaseSysCache(roleTup);
 
    /*
     * Password OK, but check to be sure we are not past rolvaliduntil
     */
    if (!isnull && vuntil < GetCurrentTimestamp())
    {
        *logdetail = psprintf(_("User \"%s\" has an expired password."),
                              role);
        return NULL;
    }
 
    return shadow_pass;
}

References _, DatumGetTimestampTz(), GetCurrentTimestamp(), HeapTupleIsValid, PointerGetDatum(), psprintf(), ReleaseSysCache(), SearchSysCache1(), SysCacheGetAttr(), and TextDatumGetCString.

Referenced by CheckPasswordAuth(), and CheckPWChallengeAuth().

md5_crypt_verify()

int md5_crypt_verify	(	const char *	role,
		const char *	shadow_pass,
		const char *	client_pass,
		const char *	md5_salt,
		int	md5_salt_len,
		const char **	logdetail
	)

Definition at line 168 of file crypt.c.

{
    int         retval;
    char        crypt_pwd[MD5_PASSWD_LEN + 1];
    const char *errstr = NULL;
 
    Assert(md5_salt_len > 0);
 
    if (get_password_type(shadow_pass) != PASSWORD_TYPE_MD5)
    {
        /* incompatible password hash format. */
        *logdetail = psprintf(_("User \"%s\" has a password that cannot be used with MD5 authentication."),
                              role);
        return STATUS_ERROR;
    }
 
    /*
     * Compute the correct answer for the MD5 challenge.
     */
    /* stored password already encrypted, only do salt */
    if (!pg_md5_encrypt(shadow_pass + strlen("md5"),
                        md5_salt, md5_salt_len,
                        crypt_pwd, &errstr))
    {
        *logdetail = errstr;
        return STATUS_ERROR;
    }
 
    if (strcmp(client_pass, crypt_pwd) == 0)
        retval = STATUS_OK;
    else
    {
        *logdetail = psprintf(_("Password does not match for user \"%s\"."),
                              role);
        retval = STATUS_ERROR;
    }
 
    return retval;
}

References _, Assert, get_password_type(), MD5_PASSWD_LEN, PASSWORD_TYPE_MD5, pg_md5_encrypt(), psprintf(), STATUS_ERROR, and STATUS_OK.

Referenced by CheckMD5Auth().

plain_crypt_verify()

int plain_crypt_verify	(	const char *	role,
		const char *	shadow_pass,
		const char *	client_pass,
		const char **	logdetail
	)

Definition at line 222 of file crypt.c.

{
    char        crypt_client_pass[MD5_PASSWD_LEN + 1];
    const char *errstr = NULL;
 
    /*
     * Client sent password in plaintext.  If we have an MD5 hash stored, hash
     * the password the client sent, and compare the hashes.  Otherwise
     * compare the plaintext passwords directly.
     */
    switch (get_password_type(shadow_pass))
    {
        case PASSWORD_TYPE_SCRAM_SHA_256:
            if (scram_verify_plain_password(role,
                                            client_pass,
                                            shadow_pass))
            {
                return STATUS_OK;
            }
            else
            {
                *logdetail = psprintf(_("Password does not match for user \"%s\"."),
                                      role);
                return STATUS_ERROR;
            }
            break;
 
        case PASSWORD_TYPE_MD5:
            if (!pg_md5_encrypt(client_pass,
                                role,
                                strlen(role),
                                crypt_client_pass,
                                &errstr))
            {
                *logdetail = errstr;
                return STATUS_ERROR;
            }
            if (strcmp(crypt_client_pass, shadow_pass) == 0)
                return STATUS_OK;
            else
            {
                *logdetail = psprintf(_("Password does not match for user \"%s\"."),
                                      role);
                return STATUS_ERROR;
            }
            break;
 
        case PASSWORD_TYPE_PLAINTEXT:
 
            /*
             * We never store passwords in plaintext, so this shouldn't
             * happen.
             */
            break;
    }
 
    /*
     * This shouldn't happen.  Plain "password" authentication is possible
     * with any kind of stored password hash.
     */
    *logdetail = psprintf(_("Password of user \"%s\" is in unrecognized format."),
                          role);
    return STATUS_ERROR;
}

References _, get_password_type(), MD5_PASSWD_LEN, PASSWORD_TYPE_MD5, PASSWORD_TYPE_PLAINTEXT, PASSWORD_TYPE_SCRAM_SHA_256, pg_md5_encrypt(), psprintf(), scram_verify_plain_password(), STATUS_ERROR, and STATUS_OK.

Referenced by AlterRole(), check_password(), CheckPasswordAuth(), and CreateRole().