PostgreSQL Source Code  git master
hmac_openssl.c File Reference
#include "postgres.h"
#include <openssl/err.h>
#include <openssl/hmac.h>
#include "common/hmac.h"
#include "common/md5.h"
#include "common/sha1.h"
#include "common/sha2.h"
#include "utils/memutils.h"
#include "utils/resowner.h"
Include dependency graph for hmac_openssl.c:

Go to the source code of this file.

Data Structures

struct  pg_hmac_ctx
 

Macros

#define USE_RESOWNER_FOR_HMAC
 
#define ALLOC(size)   MemoryContextAlloc(TopMemoryContext, size)
 
#define FREE(ptr)   pfree(ptr)
 

Typedefs

typedef enum pg_hmac_errno pg_hmac_errno
 

Enumerations

enum  pg_hmac_errno {
  PG_HMAC_ERROR_NONE = 0 , PG_HMAC_ERROR_OOM , PG_HMAC_ERROR_INTERNAL , PG_HMAC_ERROR_NONE = 0 ,
  PG_HMAC_ERROR_DEST_LEN , PG_HMAC_ERROR_OPENSSL
}
 

Functions

static void ResOwnerReleaseHMAC (Datum res)
 
static void ResourceOwnerRememberHMAC (ResourceOwner owner, pg_hmac_ctx *ctx)
 
static void ResourceOwnerForgetHMAC (ResourceOwner owner, pg_hmac_ctx *ctx)
 
static const char * SSLerrmessage (unsigned long ecode)
 
pg_hmac_ctxpg_hmac_create (pg_cryptohash_type type)
 
int pg_hmac_init (pg_hmac_ctx *ctx, const uint8 *key, size_t len)
 
int pg_hmac_update (pg_hmac_ctx *ctx, const uint8 *data, size_t len)
 
int pg_hmac_final (pg_hmac_ctx *ctx, uint8 *dest, size_t len)
 
void pg_hmac_free (pg_hmac_ctx *ctx)
 
const char * pg_hmac_error (pg_hmac_ctx *ctx)
 

Variables

static const ResourceOwnerDesc hmac_resowner_desc
 

Macro Definition Documentation

◆ ALLOC

#define ALLOC (   size)    MemoryContextAlloc(TopMemoryContext, size)

Definition at line 43 of file hmac_openssl.c.

◆ FREE

#define FREE (   ptr)    pfree(ptr)

Definition at line 44 of file hmac_openssl.c.

◆ USE_RESOWNER_FOR_HMAC

#define USE_RESOWNER_FOR_HMAC

Definition at line 42 of file hmac_openssl.c.

Typedef Documentation

◆ pg_hmac_errno

Enumeration Type Documentation

◆ pg_hmac_errno

Enumerator
PG_HMAC_ERROR_NONE 
PG_HMAC_ERROR_OOM 
PG_HMAC_ERROR_INTERNAL 
PG_HMAC_ERROR_NONE 
PG_HMAC_ERROR_DEST_LEN 
PG_HMAC_ERROR_OPENSSL 

Definition at line 51 of file hmac_openssl.c.

52 {
pg_hmac_errno
Definition: hmac_openssl.c:52
@ PG_HMAC_ERROR_OPENSSL
Definition: hmac_openssl.c:55
@ PG_HMAC_ERROR_DEST_LEN
Definition: hmac_openssl.c:54
@ PG_HMAC_ERROR_NONE
Definition: hmac_openssl.c:53

Function Documentation

◆ pg_hmac_create()

pg_hmac_ctx* pg_hmac_create ( pg_cryptohash_type  type)

Definition at line 117 of file hmac_openssl.c.

118 {
119  pg_hmac_ctx *ctx;
120 
121  ctx = ALLOC(sizeof(pg_hmac_ctx));
122  if (ctx == NULL)
123  return NULL;
124  memset(ctx, 0, sizeof(pg_hmac_ctx));
125 
126  ctx->type = type;
127  ctx->error = PG_HMAC_ERROR_NONE;
128  ctx->errreason = NULL;
129 
130 
131  /*
132  * Initialization takes care of assigning the correct type for OpenSSL.
133  * Also ensure that there aren't any unconsumed errors in the queue from
134  * previous runs.
135  */
136  ERR_clear_error();
137 
138 #ifdef USE_RESOWNER_FOR_HMAC
140 #endif
141 
142  ctx->hmacctx = HMAC_CTX_new();
143 
144  if (ctx->hmacctx == NULL)
145  {
146  explicit_bzero(ctx, sizeof(pg_hmac_ctx));
147  FREE(ctx);
148 #ifndef FRONTEND
149  ereport(ERROR,
150  (errcode(ERRCODE_OUT_OF_MEMORY),
151  errmsg("out of memory")));
152 #endif
153  return NULL;
154  }
155 
156 
157 #ifdef USE_RESOWNER_FOR_HMAC
160 #endif
161 
162  return ctx;
163 }
int errcode(int sqlerrcode)
Definition: elog.c:853
int errmsg(const char *fmt,...)
Definition: elog.c:1070
#define ERROR
Definition: elog.h:39
#define ereport(elevel,...)
Definition: elog.h:149
#define FREE(ptr)
Definition: hmac_openssl.c:44
static void ResourceOwnerRememberHMAC(ResourceOwner owner, pg_hmac_ctx *ctx)
Definition: hmac_openssl.c:86
#define ALLOC(size)
Definition: hmac_openssl.c:43
void explicit_bzero(void *buf, size_t len)
ResourceOwner CurrentResourceOwner
Definition: resowner.c:165
void ResourceOwnerEnlarge(ResourceOwner owner)
Definition: resowner.c:442
const char * errreason
Definition: hmac.c:55
ResourceOwner resowner
Definition: hmac_openssl.c:67
HMAC_CTX * hmacctx
Definition: hmac_openssl.c:61
pg_cryptohash_type type
Definition: hmac.c:53
pg_hmac_errno error
Definition: hmac.c:54
const char * type

References ALLOC, CurrentResourceOwner, ereport, errcode(), errmsg(), pg_hmac_ctx::error, ERROR, pg_hmac_ctx::errreason, explicit_bzero(), FREE, pg_hmac_ctx::hmacctx, PG_HMAC_ERROR_NONE, ResourceOwnerEnlarge(), ResourceOwnerRememberHMAC(), pg_hmac_ctx::resowner, type, and pg_hmac_ctx::type.

◆ pg_hmac_error()

const char* pg_hmac_error ( pg_hmac_ctx ctx)

Definition at line 336 of file hmac_openssl.c.

337 {
338  if (ctx == NULL)
339  return _("out of memory");
340 
341  /*
342  * If a reason is provided, rely on it, else fallback to any error code
343  * set.
344  */
345  if (ctx->errreason)
346  return ctx->errreason;
347 
348  switch (ctx->error)
349  {
350  case PG_HMAC_ERROR_NONE:
351  return _("success");
353  return _("destination buffer too small");
355  return _("OpenSSL failure");
356  }
357 
358  Assert(false); /* cannot be reached */
359  return _("success");
360 }
#define Assert(condition)
Definition: c.h:861
#define _(x)
Definition: elog.c:90

References _, Assert, pg_hmac_ctx::error, pg_hmac_ctx::errreason, PG_HMAC_ERROR_DEST_LEN, PG_HMAC_ERROR_NONE, and PG_HMAC_ERROR_OPENSSL.

◆ pg_hmac_final()

int pg_hmac_final ( pg_hmac_ctx ctx,
uint8 dest,
size_t  len 
)

Definition at line 242 of file hmac_openssl.c.

243 {
244  int status = 0;
245  uint32 outlen;
246 
247  if (ctx == NULL)
248  return -1;
249 
250  switch (ctx->type)
251  {
252  case PG_MD5:
253  if (len < MD5_DIGEST_LENGTH)
254  {
256  return -1;
257  }
258  break;
259  case PG_SHA1:
260  if (len < SHA1_DIGEST_LENGTH)
261  {
263  return -1;
264  }
265  break;
266  case PG_SHA224:
268  {
270  return -1;
271  }
272  break;
273  case PG_SHA256:
275  {
277  return -1;
278  }
279  break;
280  case PG_SHA384:
282  {
284  return -1;
285  }
286  break;
287  case PG_SHA512:
289  {
291  return -1;
292  }
293  break;
294  }
295 
296  status = HMAC_Final(ctx->hmacctx, dest, &outlen);
297 
298  /* OpenSSL internals return 1 on success, 0 on failure */
299  if (status <= 0)
300  {
301  ctx->errreason = SSLerrmessage(ERR_get_error());
303  return -1;
304  }
305  return 0;
306 }
unsigned int uint32
Definition: c.h:509
@ PG_SHA512
Definition: cryptohash.h:26
@ PG_SHA224
Definition: cryptohash.h:23
@ PG_SHA384
Definition: cryptohash.h:25
@ PG_SHA1
Definition: cryptohash.h:22
@ PG_SHA256
Definition: cryptohash.h:24
@ PG_MD5
Definition: cryptohash.h:21
static const char * SSLerrmessage(unsigned long ecode)
Definition: hmac_openssl.c:98
#define MD5_DIGEST_LENGTH
Definition: md5.h:20
const void size_t len
#define SHA1_DIGEST_LENGTH
Definition: sha1.h:17
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:23
#define PG_SHA384_DIGEST_LENGTH
Definition: sha2.h:26
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:29
#define PG_SHA224_DIGEST_LENGTH
Definition: sha2.h:20

References generate_unaccent_rules::dest, pg_hmac_ctx::error, pg_hmac_ctx::errreason, pg_hmac_ctx::hmacctx, len, MD5_DIGEST_LENGTH, PG_HMAC_ERROR_DEST_LEN, PG_HMAC_ERROR_OPENSSL, PG_MD5, PG_SHA1, PG_SHA224, PG_SHA224_DIGEST_LENGTH, PG_SHA256, PG_SHA256_DIGEST_LENGTH, PG_SHA384, PG_SHA384_DIGEST_LENGTH, PG_SHA512, PG_SHA512_DIGEST_LENGTH, SHA1_DIGEST_LENGTH, SSLerrmessage(), and pg_hmac_ctx::type.

◆ pg_hmac_free()

void pg_hmac_free ( pg_hmac_ctx ctx)

Definition at line 314 of file hmac_openssl.c.

315 {
316  if (ctx == NULL)
317  return;
318 
319  HMAC_CTX_free(ctx->hmacctx);
320 #ifdef USE_RESOWNER_FOR_HMAC
321  if (ctx->resowner)
323 #endif
324 
325  explicit_bzero(ctx, sizeof(pg_hmac_ctx));
326  FREE(ctx);
327 }
static void ResourceOwnerForgetHMAC(ResourceOwner owner, pg_hmac_ctx *ctx)
Definition: hmac_openssl.c:91

References explicit_bzero(), FREE, pg_hmac_ctx::hmacctx, ResourceOwnerForgetHMAC(), and pg_hmac_ctx::resowner.

Referenced by ResOwnerReleaseHMAC().

◆ pg_hmac_init()

int pg_hmac_init ( pg_hmac_ctx ctx,
const uint8 key,
size_t  len 
)

Definition at line 171 of file hmac_openssl.c.

172 {
173  int status = 0;
174 
175  if (ctx == NULL)
176  return -1;
177 
178  switch (ctx->type)
179  {
180  case PG_MD5:
181  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_md5(), NULL);
182  break;
183  case PG_SHA1:
184  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha1(), NULL);
185  break;
186  case PG_SHA224:
187  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha224(), NULL);
188  break;
189  case PG_SHA256:
190  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha256(), NULL);
191  break;
192  case PG_SHA384:
193  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha384(), NULL);
194  break;
195  case PG_SHA512:
196  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha512(), NULL);
197  break;
198  }
199 
200  /* OpenSSL internals return 1 on success, 0 on failure */
201  if (status <= 0)
202  {
203  ctx->errreason = SSLerrmessage(ERR_get_error());
205  return -1;
206  }
207 
208  return 0;
209 }

References pg_hmac_ctx::error, pg_hmac_ctx::errreason, pg_hmac_ctx::hmacctx, sort-test::key, len, PG_HMAC_ERROR_OPENSSL, PG_MD5, PG_SHA1, PG_SHA224, PG_SHA256, PG_SHA384, PG_SHA512, SSLerrmessage(), and pg_hmac_ctx::type.

◆ pg_hmac_update()

int pg_hmac_update ( pg_hmac_ctx ctx,
const uint8 data,
size_t  len 
)

Definition at line 217 of file hmac_openssl.c.

218 {
219  int status = 0;
220 
221  if (ctx == NULL)
222  return -1;
223 
224  status = HMAC_Update(ctx->hmacctx, data, len);
225 
226  /* OpenSSL internals return 1 on success, 0 on failure */
227  if (status <= 0)
228  {
229  ctx->errreason = SSLerrmessage(ERR_get_error());
231  return -1;
232  }
233  return 0;
234 }
const void * data

References data, pg_hmac_ctx::error, pg_hmac_ctx::errreason, pg_hmac_ctx::hmacctx, len, PG_HMAC_ERROR_OPENSSL, and SSLerrmessage().

◆ ResourceOwnerForgetHMAC()

static void ResourceOwnerForgetHMAC ( ResourceOwner  owner,
pg_hmac_ctx ctx 
)
inlinestatic

Definition at line 91 of file hmac_openssl.c.

92 {
94 }
static const ResourceOwnerDesc hmac_resowner_desc
Definition: hmac_openssl.c:75
static Datum PointerGetDatum(const void *X)
Definition: postgres.h:322
void ResourceOwnerForget(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
Definition: resowner.c:554

References hmac_resowner_desc, PointerGetDatum(), and ResourceOwnerForget().

Referenced by pg_hmac_free().

◆ ResourceOwnerRememberHMAC()

static void ResourceOwnerRememberHMAC ( ResourceOwner  owner,
pg_hmac_ctx ctx 
)
inlinestatic

Definition at line 86 of file hmac_openssl.c.

87 {
89 }
void ResourceOwnerRemember(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
Definition: resowner.c:514

References hmac_resowner_desc, PointerGetDatum(), and ResourceOwnerRemember().

Referenced by pg_hmac_create().

◆ ResOwnerReleaseHMAC()

static void ResOwnerReleaseHMAC ( Datum  res)
static

Definition at line 366 of file hmac_openssl.c.

367 {
369 
370  ctx->resowner = NULL;
371  pg_hmac_free(ctx);
372 }
void pg_hmac_free(pg_hmac_ctx *ctx)
Definition: hmac_openssl.c:314
static Pointer DatumGetPointer(Datum X)
Definition: postgres.h:312

References DatumGetPointer(), pg_hmac_free(), res, and pg_hmac_ctx::resowner.

◆ SSLerrmessage()

static const char* SSLerrmessage ( unsigned long  ecode)
static

Definition at line 98 of file hmac_openssl.c.

99 {
100  if (ecode == 0)
101  return NULL;
102 
103  /*
104  * This may return NULL, but we would fall back to a default error path if
105  * that were the case.
106  */
107  return ERR_reason_error_string(ecode);
108 }

Referenced by pg_hmac_final(), pg_hmac_init(), and pg_hmac_update().

Variable Documentation

◆ hmac_resowner_desc

const ResourceOwnerDesc hmac_resowner_desc
static
Initial value:
=
{
.name = "OpenSSL HMAC context",
.release_priority = RELEASE_PRIO_HMAC_CONTEXTS,
.ReleaseResource = ResOwnerReleaseHMAC,
.DebugPrint = NULL
}
static void ResOwnerReleaseHMAC(Datum res)
Definition: hmac_openssl.c:366
#define RELEASE_PRIO_HMAC_CONTEXTS
Definition: resowner.h:68
@ RESOURCE_RELEASE_BEFORE_LOCKS
Definition: resowner.h:54

Definition at line 75 of file hmac_openssl.c.

Referenced by ResourceOwnerForgetHMAC(), and ResourceOwnerRememberHMAC().