PostgreSQL Source Code git master
Data Structures | Macros | Typedefs | Enumerations | Functions | Variables
hmac_openssl.c File Reference
#include "postgres.h"
#include <openssl/err.h>
#include <openssl/hmac.h>
#include "common/hmac.h"
#include "common/md5.h"
#include "common/sha1.h"
#include "common/sha2.h"
#include "utils/memutils.h"
#include "utils/resowner.h"
Include dependency graph for hmac_openssl.c:

Go to the source code of this file.

Data Structures

struct  pg_hmac_ctx
 

Macros

#define USE_RESOWNER_FOR_HMAC
 
#define ALLOC(size)   MemoryContextAlloc(TopMemoryContext, size)
 
#define FREE(ptr)   pfree(ptr)
 

Typedefs

typedef enum pg_hmac_errno pg_hmac_errno
 

Enumerations

enum  pg_hmac_errno {
  PG_HMAC_ERROR_NONE = 0 , PG_HMAC_ERROR_OOM , PG_HMAC_ERROR_INTERNAL , PG_HMAC_ERROR_NONE = 0 ,
  PG_HMAC_ERROR_DEST_LEN , PG_HMAC_ERROR_OPENSSL
}
 

Functions

static void ResOwnerReleaseHMAC (Datum res)
 
static void ResourceOwnerRememberHMAC (ResourceOwner owner, pg_hmac_ctx *ctx)
 
static void ResourceOwnerForgetHMAC (ResourceOwner owner, pg_hmac_ctx *ctx)
 
static const char * SSLerrmessage (unsigned long ecode)
 
pg_hmac_ctxpg_hmac_create (pg_cryptohash_type type)
 
int pg_hmac_init (pg_hmac_ctx *ctx, const uint8 *key, size_t len)
 
int pg_hmac_update (pg_hmac_ctx *ctx, const uint8 *data, size_t len)
 
int pg_hmac_final (pg_hmac_ctx *ctx, uint8 *dest, size_t len)
 
void pg_hmac_free (pg_hmac_ctx *ctx)
 
const char * pg_hmac_error (pg_hmac_ctx *ctx)
 

Variables

static const ResourceOwnerDesc hmac_resowner_desc
 

Macro Definition Documentation

◆ ALLOC

#define ALLOC (   size)    MemoryContextAlloc(TopMemoryContext, size)

Definition at line 43 of file hmac_openssl.c.

◆ FREE

#define FREE (   ptr)    pfree(ptr)

Definition at line 44 of file hmac_openssl.c.

◆ USE_RESOWNER_FOR_HMAC

#define USE_RESOWNER_FOR_HMAC

Definition at line 42 of file hmac_openssl.c.

Typedef Documentation

◆ pg_hmac_errno

typedef enum pg_hmac_errno pg_hmac_errno

Enumeration Type Documentation

◆ pg_hmac_errno

enum pg_hmac_errno
Enumerator
PG_HMAC_ERROR_NONE 
PG_HMAC_ERROR_OOM 
PG_HMAC_ERROR_INTERNAL 
PG_HMAC_ERROR_NONE 
PG_HMAC_ERROR_DEST_LEN 
PG_HMAC_ERROR_OPENSSL 

Definition at line 51 of file hmac_openssl.c.

52{
53 PG_HMAC_ERROR_NONE = 0,
54 PG_HMAC_ERROR_DEST_LEN,
55 PG_HMAC_ERROR_OPENSSL,
56} pg_hmac_errno;
pg_hmac_errno
pg_hmac_errno
Definition: hmac_openssl.c:52
PG_HMAC_ERROR_OPENSSL
@ PG_HMAC_ERROR_OPENSSL
Definition: hmac_openssl.c:55
PG_HMAC_ERROR_DEST_LEN
@ PG_HMAC_ERROR_DEST_LEN
Definition: hmac_openssl.c:54
PG_HMAC_ERROR_NONE
@ PG_HMAC_ERROR_NONE
Definition: hmac_openssl.c:53

Function Documentation

◆ pg_hmac_create()

pg_hmac_ctx * pg_hmac_create ( pg_cryptohash_type  type)

Definition at line 117 of file hmac_openssl.c.

118{
119 pg_hmac_ctx *ctx;
120
121 ctx = ALLOC(sizeof(pg_hmac_ctx));
122 if (ctx == NULL)
123 return NULL;
124 memset(ctx, 0, sizeof(pg_hmac_ctx));
125
126 ctx->type = type;
127 ctx->error = PG_HMAC_ERROR_NONE;
128 ctx->errreason = NULL;
129
130
131 /*
132 * Initialization takes care of assigning the correct type for OpenSSL.
133 * Also ensure that there aren't any unconsumed errors in the queue from
134 * previous runs.
135 */
136 ERR_clear_error();
137
138#ifdef USE_RESOWNER_FOR_HMAC
139 ResourceOwnerEnlarge(CurrentResourceOwner);
140#endif
141
142 ctx->hmacctx = HMAC_CTX_new();
143
144 if (ctx->hmacctx == NULL)
145 {
146 explicit_bzero(ctx, sizeof(pg_hmac_ctx));
147 FREE(ctx);
148#ifndef FRONTEND
149 ereport(ERROR,
150 (errcode(ERRCODE_OUT_OF_MEMORY),
151 errmsg("out of memory")));
152#endif
153 return NULL;
154 }
155
156
157#ifdef USE_RESOWNER_FOR_HMAC
158 ctx->resowner = CurrentResourceOwner;
159 ResourceOwnerRememberHMAC(CurrentResourceOwner, ctx);
160#endif
161
162 return ctx;
163}
errcode
int errcode(int sqlerrcode)
Definition: elog.c:854
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:1071
ERROR
#define ERROR
Definition: elog.h:39
ereport
#define ereport(elevel,...)
Definition: elog.h:149
FREE
#define FREE(ptr)
Definition: hmac_openssl.c:44
ResourceOwnerRememberHMAC
static void ResourceOwnerRememberHMAC(ResourceOwner owner, pg_hmac_ctx *ctx)
Definition: hmac_openssl.c:86
ALLOC
#define ALLOC(size)
Definition: hmac_openssl.c:43
explicit_bzero
void explicit_bzero(void *buf, size_t len)
Definition: explicit_bzero.c:50
CurrentResourceOwner
ResourceOwner CurrentResourceOwner
Definition: resowner.c:173
ResourceOwnerEnlarge
void ResourceOwnerEnlarge(ResourceOwner owner)
Definition: resowner.c:452
pg_hmac_ctx
Definition: hmac.c:51
pg_hmac_ctx::errreason
const char * errreason
Definition: hmac.c:55
pg_hmac_ctx::resowner
ResourceOwner resowner
Definition: hmac_openssl.c:67
pg_hmac_ctx::hmacctx
HMAC_CTX * hmacctx
Definition: hmac_openssl.c:61
pg_hmac_ctx::type
pg_cryptohash_type type
Definition: hmac.c:53
pg_hmac_ctx::error
pg_hmac_errno error
Definition: hmac.c:54
type
const char * type
Definition: wait_event_funcs.c:27

References ALLOC, CurrentResourceOwner, ereport, errcode(), errmsg(), pg_hmac_ctx::error, ERROR, pg_hmac_ctx::errreason, explicit_bzero(), FREE, pg_hmac_ctx::hmacctx, PG_HMAC_ERROR_NONE, ResourceOwnerEnlarge(), ResourceOwnerRememberHMAC(), pg_hmac_ctx::resowner, type, and pg_hmac_ctx::type.

◆ pg_hmac_error()

const char * pg_hmac_error ( pg_hmac_ctx ctx)

Definition at line 336 of file hmac_openssl.c.

337{
338 if (ctx == NULL)
339 return _("out of memory");
340
341 /*
342 * If a reason is provided, rely on it, else fallback to any error code
343 * set.
344 */
345 if (ctx->errreason)
346 return ctx->errreason;
347
348 switch (ctx->error)
349 {
350 case PG_HMAC_ERROR_NONE:
351 return _("success");
352 case PG_HMAC_ERROR_DEST_LEN:
353 return _("destination buffer too small");
354 case PG_HMAC_ERROR_OPENSSL:
355 return _("OpenSSL failure");
356 }
357
358 Assert(false); /* cannot be reached */
359 return _("success");
360}
_
#define _(x)
Definition: elog.c:91
Assert
Assert(PointerIsAligned(start, uint64))

References _, Assert(), pg_hmac_ctx::error, pg_hmac_ctx::errreason, PG_HMAC_ERROR_DEST_LEN, PG_HMAC_ERROR_NONE, and PG_HMAC_ERROR_OPENSSL.

◆ pg_hmac_final()

int pg_hmac_final ( pg_hmac_ctx ctx,
uint8 dest,
size_t  len 
)

Definition at line 242 of file hmac_openssl.c.

243{
244 int status = 0;
245 uint32 outlen;
246
247 if (ctx == NULL)
248 return -1;
249
250 switch (ctx->type)
251 {
252 case PG_MD5:
253 if (len < MD5_DIGEST_LENGTH)
254 {
255 ctx->error = PG_HMAC_ERROR_DEST_LEN;
256 return -1;
257 }
258 break;
259 case PG_SHA1:
260 if (len < SHA1_DIGEST_LENGTH)
261 {
262 ctx->error = PG_HMAC_ERROR_DEST_LEN;
263 return -1;
264 }
265 break;
266 case PG_SHA224:
267 if (len < PG_SHA224_DIGEST_LENGTH)
268 {
269 ctx->error = PG_HMAC_ERROR_DEST_LEN;
270 return -1;
271 }
272 break;
273 case PG_SHA256:
274 if (len < PG_SHA256_DIGEST_LENGTH)
275 {
276 ctx->error = PG_HMAC_ERROR_DEST_LEN;
277 return -1;
278 }
279 break;
280 case PG_SHA384:
281 if (len < PG_SHA384_DIGEST_LENGTH)
282 {
283 ctx->error = PG_HMAC_ERROR_DEST_LEN;
284 return -1;
285 }
286 break;
287 case PG_SHA512:
288 if (len < PG_SHA512_DIGEST_LENGTH)
289 {
290 ctx->error = PG_HMAC_ERROR_DEST_LEN;
291 return -1;
292 }
293 break;
294 }
295
296 status = HMAC_Final(ctx->hmacctx, dest, &outlen);
297
298 /* OpenSSL internals return 1 on success, 0 on failure */
299 if (status <= 0)
300 {
301 ctx->errreason = SSLerrmessage(ERR_get_error());
302 ctx->error = PG_HMAC_ERROR_OPENSSL;
303 return -1;
304 }
305 return 0;
306}
uint32
uint32_t uint32
Definition: c.h:502
PG_SHA512
@ PG_SHA512
Definition: cryptohash.h:26
PG_SHA224
@ PG_SHA224
Definition: cryptohash.h:23
PG_SHA384
@ PG_SHA384
Definition: cryptohash.h:25
PG_SHA1
@ PG_SHA1
Definition: cryptohash.h:22
PG_SHA256
@ PG_SHA256
Definition: cryptohash.h:24
PG_MD5
@ PG_MD5
Definition: cryptohash.h:21
SSLerrmessage
static const char * SSLerrmessage(unsigned long ecode)
Definition: hmac_openssl.c:98
MD5_DIGEST_LENGTH
#define MD5_DIGEST_LENGTH
Definition: md5.h:20
generate_unaccent_rules.dest
dest
Definition: generate_unaccent_rules.py:285
len
const void size_t len
Definition: pg_crc32c_sse42.c:28
SHA1_DIGEST_LENGTH
#define SHA1_DIGEST_LENGTH
Definition: sha1.h:17
PG_SHA256_DIGEST_LENGTH
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:23
PG_SHA384_DIGEST_LENGTH
#define PG_SHA384_DIGEST_LENGTH
Definition: sha2.h:26
PG_SHA512_DIGEST_LENGTH
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:29
PG_SHA224_DIGEST_LENGTH
#define PG_SHA224_DIGEST_LENGTH
Definition: sha2.h:20

References generate_unaccent_rules::dest, pg_hmac_ctx::error, pg_hmac_ctx::errreason, pg_hmac_ctx::hmacctx, len, MD5_DIGEST_LENGTH, PG_HMAC_ERROR_DEST_LEN, PG_HMAC_ERROR_OPENSSL, PG_MD5, PG_SHA1, PG_SHA224, PG_SHA224_DIGEST_LENGTH, PG_SHA256, PG_SHA256_DIGEST_LENGTH, PG_SHA384, PG_SHA384_DIGEST_LENGTH, PG_SHA512, PG_SHA512_DIGEST_LENGTH, SHA1_DIGEST_LENGTH, SSLerrmessage(), and pg_hmac_ctx::type.

◆ pg_hmac_free()

void pg_hmac_free ( pg_hmac_ctx ctx)

Definition at line 314 of file hmac_openssl.c.

315{
316 if (ctx == NULL)
317 return;
318
319 HMAC_CTX_free(ctx->hmacctx);
320#ifdef USE_RESOWNER_FOR_HMAC
321 if (ctx->resowner)
322 ResourceOwnerForgetHMAC(ctx->resowner, ctx);
323#endif
324
325 explicit_bzero(ctx, sizeof(pg_hmac_ctx));
326 FREE(ctx);
327}
ResourceOwnerForgetHMAC
static void ResourceOwnerForgetHMAC(ResourceOwner owner, pg_hmac_ctx *ctx)
Definition: hmac_openssl.c:91

References explicit_bzero(), FREE, pg_hmac_ctx::hmacctx, ResourceOwnerForgetHMAC(), and pg_hmac_ctx::resowner.

Referenced by ResOwnerReleaseHMAC().

◆ pg_hmac_init()

int pg_hmac_init ( pg_hmac_ctx ctx,
const uint8 key,
size_t  len 
)

Definition at line 171 of file hmac_openssl.c.

172{
173 int status = 0;
174
175 if (ctx == NULL)
176 return -1;
177
178 switch (ctx->type)
179 {
180 case PG_MD5:
181 status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_md5(), NULL);
182 break;
183 case PG_SHA1:
184 status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha1(), NULL);
185 break;
186 case PG_SHA224:
187 status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha224(), NULL);
188 break;
189 case PG_SHA256:
190 status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha256(), NULL);
191 break;
192 case PG_SHA384:
193 status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha384(), NULL);
194 break;
195 case PG_SHA512:
196 status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha512(), NULL);
197 break;
198 }
199
200 /* OpenSSL internals return 1 on success, 0 on failure */
201 if (status <= 0)
202 {
203 ctx->errreason = SSLerrmessage(ERR_get_error());
204 ctx->error = PG_HMAC_ERROR_OPENSSL;
205 return -1;
206 }
207
208 return 0;
209}

References pg_hmac_ctx::error, pg_hmac_ctx::errreason, pg_hmac_ctx::hmacctx, sort-test::key, len, PG_HMAC_ERROR_OPENSSL, PG_MD5, PG_SHA1, PG_SHA224, PG_SHA256, PG_SHA384, PG_SHA512, SSLerrmessage(), and pg_hmac_ctx::type.

◆ pg_hmac_update()

int pg_hmac_update ( pg_hmac_ctx ctx,
const uint8 data,
size_t  len 
)

Definition at line 217 of file hmac_openssl.c.

218{
219 int status = 0;
220
221 if (ctx == NULL)
222 return -1;
223
224 status = HMAC_Update(ctx->hmacctx, data, len);
225
226 /* OpenSSL internals return 1 on success, 0 on failure */
227 if (status <= 0)
228 {
229 ctx->errreason = SSLerrmessage(ERR_get_error());
230 ctx->error = PG_HMAC_ERROR_OPENSSL;
231 return -1;
232 }
233 return 0;
234}
data
const void * data
Definition: pg_crc32c_sse42.c:27

References data, pg_hmac_ctx::error, pg_hmac_ctx::errreason, pg_hmac_ctx::hmacctx, len, PG_HMAC_ERROR_OPENSSL, and SSLerrmessage().

◆ ResourceOwnerForgetHMAC()

static void ResourceOwnerForgetHMAC ( ResourceOwner  owner,
pg_hmac_ctx ctx 
)
inlinestatic

Definition at line 91 of file hmac_openssl.c.

92{
93 ResourceOwnerForget(owner, PointerGetDatum(ctx), &hmac_resowner_desc);
94}
hmac_resowner_desc
static const ResourceOwnerDesc hmac_resowner_desc
Definition: hmac_openssl.c:75
PointerGetDatum
static Datum PointerGetDatum(const void *X)
Definition: postgres.h:327
ResourceOwnerForget
void ResourceOwnerForget(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
Definition: resowner.c:564

References hmac_resowner_desc, PointerGetDatum(), and ResourceOwnerForget().

Referenced by pg_hmac_free().

◆ ResourceOwnerRememberHMAC()

static void ResourceOwnerRememberHMAC ( ResourceOwner  owner,
pg_hmac_ctx ctx 
)
inlinestatic

Definition at line 86 of file hmac_openssl.c.

87{
88 ResourceOwnerRemember(owner, PointerGetDatum(ctx), &hmac_resowner_desc);
89}
ResourceOwnerRemember
void ResourceOwnerRemember(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
Definition: resowner.c:524

References hmac_resowner_desc, PointerGetDatum(), and ResourceOwnerRemember().

Referenced by pg_hmac_create().

◆ ResOwnerReleaseHMAC()

static void ResOwnerReleaseHMAC ( Datum  res)
static

Definition at line 366 of file hmac_openssl.c.

367{
368 pg_hmac_ctx *ctx = (pg_hmac_ctx *) DatumGetPointer(res);
369
370 ctx->resowner = NULL;
371 pg_hmac_free(ctx);
372}
pg_hmac_free
void pg_hmac_free(pg_hmac_ctx *ctx)
Definition: hmac_openssl.c:314
DatumGetPointer
static Pointer DatumGetPointer(Datum X)
Definition: postgres.h:317

References DatumGetPointer(), pg_hmac_free(), and pg_hmac_ctx::resowner.

◆ SSLerrmessage()

static const char * SSLerrmessage ( unsigned long  ecode)
static

Definition at line 98 of file hmac_openssl.c.

99{
100 if (ecode == 0)
101 return NULL;
102
103 /*
104 * This may return NULL, but we would fall back to a default error path if
105 * that were the case.
106 */
107 return ERR_reason_error_string(ecode);
108}

Referenced by pg_hmac_final(), pg_hmac_init(), and pg_hmac_update().

Variable Documentation

◆ hmac_resowner_desc

const ResourceOwnerDesc hmac_resowner_desc
static
Initial value:
=
{
.name = "OpenSSL HMAC context",
.release_phase = RESOURCE_RELEASE_BEFORE_LOCKS,
.release_priority = RELEASE_PRIO_HMAC_CONTEXTS,
.ReleaseResource = ResOwnerReleaseHMAC,
.DebugPrint = NULL
}
ResOwnerReleaseHMAC
static void ResOwnerReleaseHMAC(Datum res)
Definition: hmac_openssl.c:366
RELEASE_PRIO_HMAC_CONTEXTS
#define RELEASE_PRIO_HMAC_CONTEXTS
Definition: resowner.h:68
RESOURCE_RELEASE_BEFORE_LOCKS
@ RESOURCE_RELEASE_BEFORE_LOCKS
Definition: resowner.h:54

Definition at line 75 of file hmac_openssl.c.

Referenced by ResourceOwnerForgetHMAC(), and ResourceOwnerRememberHMAC().