PostgreSQL Source Code  git master
hmac_openssl.c
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * hmac_openssl.c
4  * Implementation of HMAC with OpenSSL.
5  *
6  * This should only be used if code is compiled with OpenSSL support.
7  *
8  * Portions Copyright (c) 1996-2023, PostgreSQL Global Development Group
9  * Portions Copyright (c) 1994, Regents of the University of California
10  *
11  * IDENTIFICATION
12  * src/common/hmac_openssl.c
13  *
14  *-------------------------------------------------------------------------
15  */
16 
17 #ifndef FRONTEND
18 #include "postgres.h"
19 #else
20 #include "postgres_fe.h"
21 #endif
22 
23 
24 #include <openssl/err.h>
25 #include <openssl/hmac.h>
26 
27 #include "common/hmac.h"
28 #include "common/md5.h"
29 #include "common/sha1.h"
30 #include "common/sha2.h"
31 #ifndef FRONTEND
32 #include "utils/memutils.h"
33 #include "utils/resowner.h"
34 #include "utils/resowner_private.h"
35 #endif
36 
37 /*
38  * In backend, use an allocation in TopMemoryContext to count for resowner
39  * cleanup handling if necessary. For versions of OpenSSL where HMAC_CTX is
40  * known, just use palloc(). In frontend, use malloc to be able to return
41  * a failure status back to the caller.
42  */
43 #ifndef FRONTEND
44 #ifdef HAVE_HMAC_CTX_NEW
45 #define ALLOC(size) MemoryContextAlloc(TopMemoryContext, size)
46 #else
47 #define ALLOC(size) palloc(size)
48 #endif
49 #define FREE(ptr) pfree(ptr)
50 #else /* FRONTEND */
51 #define ALLOC(size) malloc(size)
52 #define FREE(ptr) free(ptr)
53 #endif /* FRONTEND */
54 
55 /* Set of error states */
56 typedef enum pg_hmac_errno
57 {
58  PG_HMAC_ERROR_NONE = 0,
59  PG_HMAC_ERROR_DEST_LEN,
60  PG_HMAC_ERROR_OPENSSL
61 } pg_hmac_errno;
62 
63 /* Internal pg_hmac_ctx structure */
64 struct pg_hmac_ctx
65 {
66  HMAC_CTX *hmacctx;
67  pg_cryptohash_type type;
68  pg_hmac_errno error;
69  const char *errreason;
70 
71 #ifndef FRONTEND
72  ResourceOwner resowner;
73 #endif
74 };
75 
76 static const char *
77 SSLerrmessage(unsigned long ecode)
78 {
79  if (ecode == 0)
80  return NULL;
81 
82  /*
83  * This may return NULL, but we would fall back to a default error path if
84  * that were the case.
85  */
86  return ERR_reason_error_string(ecode);
87 }
88 
89 /*
90  * pg_hmac_create
91  *
92  * Allocate a hash context. Returns NULL on failure for an OOM. The
93  * backend issues an error, without returning.
94  */
95 pg_hmac_ctx *
96 pg_hmac_create(pg_cryptohash_type type)
97 {
98  pg_hmac_ctx *ctx;
99 
100  ctx = ALLOC(sizeof(pg_hmac_ctx));
101  if (ctx == NULL)
102  return NULL;
103  memset(ctx, 0, sizeof(pg_hmac_ctx));
104 
105  ctx->type = type;
106  ctx->error = PG_HMAC_ERROR_NONE;
107  ctx->errreason = NULL;
108 
109 
110  /*
111  * Initialization takes care of assigning the correct type for OpenSSL.
112  * Also ensure that there aren't any unconsumed errors in the queue from
113  * previous runs.
114  */
115  ERR_clear_error();
116 #ifdef HAVE_HMAC_CTX_NEW
117 #ifndef FRONTEND
118  ResourceOwnerEnlargeHMAC(CurrentResourceOwner);
119 #endif
120  ctx->hmacctx = HMAC_CTX_new();
121 #else
122  ctx->hmacctx = ALLOC(sizeof(HMAC_CTX));
123 #endif
124 
125  if (ctx->hmacctx == NULL)
126  {
127  explicit_bzero(ctx, sizeof(pg_hmac_ctx));
128  FREE(ctx);
129 #ifndef FRONTEND
130  ereport(ERROR,
131  (errcode(ERRCODE_OUT_OF_MEMORY),
132  errmsg("out of memory")));
133 #endif
134  return NULL;
135  }
136 
137 #ifdef HAVE_HMAC_CTX_NEW
138 #ifndef FRONTEND
139  ctx->resowner = CurrentResourceOwner;
140  ResourceOwnerRememberHMAC(CurrentResourceOwner, PointerGetDatum(ctx));
141 #endif
142 #else
143  memset(ctx->hmacctx, 0, sizeof(HMAC_CTX));
144 #endif /* HAVE_HMAC_CTX_NEW */
145 
146  return ctx;
147 }
148 
149 /*
150  * pg_hmac_init
151  *
152  * Initialize a HMAC context. Returns 0 on success, -1 on failure.
153  */
154 int
155 pg_hmac_init(pg_hmac_ctx *ctx, const uint8 *key, size_t len)
156 {
157  int status = 0;
158 
159  if (ctx == NULL)
160  return -1;
161 
162  switch (ctx->type)
163  {
164  case PG_MD5:
165  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_md5(), NULL);
166  break;
167  case PG_SHA1:
168  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha1(), NULL);
169  break;
170  case PG_SHA224:
171  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha224(), NULL);
172  break;
173  case PG_SHA256:
174  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha256(), NULL);
175  break;
176  case PG_SHA384:
177  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha384(), NULL);
178  break;
179  case PG_SHA512:
180  status = HMAC_Init_ex(ctx->hmacctx, key, len, EVP_sha512(), NULL);
181  break;
182  }
183 
184  /* OpenSSL internals return 1 on success, 0 on failure */
185  if (status <= 0)
186  {
187  ctx->errreason = SSLerrmessage(ERR_get_error());
188  ctx->error = PG_HMAC_ERROR_OPENSSL;
189  return -1;
190  }
191 
192  return 0;
193 }
194 
195 /*
196  * pg_hmac_update
197  *
198  * Update a HMAC context. Returns 0 on success, -1 on failure.
199  */
200 int
201 pg_hmac_update(pg_hmac_ctx *ctx, const uint8 *data, size_t len)
202 {
203  int status = 0;
204 
205  if (ctx == NULL)
206  return -1;
207 
208  status = HMAC_Update(ctx->hmacctx, data, len);
209 
210  /* OpenSSL internals return 1 on success, 0 on failure */
211  if (status <= 0)
212  {
213  ctx->errreason = SSLerrmessage(ERR_get_error());
214  ctx->error = PG_HMAC_ERROR_OPENSSL;
215  return -1;
216  }
217  return 0;
218 }
219 
220 /*
221  * pg_hmac_final
222  *
223  * Finalize a HMAC context. Returns 0 on success, -1 on failure.
224  */
225 int
226 pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest, size_t len)
227 {
228  int status = 0;
229  uint32 outlen;
230 
231  if (ctx == NULL)
232  return -1;
233 
234  switch (ctx->type)
235  {
236  case PG_MD5:
237  if (len < MD5_DIGEST_LENGTH)
238  {
239  ctx->error = PG_HMAC_ERROR_DEST_LEN;
240  return -1;
241  }
242  break;
243  case PG_SHA1:
244  if (len < SHA1_DIGEST_LENGTH)
245  {
246  ctx->error = PG_HMAC_ERROR_DEST_LEN;
247  return -1;
248  }
249  break;
250  case PG_SHA224:
251  if (len < PG_SHA224_DIGEST_LENGTH)
252  {
253  ctx->error = PG_HMAC_ERROR_DEST_LEN;
254  return -1;
255  }
256  break;
257  case PG_SHA256:
258  if (len < PG_SHA256_DIGEST_LENGTH)
259  {
260  ctx->error = PG_HMAC_ERROR_DEST_LEN;
261  return -1;
262  }
263  break;
264  case PG_SHA384:
265  if (len < PG_SHA384_DIGEST_LENGTH)
266  {
267  ctx->error = PG_HMAC_ERROR_DEST_LEN;
268  return -1;
269  }
270  break;
271  case PG_SHA512:
272  if (len < PG_SHA512_DIGEST_LENGTH)
273  {
274  ctx->error = PG_HMAC_ERROR_DEST_LEN;
275  return -1;
276  }
277  break;
278  }
279 
280  status = HMAC_Final(ctx->hmacctx, dest, &outlen);
281 
282  /* OpenSSL internals return 1 on success, 0 on failure */
283  if (status <= 0)
284  {
285  ctx->errreason = SSLerrmessage(ERR_get_error());
286  ctx->error = PG_HMAC_ERROR_OPENSSL;
287  return -1;
288  }
289  return 0;
290 }
291 
292 /*
293  * pg_hmac_free
294  *
295  * Free a HMAC context.
296  */
297 void
298 pg_hmac_free(pg_hmac_ctx *ctx)
299 {
300  if (ctx == NULL)
301  return;
302 
303 #ifdef HAVE_HMAC_CTX_FREE
304  HMAC_CTX_free(ctx->hmacctx);
305 #ifndef FRONTEND
306  ResourceOwnerForgetHMAC(ctx->resowner, PointerGetDatum(ctx));
307 #endif
308 #else
309  explicit_bzero(ctx->hmacctx, sizeof(HMAC_CTX));
310  FREE(ctx->hmacctx);
311 #endif
312 
313  explicit_bzero(ctx, sizeof(pg_hmac_ctx));
314  FREE(ctx);
315 }
316 
317 /*
318  * pg_hmac_error
319  *
320  * Returns a static string providing details about an error that happened
321  * during a HMAC computation.
322  */
323 const char *
324 pg_hmac_error(pg_hmac_ctx *ctx)
325 {
326  if (ctx == NULL)
327  return _("out of memory");
328 
329  /*
330  * If a reason is provided, rely on it, else fallback to any error code
331  * set.
332  */
333  if (ctx->errreason)
334  return ctx->errreason;
335 
336  switch (ctx->error)
337  {
338  case PG_HMAC_ERROR_NONE:
339  return _("success");
340  case PG_HMAC_ERROR_DEST_LEN:
341  return _("destination buffer too small");
342  case PG_HMAC_ERROR_OPENSSL:
343  return _("OpenSSL failure");
344  }
345 
346  Assert(false); /* cannot be reached */
347  return _("success");
348 }
uint32
unsigned int uint32
Definition: c.h:490
uint8
unsigned char uint8
Definition: c.h:488
pg_cryptohash_type
pg_cryptohash_type
Definition: cryptohash.h:20
PG_SHA512
@ PG_SHA512
Definition: cryptohash.h:26
PG_SHA224
@ PG_SHA224
Definition: cryptohash.h:23
PG_SHA384
@ PG_SHA384
Definition: cryptohash.h:25
PG_SHA1
@ PG_SHA1
Definition: cryptohash.h:22
PG_SHA256
@ PG_SHA256
Definition: cryptohash.h:24
PG_MD5
@ PG_MD5
Definition: cryptohash.h:21
errcode
int errcode(int sqlerrcode)
Definition: elog.c:858
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:1069
_
#define _(x)
Definition: elog.c:91
ERROR
#define ERROR
Definition: elog.h:39
ereport
#define ereport(elevel,...)
Definition: elog.h:149
pg_hmac_errno
pg_hmac_errno
Definition: hmac.c:43
pg_hmac_create
pg_hmac_ctx * pg_hmac_create(pg_cryptohash_type type)
Definition: hmac_openssl.c:96
FREE
#define FREE(ptr)
Definition: hmac_openssl.c:49
pg_hmac_error
const char * pg_hmac_error(pg_hmac_ctx *ctx)
Definition: hmac_openssl.c:324
SSLerrmessage
static const char * SSLerrmessage(unsigned long ecode)
Definition: hmac_openssl.c:77
pg_hmac_free
void pg_hmac_free(pg_hmac_ctx *ctx)
Definition: hmac_openssl.c:298
pg_hmac_update
int pg_hmac_update(pg_hmac_ctx *ctx, const uint8 *data, size_t len)
Definition: hmac_openssl.c:201
pg_hmac_init
int pg_hmac_init(pg_hmac_ctx *ctx, const uint8 *key, size_t len)
Definition: hmac_openssl.c:155
ALLOC
#define ALLOC(size)
Definition: hmac_openssl.c:47
pg_hmac_errno
pg_hmac_errno
Definition: hmac_openssl.c:57
PG_HMAC_ERROR_OPENSSL
@ PG_HMAC_ERROR_OPENSSL
Definition: hmac_openssl.c:60
PG_HMAC_ERROR_DEST_LEN
@ PG_HMAC_ERROR_DEST_LEN
Definition: hmac_openssl.c:59
PG_HMAC_ERROR_NONE
@ PG_HMAC_ERROR_NONE
Definition: hmac_openssl.c:58
pg_hmac_final
int pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest, size_t len)
Definition: hmac_openssl.c:226
Assert
Assert(fmt[strlen(fmt) - 1] !='\n')
MD5_DIGEST_LENGTH
#define MD5_DIGEST_LENGTH
Definition: md5.h:20
generate_unaccent_rules.dest
dest
Definition: generate_unaccent_rules.py:276
generate_unaccent_rules.type
type
Definition: generate_unaccent_rules.py:276
len
const void size_t len
Definition: pg_crc32c_sse42.c:24
data
const void * data
Definition: pg_crc32c_sse42.c:23
status
static void static void status(const char *fmt,...) pg_attribute_printf(1
Definition: pg_regress.c:224
explicit_bzero
void explicit_bzero(void *buf, size_t len)
Definition: explicit_bzero.c:50
PointerGetDatum
static Datum PointerGetDatum(const void *X)
Definition: postgres.h:322
postgres_fe.h
ResourceOwnerEnlargeHMAC
void ResourceOwnerEnlargeHMAC(ResourceOwner owner)
Definition: resowner.c:1460
CurrentResourceOwner
ResourceOwner CurrentResourceOwner
Definition: resowner.c:146
ResourceOwnerRememberHMAC
void ResourceOwnerRememberHMAC(ResourceOwner owner, Datum handle)
Definition: resowner.c:1471
ResourceOwnerForgetHMAC
void ResourceOwnerForgetHMAC(ResourceOwner owner, Datum handle)
Definition: resowner.c:1480
resowner_private.h
SHA1_DIGEST_LENGTH
#define SHA1_DIGEST_LENGTH
Definition: sha1.h:17
PG_SHA256_DIGEST_LENGTH
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:23
PG_SHA384_DIGEST_LENGTH
#define PG_SHA384_DIGEST_LENGTH
Definition: sha2.h:26
PG_SHA512_DIGEST_LENGTH
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:29
PG_SHA224_DIGEST_LENGTH
#define PG_SHA224_DIGEST_LENGTH
Definition: sha2.h:20
pg_hmac_ctx
Definition: hmac.c:51
pg_hmac_ctx::errreason
const char * errreason
Definition: hmac.c:55
pg_hmac_ctx::resowner
ResourceOwner resowner
Definition: hmac_openssl.c:72
pg_hmac_ctx::hmacctx
HMAC_CTX * hmacctx
Definition: hmac_openssl.c:66
pg_hmac_ctx::type
pg_cryptohash_type type
Definition: hmac.c:53
pg_hmac_ctx::error
pg_hmac_errno error
Definition: hmac.c:54