PostgreSQL Source Code  git master
internal.c
Go to the documentation of this file.
1 /*
2  * internal.c
3  * Wrapper for builtin functions
4  *
5  * Copyright (c) 2001 Marko Kreen
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  * notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  * notice, this list of conditions and the following disclaimer in the
15  * documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * contrib/pgcrypto/internal.c
30  */
31 
32 #include "postgres.h"
33 
34 #include <time.h>
35 
36 #include "blf.h"
37 #include "md5.h"
38 #include "px.h"
39 #include "rijndael.h"
40 #include "sha1.h"
41 
42 #ifndef MD5_DIGEST_LENGTH
43 #define MD5_DIGEST_LENGTH 16
44 #endif
45 
46 #ifndef SHA1_DIGEST_LENGTH
47 #ifdef SHA1_RESULTLEN
48 #define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
49 #else
50 #define SHA1_DIGEST_LENGTH 20
51 #endif
52 #endif
53 
54 #define SHA1_BLOCK_SIZE 64
55 #define MD5_BLOCK_SIZE 64
56 
57 static void init_md5(PX_MD *h);
58 static void init_sha1(PX_MD *h);
59 
60 void init_sha224(PX_MD *h);
61 void init_sha256(PX_MD *h);
62 void init_sha384(PX_MD *h);
63 void init_sha512(PX_MD *h);
64 
65 struct int_digest
66 {
67  char *name;
68  void (*init) (PX_MD *h);
69 };
70 
71 static const struct int_digest
73  {"md5", init_md5},
74  {"sha1", init_sha1},
75  {"sha224", init_sha224},
76  {"sha256", init_sha256},
77  {"sha384", init_sha384},
78  {"sha512", init_sha512},
79  {NULL, NULL}
80 };
81 
82 /* MD5 */
83 
84 static unsigned
86 {
87  return MD5_DIGEST_LENGTH;
88 }
89 
90 static unsigned
92 {
93  return MD5_BLOCK_SIZE;
94 }
95 
96 static void
97 int_md5_update(PX_MD *h, const uint8 *data, unsigned dlen)
98 {
99  MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
100 
101  MD5Update(ctx, data, dlen);
102 }
103 
104 static void
106 {
107  MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
108 
109  MD5Init(ctx);
110 }
111 
112 static void
114 {
115  MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
116 
117  MD5Final(dst, ctx);
118 }
119 
120 static void
122 {
123  MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
124 
125  px_memset(ctx, 0, sizeof(*ctx));
126  pfree(ctx);
127  pfree(h);
128 }
129 
130 /* SHA1 */
131 
132 static unsigned
134 {
135  return SHA1_DIGEST_LENGTH;
136 }
137 
138 static unsigned
140 {
141  return SHA1_BLOCK_SIZE;
142 }
143 
144 static void
145 int_sha1_update(PX_MD *h, const uint8 *data, unsigned dlen)
146 {
147  SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
148 
149  SHA1Update(ctx, data, dlen);
150 }
151 
152 static void
154 {
155  SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
156 
157  SHA1Init(ctx);
158 }
159 
160 static void
162 {
163  SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
164 
165  SHA1Final(dst, ctx);
166 }
167 
168 static void
170 {
171  SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
172 
173  px_memset(ctx, 0, sizeof(*ctx));
174  pfree(ctx);
175  pfree(h);
176 }
177 
178 /* init functions */
179 
180 static void
182 {
183  MD5_CTX *ctx;
184 
185  ctx = palloc0(sizeof(*ctx));
186 
187  md->p.ptr = ctx;
188 
189  md->result_size = int_md5_len;
191  md->reset = int_md5_reset;
192  md->update = int_md5_update;
193  md->finish = int_md5_finish;
194  md->free = int_md5_free;
195 
196  md->reset(md);
197 }
198 
199 static void
201 {
202  SHA1_CTX *ctx;
203 
204  ctx = palloc0(sizeof(*ctx));
205 
206  md->p.ptr = ctx;
207 
210  md->reset = int_sha1_reset;
211  md->update = int_sha1_update;
212  md->finish = int_sha1_finish;
213  md->free = int_sha1_free;
214 
215  md->reset(md);
216 }
217 
218 /*
219  * ciphers generally
220  */
221 
222 #define INT_MAX_KEY (512/8)
223 #define INT_MAX_IV (128/8)
224 
225 struct int_ctx
226 {
229  union
230  {
233  } ctx;
234  unsigned keylen;
235  int is_init;
236  int mode;
237 };
238 
239 static void
241 {
242  struct int_ctx *cx = (struct int_ctx *) c->ptr;
243 
244  if (cx)
245  {
246  px_memset(cx, 0, sizeof *cx);
247  pfree(cx);
248  }
249  pfree(c);
250 }
251 
252 /*
253  * AES/rijndael
254  */
255 
256 #define MODE_ECB 0
257 #define MODE_CBC 1
258 
259 static unsigned
261 {
262  return 128 / 8;
263 }
264 
265 static unsigned
267 {
268  return 256 / 8;
269 }
270 
271 static unsigned
273 {
274  return 128 / 8;
275 }
276 
277 static int
278 rj_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
279 {
280  struct int_ctx *cx = (struct int_ctx *) c->ptr;
281 
282  if (klen <= 128 / 8)
283  cx->keylen = 128 / 8;
284  else if (klen <= 192 / 8)
285  cx->keylen = 192 / 8;
286  else if (klen <= 256 / 8)
287  cx->keylen = 256 / 8;
288  else
289  return PXE_KEY_TOO_BIG;
290 
291  memcpy(&cx->keybuf, key, klen);
292 
293  if (iv)
294  memcpy(cx->iv, iv, 128 / 8);
295 
296  return 0;
297 }
298 
299 static int
300 rj_real_init(struct int_ctx *cx, int dir)
301 {
302  aes_set_key(&cx->ctx.rj, cx->keybuf, cx->keylen * 8, dir);
303  return 0;
304 }
305 
306 static int
307 rj_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
308 {
309  struct int_ctx *cx = (struct int_ctx *) c->ptr;
310 
311  if (!cx->is_init)
312  {
313  if (rj_real_init(cx, 1))
314  return PXE_CIPHER_INIT;
315  }
316 
317  if (dlen == 0)
318  return 0;
319 
320  if (dlen & 15)
321  return PXE_NOTBLOCKSIZE;
322 
323  memcpy(res, data, dlen);
324 
325  if (cx->mode == MODE_CBC)
326  {
327  aes_cbc_encrypt(&cx->ctx.rj, cx->iv, res, dlen);
328  memcpy(cx->iv, res + dlen - 16, 16);
329  }
330  else
331  aes_ecb_encrypt(&cx->ctx.rj, res, dlen);
332 
333  return 0;
334 }
335 
336 static int
337 rj_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
338 {
339  struct int_ctx *cx = (struct int_ctx *) c->ptr;
340 
341  if (!cx->is_init)
342  if (rj_real_init(cx, 0))
343  return PXE_CIPHER_INIT;
344 
345  if (dlen == 0)
346  return 0;
347 
348  if (dlen & 15)
349  return PXE_NOTBLOCKSIZE;
350 
351  memcpy(res, data, dlen);
352 
353  if (cx->mode == MODE_CBC)
354  {
355  aes_cbc_decrypt(&cx->ctx.rj, cx->iv, res, dlen);
356  memcpy(cx->iv, data + dlen - 16, 16);
357  }
358  else
359  aes_ecb_decrypt(&cx->ctx.rj, res, dlen);
360 
361  return 0;
362 }
363 
364 /*
365  * initializers
366  */
367 
368 static PX_Cipher *
370 {
371  PX_Cipher *c;
372  struct int_ctx *cx;
373 
374  c = palloc0(sizeof *c);
375 
377  c->key_size = rj_key_size;
378  c->iv_size = rj_iv_size;
379  c->init = rj_init;
380  c->encrypt = rj_encrypt;
381  c->decrypt = rj_decrypt;
382  c->free = intctx_free;
383 
384  cx = palloc0(sizeof *cx);
385  cx->mode = mode;
386 
387  c->ptr = cx;
388  return c;
389 }
390 
391 /*
392  * blowfish
393  */
394 
395 static unsigned
397 {
398  return 8;
399 }
400 
401 static unsigned
403 {
404  return 448 / 8;
405 }
406 
407 static unsigned
409 {
410  return 8;
411 }
412 
413 static int
414 bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
415 {
416  struct int_ctx *cx = (struct int_ctx *) c->ptr;
417 
418  blowfish_setkey(&cx->ctx.bf, key, klen);
419  if (iv)
420  blowfish_setiv(&cx->ctx.bf, iv);
421 
422  return 0;
423 }
424 
425 static int
426 bf_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
427 {
428  struct int_ctx *cx = (struct int_ctx *) c->ptr;
429  BlowfishContext *bfctx = &cx->ctx.bf;
430 
431  if (dlen == 0)
432  return 0;
433 
434  if (dlen & 7)
435  return PXE_NOTBLOCKSIZE;
436 
437  memcpy(res, data, dlen);
438  switch (cx->mode)
439  {
440  case MODE_ECB:
441  blowfish_encrypt_ecb(res, dlen, bfctx);
442  break;
443  case MODE_CBC:
444  blowfish_encrypt_cbc(res, dlen, bfctx);
445  break;
446  }
447  return 0;
448 }
449 
450 static int
451 bf_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
452 {
453  struct int_ctx *cx = (struct int_ctx *) c->ptr;
454  BlowfishContext *bfctx = &cx->ctx.bf;
455 
456  if (dlen == 0)
457  return 0;
458 
459  if (dlen & 7)
460  return PXE_NOTBLOCKSIZE;
461 
462  memcpy(res, data, dlen);
463  switch (cx->mode)
464  {
465  case MODE_ECB:
466  blowfish_decrypt_ecb(res, dlen, bfctx);
467  break;
468  case MODE_CBC:
469  blowfish_decrypt_cbc(res, dlen, bfctx);
470  break;
471  }
472  return 0;
473 }
474 
475 static PX_Cipher *
477 {
478  PX_Cipher *c;
479  struct int_ctx *cx;
480 
481  c = palloc0(sizeof *c);
482 
484  c->key_size = bf_key_size;
485  c->iv_size = bf_iv_size;
486  c->init = bf_init;
487  c->encrypt = bf_encrypt;
488  c->decrypt = bf_decrypt;
489  c->free = intctx_free;
490 
491  cx = palloc0(sizeof *cx);
492  cx->mode = mode;
493  c->ptr = cx;
494  return c;
495 }
496 
497 /* ciphers */
498 
499 static PX_Cipher *
501 {
502  return rj_load(MODE_ECB);
503 }
504 
505 static PX_Cipher *
507 {
508  return rj_load(MODE_CBC);
509 }
510 
511 static PX_Cipher *
513 {
514  return bf_load(MODE_ECB);
515 }
516 
517 static PX_Cipher *
519 {
520  return bf_load(MODE_CBC);
521 }
522 
524 {
525  char *name;
526  PX_Cipher *(*load) (void);
527 };
528 
529 static const struct int_cipher
531  {"bf-cbc", bf_cbc_load},
532  {"bf-ecb", bf_ecb_load},
533  {"aes-128-cbc", rj_128_cbc},
534  {"aes-128-ecb", rj_128_ecb},
535  {NULL, NULL}
536 };
537 
538 static const PX_Alias int_aliases[] = {
539  {"bf", "bf-cbc"},
540  {"blowfish", "bf-cbc"},
541  {"aes", "aes-128-cbc"},
542  {"aes-ecb", "aes-128-ecb"},
543  {"aes-cbc", "aes-128-cbc"},
544  {"aes-128", "aes-128-cbc"},
545  {"rijndael", "aes-128-cbc"},
546  {"rijndael-128", "aes-128-cbc"},
547  {NULL, NULL}
548 };
549 
550 /* PUBLIC FUNCTIONS */
551 
552 int
553 px_find_digest(const char *name, PX_MD **res)
554 {
555  const struct int_digest *p;
556  PX_MD *h;
557 
558  for (p = int_digest_list; p->name; p++)
559  if (pg_strcasecmp(p->name, name) == 0)
560  {
561  h = palloc(sizeof(*h));
562  p->init(h);
563 
564  *res = h;
565 
566  return 0;
567  }
568  return PXE_NO_HASH;
569 }
570 
571 int
572 px_find_cipher(const char *name, PX_Cipher **res)
573 {
574  int i;
575  PX_Cipher *c = NULL;
576 
577  name = px_resolve_alias(int_aliases, name);
578 
579  for (i = 0; int_ciphers[i].name; i++)
580  if (strcmp(int_ciphers[i].name, name) == 0)
581  {
582  c = int_ciphers[i].load();
583  break;
584  }
585 
586  if (c == NULL)
587  return PXE_NO_CIPHER;
588 
589  *res = c;
590  return 0;
591 }
static const struct int_cipher int_ciphers[]
Definition: internal.c:530
static PgChecksumMode mode
Definition: pg_checksums.c:61
void aes_cbc_encrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len)
Definition: rijndael.c:545
#define MD5Final(x, y)
Definition: md5.h:73
void * ptr
Definition: px.h:110
#define MD5_CTX
Definition: md5.h:70
void init_sha384(PX_MD *h)
#define MD5_BLOCK_SIZE
Definition: internal.c:55
PX_Cipher *(* load)(void)
Definition: internal.c:526
static PX_Cipher * bf_cbc_load(void)
Definition: internal.c:518
#define INT_MAX_KEY
Definition: internal.c:222
static int bf_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
Definition: internal.c:451
static PX_Cipher * bf_ecb_load(void)
Definition: internal.c:512
void(* free)(PX_MD *h)
Definition: px.h:105
static const struct int_digest int_digest_list[]
Definition: internal.c:72
static void intctx_free(PX_Cipher *c)
Definition: internal.c:240
BlowfishContext bf
Definition: internal.c:231
static unsigned int_sha1_block_len(PX_MD *h)
Definition: internal.c:139
char * name
Definition: internal.c:525
static PX_Cipher * bf_load(int mode)
Definition: internal.c:476
unsigned(* block_size)(PX_Cipher *c)
Definition: px.h:141
unsigned char uint8
Definition: c.h:427
void aes_cbc_decrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len)
Definition: rijndael.c:567
#define MD5Init(x)
Definition: md5.h:71
void blowfish_encrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx)
Definition: blf.c:321
int(* decrypt)(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
Definition: px.h:147
const char * px_resolve_alias(const PX_Alias *list, const char *name)
Definition: px.c:133
#define SHA1Init(x)
Definition: sha1.h:69
void * ptr
Definition: px.h:150
uint8 keybuf[INT_MAX_KEY]
Definition: internal.c:227
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
union int_ctx::@1 ctx
#define MODE_CBC
Definition: internal.c:257
void(* free)(PX_Cipher *c)
Definition: px.h:148
Definition: px.h:114
uint8 iv[INT_MAX_IV]
Definition: internal.c:228
static void int_sha1_free(PX_MD *h)
Definition: internal.c:169
static void int_md5_reset(PX_MD *h)
Definition: internal.c:105
#define SHA1_BLOCK_SIZE
Definition: internal.c:54
void aes_set_key(rijndael_ctx *ctx, const uint8 *key, unsigned keybits, int enc)
Definition: rijndael.c:504
static unsigned rj_block_size(PX_Cipher *c)
Definition: internal.c:260
void pfree(void *pointer)
Definition: mcxt.c:1057
int cx(PlannerInfo *root, Gene *tour1, Gene *tour2, Gene *offspring, int num_gene, City *city_table)
void blowfish_decrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx)
Definition: blf.c:408
unsigned(* block_size)(PX_MD *h)
Definition: px.h:101
static int rj_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
Definition: internal.c:307
static void int_sha1_update(PX_MD *h, const uint8 *data, unsigned dlen)
Definition: internal.c:145
#define MD5Update(x, y, z)
Definition: md5.h:72
void aes_ecb_decrypt(rijndael_ctx *ctx, uint8 *data, unsigned len)
Definition: rijndael.c:529
Definition: px.h:98
static int rj_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: internal.c:278
#define PXE_NO_HASH
Definition: px.h:48
Definition: sha1.h:41
void(* update)(PX_MD *h, const uint8 *data, unsigned dlen)
Definition: px.h:103
static unsigned rj_key_size(PX_Cipher *c)
Definition: internal.c:266
void(* finish)(PX_MD *h, uint8 *dst)
Definition: px.h:104
unsigned(* iv_size)(PX_Cipher *c)
Definition: px.h:143
void blowfish_setiv(BlowfishContext *ctx, const uint8 *iv)
Definition: blf.c:495
char * c
void init_sha224(PX_MD *h)
static void init_md5(PX_MD *h)
Definition: internal.c:181
static unsigned int_md5_len(PX_MD *h)
Definition: internal.c:85
static unsigned int_sha1_len(PX_MD *h)
Definition: internal.c:133
#define SHA1Final(x, y)
Definition: sha1.h:71
unsigned(* key_size)(PX_Cipher *c)
Definition: px.h:142
void init_sha256(PX_MD *h)
static unsigned rj_iv_size(PX_Cipher *c)
Definition: internal.c:272
static int bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: internal.c:414
#define INT_MAX_IV
Definition: internal.c:223
int(* encrypt)(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
Definition: px.h:146
unsigned(* result_size)(PX_MD *h)
Definition: px.h:100
static void int_md5_finish(PX_MD *h, uint8 *dst)
Definition: internal.c:113
static int rj_real_init(struct int_ctx *cx, int dir)
Definition: internal.c:300
static unsigned int_md5_block_len(PX_MD *h)
Definition: internal.c:91
#define SHA1_DIGEST_LENGTH
Definition: internal.c:48
void blowfish_setkey(BlowfishContext *ctx, const uint8 *key, short keybytes)
Definition: blf.c:429
void * palloc0(Size size)
Definition: mcxt.c:981
char * name
Definition: internal.c:67
union px_digest::@12 p
static unsigned bf_key_size(PX_Cipher *c)
Definition: internal.c:402
static int bf_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
Definition: internal.c:426
#define PXE_KEY_TOO_BIG
Definition: px.h:53
void init_sha512(PX_MD *h)
#define PXE_CIPHER_INIT
Definition: px.h:54
void(* reset)(PX_MD *h)
Definition: px.h:102
static int rj_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
Definition: internal.c:337
int(* init)(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: px.h:145
unsigned keylen
Definition: internal.c:234
void aes_ecb_encrypt(rijndael_ctx *ctx, uint8 *data, unsigned len)
Definition: rijndael.c:513
#define MODE_ECB
Definition: internal.c:256
#define PXE_NOTBLOCKSIZE
Definition: px.h:50
Definition: px.h:139
void blowfish_encrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx)
Definition: blf.c:387
rijndael_ctx rj
Definition: internal.c:232
static unsigned bf_block_size(PX_Cipher *c)
Definition: internal.c:396
#define SHA1Update(x, y, z)
Definition: sha1.h:70
static void int_sha1_reset(PX_MD *h)
Definition: internal.c:153
void * palloc(Size size)
Definition: mcxt.c:950
static PX_Cipher * rj_128_ecb(void)
Definition: internal.c:500
int i
static void int_sha1_finish(PX_MD *h, uint8 *dst)
Definition: internal.c:161
static PX_Cipher * rj_load(int mode)
Definition: internal.c:369
#define PXE_NO_CIPHER
Definition: px.h:49
void blowfish_decrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx)
Definition: blf.c:354
#define MD5_DIGEST_LENGTH
Definition: internal.c:43
static void init_sha1(PX_MD *h)
Definition: internal.c:200
static unsigned bf_iv_size(PX_Cipher *c)
Definition: internal.c:408
static PX_Cipher * rj_128_cbc(void)
Definition: internal.c:506
static const PX_Alias int_aliases[]
Definition: internal.c:538
int mode
Definition: internal.c:236
void(* init)(PX_MD *h)
Definition: internal.c:68
static void int_md5_free(PX_MD *h)
Definition: internal.c:121
int px_find_digest(const char *name, PX_MD **res)
Definition: internal.c:553
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:127
static void int_md5_update(PX_MD *h, const uint8 *data, unsigned dlen)
Definition: internal.c:97
int px_find_cipher(const char *name, PX_Cipher **res)
Definition: internal.c:572
int is_init
Definition: internal.c:235