PostgreSQL Source Code  git master
openssl.c File Reference
#include "postgres.h"
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include "px.h"
#include "utils/memutils.h"
#include "utils/resowner.h"
Include dependency graph for openssl.c:

Go to the source code of this file.

Data Structures

struct  OSSLDigest
 
struct  ossl_cipher
 
struct  OSSLCipher
 
struct  ossl_cipher_lookup
 

Macros

#define MAX_KEY   (512/8)
 
#define MAX_IV   (128/8)
 

Typedefs

typedef struct OSSLDigest OSSLDigest
 
typedef const EVP_CIPHER *(* ossl_EVP_cipher_func) (void)
 
typedef struct OSSLCipher OSSLCipher
 

Functions

static void ResOwnerReleaseOSSLDigest (Datum res)
 
static void ResourceOwnerRememberOSSLDigest (ResourceOwner owner, OSSLDigest *digest)
 
static void ResourceOwnerForgetOSSLDigest (ResourceOwner owner, OSSLDigest *digest)
 
static void free_openssl_digest (OSSLDigest *digest)
 
static unsigned digest_result_size (PX_MD *h)
 
static unsigned digest_block_size (PX_MD *h)
 
static void digest_reset (PX_MD *h)
 
static void digest_update (PX_MD *h, const uint8 *data, unsigned dlen)
 
static void digest_finish (PX_MD *h, uint8 *dst)
 
static void digest_free (PX_MD *h)
 
int px_find_digest (const char *name, PX_MD **res)
 
static void ResOwnerReleaseOSSLCipher (Datum res)
 
static void ResourceOwnerRememberOSSLCipher (ResourceOwner owner, OSSLCipher *od)
 
static void ResourceOwnerForgetOSSLCipher (ResourceOwner owner, OSSLCipher *od)
 
static void free_openssl_cipher (OSSLCipher *od)
 
static unsigned gen_ossl_block_size (PX_Cipher *c)
 
static unsigned gen_ossl_key_size (PX_Cipher *c)
 
static unsigned gen_ossl_iv_size (PX_Cipher *c)
 
static void gen_ossl_free (PX_Cipher *c)
 
static int gen_ossl_decrypt (PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
 
static int gen_ossl_encrypt (PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
 
static int bf_check_supported_key_len (void)
 
static int bf_init (PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
 
static int ossl_des_init (PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
 
static int ossl_des3_init (PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
 
static int ossl_cast_init (PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
 
static int ossl_aes_init (PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
 
static int ossl_aes_ecb_init (PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
 
static int ossl_aes_cbc_init (PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
 
int px_find_cipher (const char *name, PX_Cipher **res)
 

Variables

static const ResourceOwnerDesc ossldigest_resowner_desc
 
static const ResourceOwnerDesc osslcipher_resowner_desc
 
static PX_Alias ossl_aliases []
 
static const struct ossl_cipher ossl_bf_cbc
 
static const struct ossl_cipher ossl_bf_ecb
 
static const struct ossl_cipher ossl_bf_cfb
 
static const struct ossl_cipher ossl_des_ecb
 
static const struct ossl_cipher ossl_des_cbc
 
static const struct ossl_cipher ossl_des3_ecb
 
static const struct ossl_cipher ossl_des3_cbc
 
static const struct ossl_cipher ossl_cast_ecb
 
static const struct ossl_cipher ossl_cast_cbc
 
static const struct ossl_cipher ossl_aes_ecb
 
static const struct ossl_cipher ossl_aes_cbc
 
static const struct ossl_cipher_lookup ossl_cipher_types []
 

Macro Definition Documentation

◆ MAX_IV

#define MAX_IV   (128/8)

Definition at line 46 of file openssl.c.

◆ MAX_KEY

#define MAX_KEY   (512/8)

Definition at line 45 of file openssl.c.

Typedef Documentation

◆ ossl_EVP_cipher_func

typedef const EVP_CIPHER*(* ossl_EVP_cipher_func) (void)

Definition at line 233 of file openssl.c.

◆ OSSLCipher

typedef struct OSSLCipher OSSLCipher

◆ OSSLDigest

typedef struct OSSLDigest OSSLDigest

Function Documentation

◆ bf_check_supported_key_len()

static int bf_check_supported_key_len ( void  )
static

Definition at line 404 of file openssl.c.

405 {
406  static const uint8 key[56] = {
407  0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, 0x78, 0x69,
408  0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, 0x00, 0x11, 0x22, 0x33,
409  0x44, 0x55, 0x66, 0x77, 0x04, 0x68, 0x91, 0x04, 0xc2, 0xfd,
410  0x3b, 0x2f, 0x58, 0x40, 0x23, 0x64, 0x1a, 0xba, 0x61, 0x76,
411  0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e, 0xff, 0xff,
412  0xff, 0xff, 0xff, 0xff, 0xff, 0xff
413  };
414 
415  static const uint8 data[8] = {0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
416  static const uint8 res[8] = {0xc0, 0x45, 0x04, 0x01, 0x2e, 0x4e, 0x1f, 0x53};
417  uint8 out[8];
418  EVP_CIPHER_CTX *evp_ctx;
419  int outlen;
420  int status = 0;
421 
422  /* encrypt with 448bits key and verify output */
423  evp_ctx = EVP_CIPHER_CTX_new();
424  if (!evp_ctx)
425  return 0;
426  if (!EVP_EncryptInit_ex(evp_ctx, EVP_bf_ecb(), NULL, NULL, NULL))
427  goto leave;
428  if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, 56))
429  goto leave;
430  if (!EVP_EncryptInit_ex(evp_ctx, NULL, NULL, key, NULL))
431  goto leave;
432 
433  if (!EVP_EncryptUpdate(evp_ctx, out, &outlen, data, 8))
434  goto leave;
435 
436  if (memcmp(out, res, 8) != 0)
437  goto leave; /* Output does not match -> strong cipher is
438  * not supported */
439  status = 1;
440 
441 leave:
442  EVP_CIPHER_CTX_free(evp_ctx);
443  return status;
444 }
unsigned char uint8
Definition: c.h:507
const void * data

References data, sort-test::key, and res.

Referenced by bf_init().

◆ bf_init()

static int bf_init ( PX_Cipher c,
const uint8 key,
unsigned  klen,
const uint8 iv 
)
static

Definition at line 447 of file openssl.c.

448 {
449  OSSLCipher *od = c->ptr;
450  unsigned bs = gen_ossl_block_size(c);
451  static int bf_is_strong = -1;
452 
453  /*
454  * Test if key len is supported. BF_set_key silently cut large keys and it
455  * could be a problem when user transfer encrypted data from one server to
456  * another.
457  */
458 
459  if (bf_is_strong == -1)
460  bf_is_strong = bf_check_supported_key_len();
461 
462  if (!bf_is_strong && klen > 16)
463  return PXE_KEY_TOO_BIG;
464 
465  /* Key len is supported. We can use it. */
466  od->klen = klen;
467  memcpy(od->key, key, klen);
468 
469  if (iv)
470  memcpy(od->iv, iv, bs);
471  else
472  memset(od->iv, 0, bs);
473  return 0;
474 }
static unsigned gen_ossl_block_size(PX_Cipher *c)
Definition: openssl.c:302
static int bf_check_supported_key_len(void)
Definition: openssl.c:404
char * c
#define PXE_KEY_TOO_BIG
Definition: px.h:53
unsigned klen
Definition: openssl.c:259
uint8 iv[MAX_IV]
Definition: openssl.c:258
uint8 key[MAX_KEY]
Definition: openssl.c:257

References bf_check_supported_key_len(), gen_ossl_block_size(), OSSLCipher::iv, OSSLCipher::key, sort-test::key, OSSLCipher::klen, and PXE_KEY_TOO_BIG.

◆ digest_block_size()

static unsigned digest_block_size ( PX_MD h)
static

Definition at line 110 of file openssl.c.

111 {
112  OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
113  int result = EVP_MD_CTX_block_size(digest->ctx);
114 
115  if (result < 0)
116  elog(ERROR, "EVP_MD_CTX_block_size() failed");
117 
118  return result;
119 }
#define ERROR
Definition: elog.h:39
#define elog(elevel,...)
Definition: elog.h:225
EVP_MD_CTX * ctx
Definition: openssl.c:59
union px_digest::@8 p
void * ptr
Definition: px.h:111

References OSSLDigest::ctx, elog, ERROR, px_digest::p, and px_digest::ptr.

Referenced by px_find_digest().

◆ digest_finish()

static void digest_finish ( PX_MD h,
uint8 dst 
)
static

Definition at line 140 of file openssl.c.

141 {
142  OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
143 
144  if (!EVP_DigestFinal_ex(digest->ctx, dst, NULL))
145  elog(ERROR, "EVP_DigestFinal_ex() failed");
146 }
if(TABLE==NULL||TABLE_index==NULL)
Definition: isn.c:77

References OSSLDigest::ctx, elog, ERROR, if(), px_digest::p, and px_digest::ptr.

Referenced by px_find_digest().

◆ digest_free()

static void digest_free ( PX_MD h)
static

Definition at line 149 of file openssl.c.

150 {
151  OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
152 
153  free_openssl_digest(digest);
154  pfree(h);
155 }
void pfree(void *pointer)
Definition: mcxt.c:1521
static void free_openssl_digest(OSSLDigest *digest)
Definition: openssl.c:89

References free_openssl_digest(), px_digest::p, pfree(), and px_digest::ptr.

Referenced by px_find_digest().

◆ digest_reset()

static void digest_reset ( PX_MD h)
static

Definition at line 122 of file openssl.c.

123 {
124  OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
125 
126  if (!EVP_DigestInit_ex(digest->ctx, digest->algo, NULL))
127  elog(ERROR, "EVP_DigestInit_ex() failed");
128 }
const EVP_MD * algo
Definition: openssl.c:58

References OSSLDigest::algo, OSSLDigest::ctx, elog, ERROR, if(), px_digest::p, and px_digest::ptr.

Referenced by px_find_digest().

◆ digest_result_size()

static unsigned digest_result_size ( PX_MD h)
static

Definition at line 98 of file openssl.c.

99 {
100  OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
101  int result = EVP_MD_CTX_size(digest->ctx);
102 
103  if (result < 0)
104  elog(ERROR, "EVP_MD_CTX_size() failed");
105 
106  return result;
107 }

References OSSLDigest::ctx, elog, ERROR, px_digest::p, and px_digest::ptr.

Referenced by px_find_digest().

◆ digest_update()

static void digest_update ( PX_MD h,
const uint8 data,
unsigned  dlen 
)
static

Definition at line 131 of file openssl.c.

132 {
133  OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
134 
135  if (!EVP_DigestUpdate(digest->ctx, data, dlen))
136  elog(ERROR, "EVP_DigestUpdate() failed");
137 }

References OSSLDigest::ctx, data, elog, ERROR, if(), px_digest::p, and px_digest::ptr.

Referenced by px_find_digest().

◆ free_openssl_cipher()

static void free_openssl_cipher ( OSSLCipher od)
static

Definition at line 291 of file openssl.c.

292 {
293  EVP_CIPHER_CTX_free(od->evp_ctx);
294  if (od->owner != NULL)
296  pfree(od);
297 }
static void ResourceOwnerForgetOSSLCipher(ResourceOwner owner, OSSLCipher *od)
Definition: openssl.c:285
ResourceOwner owner
Definition: openssl.c:263
EVP_CIPHER_CTX * evp_ctx
Definition: openssl.c:255

References OSSLCipher::evp_ctx, OSSLCipher::owner, pfree(), and ResourceOwnerForgetOSSLCipher().

Referenced by gen_ossl_free(), and ResOwnerReleaseOSSLCipher().

◆ free_openssl_digest()

static void free_openssl_digest ( OSSLDigest digest)
static

Definition at line 89 of file openssl.c.

90 {
91  EVP_MD_CTX_destroy(digest->ctx);
92  if (digest->owner != NULL)
93  ResourceOwnerForgetOSSLDigest(digest->owner, digest);
94  pfree(digest);
95 }
static void ResourceOwnerForgetOSSLDigest(ResourceOwner owner, OSSLDigest *digest)
Definition: openssl.c:83
ResourceOwner owner
Definition: openssl.c:61

References OSSLDigest::ctx, OSSLDigest::owner, pfree(), and ResourceOwnerForgetOSSLDigest().

Referenced by digest_free(), and ResOwnerReleaseOSSLDigest().

◆ gen_ossl_block_size()

static unsigned gen_ossl_block_size ( PX_Cipher c)
static

Definition at line 302 of file openssl.c.

303 {
304  OSSLCipher *od = (OSSLCipher *) c->ptr;
305 
306  return od->ciph->block_size;
307 }
const struct ossl_cipher * ciph
Definition: openssl.c:261
int block_size
Definition: openssl.c:242

References ossl_cipher::block_size, and OSSLCipher::ciph.

Referenced by bf_init(), ossl_aes_init(), ossl_cast_init(), ossl_des3_init(), ossl_des_init(), and px_find_cipher().

◆ gen_ossl_decrypt()

static int gen_ossl_decrypt ( PX_Cipher c,
int  padding,
const uint8 data,
unsigned  dlen,
uint8 res,
unsigned *  rlen 
)
static

Definition at line 337 of file openssl.c.

339 {
340  OSSLCipher *od = c->ptr;
341  int outlen,
342  outlen2;
343 
344  if (!od->init)
345  {
346  if (!EVP_DecryptInit_ex(od->evp_ctx, od->evp_ciph, NULL, NULL, NULL))
347  return PXE_CIPHER_INIT;
348  if (!EVP_CIPHER_CTX_set_padding(od->evp_ctx, padding))
349  return PXE_CIPHER_INIT;
350  if (!EVP_CIPHER_CTX_set_key_length(od->evp_ctx, od->klen))
351  return PXE_CIPHER_INIT;
352  if (!EVP_DecryptInit_ex(od->evp_ctx, NULL, NULL, od->key, od->iv))
353  return PXE_CIPHER_INIT;
354  od->init = true;
355  }
356 
357  if (!EVP_DecryptUpdate(od->evp_ctx, res, &outlen, data, dlen))
358  return PXE_DECRYPT_FAILED;
359  if (!EVP_DecryptFinal_ex(od->evp_ctx, res + outlen, &outlen2))
360  return PXE_DECRYPT_FAILED;
361  *rlen = outlen + outlen2;
362 
363  return 0;
364 }
#define PXE_DECRYPT_FAILED
Definition: px.h:64
#define PXE_CIPHER_INIT
Definition: px.h:54
unsigned init
Definition: openssl.c:260
const EVP_CIPHER * evp_ciph
Definition: openssl.c:256

References data, OSSLCipher::evp_ciph, OSSLCipher::evp_ctx, OSSLCipher::init, OSSLCipher::iv, OSSLCipher::key, OSSLCipher::klen, PXE_CIPHER_INIT, PXE_DECRYPT_FAILED, and res.

Referenced by px_find_cipher().

◆ gen_ossl_encrypt()

static int gen_ossl_encrypt ( PX_Cipher c,
int  padding,
const uint8 data,
unsigned  dlen,
uint8 res,
unsigned *  rlen 
)
static

Definition at line 367 of file openssl.c.

369 {
370  OSSLCipher *od = c->ptr;
371  int outlen,
372  outlen2;
373 
374  if (!od->init)
375  {
376  if (!EVP_EncryptInit_ex(od->evp_ctx, od->evp_ciph, NULL, NULL, NULL))
377  return PXE_CIPHER_INIT;
378  if (!EVP_CIPHER_CTX_set_padding(od->evp_ctx, padding))
379  return PXE_CIPHER_INIT;
380  if (!EVP_CIPHER_CTX_set_key_length(od->evp_ctx, od->klen))
381  return PXE_CIPHER_INIT;
382  if (!EVP_EncryptInit_ex(od->evp_ctx, NULL, NULL, od->key, od->iv))
383  return PXE_CIPHER_INIT;
384  od->init = true;
385  }
386 
387  if (!EVP_EncryptUpdate(od->evp_ctx, res, &outlen, data, dlen))
388  return PXE_ENCRYPT_FAILED;
389  if (!EVP_EncryptFinal_ex(od->evp_ctx, res + outlen, &outlen2))
390  return PXE_ENCRYPT_FAILED;
391  *rlen = outlen + outlen2;
392 
393  return 0;
394 }
#define PXE_ENCRYPT_FAILED
Definition: px.h:65

References data, OSSLCipher::evp_ciph, OSSLCipher::evp_ctx, OSSLCipher::init, OSSLCipher::iv, OSSLCipher::key, OSSLCipher::klen, PXE_CIPHER_INIT, PXE_ENCRYPT_FAILED, and res.

Referenced by px_find_cipher().

◆ gen_ossl_free()

static void gen_ossl_free ( PX_Cipher c)
static

Definition at line 328 of file openssl.c.

329 {
330  OSSLCipher *od = (OSSLCipher *) c->ptr;
331 
333  pfree(c);
334 }
static void free_openssl_cipher(OSSLCipher *od)
Definition: openssl.c:291

References free_openssl_cipher(), and pfree().

Referenced by px_find_cipher().

◆ gen_ossl_iv_size()

static unsigned gen_ossl_iv_size ( PX_Cipher c)
static

Definition at line 318 of file openssl.c.

319 {
320  unsigned ivlen;
321  OSSLCipher *od = (OSSLCipher *) c->ptr;
322 
323  ivlen = od->ciph->block_size;
324  return ivlen;
325 }

References ossl_cipher::block_size, and OSSLCipher::ciph.

Referenced by px_find_cipher().

◆ gen_ossl_key_size()

static unsigned gen_ossl_key_size ( PX_Cipher c)
static

Definition at line 310 of file openssl.c.

311 {
312  OSSLCipher *od = (OSSLCipher *) c->ptr;
313 
314  return od->ciph->max_key_size;
315 }
int max_key_size
Definition: openssl.c:243

References OSSLCipher::ciph, and ossl_cipher::max_key_size.

Referenced by px_find_cipher().

◆ ossl_aes_cbc_init()

static int ossl_aes_cbc_init ( PX_Cipher c,
const uint8 key,
unsigned  klen,
const uint8 iv 
)
static

Definition at line 590 of file openssl.c.

591 {
592  OSSLCipher *od = c->ptr;
593  int err;
594 
595  err = ossl_aes_init(c, key, klen, iv);
596  if (err)
597  return err;
598 
599  switch (od->klen)
600  {
601  case 128 / 8:
602  od->evp_ciph = EVP_aes_128_cbc();
603  break;
604  case 192 / 8:
605  od->evp_ciph = EVP_aes_192_cbc();
606  break;
607  case 256 / 8:
608  od->evp_ciph = EVP_aes_256_cbc();
609  break;
610  default:
611  /* shouldn't happen */
613  break;
614  }
615 
616  return err;
617 }
void err(int eval, const char *fmt,...)
Definition: err.c:43
static int ossl_aes_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: openssl.c:535

References err(), OSSLCipher::evp_ciph, sort-test::key, OSSLCipher::klen, ossl_aes_init(), and PXE_CIPHER_INIT.

◆ ossl_aes_ecb_init()

static int ossl_aes_ecb_init ( PX_Cipher c,
const uint8 key,
unsigned  klen,
const uint8 iv 
)
static

Definition at line 560 of file openssl.c.

561 {
562  OSSLCipher *od = c->ptr;
563  int err;
564 
565  err = ossl_aes_init(c, key, klen, iv);
566  if (err)
567  return err;
568 
569  switch (od->klen)
570  {
571  case 128 / 8:
572  od->evp_ciph = EVP_aes_128_ecb();
573  break;
574  case 192 / 8:
575  od->evp_ciph = EVP_aes_192_ecb();
576  break;
577  case 256 / 8:
578  od->evp_ciph = EVP_aes_256_ecb();
579  break;
580  default:
581  /* shouldn't happen */
583  break;
584  }
585 
586  return err;
587 }

References err(), OSSLCipher::evp_ciph, sort-test::key, OSSLCipher::klen, ossl_aes_init(), and PXE_CIPHER_INIT.

◆ ossl_aes_init()

static int ossl_aes_init ( PX_Cipher c,
const uint8 key,
unsigned  klen,
const uint8 iv 
)
static

Definition at line 535 of file openssl.c.

536 {
537  OSSLCipher *od = c->ptr;
538  unsigned bs = gen_ossl_block_size(c);
539 
540  if (klen <= 128 / 8)
541  od->klen = 128 / 8;
542  else if (klen <= 192 / 8)
543  od->klen = 192 / 8;
544  else if (klen <= 256 / 8)
545  od->klen = 256 / 8;
546  else
547  return PXE_KEY_TOO_BIG;
548 
549  memcpy(od->key, key, klen);
550 
551  if (iv)
552  memcpy(od->iv, iv, bs);
553  else
554  memset(od->iv, 0, bs);
555 
556  return 0;
557 }

References gen_ossl_block_size(), OSSLCipher::iv, OSSLCipher::key, sort-test::key, OSSLCipher::klen, and PXE_KEY_TOO_BIG.

Referenced by ossl_aes_cbc_init(), and ossl_aes_ecb_init().

◆ ossl_cast_init()

static int ossl_cast_init ( PX_Cipher c,
const uint8 key,
unsigned  klen,
const uint8 iv 
)
static

Definition at line 517 of file openssl.c.

518 {
519  OSSLCipher *od = c->ptr;
520  unsigned bs = gen_ossl_block_size(c);
521 
522  od->klen = klen;
523  memcpy(od->key, key, klen);
524 
525  if (iv)
526  memcpy(od->iv, iv, bs);
527  else
528  memset(od->iv, 0, bs);
529  return 0;
530 }

References gen_ossl_block_size(), OSSLCipher::iv, OSSLCipher::key, sort-test::key, and OSSLCipher::klen.

◆ ossl_des3_init()

static int ossl_des3_init ( PX_Cipher c,
const uint8 key,
unsigned  klen,
const uint8 iv 
)
static

Definition at line 498 of file openssl.c.

499 {
500  OSSLCipher *od = c->ptr;
501  unsigned bs = gen_ossl_block_size(c);
502 
503  od->klen = 24;
504  memset(od->key, 0, 24);
505  memcpy(od->key, key, klen > 24 ? 24 : klen);
506 
507  if (iv)
508  memcpy(od->iv, iv, bs);
509  else
510  memset(od->iv, 0, bs);
511  return 0;
512 }

References gen_ossl_block_size(), OSSLCipher::iv, OSSLCipher::key, sort-test::key, and OSSLCipher::klen.

◆ ossl_des_init()

static int ossl_des_init ( PX_Cipher c,
const uint8 key,
unsigned  klen,
const uint8 iv 
)
static

Definition at line 479 of file openssl.c.

480 {
481  OSSLCipher *od = c->ptr;
482  unsigned bs = gen_ossl_block_size(c);
483 
484  od->klen = 8;
485  memset(od->key, 0, 8);
486  memcpy(od->key, key, klen > 8 ? 8 : klen);
487 
488  if (iv)
489  memcpy(od->iv, iv, bs);
490  else
491  memset(od->iv, 0, bs);
492  return 0;
493 }

References gen_ossl_block_size(), OSSLCipher::iv, OSSLCipher::key, sort-test::key, and OSSLCipher::klen.

◆ px_find_cipher()

int px_find_cipher ( const char *  name,
PX_Cipher **  res 
)

Definition at line 736 of file openssl.c.

737 {
738  const struct ossl_cipher_lookup *i;
739  PX_Cipher *c = NULL;
740  EVP_CIPHER_CTX *ctx;
741  OSSLCipher *od;
742 
744  for (i = ossl_cipher_types; i->name; i++)
745  if (strcmp(i->name, name) == 0)
746  break;
747  if (i->name == NULL)
748  return PXE_NO_CIPHER;
749 
751 
752  /*
753  * Create an OSSLCipher object, an EVP_CIPHER_CTX object and a PX_Cipher.
754  * The order is crucial, to make sure we don't leak anything on
755  * out-of-memory or other error.
756  */
757  od = MemoryContextAllocZero(TopMemoryContext, sizeof(*od));
758  od->ciph = i->ciph;
759 
760  /* Allocate an EVP_CIPHER_CTX object. */
761  ctx = EVP_CIPHER_CTX_new();
762  if (!ctx)
763  {
764  pfree(od);
765  return PXE_CIPHER_INIT;
766  }
767 
768  od->evp_ctx = ctx;
771 
772  if (i->ciph->cipher_func)
773  od->evp_ciph = i->ciph->cipher_func();
774 
775  /* The PX_Cipher is allocated in current memory context */
776  c = palloc(sizeof(*c));
777  c->block_size = gen_ossl_block_size;
778  c->key_size = gen_ossl_key_size;
779  c->iv_size = gen_ossl_iv_size;
780  c->free = gen_ossl_free;
781  c->init = od->ciph->init;
782  c->encrypt = gen_ossl_encrypt;
783  c->decrypt = gen_ossl_decrypt;
784  c->ptr = od;
785 
786  *res = c;
787  return 0;
788 }
int i
Definition: isn.c:73
MemoryContext TopMemoryContext
Definition: mcxt.c:149
void * MemoryContextAllocZero(MemoryContext context, Size size)
Definition: mcxt.c:1215
void * palloc(Size size)
Definition: mcxt.c:1317
static unsigned gen_ossl_key_size(PX_Cipher *c)
Definition: openssl.c:310
static int gen_ossl_encrypt(PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
Definition: openssl.c:367
static int gen_ossl_decrypt(PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
Definition: openssl.c:337
static void gen_ossl_free(PX_Cipher *c)
Definition: openssl.c:328
static unsigned gen_ossl_iv_size(PX_Cipher *c)
Definition: openssl.c:318
static PX_Alias ossl_aliases[]
Definition: openssl.c:623
static const struct ossl_cipher_lookup ossl_cipher_types[]
Definition: openssl.c:718
static void ResourceOwnerRememberOSSLCipher(ResourceOwner owner, OSSLCipher *od)
Definition: openssl.c:280
const char * px_resolve_alias(const PX_Alias *list, const char *name)
Definition: px.c:129
#define PXE_NO_CIPHER
Definition: px.h:49
ResourceOwner CurrentResourceOwner
Definition: resowner.c:165
void ResourceOwnerEnlarge(ResourceOwner owner)
Definition: resowner.c:442
int(* init)(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: openssl.c:240
Definition: px.h:141
const char * name

References OSSLCipher::ciph, CurrentResourceOwner, OSSLCipher::evp_ciph, OSSLCipher::evp_ctx, gen_ossl_block_size(), gen_ossl_decrypt(), gen_ossl_encrypt(), gen_ossl_free(), gen_ossl_iv_size(), gen_ossl_key_size(), i, ossl_cipher::init, MemoryContextAllocZero(), name, ossl_aliases, ossl_cipher_types, OSSLCipher::owner, palloc(), pfree(), px_resolve_alias(), PXE_CIPHER_INIT, PXE_NO_CIPHER, res, ResourceOwnerEnlarge(), ResourceOwnerRememberOSSLCipher(), and TopMemoryContext.

Referenced by pgp_load_cipher(), and px_find_combo().

◆ px_find_digest()

int px_find_digest ( const char *  name,
PX_MD **  res 
)

Definition at line 160 of file openssl.c.

161 {
162  const EVP_MD *md;
163  EVP_MD_CTX *ctx;
164  PX_MD *h;
165  OSSLDigest *digest;
166 
167  md = EVP_get_digestbyname(name);
168  if (md == NULL)
169  return PXE_NO_HASH;
170 
172 
173  /*
174  * Create an OSSLDigest object, an OpenSSL MD object, and a PX_MD object.
175  * The order is crucial, to make sure we don't leak anything on
176  * out-of-memory or other error.
177  */
178  digest = MemoryContextAlloc(TopMemoryContext, sizeof(*digest));
179 
180  ctx = EVP_MD_CTX_create();
181  if (!ctx)
182  {
183  pfree(digest);
184  return PXE_CIPHER_INIT;
185  }
186  if (EVP_DigestInit_ex(ctx, md, NULL) == 0)
187  {
188  EVP_MD_CTX_destroy(ctx);
189  pfree(digest);
190  return PXE_CIPHER_INIT;
191  }
192 
193  digest->algo = md;
194  digest->ctx = ctx;
195  digest->owner = CurrentResourceOwner;
196  ResourceOwnerRememberOSSLDigest(digest->owner, digest);
197 
198  /* The PX_MD object is allocated in the current memory context. */
199  h = palloc(sizeof(*h));
202  h->reset = digest_reset;
203  h->update = digest_update;
204  h->finish = digest_finish;
205  h->free = digest_free;
206  h->p.ptr = (void *) digest;
207 
208  *res = h;
209  return 0;
210 }
void * MemoryContextAlloc(MemoryContext context, Size size)
Definition: mcxt.c:1181
static void digest_update(PX_MD *h, const uint8 *data, unsigned dlen)
Definition: openssl.c:131
static unsigned digest_result_size(PX_MD *h)
Definition: openssl.c:98
static void ResourceOwnerRememberOSSLDigest(ResourceOwner owner, OSSLDigest *digest)
Definition: openssl.c:78
static void digest_finish(PX_MD *h, uint8 *dst)
Definition: openssl.c:140
static void digest_reset(PX_MD *h)
Definition: openssl.c:122
static unsigned digest_block_size(PX_MD *h)
Definition: openssl.c:110
static void digest_free(PX_MD *h)
Definition: openssl.c:149
#define PXE_NO_HASH
Definition: px.h:48
Definition: px.h:100
void(* free)(PX_MD *h)
Definition: px.h:106
void(* update)(PX_MD *h, const uint8 *data, unsigned dlen)
Definition: px.h:104
unsigned(* result_size)(PX_MD *h)
Definition: px.h:101
void(* reset)(PX_MD *h)
Definition: px.h:103
unsigned(* block_size)(PX_MD *h)
Definition: px.h:102
void(* finish)(PX_MD *h, uint8 *dst)
Definition: px.h:105

References OSSLDigest::algo, px_digest::block_size, OSSLDigest::ctx, CurrentResourceOwner, digest_block_size(), digest_finish(), digest_free(), digest_reset(), digest_result_size(), digest_update(), px_digest::finish, px_digest::free, MemoryContextAlloc(), name, OSSLDigest::owner, px_digest::p, palloc(), pfree(), px_digest::ptr, PXE_CIPHER_INIT, PXE_NO_HASH, res, px_digest::reset, ResourceOwnerEnlarge(), ResourceOwnerRememberOSSLDigest(), px_digest::result_size, TopMemoryContext, and px_digest::update.

Referenced by pg_digest(), pgp_load_digest(), px_crypt_md5(), and px_find_hmac().

◆ ResourceOwnerForgetOSSLCipher()

static void ResourceOwnerForgetOSSLCipher ( ResourceOwner  owner,
OSSLCipher od 
)
inlinestatic

Definition at line 285 of file openssl.c.

286 {
288 }
static const ResourceOwnerDesc osslcipher_resowner_desc
Definition: openssl.c:269
static Datum PointerGetDatum(const void *X)
Definition: postgres.h:322
void ResourceOwnerForget(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
Definition: resowner.c:554

References osslcipher_resowner_desc, PointerGetDatum(), and ResourceOwnerForget().

Referenced by free_openssl_cipher().

◆ ResourceOwnerForgetOSSLDigest()

static void ResourceOwnerForgetOSSLDigest ( ResourceOwner  owner,
OSSLDigest digest 
)
inlinestatic

Definition at line 83 of file openssl.c.

84 {
86 }
static const ResourceOwnerDesc ossldigest_resowner_desc
Definition: openssl.c:67

References ossldigest_resowner_desc, PointerGetDatum(), and ResourceOwnerForget().

Referenced by free_openssl_digest().

◆ ResourceOwnerRememberOSSLCipher()

static void ResourceOwnerRememberOSSLCipher ( ResourceOwner  owner,
OSSLCipher od 
)
inlinestatic

Definition at line 280 of file openssl.c.

281 {
283 }
void ResourceOwnerRemember(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
Definition: resowner.c:514

References osslcipher_resowner_desc, PointerGetDatum(), and ResourceOwnerRemember().

Referenced by px_find_cipher().

◆ ResourceOwnerRememberOSSLDigest()

static void ResourceOwnerRememberOSSLDigest ( ResourceOwner  owner,
OSSLDigest digest 
)
inlinestatic

Definition at line 78 of file openssl.c.

79 {
81 }

References ossldigest_resowner_desc, PointerGetDatum(), and ResourceOwnerRemember().

Referenced by px_find_digest().

◆ ResOwnerReleaseOSSLCipher()

static void ResOwnerReleaseOSSLCipher ( Datum  res)
static

Definition at line 793 of file openssl.c.

794 {
796 }
static Pointer DatumGetPointer(Datum X)
Definition: postgres.h:312

References DatumGetPointer(), free_openssl_cipher(), and res.

◆ ResOwnerReleaseOSSLDigest()

static void ResOwnerReleaseOSSLDigest ( Datum  res)
static

Definition at line 215 of file openssl.c.

216 {
217  OSSLDigest *digest = (OSSLDigest *) DatumGetPointer(res);
218 
219  digest->owner = NULL;
220  free_openssl_digest(digest);
221 }

References DatumGetPointer(), free_openssl_digest(), OSSLDigest::owner, and res.

Variable Documentation

◆ ossl_aes_cbc

const struct ossl_cipher ossl_aes_cbc
static
Initial value:
= {
NULL,
128 / 8, 256 / 8
}
static int ossl_aes_cbc_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: openssl.c:590

Definition at line 623 of file openssl.c.

◆ ossl_aes_ecb

const struct ossl_cipher ossl_aes_ecb
static
Initial value:
= {
NULL,
128 / 8, 256 / 8
}
static int ossl_aes_ecb_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: openssl.c:560

Definition at line 623 of file openssl.c.

◆ ossl_aliases

PX_Alias ossl_aliases[]
static
Initial value:
= {
{"bf", "bf-cbc"},
{"blowfish", "bf-cbc"},
{"blowfish-cbc", "bf-cbc"},
{"blowfish-ecb", "bf-ecb"},
{"blowfish-cfb", "bf-cfb"},
{"des", "des-cbc"},
{"3des", "des3-cbc"},
{"3des-ecb", "des3-ecb"},
{"3des-cbc", "des3-cbc"},
{"cast5", "cast5-cbc"},
{"aes", "aes-cbc"},
{"rijndael", "aes-cbc"},
{"rijndael-cbc", "aes-cbc"},
{"rijndael-ecb", "aes-ecb"},
{NULL}
}

Definition at line 623 of file openssl.c.

Referenced by px_find_cipher().

◆ ossl_bf_cbc

const struct ossl_cipher ossl_bf_cbc
static
Initial value:
= {
EVP_bf_cbc,
64 / 8, 448 / 8
}
static int bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: openssl.c:447

Definition at line 623 of file openssl.c.

◆ ossl_bf_cfb

const struct ossl_cipher ossl_bf_cfb
static
Initial value:
= {
EVP_bf_cfb,
64 / 8, 448 / 8
}

Definition at line 623 of file openssl.c.

◆ ossl_bf_ecb

const struct ossl_cipher ossl_bf_ecb
static
Initial value:
= {
EVP_bf_ecb,
64 / 8, 448 / 8
}

Definition at line 623 of file openssl.c.

◆ ossl_cast_cbc

const struct ossl_cipher ossl_cast_cbc
static
Initial value:
= {
EVP_cast5_cbc,
64 / 8, 128 / 8
}
static int ossl_cast_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: openssl.c:517

Definition at line 623 of file openssl.c.

◆ ossl_cast_ecb

const struct ossl_cipher ossl_cast_ecb
static
Initial value:
= {
EVP_cast5_ecb,
64 / 8, 128 / 8
}

Definition at line 623 of file openssl.c.

◆ ossl_cipher_types

const struct ossl_cipher_lookup ossl_cipher_types[]
static
Initial value:
= {
{"bf-cbc", &ossl_bf_cbc},
{"bf-ecb", &ossl_bf_ecb},
{"bf-cfb", &ossl_bf_cfb},
{"des-ecb", &ossl_des_ecb},
{"des-cbc", &ossl_des_cbc},
{"des3-ecb", &ossl_des3_ecb},
{"des3-cbc", &ossl_des3_cbc},
{"cast5-ecb", &ossl_cast_ecb},
{"cast5-cbc", &ossl_cast_cbc},
{"aes-ecb", &ossl_aes_ecb},
{"aes-cbc", &ossl_aes_cbc},
{NULL}
}
static const struct ossl_cipher ossl_des_ecb
Definition: openssl.c:659
static const struct ossl_cipher ossl_des3_cbc
Definition: openssl.c:677
static const struct ossl_cipher ossl_aes_ecb
Definition: openssl.c:695
static const struct ossl_cipher ossl_des3_ecb
Definition: openssl.c:671
static const struct ossl_cipher ossl_bf_cfb
Definition: openssl.c:653
static const struct ossl_cipher ossl_cast_cbc
Definition: openssl.c:689
static const struct ossl_cipher ossl_des_cbc
Definition: openssl.c:665
static const struct ossl_cipher ossl_bf_ecb
Definition: openssl.c:647
static const struct ossl_cipher ossl_bf_cbc
Definition: openssl.c:641
static const struct ossl_cipher ossl_cast_ecb
Definition: openssl.c:683
static const struct ossl_cipher ossl_aes_cbc
Definition: openssl.c:702

Definition at line 623 of file openssl.c.

Referenced by px_find_cipher().

◆ ossl_des3_cbc

const struct ossl_cipher ossl_des3_cbc
static
Initial value:
= {
EVP_des_ede3_cbc,
64 / 8, 192 / 8
}
static int ossl_des3_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: openssl.c:498

Definition at line 623 of file openssl.c.

◆ ossl_des3_ecb

const struct ossl_cipher ossl_des3_ecb
static
Initial value:
= {
EVP_des_ede3_ecb,
64 / 8, 192 / 8
}

Definition at line 623 of file openssl.c.

◆ ossl_des_cbc

const struct ossl_cipher ossl_des_cbc
static
Initial value:
= {
EVP_des_cbc,
64 / 8, 64 / 8
}
static int ossl_des_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
Definition: openssl.c:479

Definition at line 623 of file openssl.c.

◆ ossl_des_ecb

const struct ossl_cipher ossl_des_ecb
static
Initial value:
= {
EVP_des_ecb,
64 / 8, 64 / 8
}

Definition at line 623 of file openssl.c.

◆ osslcipher_resowner_desc

const ResourceOwnerDesc osslcipher_resowner_desc
static
Initial value:
=
{
.name = "pgcrypto OpenSSL cipher handle",
.release_priority = RELEASE_PRIO_FIRST,
.ReleaseResource = ResOwnerReleaseOSSLCipher,
.DebugPrint = NULL,
}
static void ResOwnerReleaseOSSLCipher(Datum res)
Definition: openssl.c:793
@ RESOURCE_RELEASE_BEFORE_LOCKS
Definition: resowner.h:54
#define RELEASE_PRIO_FIRST
Definition: resowner.h:80

Definition at line 269 of file openssl.c.

Referenced by ResourceOwnerForgetOSSLCipher(), and ResourceOwnerRememberOSSLCipher().

◆ ossldigest_resowner_desc

const ResourceOwnerDesc ossldigest_resowner_desc
static
Initial value:
=
{
.name = "pgcrypto OpenSSL digest handle",
.release_priority = RELEASE_PRIO_FIRST,
.ReleaseResource = ResOwnerReleaseOSSLDigest,
.DebugPrint = NULL,
}
static void ResOwnerReleaseOSSLDigest(Datum res)
Definition: openssl.c:215

Definition at line 67 of file openssl.c.

Referenced by ResourceOwnerForgetOSSLDigest(), and ResourceOwnerRememberOSSLDigest().