34 #include <openssl/evp.h> 35 #include <openssl/err.h> 36 #include <openssl/rand.h> 45 #define MAX_KEY (512/8) 46 #define MAX_IV (128/8) 73 EVP_MD_CTX_destroy(digest->
ctx);
77 open_digests = digest->
next;
107 elog(
WARNING,
"pgcrypto digest reference leak: digest %p still referenced", curr);
117 int result = EVP_MD_CTX_size(digest->
ctx);
129 int result = EVP_MD_CTX_block_size(digest->
ctx);
132 elog(
ERROR,
"EVP_MD_CTX_block_size() failed");
142 if (!EVP_DigestInit_ex(digest->
ctx, digest->
algo, NULL))
143 elog(
ERROR,
"EVP_DigestInit_ex() failed");
151 if (!EVP_DigestUpdate(digest->
ctx, data, dlen))
152 elog(
ERROR,
"EVP_DigestUpdate() failed");
160 if (!EVP_DigestFinal_ex(digest->
ctx, dst, NULL))
161 elog(
ERROR,
"EVP_DigestFinal_ex() failed");
188 OpenSSL_add_all_algorithms();
197 md = EVP_get_digestbyname(name);
208 ctx = EVP_MD_CTX_create();
214 if (EVP_DigestInit_ex(ctx, md, NULL) == 0)
216 EVP_MD_CTX_destroy(ctx);
226 open_digests = digest;
236 h->
p.
ptr = (
void *) digest;
252 typedef const EVP_CIPHER *(*ossl_EVP_cipher_func) (void);
294 EVP_CIPHER_CTX_free(od->
evp_ctx);
298 open_ciphers = od->
next;
328 elog(
WARNING,
"pgcrypto cipher reference leak: cipher %p still referenced", curr);
382 if (!EVP_CIPHER_CTX_set_key_length(od->
evp_ctx, od->
klen))
384 if (!EVP_DecryptInit_ex(od->
evp_ctx, NULL, NULL, od->
key, od->
iv))
389 if (!EVP_DecryptUpdate(od->
evp_ctx, res, &outlen, data, dlen))
406 if (!EVP_CIPHER_CTX_set_key_length(od->
evp_ctx, od->
klen))
408 if (!EVP_EncryptInit_ex(od->
evp_ctx, NULL, NULL, od->
key, od->
iv))
413 if (!EVP_EncryptUpdate(od->
evp_ctx, res, &outlen, data, dlen))
430 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, 0x78, 0x69,
431 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, 0x00, 0x11, 0x22, 0x33,
432 0x44, 0x55, 0x66, 0x77, 0x04, 0x68, 0x91, 0x04, 0xc2, 0xfd,
433 0x3b, 0x2f, 0x58, 0x40, 0x23, 0x64, 0x1a, 0xba, 0x61, 0x76,
434 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e, 0xff, 0xff,
435 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
438 static const uint8 data[8] = {0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
439 static const uint8 res[8] = {0xc0, 0x45, 0x04, 0x01, 0x2e, 0x4e, 0x1f, 0x53};
446 evp_ctx = EVP_CIPHER_CTX_new();
449 if (!EVP_EncryptInit_ex(evp_ctx, EVP_bf_ecb(), NULL, NULL, NULL))
451 if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, 56))
453 if (!EVP_EncryptInit_ex(evp_ctx, NULL, NULL, key, NULL))
456 if (!EVP_EncryptUpdate(evp_ctx, out, &outlen, data, 8))
459 if (memcmp(out, res, 8) != 0)
465 EVP_CIPHER_CTX_free(evp_ctx);
474 static int bf_is_strong = -1;
482 if (bf_is_strong == -1)
485 if (!bf_is_strong && klen > 16)
490 memcpy(od->
key, key, klen);
493 memcpy(od->
iv, iv, bs);
495 memset(od->
iv, 0, bs);
508 memset(od->
key, 0, 8);
509 memcpy(od->
key, key, klen > 8 ? 8 : klen);
512 memcpy(od->
iv, iv, bs);
514 memset(od->
iv, 0, bs);
527 memset(od->
key, 0, 24);
528 memcpy(od->
key, key, klen > 24 ? 24 : klen);
531 memcpy(od->
iv, iv, bs);
533 memset(od->
iv, 0, bs);
546 memcpy(od->
key, key, klen);
549 memcpy(od->
iv, iv, bs);
551 memset(od->
iv, 0, bs);
565 else if (klen <= 192 / 8)
567 else if (klen <= 256 / 8)
572 memcpy(od->
key, key, klen);
575 memcpy(od->
iv, iv, bs);
577 memset(od->
iv, 0, bs);
648 {
"blowfish",
"bf-cbc"},
649 {
"blowfish-cbc",
"bf-cbc"},
650 {
"blowfish-ecb",
"bf-ecb"},
651 {
"blowfish-cfb",
"bf-cfb"},
653 {
"3des",
"des3-cbc"},
654 {
"3des-ecb",
"des3-ecb"},
655 {
"3des-cbc",
"des3-cbc"},
656 {
"cast5",
"cast5-cbc"},
658 {
"rijndael",
"aes-cbc"},
659 {
"rijndael-cbc",
"aes-cbc"},
660 {
"rijndael-ecb",
"aes-ecb"},
742 {
"bf-cbc", &ossl_bf_cbc},
743 {
"bf-ecb", &ossl_bf_ecb},
744 {
"bf-cfb", &ossl_bf_cfb},
745 {
"des-ecb", &ossl_des_ecb},
746 {
"des-cbc", &ossl_des_cbc},
747 {
"des3-ecb", &ossl_des3_ecb},
748 {
"des3-cbc", &ossl_des3_cbc},
749 {
"cast5-ecb", &ossl_cast_ecb},
750 {
"cast5-cbc", &ossl_cast_cbc},
751 {
"aes-ecb", &ossl_aes_ecb},
752 {
"aes-cbc", &ossl_aes_cbc},
767 for (i = ossl_cipher_types; i->
name; i++)
768 if (strcmp(i->
name, name) == 0)
788 ctx = EVP_CIPHER_CTX_new();
static const struct ossl_cipher ossl_cast_cbc
static bool cipher_resowner_callback_registered
const EVP_CIPHER *(* ossl_EVP_cipher_func)(void)
static bool digest_resowner_callback_registered
static int ossl_aes_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
#define PXE_DECRYPT_FAILED
struct OSSLDigest OSSLDigest
static const struct ossl_cipher ossl_des3_ecb
ResourceOwner CurrentResourceOwner
static void cipher_free_callback(ResourceReleasePhase phase, bool isCommit, bool isTopLevel, void *arg)
unsigned(* block_size)(PX_Cipher *c)
static const struct ossl_cipher ossl_aes_cbc
static void free_openssl_cipher(OSSLCipher *od)
int(* decrypt)(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
const char * px_resolve_alias(const PX_Alias *list, const char *name)
int px_find_digest(const char *name, PX_MD **res)
static int ossl_des3_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static OSSLCipher * open_ciphers
void(* free)(PX_Cipher *c)
static int ossl_aes_cbc_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static const struct ossl_cipher ossl_des_ecb
int(* init)(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static void gen_ossl_free(PX_Cipher *c)
static int px_openssl_initialized
void pfree(void *pointer)
static const struct ossl_cipher ossl_bf_cfb
unsigned(* block_size)(PX_MD *h)
static const struct ossl_cipher ossl_aes_ecb
static OSSLDigest * open_digests
static void digest_free_callback(ResourceReleasePhase phase, bool isCommit, bool isTopLevel, void *arg)
void(* update)(PX_MD *h, const uint8 *data, unsigned dlen)
void(* finish)(PX_MD *h, uint8 *dst)
static unsigned digest_block_size(PX_MD *h)
unsigned(* iv_size)(PX_Cipher *c)
static int ossl_cast_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static unsigned gen_ossl_key_size(PX_Cipher *c)
static void digest_finish(PX_MD *h, uint8 *dst)
unsigned(* key_size)(PX_Cipher *c)
MemoryContext TopMemoryContext
static void digest_free(PX_MD *h)
static const struct ossl_cipher ossl_des3_cbc
int(* encrypt)(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
static int ossl_aes_ecb_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
unsigned(* result_size)(PX_MD *h)
ossl_EVP_cipher_func cipher_func
void * MemoryContextAllocZero(MemoryContext context, Size size)
#define PXE_ENCRYPT_FAILED
static const struct ossl_cipher_lookup ossl_cipher_types[]
static const struct ossl_cipher ossl_cast_ecb
static void free_openssl_digest(OSSLDigest *digest)
static int gen_ossl_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
static unsigned gen_ossl_block_size(PX_Cipher *c)
int(* init)(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static int ossl_des_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
int px_find_cipher(const char *name, PX_Cipher **res)
static PX_Alias ossl_aliases[]
static const struct ossl_cipher ossl_bf_ecb
static unsigned gen_ossl_iv_size(PX_Cipher *c)
static unsigned digest_result_size(PX_MD *h)
const struct ossl_cipher * ciph
void RegisterResourceReleaseCallback(ResourceReleaseCallback callback, void *arg)
const struct ossl_cipher * ciph
void * MemoryContextAlloc(MemoryContext context, Size size)
static void digest_update(PX_MD *h, const uint8 *data, unsigned dlen)
static int bf_check_supported_key_len(void)
const EVP_CIPHER * evp_ciph
static const struct ossl_cipher ossl_des_cbc
static void static void status(const char *fmt,...) pg_attribute_printf(1
static int bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static void digest_reset(PX_MD *h)
static int gen_ossl_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
static const struct ossl_cipher ossl_bf_cbc
struct OSSLCipher OSSLCipher