34 #include <openssl/evp.h>
35 #include <openssl/err.h>
36 #include <openssl/rand.h>
45 #define MAX_KEY (512/8)
46 #define MAX_IV (128/8)
69 .
name =
"pgcrypto OpenSSL digest handle",
91 EVP_MD_CTX_destroy(digest->
ctx);
92 if (digest->
owner != NULL)
101 int result = EVP_MD_CTX_size(digest->
ctx);
113 int result = EVP_MD_CTX_block_size(digest->
ctx);
116 elog(
ERROR,
"EVP_MD_CTX_block_size() failed");
126 if (!EVP_DigestInit_ex(digest->
ctx, digest->
algo, NULL))
127 elog(
ERROR,
"EVP_DigestInit_ex() failed");
135 if (!EVP_DigestUpdate(digest->
ctx,
data, dlen))
136 elog(
ERROR,
"EVP_DigestUpdate() failed");
144 if (!EVP_DigestFinal_ex(digest->
ctx, dst, NULL))
145 elog(
ERROR,
"EVP_DigestFinal_ex() failed");
167 md = EVP_get_digestbyname(
name);
180 ctx = EVP_MD_CTX_create();
186 if (EVP_DigestInit_ex(ctx, md, NULL) == 0)
188 EVP_MD_CTX_destroy(ctx);
206 h->
p.
ptr = (
void *) digest;
219 digest->
owner = NULL;
233 typedef const EVP_CIPHER *(*ossl_EVP_cipher_func) (void);
271 .
name =
"pgcrypto OpenSSL cipher handle",
293 EVP_CIPHER_CTX_free(od->
evp_ctx);
294 if (od->
owner != NULL)
348 if (!EVP_CIPHER_CTX_set_padding(od->
evp_ctx, padding))
350 if (!EVP_CIPHER_CTX_set_key_length(od->
evp_ctx, od->
klen))
352 if (!EVP_DecryptInit_ex(od->
evp_ctx, NULL, NULL, od->
key, od->
iv))
359 if (!EVP_DecryptFinal_ex(od->
evp_ctx,
res + outlen, &outlen2))
361 *rlen = outlen + outlen2;
378 if (!EVP_CIPHER_CTX_set_padding(od->
evp_ctx, padding))
380 if (!EVP_CIPHER_CTX_set_key_length(od->
evp_ctx, od->
klen))
382 if (!EVP_EncryptInit_ex(od->
evp_ctx, NULL, NULL, od->
key, od->
iv))
389 if (!EVP_EncryptFinal_ex(od->
evp_ctx,
res + outlen, &outlen2))
391 *rlen = outlen + outlen2;
407 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, 0x78, 0x69,
408 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, 0x00, 0x11, 0x22, 0x33,
409 0x44, 0x55, 0x66, 0x77, 0x04, 0x68, 0x91, 0x04, 0xc2, 0xfd,
410 0x3b, 0x2f, 0x58, 0x40, 0x23, 0x64, 0x1a, 0xba, 0x61, 0x76,
411 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e, 0xff, 0xff,
412 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
415 static const uint8 data[8] = {0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
416 static const uint8 res[8] = {0xc0, 0x45, 0x04, 0x01, 0x2e, 0x4e, 0x1f, 0x53};
418 EVP_CIPHER_CTX *evp_ctx;
423 evp_ctx = EVP_CIPHER_CTX_new();
426 if (!EVP_EncryptInit_ex(evp_ctx, EVP_bf_ecb(), NULL, NULL, NULL))
428 if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, 56))
430 if (!EVP_EncryptInit_ex(evp_ctx, NULL, NULL,
key, NULL))
433 if (!EVP_EncryptUpdate(evp_ctx, out, &outlen,
data, 8))
436 if (memcmp(out,
res, 8) != 0)
442 EVP_CIPHER_CTX_free(evp_ctx);
451 static int bf_is_strong = -1;
459 if (bf_is_strong == -1)
462 if (!bf_is_strong && klen > 16)
467 memcpy(od->
key,
key, klen);
470 memcpy(od->
iv, iv, bs);
472 memset(od->
iv, 0, bs);
485 memset(od->
key, 0, 8);
486 memcpy(od->
key,
key, klen > 8 ? 8 : klen);
489 memcpy(od->
iv, iv, bs);
491 memset(od->
iv, 0, bs);
504 memset(od->
key, 0, 24);
505 memcpy(od->
key,
key, klen > 24 ? 24 : klen);
508 memcpy(od->
iv, iv, bs);
510 memset(od->
iv, 0, bs);
523 memcpy(od->
key,
key, klen);
526 memcpy(od->
iv, iv, bs);
528 memset(od->
iv, 0, bs);
542 else if (klen <= 192 / 8)
544 else if (klen <= 256 / 8)
549 memcpy(od->
key,
key, klen);
552 memcpy(od->
iv, iv, bs);
554 memset(od->
iv, 0, bs);
625 {
"blowfish",
"bf-cbc"},
626 {
"blowfish-cbc",
"bf-cbc"},
627 {
"blowfish-ecb",
"bf-ecb"},
628 {
"blowfish-cfb",
"bf-cfb"},
630 {
"3des",
"des3-cbc"},
631 {
"3des-ecb",
"des3-ecb"},
632 {
"3des-cbc",
"des3-cbc"},
633 {
"cast5",
"cast5-cbc"},
635 {
"rijndael",
"aes-cbc"},
636 {
"rijndael-cbc",
"aes-cbc"},
637 {
"rijndael-ecb",
"aes-ecb"},
745 if (strcmp(
i->name,
name) == 0)
761 ctx = EVP_CIPHER_CTX_new();
772 if (
i->ciph->cipher_func)
static void PGresult * res
void err(int eval, const char *fmt,...)
if(TABLE==NULL||TABLE_index==NULL)
void pfree(void *pointer)
MemoryContext TopMemoryContext
void * MemoryContextAllocZero(MemoryContext context, Size size)
void * MemoryContextAlloc(MemoryContext context, Size size)
static unsigned gen_ossl_block_size(PX_Cipher *c)
int px_find_digest(const char *name, PX_MD **res)
static const struct ossl_cipher ossl_des_ecb
const EVP_CIPHER *(* ossl_EVP_cipher_func)(void)
static const struct ossl_cipher ossl_des3_cbc
static void digest_update(PX_MD *h, const uint8 *data, unsigned dlen)
static int bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static int bf_check_supported_key_len(void)
static void ResourceOwnerForgetOSSLDigest(ResourceOwner owner, OSSLDigest *digest)
static unsigned digest_result_size(PX_MD *h)
static const struct ossl_cipher ossl_aes_ecb
static void ResourceOwnerRememberOSSLDigest(ResourceOwner owner, OSSLDigest *digest)
static void digest_finish(PX_MD *h, uint8 *dst)
struct OSSLCipher OSSLCipher
static const ResourceOwnerDesc ossldigest_resowner_desc
static void free_openssl_cipher(OSSLCipher *od)
static void ResourceOwnerForgetOSSLCipher(ResourceOwner owner, OSSLCipher *od)
static unsigned gen_ossl_key_size(PX_Cipher *c)
static int ossl_aes_ecb_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static const struct ossl_cipher ossl_des3_ecb
static void ResOwnerReleaseOSSLCipher(Datum res)
static const struct ossl_cipher ossl_bf_cfb
struct OSSLDigest OSSLDigest
static int gen_ossl_encrypt(PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
static const struct ossl_cipher ossl_cast_cbc
static const ResourceOwnerDesc osslcipher_resowner_desc
static int gen_ossl_decrypt(PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
static void gen_ossl_free(PX_Cipher *c)
static const struct ossl_cipher ossl_des_cbc
static void digest_reset(PX_MD *h)
static void ResOwnerReleaseOSSLDigest(Datum res)
static int ossl_cast_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static unsigned gen_ossl_iv_size(PX_Cipher *c)
int px_find_cipher(const char *name, PX_Cipher **res)
static const struct ossl_cipher ossl_bf_ecb
static PX_Alias ossl_aliases[]
static const struct ossl_cipher ossl_bf_cbc
static const struct ossl_cipher_lookup ossl_cipher_types[]
static void free_openssl_digest(OSSLDigest *digest)
static const struct ossl_cipher ossl_cast_ecb
static int ossl_aes_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static unsigned digest_block_size(PX_MD *h)
static const struct ossl_cipher ossl_aes_cbc
static int ossl_aes_cbc_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static void digest_free(PX_MD *h)
static int ossl_des3_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static void ResourceOwnerRememberOSSLCipher(ResourceOwner owner, OSSLCipher *od)
static int ossl_des_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static Datum PointerGetDatum(const void *X)
static Pointer DatumGetPointer(Datum X)
const char * px_resolve_alias(const PX_Alias *list, const char *name)
#define PXE_DECRYPT_FAILED
#define PXE_ENCRYPT_FAILED
ResourceOwner CurrentResourceOwner
void ResourceOwnerForget(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
void ResourceOwnerRemember(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
void ResourceOwnerEnlarge(ResourceOwner owner)
@ RESOURCE_RELEASE_BEFORE_LOCKS
#define RELEASE_PRIO_FIRST
const struct ossl_cipher * ciph
const EVP_CIPHER * evp_ciph
const struct ossl_cipher * ciph
int(* init)(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
ossl_EVP_cipher_func cipher_func
void(* update)(PX_MD *h, const uint8 *data, unsigned dlen)
unsigned(* result_size)(PX_MD *h)
unsigned(* block_size)(PX_MD *h)
void(* finish)(PX_MD *h, uint8 *dst)