34 #include <openssl/evp.h>
35 #include <openssl/err.h>
36 #include <openssl/rand.h>
45 #define MAX_KEY (512/8)
46 #define MAX_IV (128/8)
69 .
name =
"pgcrypto OpenSSL digest handle",
91 EVP_MD_CTX_destroy(digest->
ctx);
92 if (digest->
owner != NULL)
101 int result = EVP_MD_CTX_size(digest->
ctx);
113 int result = EVP_MD_CTX_block_size(digest->
ctx);
116 elog(
ERROR,
"EVP_MD_CTX_block_size() failed");
126 if (!EVP_DigestInit_ex(digest->
ctx, digest->
algo, NULL))
127 elog(
ERROR,
"EVP_DigestInit_ex() failed");
135 if (!EVP_DigestUpdate(digest->
ctx,
data, dlen))
136 elog(
ERROR,
"EVP_DigestUpdate() failed");
144 if (!EVP_DigestFinal_ex(digest->
ctx, dst, NULL))
145 elog(
ERROR,
"EVP_DigestFinal_ex() failed");
172 OpenSSL_add_all_algorithms();
175 md = EVP_get_digestbyname(
name);
188 ctx = EVP_MD_CTX_create();
194 if (EVP_DigestInit_ex(ctx, md, NULL) == 0)
196 EVP_MD_CTX_destroy(ctx);
214 h->
p.
ptr = (
void *) digest;
227 digest->
owner = NULL;
241 typedef const EVP_CIPHER *(*ossl_EVP_cipher_func) (void);
279 .
name =
"pgcrypto OpenSSL cipher handle",
301 EVP_CIPHER_CTX_free(od->
evp_ctx);
302 if (od->
owner != NULL)
356 if (!EVP_CIPHER_CTX_set_padding(od->
evp_ctx, padding))
358 if (!EVP_CIPHER_CTX_set_key_length(od->
evp_ctx, od->
klen))
360 if (!EVP_DecryptInit_ex(od->
evp_ctx, NULL, NULL, od->
key, od->
iv))
367 if (!EVP_DecryptFinal_ex(od->
evp_ctx,
res + outlen, &outlen2))
369 *rlen = outlen + outlen2;
386 if (!EVP_CIPHER_CTX_set_padding(od->
evp_ctx, padding))
388 if (!EVP_CIPHER_CTX_set_key_length(od->
evp_ctx, od->
klen))
390 if (!EVP_EncryptInit_ex(od->
evp_ctx, NULL, NULL, od->
key, od->
iv))
397 if (!EVP_EncryptFinal_ex(od->
evp_ctx,
res + outlen, &outlen2))
399 *rlen = outlen + outlen2;
415 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, 0x78, 0x69,
416 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, 0x00, 0x11, 0x22, 0x33,
417 0x44, 0x55, 0x66, 0x77, 0x04, 0x68, 0x91, 0x04, 0xc2, 0xfd,
418 0x3b, 0x2f, 0x58, 0x40, 0x23, 0x64, 0x1a, 0xba, 0x61, 0x76,
419 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e, 0xff, 0xff,
420 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
423 static const uint8 data[8] = {0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
424 static const uint8 res[8] = {0xc0, 0x45, 0x04, 0x01, 0x2e, 0x4e, 0x1f, 0x53};
426 EVP_CIPHER_CTX *evp_ctx;
431 evp_ctx = EVP_CIPHER_CTX_new();
434 if (!EVP_EncryptInit_ex(evp_ctx, EVP_bf_ecb(), NULL, NULL, NULL))
436 if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, 56))
438 if (!EVP_EncryptInit_ex(evp_ctx, NULL, NULL,
key, NULL))
441 if (!EVP_EncryptUpdate(evp_ctx, out, &outlen,
data, 8))
444 if (memcmp(out,
res, 8) != 0)
450 EVP_CIPHER_CTX_free(evp_ctx);
459 static int bf_is_strong = -1;
467 if (bf_is_strong == -1)
470 if (!bf_is_strong && klen > 16)
475 memcpy(od->
key,
key, klen);
478 memcpy(od->
iv, iv, bs);
480 memset(od->
iv, 0, bs);
493 memset(od->
key, 0, 8);
494 memcpy(od->
key,
key, klen > 8 ? 8 : klen);
497 memcpy(od->
iv, iv, bs);
499 memset(od->
iv, 0, bs);
512 memset(od->
key, 0, 24);
513 memcpy(od->
key,
key, klen > 24 ? 24 : klen);
516 memcpy(od->
iv, iv, bs);
518 memset(od->
iv, 0, bs);
531 memcpy(od->
key,
key, klen);
534 memcpy(od->
iv, iv, bs);
536 memset(od->
iv, 0, bs);
550 else if (klen <= 192 / 8)
552 else if (klen <= 256 / 8)
557 memcpy(od->
key,
key, klen);
560 memcpy(od->
iv, iv, bs);
562 memset(od->
iv, 0, bs);
633 {
"blowfish",
"bf-cbc"},
634 {
"blowfish-cbc",
"bf-cbc"},
635 {
"blowfish-ecb",
"bf-ecb"},
636 {
"blowfish-cfb",
"bf-cfb"},
638 {
"3des",
"des3-cbc"},
639 {
"3des-ecb",
"des3-ecb"},
640 {
"3des-cbc",
"des3-cbc"},
641 {
"cast5",
"cast5-cbc"},
643 {
"rijndael",
"aes-cbc"},
644 {
"rijndael-cbc",
"aes-cbc"},
645 {
"rijndael-ecb",
"aes-ecb"},
753 if (strcmp(
i->name,
name) == 0)
769 ctx = EVP_CIPHER_CTX_new();
780 if (
i->ciph->cipher_func)
static void PGresult * res
void err(int eval, const char *fmt,...)
if(TABLE==NULL||TABLE_index==NULL)
void pfree(void *pointer)
MemoryContext TopMemoryContext
void * MemoryContextAllocZero(MemoryContext context, Size size)
void * MemoryContextAlloc(MemoryContext context, Size size)
static unsigned gen_ossl_block_size(PX_Cipher *c)
int px_find_digest(const char *name, PX_MD **res)
static const struct ossl_cipher ossl_des_ecb
const EVP_CIPHER *(* ossl_EVP_cipher_func)(void)
static const struct ossl_cipher ossl_des3_cbc
static void digest_update(PX_MD *h, const uint8 *data, unsigned dlen)
static int bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static int bf_check_supported_key_len(void)
static void ResourceOwnerForgetOSSLDigest(ResourceOwner owner, OSSLDigest *digest)
static unsigned digest_result_size(PX_MD *h)
static const struct ossl_cipher ossl_aes_ecb
static void ResourceOwnerRememberOSSLDigest(ResourceOwner owner, OSSLDigest *digest)
static void digest_finish(PX_MD *h, uint8 *dst)
struct OSSLCipher OSSLCipher
static const ResourceOwnerDesc ossldigest_resowner_desc
static void free_openssl_cipher(OSSLCipher *od)
static void ResourceOwnerForgetOSSLCipher(ResourceOwner owner, OSSLCipher *od)
static unsigned gen_ossl_key_size(PX_Cipher *c)
static int ossl_aes_ecb_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static const struct ossl_cipher ossl_des3_ecb
static int px_openssl_initialized
static void ResOwnerReleaseOSSLCipher(Datum res)
static const struct ossl_cipher ossl_bf_cfb
struct OSSLDigest OSSLDigest
static int gen_ossl_encrypt(PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
static const struct ossl_cipher ossl_cast_cbc
static const ResourceOwnerDesc osslcipher_resowner_desc
static int gen_ossl_decrypt(PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
static void gen_ossl_free(PX_Cipher *c)
static const struct ossl_cipher ossl_des_cbc
static void digest_reset(PX_MD *h)
static void ResOwnerReleaseOSSLDigest(Datum res)
static int ossl_cast_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static unsigned gen_ossl_iv_size(PX_Cipher *c)
int px_find_cipher(const char *name, PX_Cipher **res)
static const struct ossl_cipher ossl_bf_ecb
static PX_Alias ossl_aliases[]
static const struct ossl_cipher ossl_bf_cbc
static const struct ossl_cipher_lookup ossl_cipher_types[]
static void free_openssl_digest(OSSLDigest *digest)
static const struct ossl_cipher ossl_cast_ecb
static int ossl_aes_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static unsigned digest_block_size(PX_MD *h)
static const struct ossl_cipher ossl_aes_cbc
static int ossl_aes_cbc_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static void digest_free(PX_MD *h)
static int ossl_des3_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static void ResourceOwnerRememberOSSLCipher(ResourceOwner owner, OSSLCipher *od)
static int ossl_des_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static Datum PointerGetDatum(const void *X)
static Pointer DatumGetPointer(Datum X)
const char * px_resolve_alias(const PX_Alias *list, const char *name)
#define PXE_DECRYPT_FAILED
#define PXE_ENCRYPT_FAILED
ResourceOwner CurrentResourceOwner
void ResourceOwnerForget(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
void ResourceOwnerRemember(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
void ResourceOwnerEnlarge(ResourceOwner owner)
@ RESOURCE_RELEASE_BEFORE_LOCKS
#define RELEASE_PRIO_FIRST
const struct ossl_cipher * ciph
const EVP_CIPHER * evp_ciph
const struct ossl_cipher * ciph
int(* init)(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
ossl_EVP_cipher_func cipher_func
void(* update)(PX_MD *h, const uint8 *data, unsigned dlen)
unsigned(* result_size)(PX_MD *h)
unsigned(* block_size)(PX_MD *h)
void(* finish)(PX_MD *h, uint8 *dst)