34 #include <openssl/evp.h>
35 #include <openssl/err.h>
36 #include <openssl/rand.h>
45 #define MAX_KEY (512/8)
46 #define MAX_IV (128/8)
73 EVP_MD_CTX_destroy(digest->
ctx);
107 elog(
WARNING,
"pgcrypto digest reference leak: digest %p still referenced", curr);
117 int result = EVP_MD_CTX_size(digest->
ctx);
129 int result = EVP_MD_CTX_block_size(digest->
ctx);
132 elog(
ERROR,
"EVP_MD_CTX_block_size() failed");
142 if (!EVP_DigestInit_ex(digest->
ctx, digest->
algo, NULL))
143 elog(
ERROR,
"EVP_DigestInit_ex() failed");
151 if (!EVP_DigestUpdate(digest->
ctx,
data, dlen))
152 elog(
ERROR,
"EVP_DigestUpdate() failed");
160 if (!EVP_DigestFinal_ex(digest->
ctx, dst, NULL))
161 elog(
ERROR,
"EVP_DigestFinal_ex() failed");
188 OpenSSL_add_all_algorithms();
197 md = EVP_get_digestbyname(
name);
208 ctx = EVP_MD_CTX_create();
214 if (EVP_DigestInit_ex(
ctx, md, NULL) == 0)
216 EVP_MD_CTX_destroy(
ctx);
236 h->
p.
ptr = (
void *) digest;
252 typedef const EVP_CIPHER *(*ossl_EVP_cipher_func) (void);
294 EVP_CIPHER_CTX_free(od->
evp_ctx);
328 elog(
WARNING,
"pgcrypto cipher reference leak: cipher %p still referenced", curr);
383 if (!EVP_CIPHER_CTX_set_padding(od->
evp_ctx, padding))
385 if (!EVP_CIPHER_CTX_set_key_length(od->
evp_ctx, od->
klen))
387 if (!EVP_DecryptInit_ex(od->
evp_ctx, NULL, NULL, od->
key, od->
iv))
394 if (!EVP_DecryptFinal_ex(od->
evp_ctx,
res + outlen, &outlen2))
396 *rlen = outlen + outlen2;
413 if (!EVP_CIPHER_CTX_set_padding(od->
evp_ctx, padding))
415 if (!EVP_CIPHER_CTX_set_key_length(od->
evp_ctx, od->
klen))
417 if (!EVP_EncryptInit_ex(od->
evp_ctx, NULL, NULL, od->
key, od->
iv))
424 if (!EVP_EncryptFinal_ex(od->
evp_ctx,
res + outlen, &outlen2))
426 *rlen = outlen + outlen2;
442 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, 0x78, 0x69,
443 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, 0x00, 0x11, 0x22, 0x33,
444 0x44, 0x55, 0x66, 0x77, 0x04, 0x68, 0x91, 0x04, 0xc2, 0xfd,
445 0x3b, 0x2f, 0x58, 0x40, 0x23, 0x64, 0x1a, 0xba, 0x61, 0x76,
446 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e, 0xff, 0xff,
447 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
450 static const uint8 data[8] = {0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
451 static const uint8 res[8] = {0xc0, 0x45, 0x04, 0x01, 0x2e, 0x4e, 0x1f, 0x53};
458 evp_ctx = EVP_CIPHER_CTX_new();
461 if (!EVP_EncryptInit_ex(
evp_ctx, EVP_bf_ecb(), NULL, NULL, NULL))
463 if (!EVP_CIPHER_CTX_set_key_length(
evp_ctx, 56))
465 if (!EVP_EncryptInit_ex(
evp_ctx, NULL, NULL,
key, NULL))
468 if (!EVP_EncryptUpdate(
evp_ctx, out, &outlen,
data, 8))
471 if (memcmp(out,
res, 8) != 0)
486 static int bf_is_strong = -1;
494 if (bf_is_strong == -1)
497 if (!bf_is_strong &&
klen > 16)
505 memcpy(od->
iv,
iv, bs);
507 memset(od->
iv, 0, bs);
520 memset(od->
key, 0, 8);
524 memcpy(od->
iv,
iv, bs);
526 memset(od->
iv, 0, bs);
539 memset(od->
key, 0, 24);
543 memcpy(od->
iv,
iv, bs);
545 memset(od->
iv, 0, bs);
561 memcpy(od->
iv,
iv, bs);
563 memset(od->
iv, 0, bs);
577 else if (
klen <= 192 / 8)
579 else if (
klen <= 256 / 8)
587 memcpy(od->
iv,
iv, bs);
589 memset(od->
iv, 0, bs);
660 {
"blowfish",
"bf-cbc"},
661 {
"blowfish-cbc",
"bf-cbc"},
662 {
"blowfish-ecb",
"bf-ecb"},
663 {
"blowfish-cfb",
"bf-cfb"},
665 {
"3des",
"des3-cbc"},
666 {
"3des-ecb",
"des3-ecb"},
667 {
"3des-cbc",
"des3-cbc"},
668 {
"cast5",
"cast5-cbc"},
670 {
"rijndael",
"aes-cbc"},
671 {
"rijndael-cbc",
"aes-cbc"},
672 {
"rijndael-ecb",
"aes-ecb"},
780 if (strcmp(
i->name,
name) == 0)
800 ctx = EVP_CIPHER_CTX_new();
813 if (
i->ciph->cipher_func)
static void PGresult * res
elog(ERROR, "%s: %s", p2, msg)
void err(int eval, const char *fmt,...)
if(TABLE==NULL||TABLE_index==NULL)
void pfree(void *pointer)
MemoryContext TopMemoryContext
void * MemoryContextAllocZero(MemoryContext context, Size size)
void * MemoryContextAlloc(MemoryContext context, Size size)
static bool cipher_resowner_callback_registered
static unsigned gen_ossl_block_size(PX_Cipher *c)
int px_find_digest(const char *name, PX_MD **res)
static const struct ossl_cipher ossl_des_ecb
static bool digest_resowner_callback_registered
static void digest_free_callback(ResourceReleasePhase phase, bool isCommit, bool isTopLevel, void *arg)
const EVP_CIPHER *(* ossl_EVP_cipher_func)(void)
static const struct ossl_cipher ossl_des3_cbc
static void digest_update(PX_MD *h, const uint8 *data, unsigned dlen)
static int bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static int bf_check_supported_key_len(void)
static unsigned digest_result_size(PX_MD *h)
static const struct ossl_cipher ossl_aes_ecb
static void digest_finish(PX_MD *h, uint8 *dst)
static OSSLCipher * open_ciphers
struct OSSLCipher OSSLCipher
static void free_openssl_cipher(OSSLCipher *od)
static unsigned gen_ossl_key_size(PX_Cipher *c)
static int ossl_aes_ecb_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static const struct ossl_cipher ossl_des3_ecb
static int px_openssl_initialized
static const struct ossl_cipher ossl_bf_cfb
struct OSSLDigest OSSLDigest
static int gen_ossl_encrypt(PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
static const struct ossl_cipher ossl_cast_cbc
static int gen_ossl_decrypt(PX_Cipher *c, int padding, const uint8 *data, unsigned dlen, uint8 *res, unsigned *rlen)
static void gen_ossl_free(PX_Cipher *c)
static const struct ossl_cipher ossl_des_cbc
static void digest_reset(PX_MD *h)
static int ossl_cast_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static unsigned gen_ossl_iv_size(PX_Cipher *c)
int px_find_cipher(const char *name, PX_Cipher **res)
static const struct ossl_cipher ossl_bf_ecb
static PX_Alias ossl_aliases[]
static const struct ossl_cipher ossl_bf_cbc
static const struct ossl_cipher_lookup ossl_cipher_types[]
static void free_openssl_digest(OSSLDigest *digest)
static const struct ossl_cipher ossl_cast_ecb
static int ossl_aes_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static void cipher_free_callback(ResourceReleasePhase phase, bool isCommit, bool isTopLevel, void *arg)
static unsigned digest_block_size(PX_MD *h)
static const struct ossl_cipher ossl_aes_cbc
static int ossl_aes_cbc_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static void digest_free(PX_MD *h)
static int ossl_des3_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
static OSSLDigest * open_digests
static int ossl_des_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
const char * px_resolve_alias(const PX_Alias *list, const char *name)
#define PXE_DECRYPT_FAILED
#define PXE_ENCRYPT_FAILED
ResourceOwner CurrentResourceOwner
void RegisterResourceReleaseCallback(ResourceReleaseCallback callback, void *arg)
@ RESOURCE_RELEASE_AFTER_LOCKS
const struct ossl_cipher * ciph
const EVP_CIPHER * evp_ciph
const struct ossl_cipher * ciph
int(* init)(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
ossl_EVP_cipher_func cipher_func
void(* update)(PX_MD *h, const uint8 *data, unsigned dlen)
unsigned(* result_size)(PX_MD *h)
unsigned(* block_size)(PX_MD *h)
void(* finish)(PX_MD *h, uint8 *dst)