PostgreSQL Source Code git master
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
Typedefs | Functions | Variables
pgcrypto.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "parser/scansup.h"
#include "pgcrypto.h"
#include "px-crypt.h"
#include "px.h"
#include "utils/builtins.h"
#include "utils/guc.h"
#include "varatt.h"
Include dependency graph for pgcrypto.c:

Go to the source code of this file.

Typedefs

typedef int(* PFN) (const char *name, void **res)
 

Functions

 PG_MODULE_MAGIC_EXT (.name="pgcrypto",.version=PG_VERSION)
 
static void * find_provider (text *name, PFN provider_lookup, const char *desc, int silent)
 
void _PG_init (void)
 
 PG_FUNCTION_INFO_V1 (pg_digest)
 
Datum pg_digest (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_hmac)
 
Datum pg_hmac (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_gen_salt)
 
Datum pg_gen_salt (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_gen_salt_rounds)
 
Datum pg_gen_salt_rounds (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_crypt)
 
Datum pg_crypt (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_encrypt)
 
Datum pg_encrypt (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_decrypt)
 
Datum pg_decrypt (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_encrypt_iv)
 
Datum pg_encrypt_iv (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_decrypt_iv)
 
Datum pg_decrypt_iv (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_random_bytes)
 
Datum pg_random_bytes (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_random_uuid)
 
Datum pg_random_uuid (PG_FUNCTION_ARGS)
 
 PG_FUNCTION_INFO_V1 (pg_check_fipsmode)
 
Datum pg_check_fipsmode (PG_FUNCTION_ARGS)
 

Variables

static const struct config_enum_entry builtin_crypto_options []
 
int builtin_crypto_enabled = BC_ON
 

Typedef Documentation

◆ PFN

typedef int(* PFN) (const char *name, void **res)

Definition at line 58 of file pgcrypto.c.

Function Documentation

◆ _PG_init()

void _PG_init ( void  )

Definition at line 68 of file pgcrypto.c.

69{
70 DefineCustomEnumVariable("pgcrypto.builtin_crypto_enabled",
71 "Sets if builtin crypto functions are enabled.",
72 "\"on\" enables builtin crypto, \"off\" unconditionally disables and \"fips\" "
73 "will disable builtin crypto if OpenSSL is in FIPS mode",
74 &builtin_crypto_enabled,
75 BC_ON,
76 builtin_crypto_options,
77 PGC_SUSET,
78 0,
79 NULL,
80 NULL,
81 NULL);
82 MarkGUCPrefixReserved("pgcrypto");
83}
DefineCustomEnumVariable
void DefineCustomEnumVariable(const char *name, const char *short_desc, const char *long_desc, int *valueAddr, int bootValue, const struct config_enum_entry *options, GucContext context, int flags, GucEnumCheckHook check_hook, GucEnumAssignHook assign_hook, GucShowHook show_hook)
Definition: guc.c:5244
MarkGUCPrefixReserved
void MarkGUCPrefixReserved(const char *className)
Definition: guc.c:5280
PGC_SUSET
@ PGC_SUSET
Definition: guc.h:78
builtin_crypto_options
static const struct config_enum_entry builtin_crypto_options[]
Definition: pgcrypto.c:51
builtin_crypto_enabled
int builtin_crypto_enabled
Definition: pgcrypto.c:62
BC_ON
@ BC_ON
Definition: px.h:94

References BC_ON, builtin_crypto_enabled, builtin_crypto_options, DefineCustomEnumVariable(), MarkGUCPrefixReserved(), and PGC_SUSET.

◆ find_provider()

static void * find_provider ( text name,
PFN  provider_lookup,
const char *  desc,
int  silent 
)
static

Definition at line 496 of file pgcrypto.c.

499{
500 void *res;
501 char *buf;
502 int err;
503
504 buf = downcase_truncate_identifier(VARDATA_ANY(name),
505 VARSIZE_ANY_EXHDR(name),
506 false);
507
508 err = provider_lookup(buf, &res);
509
510 if (err && !silent)
511 ereport(ERROR,
512 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
513 errmsg("Cannot use \"%s\": %s", buf, px_strerror(err))));
514
515 pfree(buf);
516
517 return err ? NULL : res;
518}
errcode
int errcode(int sqlerrcode)
Definition: elog.c:854
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:1071
ERROR
#define ERROR
Definition: elog.h:39
ereport
#define ereport(elevel,...)
Definition: elog.h:149
err
void err(int eval, const char *fmt,...)
Definition: err.c:43
pfree
void pfree(void *pointer)
Definition: mcxt.c:2150
buf
static char * buf
Definition: pg_test_fsync.c:72
px_strerror
const char * px_strerror(int err)
Definition: px.c:111
downcase_truncate_identifier
char * downcase_truncate_identifier(const char *ident, int len, bool warn)
Definition: scansup.c:37
VARDATA_ANY
#define VARDATA_ANY(PTR)
Definition: varatt.h:324
VARSIZE_ANY_EXHDR
#define VARSIZE_ANY_EXHDR(PTR)
Definition: varatt.h:317
name
const char * name
Definition: wait_event_funcs.c:28

References buf, downcase_truncate_identifier(), ereport, err(), errcode(), errmsg(), ERROR, name, pfree(), px_strerror(), VARDATA_ANY, and VARSIZE_ANY_EXHDR.

Referenced by pg_decrypt(), pg_decrypt_iv(), pg_digest(), pg_encrypt(), pg_encrypt_iv(), and pg_hmac().

◆ pg_check_fipsmode()

Datum pg_check_fipsmode ( PG_FUNCTION_ARGS  )

Definition at line 490 of file pgcrypto.c.

491{
492 PG_RETURN_BOOL(CheckFIPSMode());
493}
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
CheckFIPSMode
bool CheckFIPSMode(void)
Definition: openssl.c:844

References CheckFIPSMode(), and PG_RETURN_BOOL.

◆ pg_crypt()

Datum pg_crypt ( PG_FUNCTION_ARGS  )

Definition at line 213 of file pgcrypto.c.

214{
215 text *arg0 = PG_GETARG_TEXT_PP(0);
216 text *arg1 = PG_GETARG_TEXT_PP(1);
217 char *buf0,
218 *buf1,
219 *cres,
220 *resbuf;
221 text *res;
222
223 buf0 = text_to_cstring(arg0);
224 buf1 = text_to_cstring(arg1);
225
226 resbuf = palloc0(PX_MAX_CRYPT);
227
228 cres = px_crypt(buf0, buf1, resbuf, PX_MAX_CRYPT);
229
230 pfree(buf0);
231 pfree(buf1);
232
233 if (cres == NULL)
234 ereport(ERROR,
235 (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
236 errmsg("crypt(3) returned NULL")));
237
238 res = cstring_to_text(cres);
239
240 pfree(resbuf);
241
242 PG_FREE_IF_COPY(arg0, 0);
243 PG_FREE_IF_COPY(arg1, 1);
244
245 PG_RETURN_TEXT_P(res);
246}
PG_FREE_IF_COPY
#define PG_FREE_IF_COPY(ptr, n)
Definition: fmgr.h:260
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
PG_RETURN_TEXT_P
#define PG_RETURN_TEXT_P(x)
Definition: fmgr.h:372
palloc0
void * palloc0(Size size)
Definition: mcxt.c:1973
px_crypt
char * px_crypt(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:102
PX_MAX_CRYPT
#define PX_MAX_CRYPT
Definition: px-crypt.h:36
varlena
Definition: c.h:658
cstring_to_text
text * cstring_to_text(const char *s)
Definition: varlena.c:192
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:225

References cstring_to_text(), ereport, errcode(), errmsg(), ERROR, palloc0(), pfree(), PG_FREE_IF_COPY, PG_GETARG_TEXT_PP, PG_RETURN_TEXT_P, px_crypt(), PX_MAX_CRYPT, and text_to_cstring().

◆ pg_decrypt()

Datum pg_decrypt ( PG_FUNCTION_ARGS  )

Definition at line 301 of file pgcrypto.c.

302{
303 int err;
304 bytea *data,
305 *key,
306 *res;
307 text *type;
308 PX_Combo *c;
309 unsigned dlen,
310 klen,
311 rlen;
312
313 type = PG_GETARG_TEXT_PP(2);
314 c = find_provider(type, (PFN) px_find_combo, "Cipher", 0);
315
316 data = PG_GETARG_BYTEA_PP(0);
317 key = PG_GETARG_BYTEA_PP(1);
318 dlen = VARSIZE_ANY_EXHDR(data);
319 klen = VARSIZE_ANY_EXHDR(key);
320
321 rlen = px_combo_decrypt_len(c, dlen);
322 res = palloc(VARHDRSZ + rlen);
323
324 err = px_combo_init(c, (uint8 *) VARDATA_ANY(key), klen, NULL, 0);
325 if (!err)
326 err = px_combo_decrypt(c, (uint8 *) VARDATA_ANY(data), dlen,
327 (uint8 *) VARDATA(res), &rlen);
328
329 px_combo_free(c);
330
331 if (err)
332 ereport(ERROR,
333 (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
334 errmsg("decrypt error: %s", px_strerror(err))));
335
336 SET_VARSIZE(res, VARHDRSZ + rlen);
337
338 PG_FREE_IF_COPY(data, 0);
339 PG_FREE_IF_COPY(key, 1);
340 PG_FREE_IF_COPY(type, 2);
341
342 PG_RETURN_BYTEA_P(res);
343}
uint8
uint8_t uint8
Definition: c.h:500
VARHDRSZ
#define VARHDRSZ
Definition: c.h:663
PG_GETARG_BYTEA_PP
#define PG_GETARG_BYTEA_PP(n)
Definition: fmgr.h:308
PG_RETURN_BYTEA_P
#define PG_RETURN_BYTEA_P(x)
Definition: fmgr.h:371
palloc
void * palloc(Size size)
Definition: mcxt.c:1943
data
const void * data
Definition: pg_crc32c_sse42.c:27
find_provider
static void * find_provider(text *name, PFN provider_lookup, const char *desc, int silent)
Definition: pgcrypto.c:496
PFN
int(* PFN)(const char *name, void **res)
Definition: pgcrypto.c:58
c
char * c
Definition: preproc-cursor.c:31
px_find_combo
int px_find_combo(const char *name, PX_Combo **res)
Definition: px.c:285
px_combo_init
#define px_combo_init(c, key, klen, iv, ivlen)
Definition: px.h:231
px_combo_decrypt_len
#define px_combo_decrypt_len(c, dlen)
Definition: px.h:230
px_combo_free
#define px_combo_free(c)
Definition: px.h:237
px_combo_decrypt
#define px_combo_decrypt(c, data, dlen, res, rlen)
Definition: px.h:235
px_combo
Definition: px.h:164
VARDATA
#define VARDATA(PTR)
Definition: varatt.h:278
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: varatt.h:305
type
const char * type
Definition: wait_event_funcs.c:27

References data, ereport, err(), errcode(), errmsg(), ERROR, find_provider(), sort-test::key, palloc(), PG_FREE_IF_COPY, PG_GETARG_BYTEA_PP, PG_GETARG_TEXT_PP, PG_RETURN_BYTEA_P, px_combo_decrypt, px_combo_decrypt_len, px_combo_free, px_combo_init, px_find_combo(), px_strerror(), SET_VARSIZE, type, VARDATA, VARDATA_ANY, VARHDRSZ, and VARSIZE_ANY_EXHDR.

◆ pg_decrypt_iv()

Datum pg_decrypt_iv ( PG_FUNCTION_ARGS  )

Definition at line 403 of file pgcrypto.c.

404{
405 int err;
406 bytea *data,
407 *key,
408 *iv,
409 *res;
410 text *type;
411 PX_Combo *c;
412 unsigned dlen,
413 klen,
414 rlen,
415 ivlen;
416
417 type = PG_GETARG_TEXT_PP(3);
418 c = find_provider(type, (PFN) px_find_combo, "Cipher", 0);
419
420 data = PG_GETARG_BYTEA_PP(0);
421 key = PG_GETARG_BYTEA_PP(1);
422 iv = PG_GETARG_BYTEA_PP(2);
423 dlen = VARSIZE_ANY_EXHDR(data);
424 klen = VARSIZE_ANY_EXHDR(key);
425 ivlen = VARSIZE_ANY_EXHDR(iv);
426
427 rlen = px_combo_decrypt_len(c, dlen);
428 res = palloc(VARHDRSZ + rlen);
429
430 err = px_combo_init(c, (uint8 *) VARDATA_ANY(key), klen,
431 (uint8 *) VARDATA_ANY(iv), ivlen);
432 if (!err)
433 err = px_combo_decrypt(c, (uint8 *) VARDATA_ANY(data), dlen,
434 (uint8 *) VARDATA(res), &rlen);
435
436 px_combo_free(c);
437
438 if (err)
439 ereport(ERROR,
440 (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
441 errmsg("decrypt_iv error: %s", px_strerror(err))));
442
443 SET_VARSIZE(res, VARHDRSZ + rlen);
444
445 PG_FREE_IF_COPY(data, 0);
446 PG_FREE_IF_COPY(key, 1);
447 PG_FREE_IF_COPY(iv, 2);
448 PG_FREE_IF_COPY(type, 3);
449
450 PG_RETURN_BYTEA_P(res);
451}

References data, ereport, err(), errcode(), errmsg(), ERROR, find_provider(), sort-test::key, palloc(), PG_FREE_IF_COPY, PG_GETARG_BYTEA_PP, PG_GETARG_TEXT_PP, PG_RETURN_BYTEA_P, px_combo_decrypt, px_combo_decrypt_len, px_combo_free, px_combo_init, px_find_combo(), px_strerror(), SET_VARSIZE, type, VARDATA, VARDATA_ANY, VARHDRSZ, and VARSIZE_ANY_EXHDR.

◆ pg_digest()

Datum pg_digest ( PG_FUNCTION_ARGS  )

Definition at line 89 of file pgcrypto.c.

90{
91 bytea *arg;
92 text *name;
93 unsigned len,
94 hlen;
95 PX_MD *md;
96 bytea *res;
97
98 name = PG_GETARG_TEXT_PP(1);
99
100 /* will give error if fails */
101 md = find_provider(name, (PFN) px_find_digest, "Digest", 0);
102
103 hlen = px_md_result_size(md);
104
105 res = (text *) palloc(hlen + VARHDRSZ);
106 SET_VARSIZE(res, hlen + VARHDRSZ);
107
108 arg = PG_GETARG_BYTEA_PP(0);
109 len = VARSIZE_ANY_EXHDR(arg);
110
111 px_md_update(md, (uint8 *) VARDATA_ANY(arg), len);
112 px_md_finish(md, (uint8 *) VARDATA(res));
113 px_md_free(md);
114
115 PG_FREE_IF_COPY(arg, 0);
116 PG_FREE_IF_COPY(name, 1);
117
118 PG_RETURN_BYTEA_P(res);
119}
px_find_digest
int px_find_digest(const char *name, PX_MD **res)
Definition: openssl.c:161
arg
void * arg
Definition: pg_backup_utils.c:29
len
const void size_t len
Definition: pg_crc32c_sse42.c:28
px_md_finish
#define px_md_finish(md, buf)
Definition: px.h:206
px_md_free
#define px_md_free(md)
Definition: px.h:207
px_md_update
#define px_md_update(md, data, dlen)
Definition: px.h:205
px_md_result_size
#define px_md_result_size(md)
Definition: px.h:202
px_digest
Definition: px.h:108

References arg, find_provider(), len, name, palloc(), PG_FREE_IF_COPY, PG_GETARG_BYTEA_PP, PG_GETARG_TEXT_PP, PG_RETURN_BYTEA_P, px_find_digest(), px_md_finish, px_md_free, px_md_result_size, px_md_update, SET_VARSIZE, VARDATA, VARDATA_ANY, VARHDRSZ, and VARSIZE_ANY_EXHDR.

◆ pg_encrypt()

Datum pg_encrypt ( PG_FUNCTION_ARGS  )

Definition at line 252 of file pgcrypto.c.

253{
254 int err;
255 bytea *data,
256 *key,
257 *res;
258 text *type;
259 PX_Combo *c;
260 unsigned dlen,
261 klen,
262 rlen;
263
264 type = PG_GETARG_TEXT_PP(2);
265 c = find_provider(type, (PFN) px_find_combo, "Cipher", 0);
266
267 data = PG_GETARG_BYTEA_PP(0);
268 key = PG_GETARG_BYTEA_PP(1);
269 dlen = VARSIZE_ANY_EXHDR(data);
270 klen = VARSIZE_ANY_EXHDR(key);
271
272 rlen = px_combo_encrypt_len(c, dlen);
273 res = palloc(VARHDRSZ + rlen);
274
275 err = px_combo_init(c, (uint8 *) VARDATA_ANY(key), klen, NULL, 0);
276 if (!err)
277 err = px_combo_encrypt(c, (uint8 *) VARDATA_ANY(data), dlen,
278 (uint8 *) VARDATA(res), &rlen);
279 px_combo_free(c);
280
281 PG_FREE_IF_COPY(data, 0);
282 PG_FREE_IF_COPY(key, 1);
283 PG_FREE_IF_COPY(type, 2);
284
285 if (err)
286 {
287 pfree(res);
288 ereport(ERROR,
289 (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
290 errmsg("encrypt error: %s", px_strerror(err))));
291 }
292
293 SET_VARSIZE(res, VARHDRSZ + rlen);
294 PG_RETURN_BYTEA_P(res);
295}
px_combo_encrypt_len
#define px_combo_encrypt_len(c, dlen)
Definition: px.h:229
px_combo_encrypt
#define px_combo_encrypt(c, data, dlen, res, rlen)
Definition: px.h:233

References data, ereport, err(), errcode(), errmsg(), ERROR, find_provider(), sort-test::key, palloc(), pfree(), PG_FREE_IF_COPY, PG_GETARG_BYTEA_PP, PG_GETARG_TEXT_PP, PG_RETURN_BYTEA_P, px_combo_encrypt, px_combo_encrypt_len, px_combo_free, px_combo_init, px_find_combo(), px_strerror(), SET_VARSIZE, type, VARDATA, VARDATA_ANY, VARHDRSZ, and VARSIZE_ANY_EXHDR.

◆ pg_encrypt_iv()

Datum pg_encrypt_iv ( PG_FUNCTION_ARGS  )

Definition at line 349 of file pgcrypto.c.

350{
351 int err;
352 bytea *data,
353 *key,
354 *iv,
355 *res;
356 text *type;
357 PX_Combo *c;
358 unsigned dlen,
359 klen,
360 ivlen,
361 rlen;
362
363 type = PG_GETARG_TEXT_PP(3);
364 c = find_provider(type, (PFN) px_find_combo, "Cipher", 0);
365
366 data = PG_GETARG_BYTEA_PP(0);
367 key = PG_GETARG_BYTEA_PP(1);
368 iv = PG_GETARG_BYTEA_PP(2);
369 dlen = VARSIZE_ANY_EXHDR(data);
370 klen = VARSIZE_ANY_EXHDR(key);
371 ivlen = VARSIZE_ANY_EXHDR(iv);
372
373 rlen = px_combo_encrypt_len(c, dlen);
374 res = palloc(VARHDRSZ + rlen);
375
376 err = px_combo_init(c, (uint8 *) VARDATA_ANY(key), klen,
377 (uint8 *) VARDATA_ANY(iv), ivlen);
378 if (!err)
379 err = px_combo_encrypt(c, (uint8 *) VARDATA_ANY(data), dlen,
380 (uint8 *) VARDATA(res), &rlen);
381
382 px_combo_free(c);
383
384 if (err)
385 ereport(ERROR,
386 (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
387 errmsg("encrypt_iv error: %s", px_strerror(err))));
388
389 SET_VARSIZE(res, VARHDRSZ + rlen);
390
391 PG_FREE_IF_COPY(data, 0);
392 PG_FREE_IF_COPY(key, 1);
393 PG_FREE_IF_COPY(iv, 2);
394 PG_FREE_IF_COPY(type, 3);
395
396 PG_RETURN_BYTEA_P(res);
397}

References data, ereport, err(), errcode(), errmsg(), ERROR, find_provider(), sort-test::key, palloc(), PG_FREE_IF_COPY, PG_GETARG_BYTEA_PP, PG_GETARG_TEXT_PP, PG_RETURN_BYTEA_P, px_combo_encrypt, px_combo_encrypt_len, px_combo_free, px_combo_init, px_find_combo(), px_strerror(), SET_VARSIZE, type, VARDATA, VARDATA_ANY, VARHDRSZ, and VARSIZE_ANY_EXHDR.

◆ PG_FUNCTION_INFO_V1() [1/12]

PG_FUNCTION_INFO_V1 ( pg_check_fipsmode  )

◆ PG_FUNCTION_INFO_V1() [2/12]

PG_FUNCTION_INFO_V1 ( pg_crypt  )

◆ PG_FUNCTION_INFO_V1() [3/12]

PG_FUNCTION_INFO_V1 ( pg_decrypt  )

◆ PG_FUNCTION_INFO_V1() [4/12]

PG_FUNCTION_INFO_V1 ( pg_decrypt_iv  )

◆ PG_FUNCTION_INFO_V1() [5/12]

PG_FUNCTION_INFO_V1 ( pg_digest  )

◆ PG_FUNCTION_INFO_V1() [6/12]

PG_FUNCTION_INFO_V1 ( pg_encrypt  )

◆ PG_FUNCTION_INFO_V1() [7/12]

PG_FUNCTION_INFO_V1 ( pg_encrypt_iv  )

◆ PG_FUNCTION_INFO_V1() [8/12]

PG_FUNCTION_INFO_V1 ( pg_gen_salt  )

◆ PG_FUNCTION_INFO_V1() [9/12]

PG_FUNCTION_INFO_V1 ( pg_gen_salt_rounds  )

◆ PG_FUNCTION_INFO_V1() [10/12]

PG_FUNCTION_INFO_V1 ( pg_hmac  )

◆ PG_FUNCTION_INFO_V1() [11/12]

PG_FUNCTION_INFO_V1 ( pg_random_bytes  )

◆ PG_FUNCTION_INFO_V1() [12/12]

PG_FUNCTION_INFO_V1 ( pg_random_uuid  )

◆ pg_gen_salt()

Datum pg_gen_salt ( PG_FUNCTION_ARGS  )

Definition at line 168 of file pgcrypto.c.

169{
170 text *arg0 = PG_GETARG_TEXT_PP(0);
171 int len;
172 char buf[PX_MAX_SALT_LEN + 1];
173
174 text_to_cstring_buffer(arg0, buf, sizeof(buf));
175 len = px_gen_salt(buf, buf, 0);
176 if (len < 0)
177 ereport(ERROR,
178 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
179 errmsg("gen_salt: %s", px_strerror(len))));
180
181 PG_FREE_IF_COPY(arg0, 0);
182
183 PG_RETURN_TEXT_P(cstring_to_text_with_len(buf, len));
184}
px_gen_salt
int px_gen_salt(const char *salt_type, char *buf, int rounds)
Definition: px-crypt.c:156
PX_MAX_SALT_LEN
#define PX_MAX_SALT_LEN
Definition: px-crypt.h:39
cstring_to_text_with_len
text * cstring_to_text_with_len(const char *s, int len)
Definition: varlena.c:204
text_to_cstring_buffer
void text_to_cstring_buffer(const text *src, char *dst, size_t dst_len)
Definition: varlena.c:256

References buf, cstring_to_text_with_len(), ereport, errcode(), errmsg(), ERROR, len, PG_FREE_IF_COPY, PG_GETARG_TEXT_PP, PG_RETURN_TEXT_P, px_gen_salt(), PX_MAX_SALT_LEN, px_strerror(), and text_to_cstring_buffer().

◆ pg_gen_salt_rounds()

Datum pg_gen_salt_rounds ( PG_FUNCTION_ARGS  )

Definition at line 190 of file pgcrypto.c.

191{
192 text *arg0 = PG_GETARG_TEXT_PP(0);
193 int rounds = PG_GETARG_INT32(1);
194 int len;
195 char buf[PX_MAX_SALT_LEN + 1];
196
197 text_to_cstring_buffer(arg0, buf, sizeof(buf));
198 len = px_gen_salt(buf, buf, rounds);
199 if (len < 0)
200 ereport(ERROR,
201 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
202 errmsg("gen_salt: %s", px_strerror(len))));
203
204 PG_FREE_IF_COPY(arg0, 0);
205
206 PG_RETURN_TEXT_P(cstring_to_text_with_len(buf, len));
207}
PG_GETARG_INT32
#define PG_GETARG_INT32(n)
Definition: fmgr.h:269

References buf, cstring_to_text_with_len(), ereport, errcode(), errmsg(), ERROR, len, PG_FREE_IF_COPY, PG_GETARG_INT32, PG_GETARG_TEXT_PP, PG_RETURN_TEXT_P, px_gen_salt(), PX_MAX_SALT_LEN, px_strerror(), and text_to_cstring_buffer().

◆ pg_hmac()

Datum pg_hmac ( PG_FUNCTION_ARGS  )

Definition at line 125 of file pgcrypto.c.

126{
127 bytea *arg;
128 bytea *key;
129 text *name;
130 unsigned len,
131 hlen,
132 klen;
133 PX_HMAC *h;
134 bytea *res;
135
136 name = PG_GETARG_TEXT_PP(2);
137
138 /* will give error if fails */
139 h = find_provider(name, (PFN) px_find_hmac, "HMAC", 0);
140
141 hlen = px_hmac_result_size(h);
142
143 res = (text *) palloc(hlen + VARHDRSZ);
144 SET_VARSIZE(res, hlen + VARHDRSZ);
145
146 arg = PG_GETARG_BYTEA_PP(0);
147 key = PG_GETARG_BYTEA_PP(1);
148 len = VARSIZE_ANY_EXHDR(arg);
149 klen = VARSIZE_ANY_EXHDR(key);
150
151 px_hmac_init(h, (uint8 *) VARDATA_ANY(key), klen);
152 px_hmac_update(h, (uint8 *) VARDATA_ANY(arg), len);
153 px_hmac_finish(h, (uint8 *) VARDATA(res));
154 px_hmac_free(h);
155
156 PG_FREE_IF_COPY(arg, 0);
157 PG_FREE_IF_COPY(key, 1);
158 PG_FREE_IF_COPY(name, 2);
159
160 PG_RETURN_BYTEA_P(res);
161}
px_find_hmac
int px_find_hmac(const char *name, PX_HMAC **res)
Definition: px-hmac.c:142
px_hmac_result_size
#define px_hmac_result_size(hmac)
Definition: px.h:209
px_hmac_finish
#define px_hmac_finish(hmac, buf)
Definition: px.h:214
px_hmac_update
#define px_hmac_update(hmac, data, dlen)
Definition: px.h:213
px_hmac_init
#define px_hmac_init(hmac, key, klen)
Definition: px.h:212
px_hmac_free
#define px_hmac_free(hmac)
Definition: px.h:215
px_hmac
Definition: px.h:130

References arg, find_provider(), sort-test::key, len, name, palloc(), PG_FREE_IF_COPY, PG_GETARG_BYTEA_PP, PG_GETARG_TEXT_PP, PG_RETURN_BYTEA_P, px_find_hmac(), px_hmac_finish, px_hmac_free, px_hmac_init, px_hmac_result_size, px_hmac_update, SET_VARSIZE, VARDATA, VARDATA_ANY, VARHDRSZ, and VARSIZE_ANY_EXHDR.

◆ PG_MODULE_MAGIC_EXT()

PG_MODULE_MAGIC_EXT ( name = "pgcrypto",
version = PG_VERSION 
)

◆ pg_random_bytes()

Datum pg_random_bytes ( PG_FUNCTION_ARGS  )

Definition at line 457 of file pgcrypto.c.

458{
459 int len = PG_GETARG_INT32(0);
460 bytea *res;
461
462 if (len < 1 || len > 1024)
463 ereport(ERROR,
464 (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
465 errmsg("Length not in range")));
466
467 res = palloc(VARHDRSZ + len);
468 SET_VARSIZE(res, VARHDRSZ + len);
469
470 /* generate result */
471 if (!pg_strong_random(VARDATA(res), len))
472 px_THROW_ERROR(PXE_NO_RANDOM);
473
474 PG_RETURN_BYTEA_P(res);
475}
pg_strong_random
bool pg_strong_random(void *buf, size_t len)
Definition: pg_strong_random.c:150
px_THROW_ERROR
void px_THROW_ERROR(int err)
Definition: px.c:93
PXE_NO_RANDOM
#define PXE_NO_RANDOM
Definition: px.h:63

References ereport, errcode(), errmsg(), ERROR, len, palloc(), PG_GETARG_INT32, PG_RETURN_BYTEA_P, pg_strong_random(), px_THROW_ERROR(), PXE_NO_RANDOM, SET_VARSIZE, VARDATA, and VARHDRSZ.

◆ pg_random_uuid()

Datum pg_random_uuid ( PG_FUNCTION_ARGS  )

Definition at line 481 of file pgcrypto.c.

482{
483 /* redirect to built-in function */
484 return gen_random_uuid(fcinfo);
485}
gen_random_uuid
Datum gen_random_uuid(PG_FUNCTION_ARGS)
Definition: uuid.c:528

References gen_random_uuid().

Variable Documentation

◆ builtin_crypto_enabled

int builtin_crypto_enabled = BC_ON

Definition at line 62 of file pgcrypto.c.

Referenced by _PG_init(), and CheckBuiltinCryptoMode().

◆ builtin_crypto_options

const struct config_enum_entry builtin_crypto_options[]
static
Initial value:
= {
{"on", BC_ON, false},
{"off", BC_OFF, false},
{"fips", BC_FIPS, false},
{NULL, 0, false}
}
BC_OFF
@ BC_OFF
Definition: px.h:95
BC_FIPS
@ BC_FIPS
Definition: px.h:96

Definition at line 51 of file pgcrypto.c.

Referenced by _PG_init().