PostgreSQL Source Code  git master
pgp.c
Go to the documentation of this file.
1 /*
2  * pgp.c
3  * Various utility stuff.
4  *
5  * Copyright (c) 2005 Marko Kreen
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  * notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  * notice, this list of conditions and the following disclaimer in the
15  * documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * contrib/pgcrypto/pgp.c
30  */
31 
32 #include "postgres.h"
33 
34 #include "pgp.h"
35 #include "px.h"
36 
37 /*
38  * Defaults.
39  */
41 static int def_s2k_cipher_algo = -1;
43 static int def_s2k_count = -1;
46 static int def_compress_level = 6;
47 static int def_disable_mdc = 0;
48 static int def_use_sess_key = 0;
49 static int def_text_mode = 0;
50 static int def_unicode_mode = 0;
51 static int def_convert_crlf = 0;
52 
54 {
55  const char *name;
56  int code;
57 };
58 
60 {
61  const char *name;
62  int code;
63  const char *int_name;
64  int key_len;
65  int block_len;
66 };
67 
68 static const struct digest_info digest_list[] = {
69  {"md5", PGP_DIGEST_MD5},
70  {"sha1", PGP_DIGEST_SHA1},
71  {"sha-1", PGP_DIGEST_SHA1},
72  {"ripemd160", PGP_DIGEST_RIPEMD160},
73  {"sha256", PGP_DIGEST_SHA256},
74  {"sha384", PGP_DIGEST_SHA384},
75  {"sha512", PGP_DIGEST_SHA512},
76  {NULL, 0}
77 };
78 
79 static const struct cipher_info cipher_list[] = {
80  {"3des", PGP_SYM_DES3, "3des-ecb", 192 / 8, 64 / 8},
81  {"cast5", PGP_SYM_CAST5, "cast5-ecb", 128 / 8, 64 / 8},
82  {"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
83  {"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
84  {"aes", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
85  {"aes128", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
86  {"aes192", PGP_SYM_AES_192, "aes-ecb", 192 / 8, 128 / 8},
87  {"aes256", PGP_SYM_AES_256, "aes-ecb", 256 / 8, 128 / 8},
88  {"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256 / 8, 128 / 8},
89  {NULL, 0, NULL}
90 };
91 
92 static const struct cipher_info *
94 {
95  const struct cipher_info *i;
96 
97  for (i = cipher_list; i->name; i++)
98  if (i->code == code)
99  return i;
100  return NULL;
101 }
102 
103 int
105 {
106  const struct digest_info *i;
107 
108  for (i = digest_list; i->name; i++)
109  if (pg_strcasecmp(i->name, name) == 0)
110  return i->code;
112 }
113 
114 int
116 {
117  const struct cipher_info *i;
118 
119  for (i = cipher_list; i->name; i++)
120  if (pg_strcasecmp(i->name, name) == 0)
121  return i->code;
123 }
124 
125 const char *
127 {
128  const struct digest_info *i;
129 
130  for (i = digest_list; i->name; i++)
131  if (i->code == code)
132  return i->name;
133  return NULL;
134 }
135 
136 const char *
138 {
139  const struct cipher_info *i = get_cipher_info(code);
140 
141  if (i != NULL)
142  return i->name;
143  return NULL;
144 }
145 
146 int
148 {
149  const struct cipher_info *i = get_cipher_info(code);
150 
151  if (i != NULL)
152  return i->key_len;
153  return 0;
154 }
155 
156 int
158 {
159  const struct cipher_info *i = get_cipher_info(code);
160 
161  if (i != NULL)
162  return i->block_len;
163  return 0;
164 }
165 
166 int
168 {
169  int err;
170  const struct cipher_info *i = get_cipher_info(code);
171 
172  if (i == NULL)
173  return PXE_PGP_CORRUPT_DATA;
174 
175  err = px_find_cipher(i->int_name, res);
176  if (err == 0)
177  return 0;
178 
180 }
181 
182 int
184 {
185  int err;
186  const char *name = pgp_get_digest_name(code);
187 
188  if (name == NULL)
189  return PXE_PGP_CORRUPT_DATA;
190 
191  err = px_find_digest(name, res);
192  if (err == 0)
193  return 0;
194 
196 }
197 
198 int
200 {
201  PGP_Context *ctx;
202 
203  ctx = palloc0(sizeof *ctx);
204 
207  ctx->s2k_mode = def_s2k_mode;
208  ctx->s2k_count = def_s2k_count;
216  ctx->text_mode = def_text_mode;
217 
218  *ctx_p = ctx;
219  return 0;
220 }
221 
222 int
224 {
225  if (ctx->pub_key)
226  pgp_key_free(ctx->pub_key);
227  px_memset(ctx, 0, sizeof *ctx);
228  pfree(ctx);
229  return 0;
230 }
231 
232 int
233 pgp_disable_mdc(PGP_Context *ctx, int disable)
234 {
235  ctx->disable_mdc = disable ? 1 : 0;
236  return 0;
237 }
238 
239 int
241 {
242  ctx->use_sess_key = use ? 1 : 0;
243  return 0;
244 }
245 
246 int
248 {
249  ctx->convert_crlf = doit ? 1 : 0;
250  return 0;
251 }
252 
253 int
255 {
256  int err = PXE_OK;
257 
258  switch (mode)
259  {
260  case PGP_S2K_SIMPLE:
261  case PGP_S2K_SALTED:
262  case PGP_S2K_ISALTED:
263  ctx->s2k_mode = mode;
264  break;
265  default:
266  err = PXE_ARGUMENT_ERROR;
267  break;
268  }
269  return err;
270 }
271 
272 int
274 {
275  if (ctx->s2k_mode == PGP_S2K_ISALTED && count >= 1024 && count <= 65011712)
276  {
277  ctx->s2k_count = count;
278  return PXE_OK;
279  }
280  return PXE_ARGUMENT_ERROR;
281 }
282 
283 int
285 {
286  switch (algo)
287  {
288  case PGP_COMPR_NONE:
289  case PGP_COMPR_ZIP:
290  case PGP_COMPR_ZLIB:
291  case PGP_COMPR_BZIP2:
292  ctx->compress_algo = algo;
293  return 0;
294  }
295  return PXE_ARGUMENT_ERROR;
296 }
297 
298 int
300 {
301  if (level >= 0 && level <= 9)
302  {
303  ctx->compress_level = level;
304  return 0;
305  }
306  return PXE_ARGUMENT_ERROR;
307 }
308 
309 int
311 {
312  ctx->text_mode = mode;
313  return 0;
314 }
315 
316 int
318 {
319  int code = pgp_get_cipher_code(name);
320 
321  if (code < 0)
322  return code;
323  ctx->cipher_algo = code;
324  return 0;
325 }
326 
327 int
329 {
330  int code = pgp_get_cipher_code(name);
331 
332  if (code < 0)
333  return code;
334  ctx->s2k_cipher_algo = code;
335  return 0;
336 }
337 
338 int
340 {
341  int code = pgp_get_digest_code(name);
342 
343  if (code < 0)
344  return code;
345  ctx->s2k_digest_algo = code;
346  return 0;
347 }
348 
349 int
351 {
352  return ctx->unicode_mode;
353 }
354 
355 int
357 {
358  ctx->unicode_mode = mode ? 1 : 0;
359  return 0;
360 }
361 
362 int
363 pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int len)
364 {
365  if (key == NULL || len < 1)
366  return PXE_ARGUMENT_ERROR;
367  ctx->sym_key = key;
368  ctx->sym_key_len = len;
369  return 0;
370 }
#define PXE_OK
Definition: px.h:46
static PgChecksumMode mode
Definition: pg_checksums.c:61
#define PXE_PGP_UNSUPPORTED_HASH
Definition: px.h:70
static int def_convert_crlf
Definition: pgp.c:51
#define PXE_ARGUMENT_ERROR
Definition: px.h:58
int pgp_get_cipher_code(const char *name)
Definition: pgp.c:115
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:66
int sym_key_len
Definition: pgp.h:166
int pgp_get_unicode_mode(PGP_Context *ctx)
Definition: pgp.c:350
int pgp_set_s2k_cipher_algo(PGP_Context *ctx, const char *name)
Definition: pgp.c:328
int cipher_algo
Definition: pgp.h:144
static int def_use_sess_key
Definition: pgp.c:48
int pgp_set_s2k_digest_algo(PGP_Context *ctx, const char *name)
Definition: pgp.c:339
int pgp_set_s2k_mode(PGP_Context *ctx, int mode)
Definition: pgp.c:254
static int def_s2k_mode
Definition: pgp.c:42
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:69
int key_len
Definition: pgp.c:64
int unicode_mode
Definition: pgp.h:151
const uint8 * sym_key
Definition: pgp.h:165
unsigned char uint8
Definition: c.h:427
const char * name
Definition: pgp.c:55
static int def_s2k_count
Definition: pgp.c:43
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
int compress_level
Definition: pgp.h:146
int pgp_get_digest_code(const char *name)
Definition: pgp.c:104
static int def_compress_algo
Definition: pgp.c:45
static int def_compress_level
Definition: pgp.c:46
int disable_mdc
Definition: pgp.h:147
int use_sess_key
Definition: pgp.h:148
int pgp_set_sess_key(PGP_Context *ctx, int use)
Definition: pgp.c:240
static int def_text_mode
Definition: pgp.c:49
const char * name
Definition: pgp.c:61
void pfree(void *pointer)
Definition: mcxt.c:1057
Definition: px.h:98
int pgp_set_compress_level(PGP_Context *ctx, int level)
Definition: pgp.c:299
static int def_s2k_cipher_algo
Definition: pgp.c:41
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:48
int pgp_load_cipher(int code, PX_Cipher **res)
Definition: pgp.c:167
static int def_unicode_mode
Definition: pgp.c:50
int pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int len)
Definition: pgp.c:363
int compress_algo
Definition: pgp.h:145
const char * pgp_get_digest_name(int code)
Definition: pgp.c:126
int pgp_get_cipher_key_size(int code)
Definition: pgp.c:147
int pgp_set_convert_crlf(PGP_Context *ctx, int doit)
Definition: pgp.c:247
int pgp_init(PGP_Context **ctx_p)
Definition: pgp.c:199
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:93
static int def_cipher_algo
Definition: pgp.c:40
void * palloc0(Size size)
Definition: mcxt.c:981
int code
Definition: pgp.c:56
int pgp_set_unicode_mode(PGP_Context *ctx, int mode)
Definition: pgp.c:356
int pgp_load_digest(int code, PX_MD **res)
Definition: pgp.c:183
int pgp_set_cipher_algo(PGP_Context *ctx, const char *name)
Definition: pgp.c:317
int pgp_disable_mdc(PGP_Context *ctx, int disable)
Definition: pgp.c:233
const char * pgp_get_cipher_name(int code)
Definition: pgp.c:137
int pgp_get_cipher_block_size(int code)
Definition: pgp.c:157
int s2k_cipher_algo
Definition: pgp.h:143
int block_len
Definition: pgp.c:65
Definition: px.h:139
int convert_crlf
Definition: pgp.h:150
const char * int_name
Definition: pgp.c:63
int pgp_set_s2k_count(PGP_Context *ctx, int count)
Definition: pgp.c:273
int s2k_mode
Definition: pgp.h:140
int s2k_digest_algo
Definition: pgp.h:142
static int def_disable_mdc
Definition: pgp.c:47
int i
int pgp_set_text_mode(PGP_Context *ctx, int mode)
Definition: pgp.c:310
static int def_s2k_digest_algo
Definition: pgp.c:44
PGP_PubKey * pub_key
Definition: pgp.h:164
static const struct digest_info digest_list[]
Definition: pgp.c:68
int pgp_free(PGP_Context *ctx)
Definition: pgp.c:223
int text_mode
Definition: pgp.h:149
static const struct cipher_info cipher_list[]
Definition: pgp.c:79
int px_find_digest(const char *name, PX_MD **res)
Definition: internal.c:553
int s2k_count
Definition: pgp.h:141
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:127
int pgp_set_compress_algo(PGP_Context *ctx, int algo)
Definition: pgp.c:284
int px_find_cipher(const char *name, PX_Cipher **res)
Definition: internal.c:572
int code
Definition: pgp.c:62