PostgreSQL Source Code  git master
pgp.c
Go to the documentation of this file.
1 /*
2  * pgp.c
3  * Various utility stuff.
4  *
5  * Copyright (c) 2005 Marko Kreen
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  * notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  * notice, this list of conditions and the following disclaimer in the
15  * documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * contrib/pgcrypto/pgp.c
30  */
31 
32 #include "postgres.h"
33 
34 #include "pgp.h"
35 #include "px.h"
36 
37 /*
38  * Defaults.
39  */
41 static int def_s2k_cipher_algo = -1;
43 static int def_s2k_count = -1;
46 static int def_compress_level = 6;
47 static int def_disable_mdc = 0;
48 static int def_use_sess_key = 0;
49 static int def_text_mode = 0;
50 static int def_unicode_mode = 0;
51 static int def_convert_crlf = 0;
52 
54 {
55  const char *name;
56  int code;
57 };
58 
60 {
61  const char *name;
62  int code;
63  const char *int_name;
64  int key_len;
65  int block_len;
66 };
67 
68 static const struct digest_info digest_list[] = {
69  {"md5", PGP_DIGEST_MD5},
70  {"sha1", PGP_DIGEST_SHA1},
71  {"sha-1", PGP_DIGEST_SHA1},
72  {"ripemd160", PGP_DIGEST_RIPEMD160},
73  {"sha256", PGP_DIGEST_SHA256},
74  {"sha384", PGP_DIGEST_SHA384},
75  {"sha512", PGP_DIGEST_SHA512},
76  {NULL, 0}
77 };
78 
79 static const struct cipher_info cipher_list[] = {
80  {"3des", PGP_SYM_DES3, "3des-ecb", 192 / 8, 64 / 8},
81  {"cast5", PGP_SYM_CAST5, "cast5-ecb", 128 / 8, 64 / 8},
82  {"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
83  {"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
84  {"aes", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
85  {"aes128", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
86  {"aes192", PGP_SYM_AES_192, "aes-ecb", 192 / 8, 128 / 8},
87  {"aes256", PGP_SYM_AES_256, "aes-ecb", 256 / 8, 128 / 8},
88  {"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256 / 8, 128 / 8},
89  {NULL, 0, NULL}
90 };
91 
92 static const struct cipher_info *
94 {
95  const struct cipher_info *i;
96 
97  for (i = cipher_list; i->name; i++)
98  if (i->code == code)
99  return i;
100  return NULL;
101 }
102 
103 int
105 {
106  const struct digest_info *i;
107 
108  for (i = digest_list; i->name; i++)
109  if (pg_strcasecmp(i->name, name) == 0)
110  return i->code;
112 }
113 
114 int
116 {
117  const struct cipher_info *i;
118 
119  for (i = cipher_list; i->name; i++)
120  if (pg_strcasecmp(i->name, name) == 0)
121  return i->code;
123 }
124 
125 const char *
127 {
128  const struct digest_info *i;
129 
130  for (i = digest_list; i->name; i++)
131  if (i->code == code)
132  return i->name;
133  return NULL;
134 }
135 
136 int
138 {
139  const struct cipher_info *i = get_cipher_info(code);
140 
141  if (i != NULL)
142  return i->key_len;
143  return 0;
144 }
145 
146 int
148 {
149  const struct cipher_info *i = get_cipher_info(code);
150 
151  if (i != NULL)
152  return i->block_len;
153  return 0;
154 }
155 
156 int
158 {
159  int err;
160  const struct cipher_info *i = get_cipher_info(code);
161 
162  if (i == NULL)
163  return PXE_PGP_CORRUPT_DATA;
164 
165  err = px_find_cipher(i->int_name, res);
166  if (err == 0)
167  return 0;
168 
170 }
171 
172 int
174 {
175  int err;
176  const char *name = pgp_get_digest_name(code);
177 
178  if (name == NULL)
179  return PXE_PGP_CORRUPT_DATA;
180 
182  if (err == 0)
183  return 0;
184 
186 }
187 
188 int
190 {
191  PGP_Context *ctx;
192 
193  ctx = palloc0(sizeof *ctx);
194 
197  ctx->s2k_mode = def_s2k_mode;
198  ctx->s2k_count = def_s2k_count;
206  ctx->text_mode = def_text_mode;
207 
208  *ctx_p = ctx;
209  return 0;
210 }
211 
212 int
214 {
215  if (ctx->pub_key)
216  pgp_key_free(ctx->pub_key);
217  px_memset(ctx, 0, sizeof *ctx);
218  pfree(ctx);
219  return 0;
220 }
221 
222 int
223 pgp_disable_mdc(PGP_Context *ctx, int disable)
224 {
225  ctx->disable_mdc = disable ? 1 : 0;
226  return 0;
227 }
228 
229 int
231 {
232  ctx->use_sess_key = use ? 1 : 0;
233  return 0;
234 }
235 
236 int
238 {
239  ctx->convert_crlf = doit ? 1 : 0;
240  return 0;
241 }
242 
243 int
245 {
246  int err = PXE_OK;
247 
248  switch (mode)
249  {
250  case PGP_S2K_SIMPLE:
251  case PGP_S2K_SALTED:
252  case PGP_S2K_ISALTED:
253  ctx->s2k_mode = mode;
254  break;
255  default:
257  break;
258  }
259  return err;
260 }
261 
262 int
264 {
265  if (ctx->s2k_mode == PGP_S2K_ISALTED && count >= 1024 && count <= 65011712)
266  {
267  ctx->s2k_count = count;
268  return PXE_OK;
269  }
270  return PXE_ARGUMENT_ERROR;
271 }
272 
273 int
275 {
276  switch (algo)
277  {
278  case PGP_COMPR_NONE:
279  case PGP_COMPR_ZIP:
280  case PGP_COMPR_ZLIB:
281  case PGP_COMPR_BZIP2:
282  ctx->compress_algo = algo;
283  return 0;
284  }
285  return PXE_ARGUMENT_ERROR;
286 }
287 
288 int
290 {
291  if (level >= 0 && level <= 9)
292  {
293  ctx->compress_level = level;
294  return 0;
295  }
296  return PXE_ARGUMENT_ERROR;
297 }
298 
299 int
301 {
302  ctx->text_mode = mode;
303  return 0;
304 }
305 
306 int
308 {
310 
311  if (code < 0)
312  return code;
313  ctx->cipher_algo = code;
314  return 0;
315 }
316 
317 int
319 {
321 
322  if (code < 0)
323  return code;
324  ctx->s2k_cipher_algo = code;
325  return 0;
326 }
327 
328 int
330 {
332 
333  if (code < 0)
334  return code;
335  ctx->s2k_digest_algo = code;
336  return 0;
337 }
338 
339 int
341 {
342  return ctx->unicode_mode;
343 }
344 
345 int
347 {
348  ctx->unicode_mode = mode ? 1 : 0;
349  return 0;
350 }
351 
352 int
354 {
355  if (key == NULL || len < 1)
356  return PXE_ARGUMENT_ERROR;
357  ctx->sym_key = key;
358  ctx->sym_key_len = len;
359  return 0;
360 }
unsigned char uint8
Definition: c.h:491
void err(int eval, const char *fmt,...)
Definition: err.c:43
int i
Definition: isn.c:73
void pfree(void *pointer)
Definition: mcxt.c:1508
void * palloc0(Size size)
Definition: mcxt.c:1334
int px_find_digest(const char *name, PX_MD **res)
Definition: openssl.c:162
int px_find_cipher(const char *name, PX_Cipher **res)
Definition: openssl.c:744
static PgChecksumMode mode
Definition: pg_checksums.c:56
const void size_t len
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:48
int pgp_disable_mdc(PGP_Context *ctx, int disable)
Definition: pgp.c:223
int pgp_get_cipher_code(const char *name)
Definition: pgp.c:115
int pgp_init(PGP_Context **ctx_p)
Definition: pgp.c:189
static int def_compress_algo
Definition: pgp.c:45
static int def_s2k_cipher_algo
Definition: pgp.c:41
static int def_convert_crlf
Definition: pgp.c:51
static int def_compress_level
Definition: pgp.c:46
int pgp_set_text_mode(PGP_Context *ctx, int mode)
Definition: pgp.c:300
int pgp_set_s2k_digest_algo(PGP_Context *ctx, const char *name)
Definition: pgp.c:329
int pgp_set_s2k_mode(PGP_Context *ctx, int mode)
Definition: pgp.c:244
static int def_s2k_digest_algo
Definition: pgp.c:44
int pgp_get_digest_code(const char *name)
Definition: pgp.c:104
static int def_unicode_mode
Definition: pgp.c:50
int pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int len)
Definition: pgp.c:353
static int def_s2k_mode
Definition: pgp.c:42
static const struct digest_info digest_list[]
Definition: pgp.c:68
int pgp_get_cipher_block_size(int code)
Definition: pgp.c:147
int pgp_load_cipher(int code, PX_Cipher **res)
Definition: pgp.c:157
static int def_cipher_algo
Definition: pgp.c:40
const char * pgp_get_digest_name(int code)
Definition: pgp.c:126
int pgp_set_s2k_cipher_algo(PGP_Context *ctx, const char *name)
Definition: pgp.c:318
int pgp_set_compress_algo(PGP_Context *ctx, int algo)
Definition: pgp.c:274
int pgp_get_unicode_mode(PGP_Context *ctx)
Definition: pgp.c:340
static const struct cipher_info cipher_list[]
Definition: pgp.c:79
int pgp_set_cipher_algo(PGP_Context *ctx, const char *name)
Definition: pgp.c:307
static int def_disable_mdc
Definition: pgp.c:47
static int def_s2k_count
Definition: pgp.c:43
int pgp_set_convert_crlf(PGP_Context *ctx, int doit)
Definition: pgp.c:237
int pgp_set_unicode_mode(PGP_Context *ctx, int mode)
Definition: pgp.c:346
int pgp_get_cipher_key_size(int code)
Definition: pgp.c:137
int pgp_free(PGP_Context *ctx)
Definition: pgp.c:213
static int def_text_mode
Definition: pgp.c:49
int pgp_set_s2k_count(PGP_Context *ctx, int count)
Definition: pgp.c:263
int pgp_set_sess_key(PGP_Context *ctx, int use)
Definition: pgp.c:230
int pgp_load_digest(int code, PX_MD **res)
Definition: pgp.c:173
int pgp_set_compress_level(PGP_Context *ctx, int level)
Definition: pgp.c:289
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:93
static int def_use_sess_key
Definition: pgp.c:48
@ PGP_COMPR_BZIP2
Definition: pgp.h:95
@ PGP_COMPR_ZLIB
Definition: pgp.h:94
@ PGP_COMPR_NONE
Definition: pgp.h:92
@ PGP_COMPR_ZIP
Definition: pgp.h:93
@ PGP_S2K_ISALTED
Definition: pgp.h:41
@ PGP_S2K_SALTED
Definition: pgp.h:40
@ PGP_S2K_SIMPLE
Definition: pgp.h:39
@ PGP_SYM_TWOFISH
Definition: pgp.h:87
@ PGP_SYM_DES3
Definition: pgp.h:79
@ PGP_SYM_AES_256
Definition: pgp.h:86
@ PGP_SYM_BLOWFISH
Definition: pgp.h:81
@ PGP_SYM_CAST5
Definition: pgp.h:80
@ PGP_SYM_AES_128
Definition: pgp.h:84
@ PGP_SYM_AES_192
Definition: pgp.h:85
@ PGP_DIGEST_SHA1
Definition: pgp.h:101
@ PGP_DIGEST_SHA256
Definition: pgp.h:107
@ PGP_DIGEST_MD5
Definition: pgp.h:100
@ PGP_DIGEST_SHA512
Definition: pgp.h:109
@ PGP_DIGEST_SHA384
Definition: pgp.h:108
@ PGP_DIGEST_RIPEMD160
Definition: pgp.h:102
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:123
#define PXE_OK
Definition: px.h:46
#define PXE_ARGUMENT_ERROR
Definition: px.h:59
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:67
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:70
#define PXE_PGP_UNSUPPORTED_HASH
Definition: px.h:71
PGP_PubKey * pub_key
Definition: pgp.h:164
int compress_level
Definition: pgp.h:146
int cipher_algo
Definition: pgp.h:144
int disable_mdc
Definition: pgp.h:147
int s2k_mode
Definition: pgp.h:140
int text_mode
Definition: pgp.h:149
int s2k_cipher_algo
Definition: pgp.h:143
int convert_crlf
Definition: pgp.h:150
int s2k_count
Definition: pgp.h:141
int sym_key_len
Definition: pgp.h:166
int unicode_mode
Definition: pgp.h:151
int compress_algo
Definition: pgp.h:145
int use_sess_key
Definition: pgp.h:148
int s2k_digest_algo
Definition: pgp.h:142
const uint8 * sym_key
Definition: pgp.h:165
const char * int_name
Definition: pgp.c:63
int key_len
Definition: pgp.c:64
int code
Definition: pgp.c:62
const char * name
Definition: pgp.c:61
int block_len
Definition: pgp.c:65
const char * name
Definition: pgp.c:55
int code
Definition: pgp.c:56
Definition: px.h:141
Definition: px.h:100
const char * name