PostgreSQL Source Code git master
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
px-crypt.c
Go to the documentation of this file.
1/*
2 * px-crypt.c
3 * Wrapper for various crypt algorithms.
4 *
5 * Copyright (c) 2001 Marko Kreen
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * contrib/pgcrypto/px-crypt.c
30 */
31
32#include "postgres.h"
33
34#include "px-crypt.h"
35#include "px.h"
36
37static char *
38run_crypt_des(const char *psw, const char *salt,
39 char *buf, unsigned len)
40{
41 char *res;
42
43 res = px_crypt_des(psw, salt);
44 if (res == NULL || strlen(res) > len - 1)
45 return NULL;
46 strcpy(buf, res);
47 return buf;
48}
49
50static char *
51run_crypt_md5(const char *psw, const char *salt,
52 char *buf, unsigned len)
53{
54 char *res;
55
56 res = px_crypt_md5(psw, salt, buf, len);
57 return res;
58}
59
60static char *
61run_crypt_bf(const char *psw, const char *salt,
62 char *buf, unsigned len)
63{
64 char *res;
65
66 res = _crypt_blowfish_rn(psw, salt, buf, len);
67 return res;
68}
69
70static char *
71run_crypt_sha(const char *psw, const char *salt,
72 char *buf, unsigned len)
73{
74 char *res;
75
76 res = px_crypt_shacrypt(psw, salt, buf, len);
77 return res;
78}
79
81{
82 char *id;
83 unsigned id_len;
84 char *(*crypt) (const char *psw, const char *salt,
85 char *buf, unsigned len);
86};
87
88static const struct px_crypt_algo
90 {"$2a$", 4, run_crypt_bf},
91 {"$2x$", 4, run_crypt_bf},
92 {"$2$", 3, NULL}, /* N/A */
93 {"$1$", 3, run_crypt_md5},
94 {"$5$", 3, run_crypt_sha},
95 {"$6$", 3, run_crypt_sha},
96 {"_", 1, run_crypt_des},
97 {"", 0, run_crypt_des},
98 {NULL, 0, NULL}
99};
100
101char *
102px_crypt(const char *psw, const char *salt, char *buf, unsigned len)
103{
104 const struct px_crypt_algo *c;
105
107
108 for (c = px_crypt_list; c->id; c++)
109 {
110 if (!c->id_len)
111 break;
112 if (strncmp(salt, c->id, c->id_len) == 0)
113 break;
114 }
115
116 if (c->crypt == NULL)
117 return NULL;
118
119 return c->crypt(psw, salt, buf, len);
120}
121
122/*
123 * salt generators
124 */
125
127{
128 char *name;
129 char *(*gen) (unsigned long count, const char *input, int size,
130 char *output, int output_size);
135};
136
137static struct generator gen_list[] = {
138 {"des", _crypt_gensalt_traditional_rn, 2, 0, 0, 0},
139 {"md5", _crypt_gensalt_md5_rn, 6, 0, 0, 0},
140 {"xdes", _crypt_gensalt_extended_rn, 3, PX_XDES_ROUNDS, 1, 0xFFFFFF},
141 {"bf", _crypt_gensalt_blowfish_rn, 16, PX_BF_ROUNDS, 4, 31},
142 {
143 "sha256crypt", _crypt_gensalt_sha256_rn,
146 },
147 {
148 "sha512crypt", _crypt_gensalt_sha512_rn,
151 },
152 {NULL, NULL, 0, 0, 0, 0}
153};
154
155int
156px_gen_salt(const char *salt_type, char *buf, int rounds)
157{
158 struct generator *g;
159 char *p;
160 char rbuf[16];
161
163
164 for (g = gen_list; g->name; g++)
165 if (pg_strcasecmp(g->name, salt_type) == 0)
166 break;
167
168 if (g->name == NULL)
170
171 if (g->def_rounds)
172 {
173 if (rounds == 0)
174 rounds = g->def_rounds;
175
176 if (rounds < g->min_rounds || rounds > g->max_rounds)
177 return PXE_BAD_SALT_ROUNDS;
178 }
179
180 if (!pg_strong_random(rbuf, g->input_len))
181 return PXE_NO_RANDOM;
182
183 p = g->gen(rounds, rbuf, g->input_len, buf, PX_MAX_SALT_LEN);
184 px_memset(rbuf, 0, sizeof(rbuf));
185
186 if (p == NULL)
187 return PXE_BAD_SALT_ROUNDS;
188
189 return strlen(p);
190}
char * _crypt_blowfish_rn(const char *key, const char *setting, char *output, int size)
char * px_crypt_des(const char *key, const char *setting)
Definition: crypt-des.c:651
char * _crypt_gensalt_sha512_rn(unsigned long count, char const *input, int size, char *output, int output_size)
char * _crypt_gensalt_traditional_rn(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: crypt-gensalt.c:25
char * _crypt_gensalt_sha256_rn(unsigned long count, const char *input, int size, char *output, int output_size)
char * _crypt_gensalt_md5_rn(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: crypt-gensalt.c:79
char * _crypt_gensalt_blowfish_rn(unsigned long count, const char *input, int size, char *output, int output_size)
char * _crypt_gensalt_extended_rn(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: crypt-gensalt.c:43
char * px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
Definition: crypt-md5.c:34
char * px_crypt_shacrypt(const char *pw, const char *salt, char *passwd, unsigned dstlen)
Definition: crypt-sha.c:69
FILE * input
FILE * output
void CheckBuiltinCryptoMode(void)
Definition: openssl.c:874
const void size_t len
static char * buf
Definition: pg_test_fsync.c:72
bool pg_strong_random(void *buf, size_t len)
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
char * c
static char * run_crypt_des(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:38
int px_gen_salt(const char *salt_type, char *buf, int rounds)
Definition: px-crypt.c:156
static const struct px_crypt_algo px_crypt_list[]
Definition: px-crypt.c:89
static char * run_crypt_bf(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:61
static struct generator gen_list[]
Definition: px-crypt.c:137
char * px_crypt(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:102
static char * run_crypt_md5(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:51
static char * run_crypt_sha(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:71
#define PX_SHACRYPT_ROUNDS_MAX
Definition: px-crypt.h:70
#define PX_MAX_SALT_LEN
Definition: px-crypt.h:39
#define PX_BF_ROUNDS
Definition: px-crypt.h:46
#define PX_XDES_ROUNDS
Definition: px-crypt.h:43
#define PX_SHACRYPT_ROUNDS_MIN
Definition: px-crypt.h:67
#define PX_SHACRYPT_SALT_MAX_LEN
Definition: px-crypt.h:49
#define PX_SHACRYPT_ROUNDS_DEFAULT
Definition: px-crypt.h:64
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:123
#define PXE_BAD_SALT_ROUNDS
Definition: px.h:61
#define PXE_NO_RANDOM
Definition: px.h:63
#define PXE_UNKNOWN_SALT_ALGO
Definition: px.h:60
int input_len
Definition: px-crypt.c:131
int max_rounds
Definition: px-crypt.c:134
char *(* gen)(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: px-crypt.c:129
int def_rounds
Definition: px-crypt.c:132
char * name
Definition: px-crypt.c:128
int min_rounds
Definition: px-crypt.c:133
unsigned id_len
Definition: px-crypt.c:83
char * id
Definition: px-crypt.c:82