PostgreSQL Source Code git master
px-crypt.c
Go to the documentation of this file.
1/*
2 * px-crypt.c
3 * Wrapper for various crypt algorithms.
4 *
5 * Copyright (c) 2001 Marko Kreen
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * contrib/pgcrypto/px-crypt.c
30 */
31
32#include "postgres.h"
33
34#include "px-crypt.h"
35#include "px.h"
36
37static char *
38run_crypt_des(const char *psw, const char *salt,
39 char *buf, unsigned len)
40{
41 char *res;
42
43 res = px_crypt_des(psw, salt);
44 if (res == NULL || strlen(res) > len - 1)
45 return NULL;
46 strcpy(buf, res);
47 return buf;
48}
49
50static char *
51run_crypt_md5(const char *psw, const char *salt,
52 char *buf, unsigned len)
53{
54 char *res;
55
56 res = px_crypt_md5(psw, salt, buf, len);
57 return res;
58}
59
60static char *
61run_crypt_bf(const char *psw, const char *salt,
62 char *buf, unsigned len)
63{
64 char *res;
65
66 res = _crypt_blowfish_rn(psw, salt, buf, len);
67 return res;
68}
69
70struct px_crypt_algo
71{
72 char *id;
73 unsigned id_len;
74 char *(*crypt) (const char *psw, const char *salt,
75 char *buf, unsigned len);
76};
77
78static const struct px_crypt_algo
79 px_crypt_list[] = {
80 {"$2a$", 4, run_crypt_bf},
81 {"$2x$", 4, run_crypt_bf},
82 {"$2$", 3, NULL}, /* N/A */
83 {"$1$", 3, run_crypt_md5},
84 {"_", 1, run_crypt_des},
85 {"", 0, run_crypt_des},
86 {NULL, 0, NULL}
87};
88
89char *
90px_crypt(const char *psw, const char *salt, char *buf, unsigned len)
91{
92 const struct px_crypt_algo *c;
93
94 CheckBuiltinCryptoMode();
95
96 for (c = px_crypt_list; c->id; c++)
97 {
98 if (!c->id_len)
99 break;
100 if (strncmp(salt, c->id, c->id_len) == 0)
101 break;
102 }
103
104 if (c->crypt == NULL)
105 return NULL;
106
107 return c->crypt(psw, salt, buf, len);
108}
109
110/*
111 * salt generators
112 */
113
114struct generator
115{
116 char *name;
117 char *(*gen) (unsigned long count, const char *input, int size,
118 char *output, int output_size);
119 int input_len;
120 int def_rounds;
121 int min_rounds;
122 int max_rounds;
123};
124
125static struct generator gen_list[] = {
126 {"des", _crypt_gensalt_traditional_rn, 2, 0, 0, 0},
127 {"md5", _crypt_gensalt_md5_rn, 6, 0, 0, 0},
128 {"xdes", _crypt_gensalt_extended_rn, 3, PX_XDES_ROUNDS, 1, 0xFFFFFF},
129 {"bf", _crypt_gensalt_blowfish_rn, 16, PX_BF_ROUNDS, 4, 31},
130 {NULL, NULL, 0, 0, 0, 0}
131};
132
133int
134px_gen_salt(const char *salt_type, char *buf, int rounds)
135{
136 struct generator *g;
137 char *p;
138 char rbuf[16];
139
140 CheckBuiltinCryptoMode();
141
142 for (g = gen_list; g->name; g++)
143 if (pg_strcasecmp(g->name, salt_type) == 0)
144 break;
145
146 if (g->name == NULL)
147 return PXE_UNKNOWN_SALT_ALGO;
148
149 if (g->def_rounds)
150 {
151 if (rounds == 0)
152 rounds = g->def_rounds;
153
154 if (rounds < g->min_rounds || rounds > g->max_rounds)
155 return PXE_BAD_SALT_ROUNDS;
156 }
157
158 if (!pg_strong_random(rbuf, g->input_len))
159 return PXE_NO_RANDOM;
160
161 p = g->gen(rounds, rbuf, g->input_len, buf, PX_MAX_SALT_LEN);
162 px_memset(rbuf, 0, sizeof(rbuf));
163
164 if (p == NULL)
165 return PXE_BAD_SALT_ROUNDS;
166
167 return strlen(p);
168}
_crypt_blowfish_rn
char * _crypt_blowfish_rn(const char *key, const char *setting, char *output, int size)
Definition: crypt-blowfish.c:582
px_crypt_des
char * px_crypt_des(const char *key, const char *setting)
Definition: crypt-des.c:651
_crypt_gensalt_traditional_rn
char * _crypt_gensalt_traditional_rn(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: crypt-gensalt.c:25
_crypt_gensalt_md5_rn
char * _crypt_gensalt_md5_rn(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: crypt-gensalt.c:79
_crypt_gensalt_blowfish_rn
char * _crypt_gensalt_blowfish_rn(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: crypt-gensalt.c:161
_crypt_gensalt_extended_rn
char * _crypt_gensalt_extended_rn(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: crypt-gensalt.c:43
px_crypt_md5
char * px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
Definition: crypt-md5.c:34
input
FILE * input
output
FILE * output
Definition: pg_test_timing.c:182
CheckBuiltinCryptoMode
void CheckBuiltinCryptoMode(void)
Definition: openssl.c:874
len
const void size_t len
Definition: pg_crc32c_sse42.c:25
buf
static char * buf
Definition: pg_test_fsync.c:72
pg_strong_random
bool pg_strong_random(void *buf, size_t len)
Definition: pg_strong_random.c:150
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
c
char * c
Definition: preproc-cursor.c:31
run_crypt_des
static char * run_crypt_des(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:38
px_gen_salt
int px_gen_salt(const char *salt_type, char *buf, int rounds)
Definition: px-crypt.c:134
px_crypt_list
static const struct px_crypt_algo px_crypt_list[]
Definition: px-crypt.c:79
run_crypt_bf
static char * run_crypt_bf(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:61
gen_list
static struct generator gen_list[]
Definition: px-crypt.c:125
px_crypt
char * px_crypt(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:90
run_crypt_md5
static char * run_crypt_md5(const char *psw, const char *salt, char *buf, unsigned len)
Definition: px-crypt.c:51
PX_MAX_SALT_LEN
#define PX_MAX_SALT_LEN
Definition: px-crypt.h:39
PX_BF_ROUNDS
#define PX_BF_ROUNDS
Definition: px-crypt.h:46
PX_XDES_ROUNDS
#define PX_XDES_ROUNDS
Definition: px-crypt.h:43
px_memset
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:123
PXE_BAD_SALT_ROUNDS
#define PXE_BAD_SALT_ROUNDS
Definition: px.h:61
PXE_NO_RANDOM
#define PXE_NO_RANDOM
Definition: px.h:63
PXE_UNKNOWN_SALT_ALGO
#define PXE_UNKNOWN_SALT_ALGO
Definition: px.h:60
generator::input_len
int input_len
Definition: px-crypt.c:119
generator::max_rounds
int max_rounds
Definition: px-crypt.c:122
generator::gen
char *(* gen)(unsigned long count, const char *input, int size, char *output, int output_size)
Definition: px-crypt.c:117
generator::def_rounds
int def_rounds
Definition: px-crypt.c:120
generator::name
char * name
Definition: px-crypt.c:116
generator::min_rounds
int min_rounds
Definition: px-crypt.c:121
px_crypt_algo
Definition: px-crypt.c:71
px_crypt_algo::id_len
unsigned id_len
Definition: px-crypt.c:73
px_crypt_algo::id
char * id
Definition: px-crypt.c:72