open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove support for libmhash/libmcrypt.

Browse Source 
libmcrypt seems to dead, maintainer address bounces,
and cast-128 fails on 2 of the 3 test vectors from RFC2144.

So I see no reason to keep around stuff I don't trust
anymore.

Support for several crypto libraries is probably only
confusing to users, although it was good for initial
developing - it helped to find hidden assumptions and
forced me to create regression tests for all functionality.

Marko Kreen
REL8_1_STABLE
Neil Conway 21 years ago
parent ee4ddac137
commit 3cc8661232
3 changed files with 2 additions and 375 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      contrib/pgcrypto/Makefile
  2. 11
      contrib/pgcrypto/README.pgcrypto
  3. 356
      contrib/pgcrypto/mhash.c

10
contrib/pgcrypto/Makefile
Unescape View File

@ -1,8 +1,8 @@
# #
# $PostgreSQL: pgsql/contrib/pgcrypto/Makefile,v 1.12 2004/09/14 03:39:48 tgl Exp $ # $PostgreSQL: pgsql/contrib/pgcrypto/Makefile,v 1.13 2005/03/21 05:17:16 neilc Exp $
# #
# either 'builtin', 'mhash', 'openssl' # either 'builtin', 'openssl'
cryptolib = builtin cryptolib = builtin
# either 'builtin', 'system' # either 'builtin', 'system'
@ -34,12 +34,6 @@ CRYPTO_LDFLAGS = -lcrypto
SRCS = openssl.c SRCS = openssl.c
endif endif
ifeq ($(cryptolib), mhash)
CRYPTO_CFLAGS = -I/usr/local/include
CRYPTO_LDFLAGS = -L/usr/local/lib -lmcrypt -lmhash -lltdl
SRCS = mhash.c
endif
ifeq ($(cryptsrc), builtin) ifeq ($(cryptsrc), builtin)
SRCS += crypt-blowfish.c crypt-des.c crypt-md5.c SRCS += crypt-blowfish.c crypt-des.c crypt-md5.c
else else

11
contrib/pgcrypto/README.pgcrypto
Unescape View File

@ -186,17 +186,6 @@ OpenSSL (0.9.6):
Url: http://www.openssl.org/ Url: http://www.openssl.org/
mhash (0.8.9) + mcrypt (2.4.16):
Hashes: MD5, SHA1, CRC32, CRC32B, GOST, TIGER, RIPEMD160,
HAVAL(256,224,192,160,128)
Ciphers: DES, DES3, CAST-128(CAST5), CAST-256, xTEA, 3-way,
SKIPJACK, Blowfish, Twofish, LOKI97, RC2, RC4, RC6,
Rijndael-128/192/256, MARS, PANAMA, WAKE, Serpent, IDEA, GOST,
SAFER, SAFER+, Enigma
License: LGPL
Url: http://mcrypt.sourceforge.org/
Url: http://mhash.sourceforge.org/
CREDITS CREDITS
======= =======

356
contrib/pgcrypto/mhash.c
Unescape View File

@ -1,356 +0,0 @@
/*
* mhash.c
* Wrapper for mhash and mcrypt libraries.
*
* Copyright (c) 2001 Marko Kreen
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/mhash.c,v 1.10 2004/05/07 00:24:57 tgl Exp $
*/
#include <postgres.h>
#include "px.h"
#include <mhash.h>
#include <mcrypt.h>
#define MAX_KEY_LENGTH 512
#define MAX_IV_LENGTH 128
#define DEF_KEY_LEN 16
/* DIGEST */
static unsigned
digest_result_size(PX_MD * h)
{
MHASH mh = (MHASH) h->p.ptr;
hashid id = mhash_get_mhash_algo(mh);
return mhash_get_block_size(id);
}
static unsigned
digest_block_size(PX_MD * h)
{
MHASH mh = (MHASH) h->p.ptr;
hashid id = mhash_get_mhash_algo(mh);
return mhash_get_hash_pblock(id);
}
static void
digest_reset(PX_MD * h)
{
MHASH mh = (MHASH) h->p.ptr;
hashid id = mhash_get_mhash_algo(mh);
uint8 *res = mhash_end(mh);
mhash_free(res);
mh = mhash_init(id);
h->p.ptr = mh;
}
static void
digest_update(PX_MD * h, const uint8 *data, unsigned dlen)
{
MHASH mh = (MHASH) h->p.ptr;
mhash(mh, data, dlen);
}
static void
digest_finish(PX_MD * h, uint8 *dst)
{
MHASH mh = (MHASH) h->p.ptr;
unsigned hlen = digest_result_size(h);
hashid id = mhash_get_mhash_algo(mh);
uint8 *buf = mhash_end(mh);
memcpy(dst, buf, hlen);
mhash_free(buf);
mh = mhash_init(id);
h->p.ptr = mh;
}
static void
digest_free(PX_MD * h)
{
MHASH mh = (MHASH) h->p.ptr;
uint8 *buf = mhash_end(mh);
mhash_free(buf);
px_free(h);
}
/* ENCRYPT / DECRYPT */
static unsigned
cipher_block_size(PX_Cipher * c)
{
MCRYPT ctx = (MCRYPT) c->ptr;
return mcrypt_enc_get_block_size(ctx);
}
static unsigned
cipher_key_size(PX_Cipher * c)
{
MCRYPT ctx = (MCRYPT) c->ptr;
return mcrypt_enc_get_key_size(ctx);
}
static unsigned
cipher_iv_size(PX_Cipher * c)
{
MCRYPT ctx = (MCRYPT) c->ptr;
return mcrypt_enc_mode_has_iv(ctx)
? mcrypt_enc_get_iv_size(ctx) : 0;
}
static int
cipher_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
{
int err;
MCRYPT ctx = (MCRYPT) c->ptr;
err = mcrypt_generic_init(ctx, (char *) key, klen, (char *) iv);
if (err < 0)
ereport(ERROR,
(errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
errmsg("mcrypt_generic_init error"),
errdetail("%s", mcrypt_strerror(err))));
c->pstat = 1;
return 0;
}
static int
cipher_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
{
int err;
MCRYPT ctx = (MCRYPT) c->ptr;
memcpy(res, data, dlen);
err = mcrypt_generic(ctx, res, dlen);
if (err < 0)
ereport(ERROR,
(errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
errmsg("mcrypt_generic error"),
errdetail("%s", mcrypt_strerror(err))));
return 0;
}
static int
cipher_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
{
int err;
MCRYPT ctx = (MCRYPT) c->ptr;
memcpy(res, data, dlen);
err = mdecrypt_generic(ctx, res, dlen);
if (err < 0)
ereport(ERROR,
(errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
errmsg("mdecrypt_generic error"),
errdetail("%s", mcrypt_strerror(err))));
return 0;
}
static void
cipher_free(PX_Cipher * c)
{
MCRYPT ctx = (MCRYPT) c->ptr;
if (c->pstat)
mcrypt_generic_end(ctx);
else
mcrypt_module_close(ctx);
px_free(c);
}
/* Helper functions */
static int
find_hashid(const char *name)
{
int res = -1;
size_t hnum,
b,
i;
char *mname;
hnum = mhash_count();
for (i = 0; i <= hnum; i++)
{
mname = mhash_get_hash_name(i);
if (mname == NULL)
continue;
b = pg_strcasecmp(name, mname);
free(mname);
if (b == 0)
{
res = i;
break;
}
}
return res;
}
static char *modes[] = {
"ecb", "cbc", "cfb", "ofb", "nofb", "stream",
"ofb64", "cfb64", NULL
};
static PX_Alias aliases[] = {
{"bf", "blowfish"},
{"3des", "tripledes"},
{"des3", "tripledes"},
{"aes", "rijndael-128"},
{"rijndael", "rijndael-128"},
{"aes-128", "rijndael-128"},
{"aes-192", "rijndael-192"},
{"aes-256", "rijndael-256"},
{NULL, NULL}
};
static PX_Alias mode_aliases[] = {
#if 0 /* N/A */
{"cfb", "ncfb"},
{"ofb", "nofb"},
{"cfb64", "ncfb"},
#endif
/* { "ofb64", "nofb" }, not sure it works */
{"cfb8", "cfb"},
{"ofb8", "ofb"},
{NULL, NULL}
};
static int
is_mode(char *s)
{
char **p;
if (*s >= '0' && *s <= '9')
return 0;
for (p = modes; *p; p++)
if (!strcmp(s, *p))
return 1;
return 0;
}
/* PUBLIC FUNCTIONS */
int
px_find_digest(const char *name, PX_MD ** res)
{
PX_MD *h;
MHASH mh;
int i;
i = find_hashid(name);
if (i < 0)
return -1;
mh = mhash_init(i);
h = px_alloc(sizeof(*h));
h->p.ptr = (void *) mh;
h->result_size = digest_result_size;
h->block_size = digest_block_size;
h->reset = digest_reset;
h->update = digest_update;
h->finish = digest_finish;
h->free = digest_free;
*res = h;
return 0;
}
int
px_find_cipher(const char *name, PX_Cipher ** res)
{
char nbuf[PX_MAX_NAMELEN + 1];
const char *mode = NULL;
char *p;
MCRYPT ctx;
PX_Cipher *c;
StrNCpy(nbuf, name, sizeof(nbuf));
if ((p = strrchr(nbuf, '-')) != NULL)
{
if (is_mode(p + 1))
{
mode = p + 1;
*p = 0;
}
}
name = px_resolve_alias(aliases, nbuf);
if (!mode)
{
mode = "cbc";
/*
* if (mcrypt_module_is_block_algorithm(name, NULL)) mode = "cbc";
* else mode = "stream";
*/
}
mode = px_resolve_alias(mode_aliases, mode);
ctx = mcrypt_module_open((char *) name, NULL, (char *) mode, NULL);
if (ctx == (void *) MCRYPT_FAILED)
return -1;
c = palloc(sizeof *c);
c->iv_size = cipher_iv_size;
c->key_size = cipher_key_size;
c->block_size = cipher_block_size;
c->init = cipher_init;
c->encrypt = cipher_encrypt;
c->decrypt = cipher_decrypt;
c->free = cipher_free;
c->ptr = ctx;
c->pstat = 0;
*res = c;
return 0;
}
Write Preview
Loading…
Cancel
Save