open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Big thanks to Solar Designer who pointed out a bug in bcrypt

Browse Source 
salt generation code.  He also urged using better random source
and making possible to choose using bcrypt and xdes rounds more
easily.  So, here's patch:

* For all salt generation, use Solar Designer's own code.  This
  is mostly due fact that his code is more fit for get_random_bytes()
  style interface.
* New function: gen_salt(type, rounds).  This lets specify iteration
  count for algorithm.
* random.c: px_get_random_bytes() function.
  Supported randomness soure: /dev/urandom, OpenSSL PRNG, libc random()
  Default: /dev/urandom.
* Draft description of C API for pgcrypto functions.

New files: API, crypt-gensalt.c, random.c

Marko Kreen
REL7_2_STABLE
Bruce Momjian 24 years ago
parent b75814aee3
commit ab56022864
13 changed files with 627 additions and 134 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 163
      contrib/pgcrypto/API
  2. 27
      contrib/pgcrypto/Makefile
  3. 28
      contrib/pgcrypto/README.pgcrypto
  4. 25
      contrib/pgcrypto/crypt-blowfish.c
  5. 181
      contrib/pgcrypto/crypt-gensalt.c
  6. 3
      contrib/pgcrypto/openssl.c
  7. 39
      contrib/pgcrypto/pgcrypto.c
  8. 3
      contrib/pgcrypto/pgcrypto.h
  9. 6
      contrib/pgcrypto/pgcrypto.sql.in
  10. 132
      contrib/pgcrypto/px-crypt.c
  11. 23
      contrib/pgcrypto/px-crypt.h
  12. 4
      contrib/pgcrypto/px.h
  13. 127
      contrib/pgcrypto/random.c

163
contrib/pgcrypto/API
Unescape View File

@ -0,0 +1,163 @@
C API for pgcrypto
==================
UN*X crypt()
============
#include <px-crypt.h>
char *
px_crypt(const char *psw, const char *salt, char *buf, unsigned buflen);
returns buf or NULL for error.
unsigned px_gen_salt(const char *salt_type, char *dst, int rounds);
returns salt size. dst should be PX_MAX_SALT_LEN bytes.
'rounds' is algorithm specific. 0 means default for
that algorithm.
Random
======
int px_rand_get_bytes(uint8 *dst, int num)
Crypto "objects"
================
PX_MD - Message digest
PX_HMAC - HMAC (Hash MAC)
PX_Cipher - cipher+mode: provided by libs
PX_Combo - higher-level encryption -> padding, [MD]
Objects are activated with following functions:
int px_find_digest(const char *name, PX_MD **res);
int px_find_hmac(const char *name, PX_HMAC **res);
int px_find_cipher(const char *name, PX_Cipher **res);
int px_find_combo(const char *name, PX_Combo **res);
returns 0 on success, < 0 on error. If successful,
*res contains pointer to new object.
Message Digest
==============
uint px_md_result_size(PX_MD *md)
returns final result size in bytes
void px_md_reset(PX_MD *md)
resets md to clean state
uint px_md_block_size(PX_MD *md)
return algorithm block size in bytes
void px_md_update(PX_MD *md, const uint8 *data, uint dlen)
updates hash state with new data
void px_md_finish(PX_MD *md, uint8 *buf)
puts final hash state into buf. buf should have room
for px_md_result_size() bytes.
void px_md_free(PX_MD *md)
frees resources.
HMAC (Hash Message Authentication Code)
=======================================
int px_hmac_init(PX_HMAC *hmac, const uint8 *key, uint klen)
initalized hmac state with key.
uint px_hmac_result_size(PX_HMAC *md)
returns final result size in bytes
void px_hmac_reset(PX_HMAC *md)
resets md to state after _init()
uint px_hmac_block_size(PX_HMAC *md)
return algorithm block size in bytes
void px_hmac_update(PX_HMAC *md, const uint8 *data, uint dlen)
updates hash state with new data
void px_hmac_finish(PX_HMAC *md, uint8 *buf)
puts final hash state into buf. buf should have room
for px_hmac_result_size() bytes.
void px_hmac_free(PX_HMAC *md)
frees resources.
Cipher
======
uint px_cipher_key_size(PX_Cipher *c)
returns max key size in bytes
uint px_cipher_block_size(PX_Cipher *c)
returns cipher+mode block size in bytes. So blowfish
in CFB mode should return 1.
uint px_cipher_iv_size(PX_Cipher *c)
returns IV size in bytes.
int px_cipher_init(PX_Cipher *c, uint8 *key, uint klen, uint8 *iv)
initializes cipher with supplied key and iv.
int px_cipher_encrypt(PX_Cipher *c, uint8 *data, uint dlen, uint8 *res)
encrypts data. res must have room for dlen bytes.
data must be multiple of px_cipher_block_size().
int px_cipher_decrypt(PX_Cipher *c, uint8 *data, uint dlen, uint8 *res)
decrypts data. res must have room for dlen bytes.
void px_cipher_free(PX_Cipher *c)
frees resources assiocated.
PX_Combo
========
uint px_combo_encrypt_len(PX_Combo *c, uint dlen)
calculates max result length for dlen of data.
uint px_combo_decrypt_len(PX_Combo *c, uint dlen)
calculates result length for dlen of data.
int px_combo_init(PX_Combo *c, uint8 *key, uint klen, uint8 *iv, uint ivlen)
initializes c with key and iv. If cipher uses fixed length keys,
key will be padded with zeroes to needed length.
int px_combo_encrypt(PX_Combo *c, uint8 *data, uint dlen, uint8 *res, uint rlen)
int px_combo_decrypt(PX_Combo *c, uint8 *data, uint dlen, uint8 *res, uint rlen)
void px_combo_free(PX_Combo *c)
frees resources assiocated.

27
contrib/pgcrypto/Makefile
Unescape View File

@ -1,5 +1,5 @@
# #
# $Header: /cvsroot/pgsql/contrib/pgcrypto/Makefile,v 1.6 2001/09/16 16:11:09 petere Exp $ # $Header: /cvsroot/pgsql/contrib/pgcrypto/Makefile,v 1.7 2001/09/23 04:12:44 momjian Exp $
# #
subdir = contrib/pgcrypto subdir = contrib/pgcrypto
@ -12,6 +12,18 @@ cryptolib = builtin
# either 'builtin', 'system' # either 'builtin', 'system'
cryptsrc = builtin cryptsrc = builtin
# Random source, preferred order:
# 'dev' - read from random device
#
# 'openssl' - use openssl PRNG.
# Note that currently pgcrypto does not do any
# entropy feeding to it
# This works ofcouse only with cryptolib = openssl
#
# 'silly' - use libc random() - very weak
random = dev
random_dev = \"/dev/urandom\"
########################## ##########################
ifeq ($(cryptolib), builtin) ifeq ($(cryptolib), builtin)
@ -38,8 +50,19 @@ else
CRYPTO_CFLAGS += -DPX_SYSTEM_CRYPT CRYPTO_CFLAGS += -DPX_SYSTEM_CRYPT
endif endif
ifeq ($(random), dev)
CRYPTO_CFLAGS += -DRAND_DEV=$(random_dev)
endif
ifeq ($(random), openssl)
CRYPTO_CFLAGS += -DRAND_OPENSSL
endif
ifeq ($(random), silly)
CRYPTO_CFLAGS += -DRAND_SILLY
endif
NAME := pgcrypto NAME := pgcrypto
SRCS += pgcrypto.c px.c px-hmac.c px-crypt.c misc.c SRCS += pgcrypto.c px.c px-hmac.c px-crypt.c misc.c \
crypt-gensalt.c random.c
OBJS := $(SRCS:.c=.o) OBJS := $(SRCS:.c=.o)
SHLIB_LINK := $(CRYPTO_LDFLAGS) SHLIB_LINK := $(CRYPTO_LDFLAGS)
SO_MAJOR_VERSION = 0 SO_MAJOR_VERSION = 0

28
contrib/pgcrypto/README.pgcrypto
Unescape View File

@ -9,6 +9,13 @@ INSTALLATION
Edit makefile, if you want to use any external library. Edit makefile, if you want to use any external library.
NB! Default randomness source is /dev/urandom device. If you
do not have it, you also need to edit Makefile to let pgcrypto
use either OpenSSL PRNG or libc random() PRNG. Using libc random()
is discouraged.
After editing Makefile:
make make
make install make install
@ -73,6 +80,27 @@ gen_salt(type::text)::text
When you use --enable-system-crypt then note that system When you use --enable-system-crypt then note that system
libcrypt may not support them all. libcrypt may not support them all.
gen_salt(type::text, rounds::int4)::text
same as above, but lets user specify iteration count
for algorithm. Number is algotithm specific:
type default min max
---------------------------------
xdes 725 1 16777215
bf 6 4 31
In case of xdes there is a additional limitation that the
count must be a odd number.
The higher the count, the more time it takes to calculate
crypt and therefore the more time to break it. But beware!
With too high count it takes a _very_long_ time to
calculate it.
For maximum security, you should choose the 'bf' crypt
and use maximum number of rounds you can still tolerate.
encrypt(data::bytea, key::bytea, type::text)::bytea encrypt(data::bytea, key::bytea, type::text)::bytea
decrypt(data::bytea, key::bytea, type::text)::bytea decrypt(data::bytea, key::bytea, type::text)::bytea
encrypt_iv(data::bytea, key::bytea, iv::bytea, type::text)::bytea encrypt_iv(data::bytea, key::bytea, iv::bytea, type::text)::bytea

25
contrib/pgcrypto/crypt-blowfish.c
Unescape View File

@ -705,28 +705,3 @@ char *_crypt_blowfish_rn(__CONST char *key, __CONST char *setting,
return output; return output;
} }
char *_crypt_gensalt_blowfish_rn(unsigned long count,
__CONST char *input, int size, char *output, int output_size)
{
if (size < 16 || output_size < 7 + 22 + 1 ||
(count && (count < 4 || count > 31))) {
if (output_size > 0) output[0] = '\0';
__set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL);
return NULL;
}
if (!count) count = 5;
output[0] = '$';
output[1] = '2';
output[2] = 'a';
output[3] = '$';
output[4] = '0' + count / 10;
output[5] = '0' + count % 10;
output[6] = '$';
BF_encode(&output[7], (BF_word *)input, 16);
output[7 + 22] = '\0';
return output;
}

181
contrib/pgcrypto/crypt-gensalt.c
Unescape View File

@ -0,0 +1,181 @@
/*
* Written by Solar Designer and placed in the public domain.
* See crypt_blowfish.c for more information.
*
* This file contains salt generation functions for the traditional and
* other common crypt(3) algorithms, except for bcrypt which is defined
* entirely in crypt_blowfish.c.
*
* Put bcrypt generator also here as crypt-blowfish.c
* may not be compiled always. -- marko
*/
#include <postgres.h>
#include "px-crypt.h"
#include <errno.h>
#ifndef __set_errno
#define __set_errno(val) errno = (val)
#endif
#undef __CONST
#ifdef __GNUC__
#define __CONST __const
#else
#define __CONST
#endif
typedef unsigned int BF_word;
unsigned char _crypt_itoa64[64 + 1] =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
char *_crypt_gensalt_traditional_rn(unsigned long count,
__CONST char *input, int size, char *output, int output_size)
{
if (size < 2 || output_size < 2 + 1 || (count && count != 25)) {
if (output_size > 0) output[0] = '\0';
__set_errno((output_size < 2 + 1) ? ERANGE : EINVAL);
return NULL;
}
output[0] = _crypt_itoa64[(unsigned int)input[0] & 0x3f];
output[1] = _crypt_itoa64[(unsigned int)input[1] & 0x3f];
output[2] = '\0';
return output;
}
char *_crypt_gensalt_extended_rn(unsigned long count,
__CONST char *input, int size, char *output, int output_size)
{
unsigned long value;
/* Even iteration counts make it easier to detect weak DES keys from a look
* at the hash, so they should be avoided */
if (size < 3 || output_size < 1 + 4 + 4 + 1 ||
(count && (count > 0xffffff || !(count & 1)))) {
if (output_size > 0) output[0] = '\0';
__set_errno((output_size < 1 + 4 + 4 + 1) ? ERANGE : EINVAL);
return NULL;
}
if (!count) count = 725;
output[0] = '_';
output[1] = _crypt_itoa64[count & 0x3f];
output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
value = (unsigned long)input[0] |
((unsigned long)input[1] << 8) |
((unsigned long)input[2] << 16);
output[5] = _crypt_itoa64[value & 0x3f];
output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
output[8] = _crypt_itoa64[(value >> 18) & 0x3f];
output[9] = '\0';
return output;
}
char *_crypt_gensalt_md5_rn(unsigned long count,
__CONST char *input, int size, char *output, int output_size)
{
unsigned long value;
if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000)) {
if (output_size > 0) output[0] = '\0';
__set_errno((output_size < 3 + 4 + 1) ? ERANGE : EINVAL);
return NULL;
}
output[0] = '$';
output[1] = '1';
output[2] = '$';
value = (unsigned long)input[0] |
((unsigned long)input[1] << 8) |
((unsigned long)input[2] << 16);
output[3] = _crypt_itoa64[value & 0x3f];
output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
output[6] = _crypt_itoa64[(value >> 18) & 0x3f];
output[7] = '\0';
if (size >= 6 && output_size >= 3 + 4 + 4 + 1) {
value = (unsigned long)input[3] |
((unsigned long)input[4] << 8) |
((unsigned long)input[5] << 16);
output[7] = _crypt_itoa64[value & 0x3f];
output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
output[10] = _crypt_itoa64[(value >> 18) & 0x3f];
output[11] = '\0';
}
return output;
}
static unsigned char BF_itoa64[64 + 1] =
"./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
static void BF_encode(char *dst, __CONST BF_word *src, int size)
{
unsigned char *sptr = (unsigned char *)src;
unsigned char *end = sptr + size;
unsigned char *dptr = (unsigned char *)dst;
unsigned int c1, c2;
do {
c1 = *sptr++;
*dptr++ = BF_itoa64[c1 >> 2];
c1 = (c1 & 0x03) << 4;
if (sptr >= end) {
*dptr++ = BF_itoa64[c1];
break;
}
c2 = *sptr++;
c1 |= c2 >> 4;
*dptr++ = BF_itoa64[c1];
c1 = (c2 & 0x0f) << 2;
if (sptr >= end) {
*dptr++ = BF_itoa64[c1];
break;
}
c2 = *sptr++;
c1 |= c2 >> 6;
*dptr++ = BF_itoa64[c1];
*dptr++ = BF_itoa64[c2 & 0x3f];
} while (sptr < end);
}
char *_crypt_gensalt_blowfish_rn(unsigned long count,
__CONST char *input, int size, char *output, int output_size)
{
if (size < 16 || output_size < 7 + 22 + 1 ||
(count && (count < 4 || count > 31))) {
if (output_size > 0) output[0] = '\0';
__set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL);
return NULL;
}
if (!count) count = 5;
output[0] = '$';
output[1] = '2';
output[2] = 'a';
output[3] = '$';
output[4] = '0' + count / 10;
output[5] = '0' + count % 10;
output[6] = '$';
BF_encode(&output[7], (BF_word *)input, 16);
output[7 + 22] = '\0';
return output;
}

3
contrib/pgcrypto/openssl.c
Unescape View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $Id: openssl.c,v 1.4 2001/08/21 00:42:41 momjian Exp $ * $Id: openssl.c,v 1.5 2001/09/23 04:12:44 momjian Exp $
*/ */
#include <postgres.h> #include <postgres.h>
@ -35,7 +35,6 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/blowfish.h> #include <openssl/blowfish.h>
/*#include <openssl/crypto.h>*/
static uint static uint
digest_result_size(PX_MD * h) digest_result_size(PX_MD * h)

39
contrib/pgcrypto/pgcrypto.c
Unescape View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $Id: pgcrypto.c,v 1.8 2001/08/21 00:42:41 momjian Exp $ * $Id: pgcrypto.c,v 1.9 2001/09/23 04:12:44 momjian Exp $
*/ */
#include <postgres.h> #include <postgres.h>
@ -200,7 +200,7 @@ pg_gen_salt(PG_FUNCTION_ARGS)
len = len > PX_MAX_SALT_LEN ? PX_MAX_SALT_LEN : len; len = len > PX_MAX_SALT_LEN ? PX_MAX_SALT_LEN : len;
memcpy(buf, VARDATA(arg0), len); memcpy(buf, VARDATA(arg0), len);
buf[len] = 0; buf[len] = 0;
len = px_gen_salt(buf, buf); len = px_gen_salt(buf, buf, 0);
if (len == 0) if (len == 0)
elog(ERROR, "No such crypt algorithm"); elog(ERROR, "No such crypt algorithm");
@ -213,6 +213,41 @@ pg_gen_salt(PG_FUNCTION_ARGS)
PG_RETURN_TEXT_P(res); PG_RETURN_TEXT_P(res);
} }
/* SQL function: pg_gen_salt(text, int4) returns text */
PG_FUNCTION_INFO_V1(pg_gen_salt_rounds);
Datum
pg_gen_salt_rounds(PG_FUNCTION_ARGS)
{
text *arg0;
int rounds;
uint len;
text *res;
char buf[PX_MAX_SALT_LEN + 1];
if (PG_ARGISNULL(0) || PG_ARGISNULL(1))
PG_RETURN_NULL();
arg0 = PG_GETARG_TEXT_P(0);
rounds = PG_GETARG_INT32(1);
len = VARSIZE(arg0) - VARHDRSZ;
len = len > PX_MAX_SALT_LEN ? PX_MAX_SALT_LEN : len;
memcpy(buf, VARDATA(arg0), len);
buf[len] = 0;
len = px_gen_salt(buf, buf, rounds);
if (len == 0)
elog(ERROR, "No such crypt algorithm or bad number of rounds");
res = (text *) palloc(len + VARHDRSZ);
VARATT_SIZEP(res) = len + VARHDRSZ;
memcpy(VARDATA(res), buf, len);
PG_FREE_IF_COPY(arg0, 0);
PG_RETURN_TEXT_P(res);
}
/* SQL function: pg_crypt(psw:text, salt:text) returns text */ /* SQL function: pg_crypt(psw:text, salt:text) returns text */
PG_FUNCTION_INFO_V1(pg_crypt); PG_FUNCTION_INFO_V1(pg_crypt);

3
contrib/pgcrypto/pgcrypto.h
Unescape View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $Id: pgcrypto.h,v 1.4 2001/08/21 00:42:41 momjian Exp $ * $Id: pgcrypto.h,v 1.5 2001/09/23 04:12:44 momjian Exp $
*/ */
#ifndef _PG_CRYPTO_H #ifndef _PG_CRYPTO_H
@ -38,6 +38,7 @@ Datum pg_digest_exists(PG_FUNCTION_ARGS);
Datum pg_hmac(PG_FUNCTION_ARGS); Datum pg_hmac(PG_FUNCTION_ARGS);
Datum pg_hmac_exists(PG_FUNCTION_ARGS); Datum pg_hmac_exists(PG_FUNCTION_ARGS);
Datum pg_gen_salt(PG_FUNCTION_ARGS); Datum pg_gen_salt(PG_FUNCTION_ARGS);
Datum pg_gen_salt_rounds(PG_FUNCTION_ARGS);
Datum pg_crypt(PG_FUNCTION_ARGS); Datum pg_crypt(PG_FUNCTION_ARGS);
Datum pg_encrypt(PG_FUNCTION_ARGS); Datum pg_encrypt(PG_FUNCTION_ARGS);
Datum pg_decrypt(PG_FUNCTION_ARGS); Datum pg_decrypt(PG_FUNCTION_ARGS);

6
contrib/pgcrypto/pgcrypto.sql.in
Unescape View File

@ -5,10 +5,12 @@
-- drop function hmac_exists(text); -- drop function hmac_exists(text);
-- drop function crypt(text, text); -- drop function crypt(text, text);
-- drop function gen_salt(text); -- drop function gen_salt(text);
-- drop function gen_salt(text, int4);
-- drop function encrypt(bytea, bytea, text); -- drop function encrypt(bytea, bytea, text);
-- drop function decrypt(bytea, bytea, text); -- drop function decrypt(bytea, bytea, text);
-- drop function encrypt_iv(bytea, bytea, bytea, text); -- drop function encrypt_iv(bytea, bytea, bytea, text);
-- drop function decrypt_iv(bytea, bytea, bytea, text); -- drop function decrypt_iv(bytea, bytea, bytea, text);
-- drop function cipher_exists(text);
@ -36,6 +38,10 @@ CREATE FUNCTION gen_salt(text) RETURNS text
AS '@MODULE_FILENAME@', AS '@MODULE_FILENAME@',
'pg_gen_salt' LANGUAGE 'C'; 'pg_gen_salt' LANGUAGE 'C';
CREATE FUNCTION gen_salt(text, int4) RETURNS text
AS '@MODULE_FILENAME@',
'pg_gen_salt_rounds' LANGUAGE 'C';
CREATE FUNCTION encrypt(bytea, bytea, text) RETURNS bytea CREATE FUNCTION encrypt(bytea, bytea, text) RETURNS bytea
AS '@MODULE_FILENAME@', AS '@MODULE_FILENAME@',
'pg_encrypt' LANGUAGE 'C'; 'pg_encrypt' LANGUAGE 'C';

132
contrib/pgcrypto/px-crypt.c
Unescape View File

@ -26,10 +26,11 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $Id: px-crypt.c,v 1.1 2001/08/21 01:32:01 momjian Exp $ * $Id: px-crypt.c,v 1.2 2001/09/23 04:12:44 momjian Exp $
*/ */
#include <postgres.h> #include <postgres.h>
#include "px.h"
#include "px-crypt.h" #include "px-crypt.h"
@ -62,12 +63,8 @@ run_crypt_bf(const char *psw, const char *salt,
char *buf, unsigned len) char *buf, unsigned len)
{ {
char *res; char *res;
res = _crypt_blowfish_rn(psw, salt, buf, len); res = _crypt_blowfish_rn(psw, salt, buf, len);
if (!res) return res;
return NULL;
strcpy(buf, res);
return buf;
} }
static struct static struct
@ -128,106 +125,53 @@ px_crypt(const char *psw, const char *salt,
* salt generators * salt generators
*/ */
static int my_rand64()
{
return random() % 64;
}
static uint
gen_des_salt(char *buf)
{
buf[0] = px_crypt_a64[my_rand64()];
buf[1] = px_crypt_a64[my_rand64()];
buf[2] = 0;
return 2;
}
static uint
gen_xdes_salt(char *buf)
{
strcpy(buf, "_12345678");
px_crypt_to64(buf+1, (long)PX_XDES_ROUNDS, 4);
px_crypt_to64(buf+5, random(), 4);
return 9;
}
static uint
gen_md5_salt(char *buf)
{
int i;
strcpy(buf, "$1$12345678$");
for (i = 0; i < 8; i++)
buf[3 + i] = px_crypt_a64[my_rand64()];
return 12;
}
static uint
gen_bf_salt(char *buf)
{
int i, count;
char *s;
char saltbuf[16+3];
unsigned slen = 16;
uint32 *v;
for (i = 0; i < slen; i++)
saltbuf[i] = random() & 255;
saltbuf[16] = 0;
saltbuf[17] = 0;
saltbuf[18] = 0;
strcpy(buf, "$2a$00$0123456789012345678901");
count = PX_BF_ROUNDS;
buf[4] = '0' + count / 10;
buf[5] = '0' + count % 10;
s = buf + 7;
for (i = 0; i < slen; )
{
v = (uint32 *)&saltbuf[i];
if (i + 3 <= slen)
px_crypt_to64(s, *v, 4);
else
/* slen-i could be 1,2 make it 2,3 */
px_crypt_to64(s, *v, slen-i+1);
s += 4;
i += 3;
}
s = buf;
/*s = _crypt_gensalt_blowfish_rn(count, saltbuf, 16, buf, PX_MAX_CRYPT);*/
return s ? strlen(s) : 0;
}
struct generator { struct generator {
char *name; char *name;
uint (*gen)(char *buf); char *(*gen)(unsigned long count, const char *input, int size,
char *output, int output_size);
int input_len;
int def_rounds;
int min_rounds;
int max_rounds;
}; };
static struct generator gen_list [] = { static struct generator gen_list [] = {
{ "des", gen_des_salt }, { "des", _crypt_gensalt_traditional_rn, 2, 0, 0, 0 },
{ "md5", gen_md5_salt }, { "md5", _crypt_gensalt_md5_rn, 6, 0, 0, 0 },
{ "xdes", gen_xdes_salt }, { "xdes", _crypt_gensalt_extended_rn, 3, PX_XDES_ROUNDS, 1, 0xFFFFFF },
{ "bf", gen_bf_salt }, { "bf", _crypt_gensalt_blowfish_rn, 16, PX_BF_ROUNDS, 4, 31 },
{ NULL, NULL } { NULL, NULL, 0, 0, 0 }
}; };
uint uint
px_gen_salt(const char *salt_type, char *buf) px_gen_salt(const char *salt_type, char *buf, int rounds)
{ {
int i; int i, res;
struct generator *g; struct generator *g;
char *p;
char rbuf[16];
for (i = 0; gen_list[i].name; i++) { for (i = 0; gen_list[i].name; i++) {
g = &gen_list[i]; g = &gen_list[i];
if (!strcasecmp(g->name, salt_type)) if (strcasecmp(g->name, salt_type) != 0)
return g->gen(buf); continue;
if (g->def_rounds) {
if (rounds == 0)
rounds = g->def_rounds;
if (rounds < g->min_rounds || rounds > g->max_rounds)
return 0;
}
res = px_get_random_bytes(rbuf, g->input_len);
if (res != g->input_len)
return 0;
p = g->gen(rounds, rbuf, g->input_len, buf, PX_MAX_SALT_LEN);
memset(rbuf, 0, sizeof(rbuf));
return p != NULL ? strlen(p) : 0;
} }
return 0; return 0;

23
contrib/pgcrypto/px-crypt.h
Unescape View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $Id: px-crypt.h,v 1.1 2001/08/21 01:32:01 momjian Exp $ * $Id: px-crypt.h,v 1.2 2001/09/23 04:12:44 momjian Exp $
*/ */
#ifndef _PX_CRYPT_H #ifndef _PX_CRYPT_H
@ -38,19 +38,22 @@
/* max salt returned by gen_salt() */ /* max salt returned by gen_salt() */
#define PX_MAX_SALT_LEN 128 #define PX_MAX_SALT_LEN 128
/* rounds for xdes salt */ /* default rounds for xdes salt */
/* NetBSD bin/passwd/local_passwd.c has (29 * 25)*/ /* NetBSD bin/passwd/local_passwd.c has (29 * 25)*/
#define PX_XDES_ROUNDS (29 * 25) #define PX_XDES_ROUNDS (29 * 25)
/* rounds for blowfish salt */ /* default for blowfish salt */
#define PX_BF_ROUNDS 6 #define PX_BF_ROUNDS 6
/* /*
* main interface * main interface
*/ */
char *px_crypt(const char *psw, const char *salt, char *buf, unsigned buflen); char *px_crypt(const char *psw, const char *salt, char *buf, unsigned buflen);
unsigned px_gen_salt(const char *salt_type, char *dst); unsigned px_gen_salt(const char *salt_type, char *dst, int rounds);
/*
* internal functions
*/
/* misc.c */ /* misc.c */
extern void px_crypt_to64(char *s, unsigned long v, int n); extern void px_crypt_to64(char *s, unsigned long v, int n);
@ -59,6 +62,15 @@ extern char px_crypt_a64[];
#define _crypt_to64 px_crypt_to64 #define _crypt_to64 px_crypt_to64
#define _crypt_a64 px_crypt_a64 #define _crypt_a64 px_crypt_a64
/* crypt-gensalt.c */
char *_crypt_gensalt_traditional_rn(unsigned long count,
const char *input, int size, char *output, int output_size);
char *_crypt_gensalt_extended_rn(unsigned long count,
const char *input, int size, char *output, int output_size);
char *_crypt_gensalt_md5_rn(unsigned long count,
const char *input, int size, char *output, int output_size);
char *_crypt_gensalt_blowfish_rn(unsigned long count,
const char *input, int size, char *output, int output_size);
#ifndef PX_SYSTEM_CRYPT #ifndef PX_SYSTEM_CRYPT
@ -66,9 +78,6 @@ extern char px_crypt_a64[];
/* #define DISABLE_XDES */ /* #define DISABLE_XDES */
/* crypt-blowfish.c */ /* crypt-blowfish.c */
char *_crypt_gensalt_blowfish_rn(unsigned long count,
const char *input, int size,
char *output, int output_size);
char *_crypt_blowfish_rn(const char *key, const char *setting, char *_crypt_blowfish_rn(const char *key, const char *setting,
char *output, int size); char *output, int size);

4
contrib/pgcrypto/px.h
Unescape View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $Id: px.h,v 1.1 2001/08/21 01:32:01 momjian Exp $ * $Id: px.h,v 1.2 2001/09/23 04:12:44 momjian Exp $
*/ */
#ifndef __PX_H #ifndef __PX_H
@ -133,6 +133,8 @@ int px_find_hmac(const char *name, PX_HMAC **res);
int px_find_cipher(const char *name, PX_Cipher **res); int px_find_cipher(const char *name, PX_Cipher **res);
int px_find_combo(const char *name, PX_Combo **res); int px_find_combo(const char *name, PX_Combo **res);
int px_get_random_bytes(uint8 *dst, unsigned count);
const char *px_resolve_alias(const PX_Alias *aliases, const char *name); const char *px_resolve_alias(const PX_Alias *aliases, const char *name);
#define px_md_result_size(md) (md)->result_size(md) #define px_md_result_size(md) (md)->result_size(md)

127
contrib/pgcrypto/random.c
Unescape View File

@ -0,0 +1,127 @@
/*
* random.c
* Random functions.
*
* Copyright (c) 2001 Marko Kreen
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: random.c,v 1.1 2001/09/23 04:12:44 momjian Exp $
*/
#include <postgres.h>
#include "px.h"
#ifdef RAND_DEV
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>
static int
safe_read(int fd, void *buf, size_t count)
{
int done = 0;
char *p = buf;
int res;
while (count) {
res = read(fd, p, count);
if (res <= 0) {
if (errno == EINTR)
continue;
return -1;
}
p += res;
done += res;
count -= res;
}
return done;
}
int
px_get_random_bytes(uint8 *dst, unsigned count)
{
int fd;
int res;
fd = open(RAND_DEV, O_RDONLY);
if (fd == -1)
return -1;
res = safe_read(fd, dst, count);
close(fd);
return res;
}
#endif /* RAND_DEV */
#ifdef RAND_SILLY
int px_get_random_bytes(char *dst, unsigned count)
{
int i;
for (i = 0; i < count; i++) {
*dst++ = random();
}
return i;
}
#endif /* RAND_SILLY */
#ifdef RAND_OPENSSL
#include <openssl/evp.h>
#include <openssl/blowfish.h>
#include <openssl/rand.h>
#include <openssl/err.h>
static int openssl_random_init = 0;
int px_get_random_bytes(uint8 *dst, unsigned count)
{
int res;
if (!openssl_random_init) {
if (RAND_get_rand_method() == NULL) {
RAND_set_rand_method(RAND_SSLeay());
}
openssl_random_init = 1;
}
/*
* OpenSSL random should re-feeded occasionally.
* From /dev/urandom preferrably.
*/
res = RAND_bytes(dst, count);
if (res > 0)
return count;
return -1;
}
#endif /* RAND_OPENSSL */
Write Preview
Loading…
Cancel
Save