search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Mention battery-backed cache under hardware selection options.
[PostgreSQL.git] / contrib / pgcrypto / internal.c
blob2d6efb255882d3eaeac3ecd89e1ecfbde456972f
1 /*
2 * internal.c
3 * Wrapper for builtin functions
4 *
5 * Copyright (c) 2001 Marko Kreen
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $PostgreSQL$
30 */
31
32 #include "postgres.h"
33
34 #include <time.h>
35
36 #include "px.h"
37 #include "md5.h"
38 #include "sha1.h"
39 #include "sha2.h"
40 #include "blf.h"
41 #include "rijndael.h"
42 #include "fortuna.h"
43
44 /*
45 * System reseeds should be separated at least this much.
46 */
47 #define SYSTEM_RESEED_MIN (20*60) /* 20 min */
48 /*
49 * How often to roll dice.
50 */
51 #define SYSTEM_RESEED_CHECK_TIME (10*60) /* 10 min */
52 /*
53 * The chance is x/256 that the reseed happens.
54 */
55 #define SYSTEM_RESEED_CHANCE (4) /* 256/4 * 10min ~ 10h */
56
57 /*
58 * If this much time has passed, force reseed.
59 */
60 #define SYSTEM_RESEED_MAX (12*60*60) /* 12h */
61
62
63 #ifndef MD5_DIGEST_LENGTH
64 #define MD5_DIGEST_LENGTH 16
65 #endif
66
67 #ifndef SHA1_DIGEST_LENGTH
68 #ifdef SHA1_RESULTLEN
69 #define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
70 #else
71 #define SHA1_DIGEST_LENGTH 20
72 #endif
73 #endif
74
75 #define SHA1_BLOCK_SIZE 64
76 #define MD5_BLOCK_SIZE 64
77
78 static void init_md5(PX_MD * h);
79 static void init_sha1(PX_MD * h);
80
81 void init_sha224(PX_MD * h);
82 void init_sha256(PX_MD * h);
83 void init_sha384(PX_MD * h);
84 void init_sha512(PX_MD * h);
85
86 struct int_digest
87 {
88 char *name;
89 void (*init) (PX_MD * h);
90 };
91
92 static const struct int_digest
93 int_digest_list[] = {
94 {"md5", init_md5},
95 {"sha1", init_sha1},
96 {"sha224", init_sha224},
97 {"sha256", init_sha256},
98 {"sha384", init_sha384},
99 {"sha512", init_sha512},
100 {NULL, NULL}
101 };
102
103 /* MD5 */
104
105 static unsigned
106 int_md5_len(PX_MD * h)
107 {
108 return MD5_DIGEST_LENGTH;
109 }
110
111 static unsigned
112 int_md5_block_len(PX_MD * h)
113 {
114 return MD5_BLOCK_SIZE;
115 }
116
117 static void
118 int_md5_update(PX_MD * h, const uint8 *data, unsigned dlen)
119 {
120 MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
121
122 MD5Update(ctx, data, dlen);
123 }
124
125 static void
126 int_md5_reset(PX_MD * h)
127 {
128 MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
129
130 MD5Init(ctx);
131 }
132
133 static void
134 int_md5_finish(PX_MD * h, uint8 *dst)
135 {
136 MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
137
138 MD5Final(dst, ctx);
139 }
140
141 static void
142 int_md5_free(PX_MD * h)
143 {
144 MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
145
146 memset(ctx, 0, sizeof(*ctx));
147 px_free(ctx);
148 px_free(h);
149 }
150
151 /* SHA1 */
152
153 static unsigned
154 int_sha1_len(PX_MD * h)
155 {
156 return SHA1_DIGEST_LENGTH;
157 }
158
159 static unsigned
160 int_sha1_block_len(PX_MD * h)
161 {
162 return SHA1_BLOCK_SIZE;
163 }
164
165 static void
166 int_sha1_update(PX_MD * h, const uint8 *data, unsigned dlen)
167 {
168 SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
169
170 SHA1Update(ctx, data, dlen);
171 }
172
173 static void
174 int_sha1_reset(PX_MD * h)
175 {
176 SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
177
178 SHA1Init(ctx);
179 }
180
181 static void
182 int_sha1_finish(PX_MD * h, uint8 *dst)
183 {
184 SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
185
186 SHA1Final(dst, ctx);
187 }
188
189 static void
190 int_sha1_free(PX_MD * h)
191 {
192 SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
193
194 memset(ctx, 0, sizeof(*ctx));
195 px_free(ctx);
196 px_free(h);
197 }
198
199 /* init functions */
200
201 static void
202 init_md5(PX_MD * md)
203 {
204 MD5_CTX *ctx;
205
206 ctx = px_alloc(sizeof(*ctx));
207 memset(ctx, 0, sizeof(*ctx));
208
209 md->p.ptr = ctx;
210
211 md->result_size = int_md5_len;
212 md->block_size = int_md5_block_len;
213 md->reset = int_md5_reset;
214 md->update = int_md5_update;
215 md->finish = int_md5_finish;
216 md->free = int_md5_free;
217
218 md->reset(md);
219 }
220
221 static void
222 init_sha1(PX_MD * md)
223 {
224 SHA1_CTX *ctx;
225
226 ctx = px_alloc(sizeof(*ctx));
227 memset(ctx, 0, sizeof(*ctx));
228
229 md->p.ptr = ctx;
230
231 md->result_size = int_sha1_len;
232 md->block_size = int_sha1_block_len;
233 md->reset = int_sha1_reset;
234 md->update = int_sha1_update;
235 md->finish = int_sha1_finish;
236 md->free = int_sha1_free;
237
238 md->reset(md);
239 }
240
241 /*
242 * ciphers generally
243 */
244
245 #define INT_MAX_KEY (512/8)
246 #define INT_MAX_IV (128/8)
247
248 struct int_ctx
249 {
250 uint8 keybuf[INT_MAX_KEY];
251 uint8 iv[INT_MAX_IV];
252 union
253 {
254 BlowfishContext bf;
255 rijndael_ctx rj;
256 } ctx;
257 unsigned keylen;
258 int is_init;
259 int mode;
260 };
261
262 static void
263 intctx_free(PX_Cipher * c)
264 {
265 struct int_ctx *cx = (struct int_ctx *) c->ptr;
266
267 if (cx)
268 {
269 memset(cx, 0, sizeof *cx);
270 px_free(cx);
271 }
272 px_free(c);
273 }
274
275 /*
276 * AES/rijndael
277 */
278
279 #define MODE_ECB 0
280 #define MODE_CBC 1
281
282 static unsigned
283 rj_block_size(PX_Cipher * c)
284 {
285 return 128 / 8;
286 }
287
288 static unsigned
289 rj_key_size(PX_Cipher * c)
290 {
291 return 256 / 8;
292 }
293
294 static unsigned
295 rj_iv_size(PX_Cipher * c)
296 {
297 return 128 / 8;
298 }
299
300 static int
301 rj_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
302 {
303 struct int_ctx *cx = (struct int_ctx *) c->ptr;
304
305 if (klen <= 128 / 8)
306 cx->keylen = 128 / 8;
307 else if (klen <= 192 / 8)
308 cx->keylen = 192 / 8;
309 else if (klen <= 256 / 8)
310 cx->keylen = 256 / 8;
311 else
312 return PXE_KEY_TOO_BIG;
313
314 memcpy(&cx->keybuf, key, klen);
315
316 if (iv)
317 memcpy(cx->iv, iv, 128 / 8);
318
319 return 0;
320 }
321
322 static int
323 rj_real_init(struct int_ctx * cx, int dir)
324 {
325 aes_set_key(&cx->ctx.rj, cx->keybuf, cx->keylen * 8, dir);
326 return 0;
327 }
328
329 static int
330 rj_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
331 {
332 struct int_ctx *cx = (struct int_ctx *) c->ptr;
333
334 if (!cx->is_init)
335 {
336 if (rj_real_init(cx, 1))
337 return PXE_CIPHER_INIT;
338 }
339
340 if (dlen == 0)
341 return 0;
342
343 if (dlen & 15)
344 return PXE_NOTBLOCKSIZE;
345
346 memcpy(res, data, dlen);
347
348 if (cx->mode == MODE_CBC)
349 {
350 aes_cbc_encrypt(&cx->ctx.rj, cx->iv, res, dlen);
351 memcpy(cx->iv, res + dlen - 16, 16);
352 }
353 else
354 aes_ecb_encrypt(&cx->ctx.rj, res, dlen);
355
356 return 0;
357 }
358
359 static int
360 rj_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
361 {
362 struct int_ctx *cx = (struct int_ctx *) c->ptr;
363
364 if (!cx->is_init)
365 if (rj_real_init(cx, 0))
366 return PXE_CIPHER_INIT;
367
368 if (dlen == 0)
369 return 0;
370
371 if (dlen & 15)
372 return PXE_NOTBLOCKSIZE;
373
374 memcpy(res, data, dlen);
375
376 if (cx->mode == MODE_CBC)
377 {
378 aes_cbc_decrypt(&cx->ctx.rj, cx->iv, res, dlen);
379 memcpy(cx->iv, data + dlen - 16, 16);
380 }
381 else
382 aes_ecb_decrypt(&cx->ctx.rj, res, dlen);
383
384 return 0;
385 }
386
387 /*
388 * initializers
389 */
390
391 static PX_Cipher *
392 rj_load(int mode)
393 {
394 PX_Cipher *c;
395 struct int_ctx *cx;
396
397 c = px_alloc(sizeof *c);
398 memset(c, 0, sizeof *c);
399
400 c->block_size = rj_block_size;
401 c->key_size = rj_key_size;
402 c->iv_size = rj_iv_size;
403 c->init = rj_init;
404 c->encrypt = rj_encrypt;
405 c->decrypt = rj_decrypt;
406 c->free = intctx_free;
407
408 cx = px_alloc(sizeof *cx);
409 memset(cx, 0, sizeof *cx);
410 cx->mode = mode;
411
412 c->ptr = cx;
413 return c;
414 }
415
416 /*
417 * blowfish
418 */
419
420 static unsigned
421 bf_block_size(PX_Cipher * c)
422 {
423 return 8;
424 }
425
426 static unsigned
427 bf_key_size(PX_Cipher * c)
428 {
429 return 448 / 8;
430 }
431
432 static unsigned
433 bf_iv_size(PX_Cipher * c)
434 {
435 return 8;
436 }
437
438 static int
439 bf_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
440 {
441 struct int_ctx *cx = (struct int_ctx *) c->ptr;
442
443 blowfish_setkey(&cx->ctx.bf, key, klen);
444 if (iv)
445 blowfish_setiv(&cx->ctx.bf, iv);
446
447 return 0;
448 }
449
450 static int
451 bf_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
452 {
453 struct int_ctx *cx = (struct int_ctx *) c->ptr;
454 BlowfishContext *bfctx = &cx->ctx.bf;
455
456 if (dlen == 0)
457 return 0;
458
459 if (dlen & 7)
460 return PXE_NOTBLOCKSIZE;
461
462 memcpy(res, data, dlen);
463 switch (cx->mode)
464 {
465 case MODE_ECB:
466 blowfish_encrypt_ecb(res, dlen, bfctx);
467 break;
468 case MODE_CBC:
469 blowfish_encrypt_cbc(res, dlen, bfctx);
470 break;
471 }
472 return 0;
473 }
474
475 static int
476 bf_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
477 {
478 struct int_ctx *cx = (struct int_ctx *) c->ptr;
479 BlowfishContext *bfctx = &cx->ctx.bf;
480
481 if (dlen == 0)
482 return 0;
483
484 if (dlen & 7)
485 return PXE_NOTBLOCKSIZE;
486
487 memcpy(res, data, dlen);
488 switch (cx->mode)
489 {
490 case MODE_ECB:
491 blowfish_decrypt_ecb(res, dlen, bfctx);
492 break;
493 case MODE_CBC:
494 blowfish_decrypt_cbc(res, dlen, bfctx);
495 break;
496 }
497 return 0;
498 }
499
500 static PX_Cipher *
501 bf_load(int mode)
502 {
503 PX_Cipher *c;
504 struct int_ctx *cx;
505
506 c = px_alloc(sizeof *c);
507 memset(c, 0, sizeof *c);
508
509 c->block_size = bf_block_size;
510 c->key_size = bf_key_size;
511 c->iv_size = bf_iv_size;
512 c->init = bf_init;
513 c->encrypt = bf_encrypt;
514 c->decrypt = bf_decrypt;
515 c->free = intctx_free;
516
517 cx = px_alloc(sizeof *cx);
518 memset(cx, 0, sizeof *cx);
519 cx->mode = mode;
520 c->ptr = cx;
521 return c;
522 }
523
524 /* ciphers */
525
526 static PX_Cipher *
527 rj_128_ecb(void)
528 {
529 return rj_load(MODE_ECB);
530 }
531
532 static PX_Cipher *
533 rj_128_cbc(void)
534 {
535 return rj_load(MODE_CBC);
536 }
537
538 static PX_Cipher *
539 bf_ecb_load(void)
540 {
541 return bf_load(MODE_ECB);
542 }
543
544 static PX_Cipher *
545 bf_cbc_load(void)
546 {
547 return bf_load(MODE_CBC);
548 }
549
550 struct int_cipher
551 {
552 char *name;
553 PX_Cipher *(*load) (void);
554 };
555
556 static const struct int_cipher
557 int_ciphers[] = {
558 {"bf-cbc", bf_cbc_load},
559 {"bf-ecb", bf_ecb_load},
560 {"aes-128-cbc", rj_128_cbc},
561 {"aes-128-ecb", rj_128_ecb},
562 {NULL, NULL}
563 };
564
565 static const PX_Alias int_aliases[] = {
566 {"bf", "bf-cbc"},
567 {"blowfish", "bf-cbc"},
568 {"aes", "aes-128-cbc"},
569 {"aes-ecb", "aes-128-ecb"},
570 {"aes-cbc", "aes-128-cbc"},
571 {"aes-128", "aes-128-cbc"},
572 {"rijndael", "aes-128-cbc"},
573 {"rijndael-128", "aes-128-cbc"},
574 {NULL, NULL}
575 };
576
577 /* PUBLIC FUNCTIONS */
578
579 int
580 px_find_digest(const char *name, PX_MD ** res)
581 {
582 const struct int_digest *p;
583 PX_MD *h;
584
585 for (p = int_digest_list; p->name; p++)
586 if (pg_strcasecmp(p->name, name) == 0)
587 {
588 h = px_alloc(sizeof(*h));
589 p->init(h);
590
591 *res = h;
592
593 return 0;
594 }
595 return PXE_NO_HASH;
596 }
597
598 int
599 px_find_cipher(const char *name, PX_Cipher ** res)
600 {
601 int i;
602 PX_Cipher *c = NULL;
603
604 name = px_resolve_alias(int_aliases, name);
605
606 for (i = 0; int_ciphers[i].name; i++)
607 if (!strcmp(int_ciphers[i].name, name))
608 {
609 c = int_ciphers[i].load();
610 break;
611 }
612
613 if (c == NULL)
614 return PXE_NO_CIPHER;
615
616 *res = c;
617 return 0;
618 }
619
620 /*
621 * Randomness provider
622 */
623
624 /*
625 * Use always strong randomness.
626 */
627 int
628 px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
629 {
630 return px_get_random_bytes(dst, count);
631 }
632
633 static time_t seed_time = 0;
634 static time_t check_time = 0;
635
636 static void
637 system_reseed(void)
638 {
639 uint8 buf[1024];
640 int n;
641 time_t t;
642 int skip = 1;
643
644 t = time(NULL);
645
646 if (seed_time == 0)
647 skip = 0;
648 else if ((t - seed_time) < SYSTEM_RESEED_MIN)
649 skip = 1;
650 else if ((t - seed_time) > SYSTEM_RESEED_MAX)
651 skip = 0;
652 else if (check_time == 0 ||
653 (t - check_time) > SYSTEM_RESEED_CHECK_TIME)
654 {
655 check_time = t;
656
657 /* roll dice */
658 px_get_random_bytes(buf, 1);
659 skip = buf[0] >= SYSTEM_RESEED_CHANCE;
660 }
661 /* clear 1 byte */
662 memset(buf, 0, sizeof(buf));
663
664 if (skip)
665 return;
666
667 n = px_acquire_system_randomness(buf);
668 if (n > 0)
669 fortuna_add_entropy(buf, n);
670
671 seed_time = t;
672 memset(buf, 0, sizeof(buf));
673 }
674
675 int
676 px_get_random_bytes(uint8 *dst, unsigned count)
677 {
678 system_reseed();
679 fortuna_get_bytes(count, dst);
680 return 0;
681 }
682
683 int
684 px_add_entropy(const uint8 *data, unsigned count)
685 {
686 system_reseed();
687 fortuna_add_entropy(data, count);
688 return 0;
689 }
PostgreSQL from CVS