Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitab56022

Browse files
committed
Big thanks to Solar Designer who pointed out a bug in bcrypt
salt generation code. He also urged using better random sourceand making possible to choose using bcrypt and xdes rounds moreeasily. So, here's patch:* For all salt generation, use Solar Designer's own code. This is mostly due fact that his code is more fit for get_random_bytes() style interface.* New function: gen_salt(type, rounds). This lets specify iteration count for algorithm.* random.c: px_get_random_bytes() function. Supported randomness soure: /dev/urandom, OpenSSL PRNG, libc random() Default: /dev/urandom.* Draft description of C API for pgcrypto functions.New files: API, crypt-gensalt.c, random.cMarko Kreen
1 parentb75814a commitab56022

File tree

13 files changed

+627
-134
lines changed

13 files changed

+627
-134
lines changed

‎contrib/pgcrypto/API

Lines changed: 163 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,163 @@
1+
2+
C API for pgcrypto
3+
==================
4+
5+
6+
UN*X crypt()
7+
============
8+
9+
#include <px-crypt.h>
10+
11+
char *
12+
px_crypt(const char *psw, const char *salt, char *buf, unsigned buflen);
13+
14+
returns buf or NULL for error.
15+
16+
unsigned px_gen_salt(const char *salt_type, char *dst, int rounds);
17+
18+
returns salt size. dst should be PX_MAX_SALT_LEN bytes.
19+
'rounds' is algorithm specific. 0 means default for
20+
that algorithm.
21+
22+
Random
23+
======
24+
25+
int px_rand_get_bytes(uint8 *dst, int num)
26+
27+
28+
Crypto "objects"
29+
================
30+
31+
PX_MD - Message digest
32+
PX_HMAC - HMAC (Hash MAC)
33+
PX_Cipher - cipher+mode: provided by libs
34+
PX_Combo - higher-level encryption -> padding, [MD]
35+
36+
Objects are activated with following functions:
37+
38+
int px_find_digest(const char *name, PX_MD **res);
39+
int px_find_hmac(const char *name, PX_HMAC **res);
40+
int px_find_cipher(const char *name, PX_Cipher **res);
41+
int px_find_combo(const char *name, PX_Combo **res);
42+
43+
returns 0 on success, < 0 on error. If successful,
44+
*res contains pointer to new object.
45+
46+
Message Digest
47+
==============
48+
49+
uint px_md_result_size(PX_MD *md)
50+
51+
returns final result size in bytes
52+
53+
void px_md_reset(PX_MD *md)
54+
55+
resets md to clean state
56+
57+
uint px_md_block_size(PX_MD *md)
58+
59+
return algorithm block size in bytes
60+
61+
void px_md_update(PX_MD *md, const uint8 *data, uint dlen)
62+
63+
updates hash state with new data
64+
65+
void px_md_finish(PX_MD *md, uint8 *buf)
66+
67+
puts final hash state into buf. buf should have room
68+
for px_md_result_size() bytes.
69+
70+
void px_md_free(PX_MD *md)
71+
72+
frees resources.
73+
74+
HMAC (Hash Message Authentication Code)
75+
=======================================
76+
77+
int px_hmac_init(PX_HMAC *hmac, const uint8 *key, uint klen)
78+
79+
initalized hmac state with key.
80+
81+
uint px_hmac_result_size(PX_HMAC *md)
82+
83+
returns final result size in bytes
84+
85+
void px_hmac_reset(PX_HMAC *md)
86+
87+
resets md to state after _init()
88+
89+
uint px_hmac_block_size(PX_HMAC *md)
90+
91+
return algorithm block size in bytes
92+
93+
void px_hmac_update(PX_HMAC *md, const uint8 *data, uint dlen)
94+
95+
updates hash state with new data
96+
97+
void px_hmac_finish(PX_HMAC *md, uint8 *buf)
98+
99+
puts final hash state into buf. buf should have room
100+
for px_hmac_result_size() bytes.
101+
102+
void px_hmac_free(PX_HMAC *md)
103+
104+
frees resources.
105+
106+
107+
Cipher
108+
======
109+
110+
uint px_cipher_key_size(PX_Cipher *c)
111+
112+
returns max key size in bytes
113+
114+
uint px_cipher_block_size(PX_Cipher *c)
115+
116+
returns cipher+mode block size in bytes. So blowfish
117+
in CFB mode should return 1.
118+
119+
uint px_cipher_iv_size(PX_Cipher *c)
120+
121+
returns IV size in bytes.
122+
123+
int px_cipher_init(PX_Cipher *c, uint8 *key, uint klen, uint8 *iv)
124+
125+
initializes cipher with supplied key and iv.
126+
127+
int px_cipher_encrypt(PX_Cipher *c, uint8 *data, uint dlen, uint8 *res)
128+
129+
encrypts data. res must have room for dlen bytes.
130+
data must be multiple of px_cipher_block_size().
131+
132+
int px_cipher_decrypt(PX_Cipher *c, uint8 *data, uint dlen, uint8 *res)
133+
134+
decrypts data. res must have room for dlen bytes.
135+
136+
void px_cipher_free(PX_Cipher *c)
137+
138+
frees resources assiocated.
139+
140+
PX_Combo
141+
========
142+
143+
uint px_combo_encrypt_len(PX_Combo *c, uint dlen)
144+
145+
calculates max result length for dlen of data.
146+
147+
uint px_combo_decrypt_len(PX_Combo *c, uint dlen)
148+
149+
calculates result length for dlen of data.
150+
151+
int px_combo_init(PX_Combo *c, uint8 *key, uint klen, uint8 *iv, uint ivlen)
152+
153+
initializes c with key and iv. If cipher uses fixed length keys,
154+
key will be padded with zeroes to needed length.
155+
156+
int px_combo_encrypt(PX_Combo *c, uint8 *data, uint dlen, uint8 *res, uint rlen)
157+
158+
int px_combo_decrypt(PX_Combo *c, uint8 *data, uint dlen, uint8 *res, uint rlen)
159+
160+
void px_combo_free(PX_Combo *c)
161+
162+
frees resources assiocated.
163+

‎contrib/pgcrypto/Makefile

Lines changed: 25 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
#
2-
# $Header: /cvsroot/pgsql/contrib/pgcrypto/Makefile,v 1.6 2001/09/16 16:11:09 petere Exp $
2+
# $Header: /cvsroot/pgsql/contrib/pgcrypto/Makefile,v 1.7 2001/09/23 04:12:44 momjian Exp $
33
#
44

55
subdir = contrib/pgcrypto
@@ -12,6 +12,18 @@ cryptolib = builtin
1212
# either 'builtin', 'system'
1313
cryptsrc = builtin
1414

15+
# Random source, preferred order:
16+
# 'dev' - read from random device
17+
#
18+
# 'openssl' - use openssl PRNG.
19+
# Note that currently pgcrypto does not do any
20+
# entropy feeding to it
21+
# This works ofcouse only with cryptolib = openssl
22+
#
23+
# 'silly' - use libc random() - very weak
24+
random = dev
25+
random_dev = \"/dev/urandom\"
26+
1527
##########################
1628

1729
ifeq ($(cryptolib), builtin)
@@ -38,8 +50,19 @@ else
3850
CRYPTO_CFLAGS += -DPX_SYSTEM_CRYPT
3951
endif
4052

53+
ifeq ($(random), dev)
54+
CRYPTO_CFLAGS += -DRAND_DEV=$(random_dev)
55+
endif
56+
ifeq ($(random), openssl)
57+
CRYPTO_CFLAGS += -DRAND_OPENSSL
58+
endif
59+
ifeq ($(random), silly)
60+
CRYPTO_CFLAGS += -DRAND_SILLY
61+
endif
62+
4163
NAME:= pgcrypto
42-
SRCS+= pgcrypto.c px.c px-hmac.c px-crypt.c misc.c
64+
SRCS+= pgcrypto.c px.c px-hmac.c px-crypt.c misc.c\
65+
crypt-gensalt.c random.c
4366
OBJS:=$(SRCS:.c=.o)
4467
SHLIB_LINK :=$(CRYPTO_LDFLAGS)
4568
SO_MAJOR_VERSION = 0

‎contrib/pgcrypto/README.pgcrypto

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,13 @@ INSTALLATION
99

1010
Edit makefile, if you want to use any external library.
1111

12+
NB! Default randomness source is /dev/urandom device. If you
13+
do not have it, you also need to edit Makefile to let pgcrypto
14+
use either OpenSSL PRNG or libc random() PRNG. Using libc random()
15+
is discouraged.
16+
17+
After editing Makefile:
18+
1219
make
1320
make install
1421

@@ -73,6 +80,27 @@ gen_salt(type::text)::text
7380
When you use --enable-system-crypt then note that system
7481
libcrypt may not support them all.
7582

83+
gen_salt(type::text, rounds::int4)::text
84+
85+
same as above, but lets user specify iteration count
86+
for algorithm. Number is algotithm specific:
87+
88+
typedefaultminmax
89+
---------------------------------
90+
xdes725116777215
91+
bf6431
92+
93+
In case of xdes there is a additional limitation that the
94+
count must be a odd number.
95+
96+
The higher the count, the more time it takes to calculate
97+
crypt and therefore the more time to break it. But beware!
98+
With too high count it takes a _very_long_ time to
99+
calculate it.
100+
101+
For maximum security, you should choose the 'bf' crypt
102+
and use maximum number of rounds you can still tolerate.
103+
76104
encrypt(data::bytea, key::bytea, type::text)::bytea
77105
decrypt(data::bytea, key::bytea, type::text)::bytea
78106
encrypt_iv(data::bytea, key::bytea, iv::bytea, type::text)::bytea

‎contrib/pgcrypto/crypt-blowfish.c

Lines changed: 0 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -705,28 +705,3 @@ char *_crypt_blowfish_rn(__CONST char *key, __CONST char *setting,
705705
returnoutput;
706706
}
707707

708-
char*_crypt_gensalt_blowfish_rn(unsigned longcount,
709-
__CONSTchar*input,intsize,char*output,intoutput_size)
710-
{
711-
if (size<16||output_size<7+22+1||
712-
(count&& (count<4||count>31))) {
713-
if (output_size>0)output[0]='\0';
714-
__set_errno((output_size<7+22+1) ?ERANGE :EINVAL);
715-
returnNULL;
716-
}
717-
718-
if (!count)count=5;
719-
720-
output[0]='$';
721-
output[1]='2';
722-
output[2]='a';
723-
output[3]='$';
724-
output[4]='0'+count /10;
725-
output[5]='0'+count %10;
726-
output[6]='$';
727-
728-
BF_encode(&output[7], (BF_word*)input,16);
729-
output[7+22]='\0';
730-
731-
returnoutput;
732-
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp