mirror/postgresql
2
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2025-02-17 19:30:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

pgcrypto: Remove non-OpenSSL support

Browse Source 
pgcrypto had internal implementations of some encryption algorithms,
as an alternative to calling out to OpenSSL.  These were rarely used,
since most production installations are built with OpenSSL.  Moreover,
maintaining parallel code paths makes the code more complex and
difficult to maintain.

This patch removes these internal implementations.  Now, pgcrypto is
only built if OpenSSL support is configured.

Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Discussion: https://www.postgresql.org/message-id/flat/0b42f1df-8cba-6a30-77d7-acc241cc88c1%40enterprisedb.com
This commit is contained in:
Peter Eisentraut 2021-11-05 13:59:42 +01:00
parent a5b336b8b9
commit db7d1a7b05
15 changed files with 42 additions and 7742 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
contrib/Makefile
View File

@ -36,7 +36,6 @@ SUBDIRS = \
pg_stat_statements \
pg_surgery \
pg_trgm \
pgcrypto \
pgrowlocks \
pgstattuple \
pg_visibility \
@ -52,9 +51,9 @@ SUBDIRS = \
vacuumlo
ifeq ($(with_ssl),openssl)
SUBDIRS += sslinfo
SUBDIRS += pgcrypto sslinfo
else
ALWAYS_SUBDIRS += sslinfo
ALWAYS_SUBDIRS += pgcrypto sslinfo
endif
ifneq ($(with_uuid),no)

73
contrib/pgcrypto/Makefile
View File

@ -1,48 +1,38 @@
# contrib/pgcrypto/Makefile
INT_SRCS = internal.c internal-sha2.c blf.c rijndael.c \
pgp-mpi-internal.c imath.c
INT_TESTS = sha2
OSSL_SRCS = openssl.c pgp-mpi-openssl.c
OSSL_TESTS = sha2 des 3des cast5
ZLIB_TST = pgp-compression
ZLIB_OFF_TST = pgp-zlib-DISABLED
CF_SRCS = $(if $(subst openssl,,$(with_ssl)), $(INT_SRCS), $(OSSL_SRCS))
CF_TESTS = $(if $(subst openssl,,$(with_ssl)), $(INT_TESTS), $(OSSL_TESTS))
CF_PGP_TESTS = $(if $(subst no,,$(with_zlib)), $(ZLIB_TST), $(ZLIB_OFF_TST))
SRCS = \
$(CF_SRCS) \
crypt-blowfish.c \
crypt-des.c \
crypt-gensalt.c \
crypt-md5.c \
mbuf.c \
pgcrypto.c \
pgp-armor.c \
pgp-cfb.c \
pgp-compress.c \
pgp-decrypt.c \
pgp-encrypt.c \
pgp-info.c \
pgp-mpi.c \
pgp-pgsql.c \
pgp-pubdec.c \
pgp-pubenc.c \
pgp-pubkey.c \
pgp-s2k.c \
pgp.c \
px-crypt.c \
px-hmac.c \
px.c
OBJS = \
$(WIN32RES) \
crypt-blowfish.o \
crypt-des.o \
crypt-gensalt.o \
crypt-md5.o \
mbuf.o \
openssl.o \
pgcrypto.o \
pgp-armor.o \
pgp-cfb.o \
pgp-compress.o \
pgp-decrypt.o \
pgp-encrypt.o \
pgp-info.o \
pgp-mpi.o \
pgp-mpi-openssl.o \
pgp-pgsql.o \
pgp-pubdec.o \
pgp-pubenc.o \
pgp-pubkey.o \
pgp-s2k.o \
pgp.o \
px-crypt.o \
px-hmac.o \
px.o
MODULE_big = pgcrypto
OBJS = \
$(SRCS:.c=.o) \
$(WIN32RES)
EXTENSION = pgcrypto
DATA = pgcrypto--1.3.sql pgcrypto--1.2--1.3.sql pgcrypto--1.1--1.2.sql \
@ -50,7 +40,7 @@ DATA = pgcrypto--1.3.sql pgcrypto--1.2--1.3.sql pgcrypto--1.1--1.2.sql \
PGFILEDESC = "pgcrypto - cryptographic functions"
REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \
$(CF_TESTS) \
sha2 des 3des cast5 \
crypt-des crypt-md5 crypt-blowfish crypt-xdes \
pgp-armor pgp-decrypt pgp-encrypt $(CF_PGP_TESTS) \
pgp-pubkey-decrypt pgp-pubkey-encrypt pgp-info
@ -77,12 +67,3 @@ SHLIB_LINK += $(filter -leay32, $(LIBS))
# those must be at the end
SHLIB_LINK += -lws2_32
endif
# Upstream uses a larger subset of C99.
imath.o: CFLAGS+=$(PERMIT_DECLARATION_AFTER_STATEMENT)
rijndael.o: rijndael.tbl
rijndael.tbl:
$(CC) $(CPPFLAGS) $(CFLAGS) -DPRINT_TABS rijndael.c -o gen-rtab
./gen-rtab > rijndael.tbl

499
contrib/pgcrypto/blf.c
View File

@ -1,499 +0,0 @@
/*
* Butchered version of sshblowf.c from putty-0.59.
*
* contrib/pgcrypto/blf.c
*/
/*
* PuTTY is copyright 1997-2007 Simon Tatham.
*
* Portions copyright Robert de Bath, Joris van Rantwijk, Delian
* Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
* Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa, Markus
* Kuhn, and CORE SDI S.A.
*
* Permission is hereby granted, free of charge, to any person
* obtaining a copy of this software and associated documentation files
* (the "Software"), to deal in the Software without restriction,
* including without limitation the rights to use, copy, modify, merge,
* publish, distribute, sublicense, and/or sell copies of the Software,
* and to permit persons to whom the Software is furnished to do so,
* subject to the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
* FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
* CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
* WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
/*
* Blowfish implementation for PuTTY.
*
* Coded from scratch from the algorithm description.
*/
#include "postgres.h"
#include "blf.h"
#define GET_32BIT_MSB_FIRST(p) ( \
((p)[0] << 24) | ((p)[1] << 16) | ((p)[2] << 8) | ((p)[3]) )
#define PUT_32BIT_MSB_FIRST(p, v) do { \
(p)[0] = v >> 24; \
(p)[1] = v >> 16; \
(p)[2] = v >> 8; \
(p)[3] = v; \
} while (0)
/*
* The Blowfish init data: hex digits of the fractional part of pi.
* (ie pi as a hex fraction is 3.243F6A8885A308D3...)
*/
static const uint32 parray[] = {
0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, 0xA4093822, 0x299F31D0,
0x082EFA98, 0xEC4E6C89, 0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C,
0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917, 0x9216D5D9, 0x8979FB1B,
};
static const uint32 sbox0[] = {
0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7, 0xB8E1AFED, 0x6A267E96,
0xBA7C9045, 0xF12C7F99, 0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16,
0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E, 0x0D95748F, 0x728EB658,
0x718BCD58, 0x82154AEE, 0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013,
0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF, 0x8E79DCB0, 0x603A180E,
0x6C9E0E8B, 0xB01E8A3E, 0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60,
0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440, 0x55CA396A, 0x2AAB10B6,
0xB4CC5C34, 0x1141E8CE, 0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A,
0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E, 0xAFD6BA33, 0x6C24CF5C,
0x7A325381, 0x28958677, 0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193,
0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032, 0xEF845D5D, 0xE98575B1,
0xDC262302, 0xEB651B88, 0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239,
0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E, 0x21C66842, 0xF6E96C9A,
0x670C9C61, 0xABD388F0, 0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3,
0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98, 0xA1F1651D, 0x39AF0176,
0x66CA593E, 0x82430E88, 0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE,
0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6, 0x4ED3AA62, 0x363F7706,
0x1BFEDF72, 0x429B023D, 0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B,
0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7, 0xE3FE501A, 0xB6794C3B,
0x976CE0BD, 0x04C006BA, 0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463,
0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F, 0x6DFC511F, 0x9B30952C,
0xCC814544, 0xAF5EBD09, 0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3,
0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB, 0x5579C0BD, 0x1A60320A,
0xD6A100C6, 0x402C7279, 0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8,
0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB, 0x323DB5FA, 0xFD238760,
0x53317B48, 0x3E00DF82, 0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB,
0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573, 0x695B27B0, 0xBBCA58C8,
0xE1FFA35D, 0xB8F011A0, 0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B,
0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790, 0xE1DDF2DA, 0xA4CB7E33,
0x62FB1341, 0xCEE4C6E8, 0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4,
0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0, 0xD08ED1D0, 0xAFC725E0,
0x8E3C5B2F, 0x8E7594B7, 0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C,
0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD, 0x2F2F2218, 0xBE0E1777,
0xEA752DFE, 0x8B021FA1, 0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299,
0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9, 0x165FA266, 0x80957705,
0x93CC7314, 0x211A1477, 0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF,
0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49, 0x00250E2D, 0x2071B35E,
0x226800BB, 0x57B8E0AF, 0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA,
0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5, 0x83260376, 0x6295CFA9,
0x11C81968, 0x4E734A41, 0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915,
0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400, 0x08BA6FB5, 0x571BE91F,
0xF296EC6B, 0x2A0DD915, 0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664,
0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A,
};
static const uint32 sbox1[] = {
0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623, 0xAD6EA6B0, 0x49A7DF7D,
0x9CEE60B8, 0x8FEDB266, 0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1,
0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E, 0x3F54989A, 0x5B429D65,
0x6B8FE4D6, 0x99F73FD6, 0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1,
0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E, 0x09686B3F, 0x3EBAEFC9,
0x3C971814, 0x6B6A70A1, 0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737,
0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8, 0xB03ADA37, 0xF0500C0D,
0xF01C1F04, 0x0200B3FF, 0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD,
0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701, 0x3AE5E581, 0x37C2DADC,
0xC8B57634, 0x9AF3DDA7, 0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41,
0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331, 0x4E548B38, 0x4F6DB908,
0x6F420D03, 0xF60A04BF, 0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF,
0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E, 0x5512721F, 0x2E6B7124,
0x501ADDE6, 0x9F84CD87, 0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C,
0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2, 0xEF1C1847, 0x3215D908,
0xDD433B37, 0x24C2BA16, 0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD,
0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B, 0x043556F1, 0xD7A3C76B,
0x3C11183B, 0x5924A509, 0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E,
0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3, 0x771FE71C, 0x4E3D06FA,
0x2965DCB9, 0x99E71D0F, 0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A,
0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4, 0xF2F74EA7, 0x361D2B3D,
0x1939260F, 0x19C27960, 0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66,
0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28, 0xC332DDEF, 0xBE6C5AA5,
0x65582185, 0x68AB9802, 0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84,
0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510, 0x13CCA830, 0xEB61BD96,
0x0334FE1E, 0xAA0363CF, 0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14,
0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E, 0x648B1EAF, 0x19BDF0CA,
0xA02369B9, 0x655ABB50, 0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7,
0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8, 0xF837889A, 0x97E32D77,
0x11ED935F, 0x16681281, 0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99,
0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696, 0xCDB30AEB, 0x532E3054,
0x8FD948E4, 0x6DBC3128, 0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73,
0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0, 0x45EEE2B6, 0xA3AAABEA,
0xDB6C4F15, 0xFACB4FD0, 0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105,
0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250, 0xCF62A1F2, 0x5B8D2646,
0xFC8883A0, 0xC1C7B6A3, 0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285,
0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00, 0x58428D2A, 0x0C55F5EA,
0x1DADF43E, 0x233F7061, 0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB,
0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E, 0xA6078084, 0x19F8509E,
0xE8EFD855, 0x61D99735, 0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC,
0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9, 0xDB73DBD3, 0x105588CD,
0x675FDA79, 0xE3674340, 0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20,
0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7,
};
static const uint32 sbox2[] = {
0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934, 0x411520F7, 0x7602D4F7,
0xBCF46B2E, 0xD4A20068, 0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF,
0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840, 0x4D95FC1D, 0x96B591AF,
0x70F4DDD3, 0x66A02F45, 0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504,
0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A, 0x28507825, 0x530429F4,
0x0A2C86DA, 0xE9B66DFB, 0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE,
0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6, 0xAACE1E7C, 0xD3375FEC,
0xCE78A399, 0x406B2A42, 0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B,
0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2, 0x3A6EFA74, 0xDD5B4332,
0x6841E7F7, 0xCA7820FB, 0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527,
0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B, 0x55A867BC, 0xA1159A58,
0xCCA92963, 0x99E1DB33, 0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C,
0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3, 0x95C11548, 0xE4C66D22,
0x48C1133F, 0xC70F86DC, 0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17,
0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564, 0x257B7834, 0x602A9C60,
0xDFF8E8A3, 0x1F636C1B, 0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115,
0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922, 0x85B2A20E, 0xE6BA0D99,
0xDE720C8C, 0x2DA2F728, 0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0,
0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E, 0x0A476341, 0x992EFF74,
0x3A6F6EAB, 0xF4F8FD37, 0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D,
0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804, 0xF1290DC7, 0xCC00FFA3,
0xB5390F92, 0x690FED0B, 0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3,
0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB, 0x37392EB3, 0xCC115979,
0x8026E297, 0xF42E312D, 0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C,
0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350, 0x1A6B1018, 0x11CAEDFA,
0x3D25BDD8, 0xE2E1C3C9, 0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A,
0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE, 0x9DBC8057, 0xF0F7C086,
0x60787BF8, 0x6003604D, 0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC,
0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F, 0x77A057BE, 0xBDE8AE24,
0x55464299, 0xBF582E61, 0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2,
0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9, 0x7AEB2661, 0x8B1DDF84,
0x846A0E79, 0x915F95E2, 0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C,
0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E, 0xB77F19B6, 0xE0A9DC09,
0x662D09A1, 0xC4324633, 0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10,
0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169, 0xDCB7DA83, 0x573906FE,
0xA1E2CE9B, 0x4FCD7F52, 0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027,
0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5, 0xF0177A28, 0xC0F586E0,
0x006058AA, 0x30DC7D62, 0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634,
0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76, 0x6F05E409, 0x4B7C0188,
0x39720A3D, 0x7C927C24, 0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC,
0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4, 0x1E50EF5E, 0xB161E6F8,
0xA28514D9, 0x6C51133C, 0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837,
0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0,
};
static const uint32 sbox3[] = {
0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B, 0x5CB0679E, 0x4FA33742,
0xD3822740, 0x99BC9BBE, 0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B,
0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4, 0x5748AB2F, 0xBC946E79,
0xC6A376D2, 0x6549C2C8, 0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6,
0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304, 0xA1FAD5F0, 0x6A2D519A,
0x63EF8CE2, 0x9A86EE22, 0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4,
0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6, 0x2826A2F9, 0xA73A3AE1,
0x4BA99586, 0xEF5562E9, 0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59,
0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593, 0xE990FD5A, 0x9E34D797,
0x2CF0B7D9, 0x022B8B51, 0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28,
0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C, 0xE029AC71, 0xE019A5E6,
0x47B0ACFD, 0xED93FA9B, 0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28,
0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C, 0x15056DD4, 0x88F46DBA,
0x03A16125, 0x0564F0BD, 0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A,
0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319, 0x7533D928, 0xB155FDF5,
0x03563482, 0x8ABA3CBB, 0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F,
0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991, 0xEA7A90C2, 0xFB3E7BCE,
0x5121CE64, 0x774FBE32, 0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680,
0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166, 0xB39A460A, 0x6445C0DD,
0x586CDECF, 0x1C20C8AE, 0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB,
0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5, 0x72EACEA8, 0xFA6484BB,
0x8D6612AE, 0xBF3C6F47, 0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370,
0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D, 0x4040CB08, 0x4EB4E2CC,
0x34D2466A, 0x0115AF84, 0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048,
0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8, 0x611560B1, 0xE7933FDC,
0xBB3A792B, 0x344525BD, 0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9,
0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7, 0x1A908749, 0xD44FBD9A,
0xD0DADECB, 0xD50ADA38, 0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F,
0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C, 0xBF97222C, 0x15E6FC2A,
0x0F91FC71, 0x9B941525, 0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1,
0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442, 0xE0EC6E0E, 0x1698DB3B,
0x4C98A0BE, 0x3278E964, 0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E,
0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8, 0xDF359F8D, 0x9B992F2E,
0xE60B6F47, 0x0FE3F11D, 0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F,
0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299, 0xF523F357, 0xA6327623,
0x93A83531, 0x56CCCD02, 0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC,
0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614, 0xE6C6C7BD, 0x327A140A,
0x45E1D006, 0xC3F27B9A, 0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6,
0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B, 0x53113EC0, 0x1640E3D3,
0x38ABBD60, 0x2547ADF0, 0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060,
0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E, 0x1948C25C, 0x02FB8A8C,
0x01C36AE4, 0xD6EBE1F9, 0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F,
0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6,
};
#define Fprime(a,b,c,d) ( ( (S0[a] + S1[b]) ^ S2[c] ) + S3[d] )
#define F(x) Fprime( ((x>>24)&0xFF), ((x>>16)&0xFF), ((x>>8)&0xFF), (x&0xFF) )
#define ROUND(n) ( xL ^= P[n], t = xL, xL = F(xL) ^ xR, xR = t )
static void
blowfish_encrypt(uint32 xL, uint32 xR, uint32 *output,
BlowfishContext *ctx)
{
uint32 *S0 = ctx->S0;
uint32 *S1 = ctx->S1;
uint32 *S2 = ctx->S2;
uint32 *S3 = ctx->S3;
uint32 *P = ctx->P;
uint32 t;
ROUND(0);
ROUND(1);
ROUND(2);
ROUND(3);
ROUND(4);
ROUND(5);
ROUND(6);
ROUND(7);
ROUND(8);
ROUND(9);
ROUND(10);
ROUND(11);
ROUND(12);
ROUND(13);
ROUND(14);
ROUND(15);
xL ^= P[16];
xR ^= P[17];
output[0] = xR;
output[1] = xL;
}
static void
blowfish_decrypt(uint32 xL, uint32 xR, uint32 *output,
BlowfishContext *ctx)
{
uint32 *S0 = ctx->S0;
uint32 *S1 = ctx->S1;
uint32 *S2 = ctx->S2;
uint32 *S3 = ctx->S3;
uint32 *P = ctx->P;
uint32 t;
ROUND(17);
ROUND(16);
ROUND(15);
ROUND(14);
ROUND(13);
ROUND(12);
ROUND(11);
ROUND(10);
ROUND(9);
ROUND(8);
ROUND(7);
ROUND(6);
ROUND(5);
ROUND(4);
ROUND(3);
ROUND(2);
xL ^= P[1];
xR ^= P[0];
output[0] = xR;
output[1] = xL;
}
void
blowfish_encrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx)
{
uint32 xL,
xR,
out[2],
iv0,
iv1;
Assert((len & 7) == 0);
iv0 = ctx->iv0;
iv1 = ctx->iv1;
while (len > 0)
{
xL = GET_32BIT_MSB_FIRST(blk);
xR = GET_32BIT_MSB_FIRST(blk + 4);
iv0 ^= xL;
iv1 ^= xR;
blowfish_encrypt(iv0, iv1, out, ctx);
iv0 = out[0];
iv1 = out[1];
PUT_32BIT_MSB_FIRST(blk, iv0);
PUT_32BIT_MSB_FIRST(blk + 4, iv1);
blk += 8;
len -= 8;
}
ctx->iv0 = iv0;
ctx->iv1 = iv1;
}
void
blowfish_decrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx)
{
uint32 xL,
xR,
out[2],
iv0,
iv1;
Assert((len & 7) == 0);
iv0 = ctx->iv0;
iv1 = ctx->iv1;
while (len > 0)
{
xL = GET_32BIT_MSB_FIRST(blk);
xR = GET_32BIT_MSB_FIRST(blk + 4);
blowfish_decrypt(xL, xR, out, ctx);
iv0 ^= out[0];
iv1 ^= out[1];
PUT_32BIT_MSB_FIRST(blk, iv0);
PUT_32BIT_MSB_FIRST(blk + 4, iv1);
iv0 = xL;
iv1 = xR;
blk += 8;
len -= 8;
}
ctx->iv0 = iv0;
ctx->iv1 = iv1;
}
void
blowfish_encrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx)
{
uint32 xL,
xR,
out[2];
Assert((len & 7) == 0);
while (len > 0)
{
xL = GET_32BIT_MSB_FIRST(blk);
xR = GET_32BIT_MSB_FIRST(blk + 4);
blowfish_encrypt(xL, xR, out, ctx);
PUT_32BIT_MSB_FIRST(blk, out[0]);
PUT_32BIT_MSB_FIRST(blk + 4, out[1]);
blk += 8;
len -= 8;
}
}
void
blowfish_decrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx)
{
uint32 xL,
xR,
out[2];
Assert((len & 7) == 0);
while (len > 0)
{
xL = GET_32BIT_MSB_FIRST(blk);
xR = GET_32BIT_MSB_FIRST(blk + 4);
blowfish_decrypt(xL, xR, out, ctx);
PUT_32BIT_MSB_FIRST(blk, out[0]);
PUT_32BIT_MSB_FIRST(blk + 4, out[1]);
blk += 8;
len -= 8;
}
}
void
blowfish_setkey(BlowfishContext *ctx,
const uint8 *key, short keybytes)
{
uint32 *S0 = ctx->S0;
uint32 *S1 = ctx->S1;
uint32 *S2 = ctx->S2;
uint32 *S3 = ctx->S3;
uint32 *P = ctx->P;
uint32 str[2];
int i;
Assert(keybytes > 0 && keybytes <= (448 / 8));
for (i = 0; i < 18; i++)
{
P[i] = parray[i];
P[i] ^= ((uint32) key[(i * 4 + 0) % keybytes]) << 24;
P[i] ^= ((uint32) key[(i * 4 + 1) % keybytes]) << 16;
P[i] ^= ((uint32) key[(i * 4 + 2) % keybytes]) << 8;
P[i] ^= ((uint32) key[(i * 4 + 3) % keybytes]);
}
for (i = 0; i < 256; i++)
{
S0[i] = sbox0[i];
S1[i] = sbox1[i];
S2[i] = sbox2[i];
S3[i] = sbox3[i];
}
str[0] = str[1] = 0;
for (i = 0; i < 18; i += 2)
{
blowfish_encrypt(str[0], str[1], str, ctx);
P[i] = str[0];
P[i + 1] = str[1];
}
for (i = 0; i < 256; i += 2)
{
blowfish_encrypt(str[0], str[1], str, ctx);
S0[i] = str[0];
S0[i + 1] = str[1];
}
for (i = 0; i < 256; i += 2)
{
blowfish_encrypt(str[0], str[1], str, ctx);
S1[i] = str[0];
S1[i + 1] = str[1];
}
for (i = 0; i < 256; i += 2)
{
blowfish_encrypt(str[0], str[1], str, ctx);
S2[i] = str[0];
S2[i + 1] = str[1];
}
for (i = 0; i < 256; i += 2)
{
blowfish_encrypt(str[0], str[1], str, ctx);
S3[i] = str[0];
S3[i + 1] = str[1];
}
}
void
blowfish_setiv(BlowfishContext *ctx, const uint8 *iv)
{
ctx->iv0 = GET_32BIT_MSB_FIRST(iv);
ctx->iv1 = GET_32BIT_MSB_FIRST(iv + 4);
}

46
contrib/pgcrypto/blf.h
View File

@ -1,46 +0,0 @@
/* contrib/pgcrypto/blf.h */
/*
* PuTTY is copyright 1997-2007 Simon Tatham.
*
* Portions copyright Robert de Bath, Joris van Rantwijk, Delian
* Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
* Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa, Markus
* Kuhn, and CORE SDI S.A.
*
* Permission is hereby granted, free of charge, to any person
* obtaining a copy of this software and associated documentation files
* (the "Software"), to deal in the Software without restriction,
* including without limitation the rights to use, copy, modify, merge,
* publish, distribute, sublicense, and/or sell copies of the Software,
* and to permit persons to whom the Software is furnished to do so,
* subject to the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
* FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
* CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
* WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
typedef struct
{
uint32 S0[256],
S1[256],
S2[256],
S3[256],
P[18];
uint32 iv0,
iv1; /* for CBC mode */
} BlowfishContext;
void blowfish_setkey(BlowfishContext *ctx, const uint8 *key, short keybytes);
void blowfish_setiv(BlowfishContext *ctx, const uint8 *iv);
void blowfish_encrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx);
void blowfish_decrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx);
void blowfish_encrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx);
void blowfish_decrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx);

3588
contrib/pgcrypto/imath.c
View File

File diff suppressed because it is too large Load Diff

445
contrib/pgcrypto/imath.h
View File

@ -1,445 +0,0 @@
/*
Name: imath.h
Purpose: Arbitrary precision integer arithmetic routines.
Author: M. J. Fromberger
Copyright (C) 2002-2007 Michael J. Fromberger, All Rights Reserved.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
*/
#ifndef IMATH_H_
#define IMATH_H_
#include <limits.h>
typedef unsigned char mp_sign;
typedef unsigned int mp_size;
typedef int mp_result;
typedef long mp_small; /* must be a signed type */
typedef unsigned long mp_usmall; /* must be an unsigned type */
/* Build with words as uint64 by default. */
#ifdef USE_32BIT_WORDS
typedef uint16 mp_digit;
typedef uint32 mp_word;
#define MP_DIGIT_MAX (PG_UINT16_MAX * 1UL)
#define MP_WORD_MAX (PG_UINT32_MAX * 1UL)
#else
typedef uint32 mp_digit;
typedef uint64 mp_word;
#define MP_DIGIT_MAX (PG_UINT32_MAX * UINT64CONST(1))
#define MP_WORD_MAX (PG_UINT64_MAX)
#endif
typedef struct
{
mp_digit single;
mp_digit *digits;
mp_size alloc;
mp_size used;
mp_sign sign;
} mpz_t ,
*mp_int;
static inline mp_digit *
MP_DIGITS(mp_int Z)
{
return Z->digits;
}
static inline mp_size
MP_ALLOC(mp_int Z)
{
return Z->alloc;
}
static inline mp_size
MP_USED(mp_int Z)
{
return Z->used;
}
static inline mp_sign
MP_SIGN(mp_int Z)
{
return Z->sign;
}
extern const mp_result MP_OK;
extern const mp_result MP_FALSE;
extern const mp_result MP_TRUE;
extern const mp_result MP_MEMORY;
extern const mp_result MP_RANGE;
extern const mp_result MP_UNDEF;
extern const mp_result MP_TRUNC;
extern const mp_result MP_BADARG;
extern const mp_result MP_MINERR;
#define MP_DIGIT_BIT (sizeof(mp_digit) * CHAR_BIT)
#define MP_WORD_BIT (sizeof(mp_word) * CHAR_BIT)
#define MP_SMALL_MIN LONG_MIN
#define MP_SMALL_MAX LONG_MAX
#define MP_USMALL_MAX ULONG_MAX
#define MP_MIN_RADIX 2
#define MP_MAX_RADIX 36
/** Sets the default number of digits allocated to an `mp_int` constructed by
`mp_int_init_size()` with `prec == 0`. Allocations are rounded up to
multiples of this value. `MP_DEFAULT_PREC` is the default value. Requires
`ndigits > 0`. */
void mp_int_default_precision(mp_size ndigits);
/** Sets the number of digits below which multiplication will use the standard
quadratic "schoolbook" multiplcation algorithm rather than Karatsuba-Ofman.
Requires `ndigits >= sizeof(mp_word)`. */
void mp_int_multiply_threshold(mp_size ndigits);
/** A sign indicating a (strictly) negative value. */
extern const mp_sign MP_NEG;
/** A sign indicating a zero or positive value. */
extern const mp_sign MP_ZPOS;
/** Reports whether `z` is odd, having remainder 1 when divided by 2. */
static inline bool
mp_int_is_odd(mp_int z)
{
return (z->digits[0] & 1) != 0;
}
/** Reports whether `z` is even, having remainder 0 when divided by 2. */
static inline bool
mp_int_is_even(mp_int z)
{
return (z->digits[0] & 1) == 0;
}
/** Initializes `z` with 1-digit precision and sets it to zero. This function
cannot fail unless `z == NULL`. */
mp_result mp_int_init(mp_int z);
/** Allocates a fresh zero-valued `mpz_t` on the heap, returning NULL in case
of error. The only possible error is out-of-memory. */
mp_int mp_int_alloc(void);
/** Initializes `z` with at least `prec` digits of storage, and sets it to
zero. If `prec` is zero, the default precision is used. In either case the
size is rounded up to the nearest multiple of the word size. */
mp_result mp_int_init_size(mp_int z, mp_size prec);
/** Initializes `z` to be a copy of an already-initialized value in `old`. The
new copy does not share storage with the original. */
mp_result mp_int_init_copy(mp_int z, mp_int old);
/** Initializes `z` to the specified signed `value` at default precision. */
mp_result mp_int_init_value(mp_int z, mp_small value);
/** Initializes `z` to the specified unsigned `value` at default precision. */
mp_result mp_int_init_uvalue(mp_int z, mp_usmall uvalue);
/** Sets `z` to the value of the specified signed `value`. */
mp_result mp_int_set_value(mp_int z, mp_small value);
/** Sets `z` to the value of the specified unsigned `value`. */
mp_result mp_int_set_uvalue(mp_int z, mp_usmall uvalue);
/** Releases the storage used by `z`. */
void mp_int_clear(mp_int z);
/** Releases the storage used by `z` and also `z` itself.
This should only be used for `z` allocated by `mp_int_alloc()`. */
void mp_int_free(mp_int z);
/** Replaces the value of `c` with a copy of the value of `a`. No new memory is
allocated unless `a` has more significant digits than `c` has allocated. */
mp_result mp_int_copy(mp_int a, mp_int c);
/** Swaps the values and storage between `a` and `c`. */
void mp_int_swap(mp_int a, mp_int c);
/** Sets `z` to zero. The allocated storage of `z` is not changed. */
void mp_int_zero(mp_int z);
/** Sets `c` to the absolute value of `a`. */
mp_result mp_int_abs(mp_int a, mp_int c);
/** Sets `c` to the additive inverse (negation) of `a`. */
mp_result mp_int_neg(mp_int a, mp_int c);
/** Sets `c` to the sum of `a` and `b`. */
mp_result mp_int_add(mp_int a, mp_int b, mp_int c);
/** Sets `c` to the sum of `a` and `value`. */
mp_result mp_int_add_value(mp_int a, mp_small value, mp_int c);
/** Sets `c` to the difference of `a` less `b`. */
mp_result mp_int_sub(mp_int a, mp_int b, mp_int c);
/** Sets `c` to the difference of `a` less `value`. */
mp_result mp_int_sub_value(mp_int a, mp_small value, mp_int c);
/** Sets `c` to the product of `a` and `b`. */
mp_result mp_int_mul(mp_int a, mp_int b, mp_int c);
/** Sets `c` to the product of `a` and `value`. */
mp_result mp_int_mul_value(mp_int a, mp_small value, mp_int c);
/** Sets `c` to the product of `a` and `2^p2`. Requires `p2 >= 0`. */
mp_result mp_int_mul_pow2(mp_int a, mp_small p2, mp_int c);
/** Sets `c` to the square of `a`. */
mp_result mp_int_sqr(mp_int a, mp_int c);
/** Sets `q` and `r` to the quotent and remainder of `a / b`. Division by
powers of 2 is detected and handled efficiently. The remainder is pinned
to `0 <= r < b`.
Either of `q` or `r` may be NULL, but not both, and `q` and `r` may not
point to the same value. */
mp_result mp_int_div(mp_int a, mp_int b, mp_int q, mp_int r);
/** Sets `q` and `*r` to the quotent and remainder of `a / value`. Division by
powers of 2 is detected and handled efficiently. The remainder is pinned to
`0 <= *r < b`. Either of `q` or `r` may be NULL. */
mp_result mp_int_div_value(mp_int a, mp_small value, mp_int q, mp_small *r);
/** Sets `q` and `r` to the quotient and remainder of `a / 2^p2`. This is a
special case for division by powers of two that is more efficient than
using ordinary division. Note that `mp_int_div()` will automatically handle
this case, this function is for cases where you have only the exponent. */
mp_result mp_int_div_pow2(mp_int a, mp_small p2, mp_int q, mp_int r);
/** Sets `c` to the remainder of `a / m`.
The remainder is pinned to `0 <= c < m`. */
mp_result mp_int_mod(mp_int a, mp_int m, mp_int c);
/** Sets `c` to the value of `a` raised to the `b` power.
It returns `MP_RANGE` if `b < 0`. */
mp_result mp_int_expt(mp_int a, mp_small b, mp_int c);
/** Sets `c` to the value of `a` raised to the `b` power.
It returns `MP_RANGE` if `b < 0`. */
mp_result mp_int_expt_value(mp_small a, mp_small b, mp_int c);
/** Sets `c` to the value of `a` raised to the `b` power.
It returns `MP_RANGE`) if `b < 0`. */
mp_result mp_int_expt_full(mp_int a, mp_int b, mp_int c);
/** Sets `*r` to the remainder of `a / value`.
The remainder is pinned to `0 <= r < value`. */
static inline
mp_result
mp_int_mod_value(mp_int a, mp_small value, mp_small *r)
{
return mp_int_div_value(a, value, 0, r);
}
/** Returns the comparator of `a` and `b`. */
int mp_int_compare(mp_int a, mp_int b);
/** Returns the comparator of the magnitudes of `a` and `b`, disregarding their
signs. Neither `a` nor `b` is modified by the comparison. */
int mp_int_compare_unsigned(mp_int a, mp_int b);
/** Returns the comparator of `z` and zero. */
int mp_int_compare_zero(mp_int z);
/** Returns the comparator of `z` and the signed value `v`. */
int mp_int_compare_value(mp_int z, mp_small v);
/** Returns the comparator of `z` and the unsigned value `uv`. */
int mp_int_compare_uvalue(mp_int z, mp_usmall uv);
/** Reports whether `a` is divisible by `v`. */
bool mp_int_divisible_value(mp_int a, mp_small v);
/** Returns `k >= 0` such that `z` is `2^k`, if such a `k` exists. If no such
`k` exists, the function returns -1. */
int mp_int_is_pow2(mp_int z);
/** Sets `c` to the value of `a` raised to the `b` power, reduced modulo `m`.
It returns `MP_RANGE` if `b < 0` or `MP_UNDEF` if `m == 0`. */
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c);
/** Sets `c` to the value of `a` raised to the `value` power, modulo `m`.
It returns `MP_RANGE` if `value < 0` or `MP_UNDEF` if `m == 0`. */
mp_result mp_int_exptmod_evalue(mp_int a, mp_small value, mp_int m, mp_int c);
/** Sets `c` to the value of `value` raised to the `b` power, modulo `m`.
It returns `MP_RANGE` if `b < 0` or `MP_UNDEF` if `m == 0`. */
mp_result mp_int_exptmod_bvalue(mp_small value, mp_int b, mp_int m, mp_int c);
/** Sets `c` to the value of `a` raised to the `b` power, reduced modulo `m`,
given a precomputed reduction constant `mu` defined for Barrett's modular
reduction algorithm.
It returns `MP_RANGE` if `b < 0` or `MP_UNDEF` if `m == 0`. */
mp_result mp_int_exptmod_known(mp_int a, mp_int b, mp_int m, mp_int mu, mp_int c);
/** Sets `c` to the reduction constant for Barrett reduction by modulus `m`.
Requires that `c` and `m` point to distinct locations. */
mp_result mp_int_redux_const(mp_int m, mp_int c);
/** Sets `c` to the multiplicative inverse of `a` modulo `m`, if it exists.
The least non-negative representative of the congruence class is computed.
It returns `MP_UNDEF` if the inverse does not exist, or `MP_RANGE` if `a ==
0` or `m <= 0`. */
mp_result mp_int_invmod(mp_int a, mp_int m, mp_int c);
/** Sets `c` to the greatest common divisor of `a` and `b`.
It returns `MP_UNDEF` if the GCD is undefined, such as for example if `a`
and `b` are both zero. */
mp_result mp_int_gcd(mp_int a, mp_int b, mp_int c);
/** Sets `c` to the greatest common divisor of `a` and `b`, and sets `x` and
`y` to values satisfying Bezout's identity `gcd(a, b) = ax + by`.
It returns `MP_UNDEF` if the GCD is undefined, such as for example if `a`
and `b` are both zero. */
mp_result mp_int_egcd(mp_int a, mp_int b, mp_int c, mp_int x, mp_int y);
/** Sets `c` to the least common multiple of `a` and `b`.
It returns `MP_UNDEF` if the LCM is undefined, such as for example if `a`
and `b` are both zero. */
mp_result mp_int_lcm(mp_int a, mp_int b, mp_int c);
/** Sets `c` to the greatest integer not less than the `b`th root of `a`,
using Newton's root-finding algorithm.
It returns `MP_UNDEF` if `a < 0` and `b` is even. */
mp_result mp_int_root(mp_int a, mp_small b, mp_int c);
/** Sets `c` to the greatest integer not less than the square root of `a`.
This is a special case of `mp_int_root()`. */
static inline
mp_result
mp_int_sqrt(mp_int a, mp_int c)
{
return mp_int_root(a, 2, c);
}
/** Returns `MP_OK` if `z` is representable as `mp_small`, else `MP_RANGE`.
If `out` is not NULL, `*out` is set to the value of `z` when `MP_OK`. */
mp_result mp_int_to_int(mp_int z, mp_small *out);
/** Returns `MP_OK` if `z` is representable as `mp_usmall`, or `MP_RANGE`.
If `out` is not NULL, `*out` is set to the value of `z` when `MP_OK`. */
mp_result mp_int_to_uint(mp_int z, mp_usmall *out);
/** Converts `z` to a zero-terminated string of characters in the specified
`radix`, writing at most `limit` characters to `str` including the
terminating NUL value. A leading `-` is used to indicate a negative value.
Returns `MP_TRUNC` if `limit` was to small to write all of `z`.
Requires `MP_MIN_RADIX <= radix <= MP_MAX_RADIX`. */
mp_result mp_int_to_string(mp_int z, mp_size radix, char *str, int limit);
/** Reports the minimum number of characters required to represent `z` as a
zero-terminated string in the given `radix`.
Requires `MP_MIN_RADIX <= radix <= MP_MAX_RADIX`. */
mp_result mp_int_string_len(mp_int z, mp_size radix);
/** Reads a string of ASCII digits in the specified `radix` from the zero
terminated `str` provided into `z`. For values of `radix > 10`, the letters
`A`..`Z` or `a`..`z` are accepted. Letters are interpreted without respect
to case.
Leading whitespace is ignored, and a leading `+` or `-` is interpreted as a
sign flag. Processing stops when a NUL or any other character out of range
for a digit in the given radix is encountered.
If the whole string was consumed, `MP_OK` is returned; otherwise
`MP_TRUNC`. is returned.
Requires `MP_MIN_RADIX <= radix <= MP_MAX_RADIX`. */
mp_result mp_int_read_string(mp_int z, mp_size radix, const char *str);
/** Reads a string of ASCII digits in the specified `radix` from the zero
terminated `str` provided into `z`. For values of `radix > 10`, the letters
`A`..`Z` or `a`..`z` are accepted. Letters are interpreted without respect
to case.
Leading whitespace is ignored, and a leading `+` or `-` is interpreted as a
sign flag. Processing stops when a NUL or any other character out of range
for a digit in the given radix is encountered.
If the whole string was consumed, `MP_OK` is returned; otherwise
`MP_TRUNC`. is returned. If `end` is not NULL, `*end` is set to point to
the first unconsumed byte of the input string (the NUL byte if the whole
string was consumed). This emulates the behavior of the standard C
`strtol()` function.
Requires `MP_MIN_RADIX <= radix <= MP_MAX_RADIX`. */
mp_result mp_int_read_cstring(mp_int z, mp_size radix, const char *str, char **end);
/** Returns the number of significant bits in `z`. */
mp_result mp_int_count_bits(mp_int z);
/** Converts `z` to 2's complement binary, writing at most `limit` bytes into
the given `buf`. Returns `MP_TRUNC` if the buffer limit was too small to
contain the whole value. If this occurs, the contents of buf will be
effectively garbage, as the function uses the buffer as scratch space.
The binary representation of `z` is in base-256 with digits ordered from
most significant to least significant (network byte ordering). The
high-order bit of the first byte is set for negative values, clear for
non-negative values.
As a result, non-negative values will be padded with a leading zero byte if
the high-order byte of the base-256 magnitude is set. This extra byte is
accounted for by the `mp_int_binary_len()` function. */
mp_result mp_int_to_binary(mp_int z, unsigned char *buf, int limit);
/** Reads a 2's complement binary value from `buf` into `z`, where `len` is the
length of the buffer. The contents of `buf` may be overwritten during
processing, although they will be restored when the function returns. */
mp_result mp_int_read_binary(mp_int z, unsigned char *buf, int len);
/** Returns the number of bytes to represent `z` in 2's complement binary. */
mp_result mp_int_binary_len(mp_int z);
/** Converts the magnitude of `z` to unsigned binary, writing at most `limit`
bytes into the given `buf`. The sign of `z` is ignored, but `z` is not
modified. Returns `MP_TRUNC` if the buffer limit was too small to contain
the whole value. If this occurs, the contents of `buf` will be effectively
garbage, as the function uses the buffer as scratch space during
conversion.
The binary representation of `z` is in base-256 with digits ordered from
most significant to least significant (network byte ordering). */
mp_result mp_int_to_unsigned(mp_int z, unsigned char *buf, int limit);
/** Reads an unsigned binary value from `buf` into `z`, where `len` is the
length of the buffer. The contents of `buf` are not modified during
processing. */
mp_result mp_int_read_unsigned(mp_int z, unsigned char *buf, int len);
/** Returns the number of bytes required to represent `z` as an unsigned binary
value in base 256. */
mp_result mp_int_unsigned_len(mp_int z);
/** Returns a pointer to a brief, human-readable, zero-terminated string
describing `res`. The returned string is statically allocated and must not
be freed by the caller. */
const char *mp_error_string(mp_result res);
#endif /* end IMATH_H_ */

206
contrib/pgcrypto/internal-sha2.c
View File

@ -1,206 +0,0 @@
/*
* internal.c
* Wrapper for builtin functions
*
* Copyright (c) 2001 Marko Kreen
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* contrib/pgcrypto/internal-sha2.c
*/
#include "postgres.h"
#include <time.h>
#include "common/cryptohash.h"
#include "common/sha2.h"
#include "px.h"
void init_sha224(PX_MD *h);
void init_sha256(PX_MD *h);
void init_sha384(PX_MD *h);
void init_sha512(PX_MD *h);
/* SHA224 */
static unsigned
int_sha224_len(PX_MD *h)
{
return PG_SHA224_DIGEST_LENGTH;
}
static unsigned
int_sha224_block_len(PX_MD *h)
{
return PG_SHA224_BLOCK_LENGTH;
}
/* SHA256 */
static unsigned
int_sha256_len(PX_MD *h)
{
return PG_SHA256_DIGEST_LENGTH;
}
static unsigned
int_sha256_block_len(PX_MD *h)
{
return PG_SHA256_BLOCK_LENGTH;
}
/* SHA384 */
static unsigned
int_sha384_len(PX_MD *h)
{
return PG_SHA384_DIGEST_LENGTH;
}
static unsigned
int_sha384_block_len(PX_MD *h)
{
return PG_SHA384_BLOCK_LENGTH;
}
/* SHA512 */
static unsigned
int_sha512_len(PX_MD *h)
{
return PG_SHA512_DIGEST_LENGTH;
}
static unsigned
int_sha512_block_len(PX_MD *h)
{
return PG_SHA512_BLOCK_LENGTH;
}
/* Generic interface for all SHA2 methods */
static void
int_sha2_update(PX_MD *h, const uint8 *data, unsigned dlen)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_update(ctx, data, dlen) < 0)
elog(ERROR, "could not update %s context", "SHA2");
}
static void
int_sha2_reset(PX_MD *h)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_init(ctx) < 0)
elog(ERROR, "could not initialize %s context", "SHA2");
}
static void
int_sha2_finish(PX_MD *h, uint8 *dst)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_final(ctx, dst, h->result_size(h)) < 0)
elog(ERROR, "could not finalize %s context", "SHA2");
}
static void
int_sha2_free(PX_MD *h)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
pg_cryptohash_free(ctx);
pfree(h);
}
/* init functions */
void
init_sha224(PX_MD *md)
{
pg_cryptohash_ctx *ctx;
ctx = pg_cryptohash_create(PG_SHA224);
md->p.ptr = ctx;
md->result_size = int_sha224_len;
md->block_size = int_sha224_block_len;
md->reset = int_sha2_reset;
md->update = int_sha2_update;
md->finish = int_sha2_finish;
md->free = int_sha2_free;
md->reset(md);
}
void
init_sha256(PX_MD *md)
{
pg_cryptohash_ctx *ctx;
ctx = pg_cryptohash_create(PG_SHA256);
md->p.ptr = ctx;
md->result_size = int_sha256_len;
md->block_size = int_sha256_block_len;
md->reset = int_sha2_reset;
md->update = int_sha2_update;
md->finish = int_sha2_finish;
md->free = int_sha2_free;
md->reset(md);
}
void
init_sha384(PX_MD *md)
{
pg_cryptohash_ctx *ctx;
ctx = pg_cryptohash_create(PG_SHA384);
md->p.ptr = ctx;
md->result_size = int_sha384_len;
md->block_size = int_sha384_block_len;
md->reset = int_sha2_reset;
md->update = int_sha2_update;
md->finish = int_sha2_finish;
md->free = int_sha2_free;
md->reset(md);
}
void
init_sha512(PX_MD *md)
{
pg_cryptohash_ctx *ctx;
ctx = pg_cryptohash_create(PG_SHA512);
md->p.ptr = ctx;
md->result_size = int_sha512_len;
md->block_size = int_sha512_block_len;
md->reset = int_sha2_reset;
md->update = int_sha2_update;
md->finish = int_sha2_finish;
md->free = int_sha2_free;
md->reset(md);
}

585
contrib/pgcrypto/internal.c
View File

@ -1,585 +0,0 @@
/*
* internal.c
* Wrapper for builtin functions
*
* Copyright (c) 2001 Marko Kreen
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* contrib/pgcrypto/internal.c
*/
#include "postgres.h"
#include <time.h>
#include "blf.h"
#include "px.h"
#include "rijndael.h"
#include "common/cryptohash.h"
#include "common/md5.h"
#include "common/sha1.h"
#define SHA1_BLOCK_SIZE 64
#define MD5_BLOCK_SIZE 64
static void init_md5(PX_MD *h);
static void init_sha1(PX_MD *h);
void init_sha224(PX_MD *h);
void init_sha256(PX_MD *h);
void init_sha384(PX_MD *h);
void init_sha512(PX_MD *h);
struct int_digest
{
char *name;
void (*init) (PX_MD *h);
};
static const struct int_digest
int_digest_list[] = {
{"md5", init_md5},
{"sha1", init_sha1},
{"sha224", init_sha224},
{"sha256", init_sha256},
{"sha384", init_sha384},
{"sha512", init_sha512},
{NULL, NULL}
};
/* MD5 */
static unsigned
int_md5_len(PX_MD *h)
{
return MD5_DIGEST_LENGTH;
}
static unsigned
int_md5_block_len(PX_MD *h)
{
return MD5_BLOCK_SIZE;
}
static void
int_md5_update(PX_MD *h, const uint8 *data, unsigned dlen)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_update(ctx, data, dlen) < 0)
elog(ERROR, "could not update %s context", "MD5");
}
static void
int_md5_reset(PX_MD *h)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_init(ctx) < 0)
elog(ERROR, "could not initialize %s context", "MD5");
}
static void
int_md5_finish(PX_MD *h, uint8 *dst)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_final(ctx, dst, h->result_size(h)) < 0)
elog(ERROR, "could not finalize %s context", "MD5");
}
static void
int_md5_free(PX_MD *h)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
pg_cryptohash_free(ctx);
pfree(h);
}
/* SHA1 */
static unsigned
int_sha1_len(PX_MD *h)
{
return SHA1_DIGEST_LENGTH;
}
static unsigned
int_sha1_block_len(PX_MD *h)
{
return SHA1_BLOCK_SIZE;
}
static void
int_sha1_update(PX_MD *h, const uint8 *data, unsigned dlen)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_update(ctx, data, dlen) < 0)
elog(ERROR, "could not update %s context", "SHA1");
}
static void
int_sha1_reset(PX_MD *h)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_init(ctx) < 0)
elog(ERROR, "could not initialize %s context", "SHA1");
}
static void
int_sha1_finish(PX_MD *h, uint8 *dst)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
if (pg_cryptohash_final(ctx, dst, h->result_size(h)) < 0)
elog(ERROR, "could not finalize %s context", "SHA1");
}
static void
int_sha1_free(PX_MD *h)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
pg_cryptohash_free(ctx);
pfree(h);
}
/* init functions */
static void
init_md5(PX_MD *md)
{
pg_cryptohash_ctx *ctx;
ctx = pg_cryptohash_create(PG_MD5);
md->p.ptr = ctx;
md->result_size = int_md5_len;
md->block_size = int_md5_block_len;
md->reset = int_md5_reset;
md->update = int_md5_update;
md->finish = int_md5_finish;
md->free = int_md5_free;
md->reset(md);
}
static void
init_sha1(PX_MD *md)
{
pg_cryptohash_ctx *ctx;
ctx = pg_cryptohash_create(PG_SHA1);
md->p.ptr = ctx;
md->result_size = int_sha1_len;
md->block_size = int_sha1_block_len;
md->reset = int_sha1_reset;
md->update = int_sha1_update;
md->finish = int_sha1_finish;
md->free = int_sha1_free;
md->reset(md);
}
/*
* ciphers generally
*/
#define INT_MAX_KEY (512/8)
#define INT_MAX_IV (128/8)
struct int_ctx
{
uint8 keybuf[INT_MAX_KEY];
uint8 iv[INT_MAX_IV];
union
{
BlowfishContext bf;
rijndael_ctx rj;
} ctx;
unsigned keylen;
int is_init;
int mode;
};
static void
intctx_free(PX_Cipher *c)
{
struct int_ctx *cx = (struct int_ctx *) c->ptr;
if (cx)
{
px_memset(cx, 0, sizeof *cx);
pfree(cx);
}
pfree(c);
}
/*
* AES/rijndael
*/
#define MODE_ECB 0
#define MODE_CBC 1
static unsigned
rj_block_size(PX_Cipher *c)
{
return 128 / 8;
}
static unsigned
rj_key_size(PX_Cipher *c)
{
return 256 / 8;
}
static unsigned
rj_iv_size(PX_Cipher *c)
{
return 128 / 8;
}
static int
rj_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
{
struct int_ctx *cx = (struct int_ctx *) c->ptr;
if (klen <= 128 / 8)
cx->keylen = 128 / 8;
else if (klen <= 192 / 8)
cx->keylen = 192 / 8;
else if (klen <= 256 / 8)
cx->keylen = 256 / 8;
else
return PXE_KEY_TOO_BIG;
memcpy(&cx->keybuf, key, klen);
if (iv)
memcpy(cx->iv, iv, 128 / 8);
return 0;
}
static int
rj_real_init(struct int_ctx *cx, int dir)
{
aes_set_key(&cx->ctx.rj, cx->keybuf, cx->keylen * 8, dir);
return 0;
}
static int
rj_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
{
struct int_ctx *cx = (struct int_ctx *) c->ptr;
if (!cx->is_init)
{
if (rj_real_init(cx, 1))
return PXE_CIPHER_INIT;
}
if (dlen == 0)
return 0;
if (dlen & 15)
return PXE_NOTBLOCKSIZE;
memcpy(res, data, dlen);
if (cx->mode == MODE_CBC)
{
aes_cbc_encrypt(&cx->ctx.rj, cx->iv, res, dlen);
memcpy(cx->iv, res + dlen - 16, 16);
}
else
aes_ecb_encrypt(&cx->ctx.rj, res, dlen);
return 0;
}
static int
rj_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
{
struct int_ctx *cx = (struct int_ctx *) c->ptr;
if (!cx->is_init)
if (rj_real_init(cx, 0))
return PXE_CIPHER_INIT;
if (dlen == 0)
return 0;
if (dlen & 15)
return PXE_NOTBLOCKSIZE;
memcpy(res, data, dlen);
if (cx->mode == MODE_CBC)
{
aes_cbc_decrypt(&cx->ctx.rj, cx->iv, res, dlen);
memcpy(cx->iv, data + dlen - 16, 16);
}
else
aes_ecb_decrypt(&cx->ctx.rj, res, dlen);
return 0;
}
/*
* initializers
*/
static PX_Cipher *
rj_load(int mode)
{
PX_Cipher *c;
struct int_ctx *cx;
c = palloc0(sizeof *c);
c->block_size = rj_block_size;
c->key_size = rj_key_size;
c->iv_size = rj_iv_size;
c->init = rj_init;
c->encrypt = rj_encrypt;
c->decrypt = rj_decrypt;
c->free = intctx_free;
cx = palloc0(sizeof *cx);
cx->mode = mode;
c->ptr = cx;
return c;
}
/*
* blowfish
*/
static unsigned
bf_block_size(PX_Cipher *c)
{
return 8;
}
static unsigned
bf_key_size(PX_Cipher *c)
{
return 448 / 8;
}
static unsigned
bf_iv_size(PX_Cipher *c)
{
return 8;
}
static int
bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
{
struct int_ctx *cx = (struct int_ctx *) c->ptr;
blowfish_setkey(&cx->ctx.bf, key, klen);
if (iv)
blowfish_setiv(&cx->ctx.bf, iv);
return 0;
}
static int
bf_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
{
struct int_ctx *cx = (struct int_ctx *) c->ptr;
BlowfishContext *bfctx = &cx->ctx.bf;
if (dlen == 0)
return 0;
if (dlen & 7)
return PXE_NOTBLOCKSIZE;
memcpy(res, data, dlen);
switch (cx->mode)
{
case MODE_ECB:
blowfish_encrypt_ecb(res, dlen, bfctx);
break;
case MODE_CBC:
blowfish_encrypt_cbc(res, dlen, bfctx);
break;
}
return 0;
}
static int
bf_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
{
struct int_ctx *cx = (struct int_ctx *) c->ptr;
BlowfishContext *bfctx = &cx->ctx.bf;
if (dlen == 0)
return 0;
if (dlen & 7)
return PXE_NOTBLOCKSIZE;
memcpy(res, data, dlen);
switch (cx->mode)
{
case MODE_ECB:
blowfish_decrypt_ecb(res, dlen, bfctx);
break;
case MODE_CBC:
blowfish_decrypt_cbc(res, dlen, bfctx);
break;
}
return 0;
}
static PX_Cipher *
bf_load(int mode)
{
PX_Cipher *c;
struct int_ctx *cx;
c = palloc0(sizeof *c);
c->block_size = bf_block_size;
c->key_size = bf_key_size;
c->iv_size = bf_iv_size;
c->init = bf_init;
c->encrypt = bf_encrypt;
c->decrypt = bf_decrypt;
c->free = intctx_free;
cx = palloc0(sizeof *cx);
cx->mode = mode;
c->ptr = cx;
return c;
}
/* ciphers */
static PX_Cipher *
rj_128_ecb(void)
{
return rj_load(MODE_ECB);
}
static PX_Cipher *
rj_128_cbc(void)
{
return rj_load(MODE_CBC);
}
static PX_Cipher *
bf_ecb_load(void)
{
return bf_load(MODE_ECB);
}
static PX_Cipher *
bf_cbc_load(void)
{
return bf_load(MODE_CBC);
}
struct int_cipher
{
char *name;
PX_Cipher *(*load) (void);
};
static const struct int_cipher
int_ciphers[] = {
{"bf-cbc", bf_cbc_load},
{"bf-ecb", bf_ecb_load},
{"aes-128-cbc", rj_128_cbc},
{"aes-128-ecb", rj_128_ecb},
{NULL, NULL}
};
static const PX_Alias int_aliases[] = {
{"bf", "bf-cbc"},
{"blowfish", "bf-cbc"},
{"aes", "aes-128-cbc"},
{"aes-ecb", "aes-128-ecb"},
{"aes-cbc", "aes-128-cbc"},
{"aes-128", "aes-128-cbc"},
{"rijndael", "aes-128-cbc"},
{"rijndael-128", "aes-128-cbc"},
{NULL, NULL}
};
/* PUBLIC FUNCTIONS */
int
px_find_digest(const char *name, PX_MD **res)
{
const struct int_digest *p;
PX_MD *h;
for (p = int_digest_list; p->name; p++)
if (pg_strcasecmp(p->name, name) == 0)
{
h = palloc(sizeof(*h));
p->init(h);
*res = h;
return 0;
}
return PXE_NO_HASH;
}
int
px_find_cipher(const char *name, PX_Cipher **res)
{
int i;
PX_Cipher *c = NULL;
name = px_resolve_alias(int_aliases, name);
for (i = 0; int_ciphers[i].name; i++)
if (strcmp(int_ciphers[i].name, name) == 0)
{
c = int_ciphers[i].load();
break;
}
if (c == NULL)
return PXE_NO_CIPHER;
*res = c;
return 0;
}

304
contrib/pgcrypto/pgp-mpi-internal.c
View File

@ -1,304 +0,0 @@
/*
* pgp-mpi-internal.c
* OpenPGP MPI functions.
*
* Copyright (c) 2005 Marko Kreen
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* contrib/pgcrypto/pgp-mpi-internal.c
*/
#include "postgres.h"
#include "imath.h"
#include "pgp.h"
#include "px.h"
static mpz_t *
mp_new(void)
{
mpz_t *mp = mp_int_alloc();
mp_int_init_size(mp, 256);
return mp;
}
static void
mp_clear_free(mpz_t *a)
{
if (!a)
return;
/* fixme: no clear? */
mp_int_free(a);
}
static int
mp_px_rand(uint32 bits, mpz_t *res)
{
unsigned bytes = (bits + 7) / 8;
int last_bits = bits & 7;
uint8 *buf;
buf = palloc(bytes);
if (!pg_strong_random(buf, bytes))
{
pfree(buf);
return PXE_NO_RANDOM;
}
/* clear unnecessary bits and set last bit to one */
if (last_bits)
{
buf[0] >>= 8 - last_bits;
buf[0] |= 1 << (last_bits - 1);
}
else
buf[0] |= 1 << 7;
mp_int_read_unsigned(res, buf, bytes);
pfree(buf);
return 0;
}
static void
mp_modmul(mpz_t *a, mpz_t *b, mpz_t *p, mpz_t *res)
{
mpz_t *tmp = mp_new();
mp_int_mul(a, b, tmp);
mp_int_mod(tmp, p, res);
mp_clear_free(tmp);
}
static mpz_t *
mpi_to_bn(PGP_MPI *n)
{
mpz_t *bn = mp_new();
mp_int_read_unsigned(bn, n->data, n->bytes);
if (!bn)
return NULL;
if (mp_int_count_bits(bn) != n->bits)
{
px_debug("mpi_to_bn: bignum conversion failed: mpi=%d, bn=%d",
n->bits, mp_int_count_bits(bn));
mp_clear_free(bn);
return NULL;
}
return bn;
}
static PGP_MPI *
bn_to_mpi(mpz_t *bn)
{
int res;
PGP_MPI *n;
int bytes;
res = pgp_mpi_alloc(mp_int_count_bits(bn), &n);
if (res < 0)
return NULL;
bytes = (mp_int_count_bits(bn) + 7) / 8;
if (bytes != n->bytes)
{
px_debug("bn_to_mpi: bignum conversion failed: bn=%d, mpi=%d",
bytes, n->bytes);
pgp_mpi_free(n);
return NULL;
}
mp_int_to_unsigned(bn, n->data, n->bytes);
return n;
}
/*
* Decide the number of bits in the random component k
*
* It should be in the same range as p for signing (which
* is deprecated), but can be much smaller for encrypting.
*
* Until I research it further, I just mimic gpg behaviour.
* It has a special mapping table, for values <= 5120,
* above that it uses 'arbitrary high number'. Following
* algorithm hovers 10-70 bits above gpg values. And for
* larger p, it uses gpg's algorithm.
*
* The point is - if k gets large, encryption will be
* really slow. It does not matter for decryption.
*/
static int
decide_k_bits(int p_bits)
{
if (p_bits <= 5120)
return p_bits / 10 + 160;
else
return (p_bits / 8 + 200) * 3 / 2;
}
int
pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *_m,
PGP_MPI **c1_p, PGP_MPI **c2_p)
{
int res = PXE_PGP_MATH_FAILED;
int k_bits;
mpz_t *m = mpi_to_bn(_m);
mpz_t *p = mpi_to_bn(pk->pub.elg.p);
mpz_t *g = mpi_to_bn(pk->pub.elg.g);
mpz_t *y = mpi_to_bn(pk->pub.elg.y);
mpz_t *k = mp_new();
mpz_t *yk = mp_new();
mpz_t *c1 = mp_new();
mpz_t *c2 = mp_new();
if (!m || !p || !g || !y || !k || !yk || !c1 || !c2)
goto err;
/*
* generate k
*/
k_bits = decide_k_bits(mp_int_count_bits(p));
res = mp_px_rand(k_bits, k);
if (res < 0)
return res;
/*
* c1 = g^k c2 = m * y^k
*/
mp_int_exptmod(g, k, p, c1);
mp_int_exptmod(y, k, p, yk);
mp_modmul(m, yk, p, c2);
/* result */
*c1_p = bn_to_mpi(c1);
*c2_p = bn_to_mpi(c2);
if (*c1_p && *c2_p)
res = 0;
err:
mp_clear_free(c2);
mp_clear_free(c1);
mp_clear_free(yk);
mp_clear_free(k);
mp_clear_free(y);
mp_clear_free(g);
mp_clear_free(p);
mp_clear_free(m);
return res;
}
int
pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *_c1, PGP_MPI *_c2,
PGP_MPI **msg_p)
{
int res = PXE_PGP_MATH_FAILED;
mpz_t *c1 = mpi_to_bn(_c1);
mpz_t *c2 = mpi_to_bn(_c2);
mpz_t *p = mpi_to_bn(pk->pub.elg.p);
mpz_t *x = mpi_to_bn(pk->sec.elg.x);
mpz_t *c1x = mp_new();
mpz_t *div = mp_new();
mpz_t *m = mp_new();
if (!c1 || !c2 || !p || !x || !c1x || !div || !m)
goto err;
/*
* m = c2 / (c1^x)
*/
mp_int_exptmod(c1, x, p, c1x);
mp_int_invmod(c1x, p, div);
mp_modmul(c2, div, p, m);
/* result */
*msg_p = bn_to_mpi(m);
if (*msg_p)
res = 0;
err:
mp_clear_free(m);
mp_clear_free(div);
mp_clear_free(c1x);
mp_clear_free(x);
mp_clear_free(p);
mp_clear_free(c2);
mp_clear_free(c1);
return res;
}
int
pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *_m, PGP_MPI **c_p)
{
int res = PXE_PGP_MATH_FAILED;
mpz_t *m = mpi_to_bn(_m);
mpz_t *e = mpi_to_bn(pk->pub.rsa.e);
mpz_t *n = mpi_to_bn(pk->pub.rsa.n);
mpz_t *c = mp_new();
if (!m || !e || !n || !c)
goto err;
/*
* c = m ^ e
*/
mp_int_exptmod(m, e, n, c);
*c_p = bn_to_mpi(c);
if (*c_p)
res = 0;
err:
mp_clear_free(c);
mp_clear_free(n);
mp_clear_free(e);
mp_clear_free(m);
return res;
}
int
pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *_c, PGP_MPI **m_p)
{
int res = PXE_PGP_MATH_FAILED;
mpz_t *c = mpi_to_bn(_c);
mpz_t *d = mpi_to_bn(pk->sec.rsa.d);
mpz_t *n = mpi_to_bn(pk->pub.rsa.n);
mpz_t *m = mp_new();
if (!m || !d || !n || !c)
goto err;
/*
* m = c ^ d
*/
mp_int_exptmod(c, d, n, m);
*m_p = bn_to_mpi(m);
if (*m_p)
res = 0;
err:
mp_clear_free(m);
mp_clear_free(n);
mp_clear_free(d);
mp_clear_free(c);
return res;
}

677
contrib/pgcrypto/rijndael.c
View File

@ -1,677 +0,0 @@
/* $OpenBSD: rijndael.c,v 1.6 2000/12/09 18:51:34 markus Exp $ */
/* contrib/pgcrypto/rijndael.c */
/* This is an independent implementation of the encryption algorithm: */
/* */
/* RIJNDAEL by Joan Daemen and Vincent Rijmen */
/* */
/* which is a candidate algorithm in the Advanced Encryption Standard */
/* programme of the US National Institute of Standards and Technology. */
/* */
/* Copyright in this implementation is held by Dr B R Gladman but I */
/* hereby give permission for its free direct or derivative use subject */
/* to acknowledgment of its origin and compliance with any conditions */
/* that the originators of the algorithm place on its exploitation. */
/* */
/* Dr Brian Gladman (gladman@seven77.demon.co.uk) 14th January 1999 */
/* Timing data for Rijndael (rijndael.c)
Algorithm: rijndael (rijndael.c)
128 bit key:
Key Setup: 305/1389 cycles (encrypt/decrypt)
Encrypt: 374 cycles = 68.4 mbits/sec
Decrypt: 352 cycles = 72.7 mbits/sec
Mean: 363 cycles = 70.5 mbits/sec
192 bit key:
Key Setup: 277/1595 cycles (encrypt/decrypt)
Encrypt: 439 cycles = 58.3 mbits/sec
Decrypt: 425 cycles = 60.2 mbits/sec
Mean: 432 cycles = 59.3 mbits/sec
256 bit key:
Key Setup: 374/1960 cycles (encrypt/decrypt)
Encrypt: 502 cycles = 51.0 mbits/sec
Decrypt: 498 cycles = 51.4 mbits/sec
Mean: 500 cycles = 51.2 mbits/sec
*/
#include "postgres.h"
#include <sys/param.h>
#include "px.h"
#include "rijndael.h"
#define PRE_CALC_TABLES
#define LARGE_TABLES
static void gen_tabs(void);
/* 3. Basic macros for speeding up generic operations */
/* Circular rotate of 32 bit values */
#define rotr(x,n) (((x) >> ((int)(n))) | ((x) << (32 - (int)(n))))
#define rotl(x,n) (((x) << ((int)(n))) | ((x) >> (32 - (int)(n))))
/* Invert byte order in a 32 bit variable */
#define bswap(x) ((rotl((x), 8) & 0x00ff00ff) | (rotr((x), 8) & 0xff00ff00))
/* Extract byte from a 32 bit quantity (little endian notation) */
#define byte(x,n) ((u1byte)((x) >> (8 * (n))))
#ifdef WORDS_BIGENDIAN
#define io_swap(x) bswap(x)
#else
#define io_swap(x) (x)
#endif
#ifdef PRINT_TABS
#undef PRE_CALC_TABLES
#endif
#ifdef PRE_CALC_TABLES
#include "rijndael.tbl"
#define tab_gen 1
#else /* !PRE_CALC_TABLES */
static u1byte pow_tab[256];
static u1byte log_tab[256];
static u1byte sbx_tab[256];
static u1byte isb_tab[256];
static u4byte rco_tab[10];
static u4byte ft_tab[4][256];
static u4byte it_tab[4][256];
#ifdef LARGE_TABLES
static u4byte fl_tab[4][256];
static u4byte il_tab[4][256];
#endif
static u4byte tab_gen = 0;
#endif /* !PRE_CALC_TABLES */
#define ff_mult(a,b) ((a) && (b) ? pow_tab[(log_tab[a] + log_tab[b]) % 255] : 0)
#define f_rn(bo, bi, n, k) \
(bo)[n] = ft_tab[0][byte((bi)[n],0)] ^ \
ft_tab[1][byte((bi)[((n) + 1) & 3],1)] ^ \
ft_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \
ft_tab[3][byte((bi)[((n) + 3) & 3],3)] ^ *((k) + (n))
#define i_rn(bo, bi, n, k) \
(bo)[n] = it_tab[0][byte((bi)[n],0)] ^ \
it_tab[1][byte((bi)[((n) + 3) & 3],1)] ^ \
it_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \
it_tab[3][byte((bi)[((n) + 1) & 3],3)] ^ *((k) + (n))
#ifdef LARGE_TABLES
#define ls_box(x) \
( fl_tab[0][byte(x, 0)] ^ \
fl_tab[1][byte(x, 1)] ^ \
fl_tab[2][byte(x, 2)] ^ \
fl_tab[3][byte(x, 3)] )
#define f_rl(bo, bi, n, k) \
(bo)[n] = fl_tab[0][byte((bi)[n],0)] ^ \
fl_tab[1][byte((bi)[((n) + 1) & 3],1)] ^ \
fl_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \
fl_tab[3][byte((bi)[((n) + 3) & 3],3)] ^ *((k) + (n))
#define i_rl(bo, bi, n, k) \
(bo)[n] = il_tab[0][byte((bi)[n],0)] ^ \
il_tab[1][byte((bi)[((n) + 3) & 3],1)] ^ \
il_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \
il_tab[3][byte((bi)[((n) + 1) & 3],3)] ^ *((k) + (n))
#else
#define ls_box(x) \
((u4byte)sbx_tab[byte(x, 0)] << 0) ^ \
((u4byte)sbx_tab[byte(x, 1)] << 8) ^ \
((u4byte)sbx_tab[byte(x, 2)] << 16) ^ \
((u4byte)sbx_tab[byte(x, 3)] << 24)
#define f_rl(bo, bi, n, k) \
(bo)[n] = (u4byte)sbx_tab[byte((bi)[n],0)] ^ \
rotl(((u4byte)sbx_tab[byte((bi)[((n) + 1) & 3],1)]), 8) ^ \
rotl(((u4byte)sbx_tab[byte((bi)[((n) + 2) & 3],2)]), 16) ^ \
rotl(((u4byte)sbx_tab[byte((bi)[((n) + 3) & 3],3)]), 24) ^ *((k) + (n))
#define i_rl(bo, bi, n, k) \
(bo)[n] = (u4byte)isb_tab[byte((bi)[n],0)] ^ \
rotl(((u4byte)isb_tab[byte((bi)[((n) + 3) & 3],1)]), 8) ^ \
rotl(((u4byte)isb_tab[byte((bi)[((n) + 2) & 3],2)]), 16) ^ \
rotl(((u4byte)isb_tab[byte((bi)[((n) + 1) & 3],3)]), 24) ^ *((k) + (n))
#endif
static void
gen_tabs(void)
{
#ifndef PRE_CALC_TABLES
u4byte i,
t;
u1byte p,
q;
/* log and power tables for GF(2**8) finite field with */
/* 0x11b as modular polynomial - the simplest primitive */
/* root is 0x11, used here to generate the tables */
for (i = 0, p = 1; i < 256; ++i)
{
pow_tab[i] = (u1byte) p;
log_tab[p] = (u1byte) i;
p = p ^ (p << 1) ^ (p & 0x80 ? 0x01b : 0);
}
log_tab[1] = 0;
p = 1;
for (i = 0; i < 10; ++i)
{
rco_tab[i] = p;
p = (p << 1) ^ (p & 0x80 ? 0x1b : 0);
}
/* note that the affine byte transformation matrix in */
/* rijndael specification is in big endian format with */
/* bit 0 as the most significant bit. In the remainder */
/* of the specification the bits are numbered from the */
/* least significant end of a byte. */
for (i = 0; i < 256; ++i)
{
p = (i ? pow_tab[255 - log_tab[i]] : 0);
q = p;
q = (q >> 7) | (q << 1);
p ^= q;
q = (q >> 7) | (q << 1);
p ^= q;
q = (q >> 7) | (q << 1);
p ^= q;
q = (q >> 7) | (q << 1);
p ^= q ^ 0x63;
sbx_tab[i] = (u1byte) p;
isb_tab[p] = (u1byte) i;
}
for (i = 0; i < 256; ++i)
{
p = sbx_tab[i];
#ifdef LARGE_TABLES
t = p;
fl_tab[0][i] = t;
fl_tab[1][i] = rotl(t, 8);
fl_tab[2][i] = rotl(t, 16);
fl_tab[3][i] = rotl(t, 24);
#endif
t = ((u4byte) ff_mult(2, p)) |
((u4byte) p << 8) |
((u4byte) p << 16) |
((u4byte) ff_mult(3, p) << 24);
ft_tab[0][i] = t;
ft_tab[1][i] = rotl(t, 8);
ft_tab[2][i] = rotl(t, 16);
ft_tab[3][i] = rotl(t, 24);
p = isb_tab[i];
#ifdef LARGE_TABLES
t = p;
il_tab[0][i] = t;
il_tab[1][i] = rotl(t, 8);
il_tab[2][i] = rotl(t, 16);
il_tab[3][i] = rotl(t, 24);
#endif
t = ((u4byte) ff_mult(14, p)) |
((u4byte) ff_mult(9, p) << 8) |
((u4byte) ff_mult(13, p) << 16) |
((u4byte) ff_mult(11, p) << 24);
it_tab[0][i] = t;
it_tab[1][i] = rotl(t, 8);
it_tab[2][i] = rotl(t, 16);
it_tab[3][i] = rotl(t, 24);
}
tab_gen = 1;
#endif /* !PRE_CALC_TABLES */
}
#define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b)
#define imix_col(y,x) \
do { \
u = star_x(x); \
v = star_x(u); \
w = star_x(v); \
t = w ^ (x); \
(y) = u ^ v ^ w; \
(y) ^= rotr(u ^ t, 8) ^ \
rotr(v ^ t, 16) ^ \
rotr(t,24); \
} while (0)
/* initialise the key schedule from the user supplied key */
#define loop4(i) \
do { t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \
t ^= e_key[4 * i]; e_key[4 * i + 4] = t; \
t ^= e_key[4 * i + 1]; e_key[4 * i + 5] = t; \
t ^= e_key[4 * i + 2]; e_key[4 * i + 6] = t; \
t ^= e_key[4 * i + 3]; e_key[4 * i + 7] = t; \
} while (0)
#define loop6(i) \
do { t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \
t ^= e_key[6 * (i)]; e_key[6 * (i) + 6] = t; \
t ^= e_key[6 * (i) + 1]; e_key[6 * (i) + 7] = t; \
t ^= e_key[6 * (i) + 2]; e_key[6 * (i) + 8] = t; \
t ^= e_key[6 * (i) + 3]; e_key[6 * (i) + 9] = t; \
t ^= e_key[6 * (i) + 4]; e_key[6 * (i) + 10] = t; \
t ^= e_key[6 * (i) + 5]; e_key[6 * (i) + 11] = t; \
} while (0)
#define loop8(i) \
do { t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \
t ^= e_key[8 * (i)]; e_key[8 * (i) + 8] = t; \
t ^= e_key[8 * (i) + 1]; e_key[8 * (i) + 9] = t; \
t ^= e_key[8 * (i) + 2]; e_key[8 * (i) + 10] = t; \
t ^= e_key[8 * (i) + 3]; e_key[8 * (i) + 11] = t; \
t = e_key[8 * (i) + 4] ^ ls_box(t); \
e_key[8 * (i) + 12] = t; \
t ^= e_key[8 * (i) + 5]; e_key[8 * (i) + 13] = t; \
t ^= e_key[8 * (i) + 6]; e_key[8 * (i) + 14] = t; \
t ^= e_key[8 * (i) + 7]; e_key[8 * (i) + 15] = t; \
} while (0)
rijndael_ctx *
rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len,
int encrypt)
{
u4byte i,
t,
u,
v,
w;
u4byte *e_key = ctx->e_key;
u4byte *d_key = ctx->d_key;
ctx->decrypt = !encrypt;
if (!tab_gen)
gen_tabs();
ctx->k_len = (key_len + 31) / 32;
e_key[0] = io_swap(in_key[0]);
e_key[1] = io_swap(in_key[1]);
e_key[2] = io_swap(in_key[2]);
e_key[3] = io_swap(in_key[3]);
switch (ctx->k_len)
{
case 4:
t = e_key[3];
for (i = 0; i < 10; ++i)
loop4(i);
break;
case 6:
e_key[4] = io_swap(in_key[4]);
t = e_key[5] = io_swap(in_key[5]);
for (i = 0; i < 8; ++i)
loop6(i);
break;
case 8:
e_key[4] = io_swap(in_key[4]);
e_key[5] = io_swap(in_key[5]);
e_key[6] = io_swap(in_key[6]);
t = e_key[7] = io_swap(in_key[7]);
for (i = 0; i < 7; ++i)
loop8(i);
break;
}
if (!encrypt)
{
d_key[0] = e_key[0];
d_key[1] = e_key[1];
d_key[2] = e_key[2];
d_key[3] = e_key[3];
for (i = 4; i < 4 * ctx->k_len + 24; ++i)
imix_col(d_key[i], e_key[i]);
}
return ctx;
}
/* encrypt a block of text */
#define f_nround(bo, bi, k) \
do { \
f_rn(bo, bi, 0, k); \
f_rn(bo, bi, 1, k); \
f_rn(bo, bi, 2, k); \
f_rn(bo, bi, 3, k); \
k += 4; \
} while (0)
#define f_lround(bo, bi, k) \
do { \
f_rl(bo, bi, 0, k); \
f_rl(bo, bi, 1, k); \
f_rl(bo, bi, 2, k); \
f_rl(bo, bi, 3, k); \
} while (0)
void
rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk)
{
u4byte k_len = ctx->k_len;
u4byte *e_key = ctx->e_key;
u4byte b0[4],
b1[4],
*kp;
b0[0] = io_swap(in_blk[0]) ^ e_key[0];
b0[1] = io_swap(in_blk[1]) ^ e_key[1];
b0[2] = io_swap(in_blk[2]) ^ e_key[2];
b0[3] = io_swap(in_blk[3]) ^ e_key[3];
kp = e_key + 4;
if (k_len > 6)
{
f_nround(b1, b0, kp);
f_nround(b0, b1, kp);
}
if (k_len > 4)
{
f_nround(b1, b0, kp);
f_nround(b0, b1, kp);
}
f_nround(b1, b0, kp);
f_nround(b0, b1, kp);
f_nround(b1, b0, kp);
f_nround(b0, b1, kp);
f_nround(b1, b0, kp);
f_nround(b0, b1, kp);
f_nround(b1, b0, kp);
f_nround(b0, b1, kp);
f_nround(b1, b0, kp);
f_lround(b0, b1, kp);
out_blk[0] = io_swap(b0[0]);
out_blk[1] = io_swap(b0[1]);
out_blk[2] = io_swap(b0[2]);
out_blk[3] = io_swap(b0[3]);
}
/* decrypt a block of text */
#define i_nround(bo, bi, k) \
do { \
i_rn(bo, bi, 0, k); \
i_rn(bo, bi, 1, k); \
i_rn(bo, bi, 2, k); \
i_rn(bo, bi, 3, k); \
k -= 4; \
} while (0)
#define i_lround(bo, bi, k) \
do { \
i_rl(bo, bi, 0, k); \
i_rl(bo, bi, 1, k); \
i_rl(bo, bi, 2, k); \
i_rl(bo, bi, 3, k); \
} while (0)
void
rijndael_decrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk)
{
u4byte b0[4],
b1[4],
*kp;
u4byte k_len = ctx->k_len;
u4byte *e_key = ctx->e_key;
u4byte *d_key = ctx->d_key;
b0[0] = io_swap(in_blk[0]) ^ e_key[4 * k_len + 24];
b0[1] = io_swap(in_blk[1]) ^ e_key[4 * k_len + 25];
b0[2] = io_swap(in_blk[2]) ^ e_key[4 * k_len + 26];
b0[3] = io_swap(in_blk[3]) ^ e_key[4 * k_len + 27];
kp = d_key + 4 * (k_len + 5);
if (k_len > 6)
{
i_nround(b1, b0, kp);
i_nround(b0, b1, kp);
}
if (k_len > 4)
{
i_nround(b1, b0, kp);
i_nround(b0, b1, kp);
}
i_nround(b1, b0, kp);
i_nround(b0, b1, kp);
i_nround(b1, b0, kp);
i_nround(b0, b1, kp);
i_nround(b1, b0, kp);
i_nround(b0, b1, kp);
i_nround(b1, b0, kp);
i_nround(b0, b1, kp);
i_nround(b1, b0, kp);
i_lround(b0, b1, kp);
out_blk[0] = io_swap(b0[0]);
out_blk[1] = io_swap(b0[1]);
out_blk[2] = io_swap(b0[2]);
out_blk[3] = io_swap(b0[3]);
}
/*
* conventional interface
*
* ATM it hopes all data is 4-byte aligned - which
* should be true for PX. -marko
*/
void
aes_set_key(rijndael_ctx *ctx, const uint8 *key, unsigned keybits, int enc)
{
uint32 *k;
k = (uint32 *) key;
rijndael_set_key(ctx, k, keybits, enc);
}
void
aes_ecb_encrypt(rijndael_ctx *ctx, uint8 *data, unsigned len)
{
unsigned bs = 16;
uint32 *d;
while (len >= bs)
{
d = (uint32 *) data;
rijndael_encrypt(ctx, d, d);
len -= bs;
data += bs;
}
}
void
aes_ecb_decrypt(rijndael_ctx *ctx, uint8 *data, unsigned len)
{
unsigned bs = 16;
uint32 *d;
while (len >= bs)
{
d = (uint32 *) data;
rijndael_decrypt(ctx, d, d);
len -= bs;
data += bs;
}
}
void
aes_cbc_encrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len)
{
uint32 *iv = (uint32 *) iva;
uint32 *d = (uint32 *) data;
unsigned bs = 16;
while (len >= bs)
{
d[0] ^= iv[0];
d[1] ^= iv[1];
d[2] ^= iv[2];
d[3] ^= iv[3];
rijndael_encrypt(ctx, d, d);
iv = d;
d += bs / 4;
len -= bs;
}
}
void
aes_cbc_decrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len)
{
uint32 *d = (uint32 *) data;
unsigned bs = 16;
uint32 buf[4],
iv[4];
memcpy(iv, iva, bs);
while (len >= bs)
{
buf[0] = d[0];
buf[1] = d[1];
buf[2] = d[2];
buf[3] = d[3];
rijndael_decrypt(ctx, buf, d);
d[0] ^= iv[0];
d[1] ^= iv[1];
d[2] ^= iv[2];
d[3] ^= iv[3];
iv[0] = buf[0];
iv[1] = buf[1];
iv[2] = buf[2];
iv[3] = buf[3];
d += 4;
len -= bs;
}
}
/*
* pre-calculate tables.
*
* On i386 lifts 17k from .bss to .rodata
* and avoids 1k code and setup time.
* -marko
*/
#ifdef PRINT_TABS
static void
show256u8(char *name, uint8 *data)
{
int i;
printf("static const u1byte %s[256] = {\n ", name);
for (i = 0; i < 256;)
{
printf("%u", pow_tab[i++]);
if (i < 256)
printf(i % 16 ? ", " : ",\n ");
}
printf("\n};\n\n");
}
static void
show4x256u32(char *name, uint32 data[4][256])
{
int i,
j;
printf("static const u4byte %s[4][256] = {\n{\n ", name);
for (i = 0; i < 4; i++)
{
for (j = 0; j < 256;)
{
printf("0x%08x", data[i][j]);
j++;
if (j < 256)
printf(j % 4 ? ", " : ",\n ");
}
printf(i < 3 ? "\n}, {\n " : "\n}\n");
}
printf("};\n\n");
}
int
main()
{
int i;
char *hdr = "/* Generated by rijndael.c */\n\n";
gen_tabs();
printf(hdr);
show256u8("pow_tab", pow_tab);
show256u8("log_tab", log_tab);
show256u8("sbx_tab", sbx_tab);
show256u8("isb_tab", isb_tab);
show4x256u32("ft_tab", ft_tab);
show4x256u32("it_tab", it_tab);
#ifdef LARGE_TABLES
show4x256u32("fl_tab", fl_tab);
show4x256u32("il_tab", il_tab);
#endif
printf("static const u4byte rco_tab[10] = {\n ");
for (i = 0; i < 10; i++)
{
printf("0x%08x", rco_tab[i]);
if (i < 9)
printf(", ");
if (i == 4)
printf("\n ");
}
printf("\n};\n\n");
return 0;
}
#endif

59
contrib/pgcrypto/rijndael.h
View File

@ -1,59 +0,0 @@
/*
* contrib/pgcrypto/rijndael.h
*
* $OpenBSD: rijndael.h,v 1.3 2001/05/09 23:01:32 markus Exp $ */
/* This is an independent implementation of the encryption algorithm: */
/* */
/* RIJNDAEL by Joan Daemen and Vincent Rijmen */
/* */
/* which is a candidate algorithm in the Advanced Encryption Standard */
/* programme of the US National Institute of Standards and Technology. */
/* */
/* Copyright in this implementation is held by Dr B R Gladman but I */
/* hereby give permission for its free direct or derivative use subject */
/* to acknowledgment of its origin and compliance with any conditions */
/* that the originators of the algorithm place on its exploitation. */
/* */
/* Dr Brian Gladman (gladman@seven77.demon.co.uk) 14th January 1999 */
#ifndef _RIJNDAEL_H_
#define _RIJNDAEL_H_
/* 1. Standard types for AES cryptography source code */
typedef uint8 u1byte; /* an 8 bit unsigned character type */
typedef uint16 u2byte; /* a 16 bit unsigned integer type */
typedef uint32 u4byte; /* a 32 bit unsigned integer type */
typedef int8 s1byte; /* an 8 bit signed character type */
typedef int16 s2byte; /* a 16 bit signed integer type */
typedef int32 s4byte; /* a 32 bit signed integer type */
typedef struct _rijndael_ctx
{
u4byte k_len;
int decrypt;
u4byte e_key[64];
u4byte d_key[64];
} rijndael_ctx;
/* 2. Standard interface for AES cryptographic routines */
/* These are all based on 32 bit unsigned values and will therefore */
/* require endian conversions for big-endian architectures */
rijndael_ctx *rijndael_set_key(rijndael_ctx *, const u4byte *, const u4byte, int);
void rijndael_encrypt(rijndael_ctx *, const u4byte *, u4byte *);
void rijndael_decrypt(rijndael_ctx *, const u4byte *, u4byte *);
/* conventional interface */
void aes_set_key(rijndael_ctx *ctx, const uint8 *key, unsigned keybits, int enc);
void aes_ecb_encrypt(rijndael_ctx *ctx, uint8 *data, unsigned len);
void aes_ecb_decrypt(rijndael_ctx *ctx, uint8 *data, unsigned len);
void aes_cbc_encrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len);
void aes_cbc_decrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len);
#endif /* _RIJNDAEL_H_ */

1138
contrib/pgcrypto/rijndael.tbl
View File

File diff suppressed because it is too large Load Diff

113
doc/src/sgml/pgcrypto.sgml
View File

@ -23,6 +23,11 @@
on the current database.
</para>
<para>
<filename>pgcrypto</filename> requires OpenSSL and won't be installed if
OpenSSL support was not selected when PostgreSQL was built.
</para>
<sect2>
<title>General Hashing Functions</title>
@ -44,9 +49,8 @@ digest(data bytea, type text) returns bytea
Standard algorithms are <literal>md5</literal>, <literal>sha1</literal>,
<literal>sha224</literal>, <literal>sha256</literal>,
<literal>sha384</literal> and <literal>sha512</literal>.
If <filename>pgcrypto</filename> was built with
<productname>OpenSSL</productname>, more algorithms are available, as
detailed in <xref linkend="pgcrypto-with-without-openssl"/>.
Moreover, any digest algorithm <productname>OpenSSL</productname> supports
is automatically picked up.
</para>
<para>
@ -764,7 +768,7 @@ pgp_sym_encrypt(data, psw, 'compress-algo=1, cipher-algo=aes256')
Which cipher algorithm to use.
</para>
<literallayout>
Values: bf, aes128, aes192, aes256 (OpenSSL-only: <literal>3des</literal>, <literal>cast5</literal>)
Values: bf, aes128, aes192, aes256, 3des, cast5
Default: aes128
Applies to: pgp_sym_encrypt, pgp_pub_encrypt
</literallayout>
@ -1163,98 +1167,16 @@ gen_random_uuid() returns uuid
</para>
<para>
When compiled with <productname>OpenSSL</productname>, there will be
more algorithms available. Also public-key encryption functions will
be faster as <productname>OpenSSL</productname> has more optimized
BIGNUM functions.
<filename>pgcrypto</filename> requires <productname>OpenSSL</productname>.
Otherwise, it will not be built or installed.
</para>
<table id="pgcrypto-with-without-openssl">
<title>Summary of Functionality with and without OpenSSL</title>
<tgroup cols="3">
<thead>
<row>
<entry>Functionality</entry>
<entry>Built-in</entry>
<entry>With OpenSSL</entry>
</row>
</thead>
<tbody>
<row>
<entry>MD5</entry>
<entry>yes</entry>
<entry>yes</entry>
</row>
<row>
<entry>SHA1</entry>
<entry>yes</entry>
<entry>yes</entry>
</row>
<row>
<entry>SHA224/256/384/512</entry>
<entry>yes</entry>
<entry>yes</entry>
</row>
<row>
<entry>Other digest algorithms</entry>
<entry>no</entry>
<entry>yes (Note 1)</entry>
</row>
<row>
<entry>Blowfish</entry>
<entry>yes</entry>
<entry>yes</entry>
</row>
<row>
<entry>AES</entry>
<entry>yes</entry>
<entry>yes</entry>
</row>
<row>
<entry>DES/3DES/CAST5</entry>
<entry>no</entry>
<entry>yes</entry>
</row>
<row>
<entry>Raw encryption</entry>
<entry>yes</entry>
<entry>yes</entry>
</row>
<row>
<entry>PGP Symmetric encryption</entry>
<entry>yes</entry>
<entry>yes</entry>
</row>
<row>
<entry>PGP Public-Key encryption</entry>
<entry>yes</entry>
<entry>yes</entry>
</row>
</tbody>
</tgroup>
</table>
<para>
When compiled against <productname>OpenSSL</productname> 3.0.0 and later
versions, the legacy provider must be activated in the
<filename>openssl.cnf</filename> configuration file in order to use older
ciphers like DES or Blowfish.
</para>
<para>
Notes:
</para>
<orderedlist>
<listitem>
<para>
Any digest algorithm <productname>OpenSSL</productname> supports
is automatically picked up.
This is not possible with ciphers, which need to be supported
explicitly.
</para>
</listitem>
</orderedlist>
</sect3>
<sect3>
@ -1401,21 +1323,6 @@ gen_random_uuid() returns uuid
<entry>Solar Designer</entry>
<entry>www.openwall.com</entry>
</row>
<row>
<entry>Blowfish cipher</entry>
<entry>Simon Tatham</entry>
<entry>PuTTY</entry>
</row>
<row>
<entry>Rijndael cipher</entry>
<entry>Brian Gladman</entry>
<entry>OpenBSD sys/crypto</entry>
</row>
<row>
<entry>BIGNUM math</entry>
<entry>Michael J. Fromberger</entry>
<entry>dartmouth.edu/~sting/sw/imath</entry>
</row>
</tbody>
</tgroup>
</informaltable>

39
src/tools/msvc/Mkvcbuild.pm
View File

@ -440,7 +440,7 @@ sub mkvcbuild
if (!$solution->{options}->{openssl})
{
push @contrib_excludes, 'sslinfo', 'ssl_passphrase_callback';
push @contrib_excludes, 'sslinfo', 'ssl_passphrase_callback', 'pgcrypto';
}
if (!$solution->{options}->{uuid})
@ -448,41 +448,6 @@ sub mkvcbuild
push @contrib_excludes, 'uuid-ossp';
}
# AddProject() does not recognize the constructs used to populate OBJS in
# the pgcrypto Makefile, so it will discover no files.
my $pgcrypto =
$solution->AddProject('pgcrypto', 'dll', 'crypto', 'contrib/pgcrypto');
$pgcrypto->AddFiles(
'contrib/pgcrypto', 'pgcrypto.c',
'px.c', 'px-hmac.c',
'px-crypt.c', 'crypt-gensalt.c',
'crypt-blowfish.c', 'crypt-des.c',
'crypt-md5.c', 'mbuf.c',
'pgp.c', 'pgp-armor.c',
'pgp-cfb.c', 'pgp-compress.c',
'pgp-decrypt.c', 'pgp-encrypt.c',
'pgp-info.c', 'pgp-mpi.c',
'pgp-pubdec.c', 'pgp-pubenc.c',
'pgp-pubkey.c', 'pgp-s2k.c',
'pgp-pgsql.c');
if ($solution->{options}->{openssl})
{
$pgcrypto->AddFiles('contrib/pgcrypto', 'openssl.c',
'pgp-mpi-openssl.c');
}
else
{
$pgcrypto->AddFiles(
'contrib/pgcrypto', 'internal.c',
'internal-sha2.c', 'blf.c',
'rijndael.c', 'pgp-mpi-internal.c',
'imath.c');
}
$pgcrypto->AddReference($postgres);
$pgcrypto->AddLibrary('ws2_32.lib');
my $mf = Project::read_file('contrib/pgcrypto/Makefile');
GenerateContribSqlFiles('pgcrypto', $mf);
foreach my $subdir ('contrib', 'src/test/modules')
{
opendir($D, $subdir) || croak "Could not opendir on $subdir!\n";
@ -795,7 +760,7 @@ sub mkvcbuild
}
}
$mf =
my $mf =
Project::read_file('src/backend/utils/mb/conversion_procs/Makefile');
$mf =~ s{\\\r?\n}{}g;
$mf =~ m{SUBDIRS\s*=\s*(.*)$}m

7
src/tools/msvc/vcregress.pl
View File

@ -726,18 +726,13 @@ sub fetchTests
if ($m =~ /contrib\/pgcrypto/)
{
# pgcrypto is special since the tests depend on the
# pgcrypto is special since some tests depend on the
# configuration of the build
my $cftests =
$config->{openssl}
? GetTests("OSSL_TESTS", $m)
: GetTests("INT_TESTS", $m);
my $pgptests =
$config->{zlib}
? GetTests("ZLIB_TST", $m)
: GetTests("ZLIB_OFF_TST", $m);
$t =~ s/\$\(CF_TESTS\)/$cftests/;
$t =~ s/\$\(CF_PGP_TESTS\)/$pgptests/;
}
}