postgresql/contrib/pgcrypto/random.c
Bruce Momjian ab56022864 Big thanks to Solar Designer who pointed out a bug in bcrypt
salt generation code.  He also urged using better random source
and making possible to choose using bcrypt and xdes rounds more
easily.  So, here's patch:

* For all salt generation, use Solar Designer's own code.  This
  is mostly due fact that his code is more fit for get_random_bytes()
  style interface.
* New function: gen_salt(type, rounds).  This lets specify iteration
  count for algorithm.
* random.c: px_get_random_bytes() function.
  Supported randomness soure: /dev/urandom, OpenSSL PRNG, libc random()
  Default: /dev/urandom.
* Draft description of C API for pgcrypto functions.

New files: API, crypt-gensalt.c, random.c

Marko Kreen
2001-09-23 04:12:44 +00:00

128 lines
2.7 KiB
C

/*
* random.c
* Random functions.
*
* Copyright (c) 2001 Marko Kreen
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: random.c,v 1.1 2001/09/23 04:12:44 momjian Exp $
*/
#include <postgres.h>
#include "px.h"
#ifdef RAND_DEV
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>
static int
safe_read(int fd, void *buf, size_t count)
{
int done = 0;
char *p = buf;
int res;
while (count) {
res = read(fd, p, count);
if (res <= 0) {
if (errno == EINTR)
continue;
return -1;
}
p += res;
done += res;
count -= res;
}
return done;
}
int
px_get_random_bytes(uint8 *dst, unsigned count)
{
int fd;
int res;
fd = open(RAND_DEV, O_RDONLY);
if (fd == -1)
return -1;
res = safe_read(fd, dst, count);
close(fd);
return res;
}
#endif /* RAND_DEV */
#ifdef RAND_SILLY
int px_get_random_bytes(char *dst, unsigned count)
{
int i;
for (i = 0; i < count; i++) {
*dst++ = random();
}
return i;
}
#endif /* RAND_SILLY */
#ifdef RAND_OPENSSL
#include <openssl/evp.h>
#include <openssl/blowfish.h>
#include <openssl/rand.h>
#include <openssl/err.h>
static int openssl_random_init = 0;
int px_get_random_bytes(uint8 *dst, unsigned count)
{
int res;
if (!openssl_random_init) {
if (RAND_get_rand_method() == NULL) {
RAND_set_rand_method(RAND_SSLeay());
}
openssl_random_init = 1;
}
/*
* OpenSSL random should re-feeded occasionally.
* From /dev/urandom preferrably.
*/
res = RAND_bytes(dst, count);
if (res > 0)
return count;
return -1;
}
#endif /* RAND_OPENSSL */