http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/101adfab/contrib/pgcrypto/px.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c deleted file mode 100644 index 4ba7391..0000000 --- a/contrib/pgcrypto/px.c +++ /dev/null @@ -1,443 +0,0 @@ -/* - * px.c - * Various cryptographic stuff for PostgreSQL. - * - * Copyright (c) 2001 Marko Kreen - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.18 2009/06/11 14:48:52 momjian Exp $ - */ - -#include "postgres.h" - -#include "px.h" - -#include "postmaster/postmaster.h" - -struct error_desc -{ - int err; - const char *desc; -}; - -static const struct error_desc px_err_list[] = { - {PXE_OK, "Everything ok"}, - {PXE_ERR_GENERIC, "Some PX error (not specified)"}, - {PXE_NO_HASH, "No such hash algorithm"}, - {PXE_NO_CIPHER, "No such cipher algorithm"}, - {PXE_NOTBLOCKSIZE, "Data not a multiple of block size"}, - {PXE_BAD_OPTION, "Unknown option"}, - {PXE_BAD_FORMAT, "Badly formatted type"}, - {PXE_KEY_TOO_BIG, "Key was too big"}, - {PXE_CIPHER_INIT, "Cipher cannot be initalized ?"}, - {PXE_HASH_UNUSABLE_FOR_HMAC, "This hash algorithm is unusable for HMAC"}, - {PXE_DEV_READ_ERROR, "Error reading from random device"}, - {PXE_OSSL_RAND_ERROR, "OpenSSL PRNG error"}, - {PXE_BUG, "pgcrypto bug"}, - {PXE_ARGUMENT_ERROR, "Illegal argument to function"}, - {PXE_UNKNOWN_SALT_ALGO, "Unknown salt algorithm"}, - {PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"}, - {PXE_MCRYPT_INTERNAL, "mcrypt internal error"}, - {PXE_NO_RANDOM, "No strong random source"}, - {PXE_DECRYPT_FAILED, "Decryption failed"}, - {PXE_PGP_CORRUPT_DATA, "Wrong key or corrupt data"}, - {PXE_PGP_CORRUPT_ARMOR, "Corrupt ascii-armor"}, - {PXE_PGP_UNSUPPORTED_COMPR, "Unsupported compression algorithm"}, - {PXE_PGP_UNSUPPORTED_CIPHER, "Unsupported cipher algorithm"}, - {PXE_PGP_UNSUPPORTED_HASH, "Unsupported digest algorithm"}, - {PXE_PGP_COMPRESSION_ERROR, "Compression error"}, - {PXE_PGP_NOT_TEXT, "Not text data"}, - {PXE_PGP_UNEXPECTED_PKT, "Unexpected packet in key data"}, - {PXE_PGP_NO_BIGNUM, - "public-key functions disabled - " - "pgcrypto needs OpenSSL for bignums"}, - {PXE_PGP_MATH_FAILED, "Math operation failed"}, - {PXE_PGP_SHORT_ELGAMAL_KEY, "Elgamal keys must be at least 1024 bits long"}, - {PXE_PGP_RSA_UNSUPPORTED, "pgcrypto does not support RSA keys"}, - {PXE_PGP_UNKNOWN_PUBALGO, "Unknown public-key encryption algorithm"}, - {PXE_PGP_WRONG_KEY, "Wrong key"}, - {PXE_PGP_MULTIPLE_KEYS, - "Several keys given - pgcrypto does not handle keyring"}, - {PXE_PGP_EXPECT_PUBLIC_KEY, "Refusing to encrypt with secret key"}, - {PXE_PGP_EXPECT_SECRET_KEY, "Cannot decrypt with public key"}, - {PXE_PGP_NOT_V4_KEYPKT, "Only V4 key packets are supported"}, - {PXE_PGP_KEYPKT_CORRUPT, "Corrupt key packet"}, - {PXE_PGP_NO_USABLE_KEY, "No encryption key found"}, - {PXE_PGP_NEED_SECRET_PSW, "Need password for secret key"}, - {PXE_PGP_BAD_S2K_MODE, "Bad S2K mode"}, - {PXE_PGP_UNSUPPORTED_PUBALGO, "Unsupported public key algorithm"}, - {PXE_PGP_MULTIPLE_SUBKEYS, "Several subkeys not supported"}, - - /* fake this as PXE_PGP_CORRUPT_DATA */ - {PXE_MBUF_SHORT_READ, "Corrupt data"}, - - {0, NULL}, -}; - -const char * -px_strerror(int err) -{ - const struct error_desc *e; - - for (e = px_err_list; e->desc; e++) - if (e->err == err) - return e->desc; - return "Bad error code"; -} - - -const char * -px_resolve_alias(const PX_Alias *list, const char *name) -{ - while (list->name) - { - if (pg_strcasecmp(list->alias, name) == 0) - return list->name; - list++; - } - return name; -} - -static void (*debug_handler) (const char *) = NULL; - -void -px_set_debug_handler(void (*handler) (const char *)) -{ - debug_handler = handler; -} - -void -px_debug(const char *fmt,...) -{ - va_list ap; - - va_start(ap, fmt); - if (debug_handler) - { - char buf[512]; - - vsnprintf(buf, sizeof(buf), fmt, ap); - debug_handler(buf); - } - va_end(ap); -} - -/* - * combo - cipher + padding (+ checksum) - */ - -static unsigned -combo_encrypt_len(PX_Combo *cx, unsigned dlen) -{ - return dlen + 512; -} - -static unsigned -combo_decrypt_len(PX_Combo *cx, unsigned dlen) -{ - return dlen; -} - -static int -combo_init(PX_Combo *cx, const uint8 *key, unsigned klen, - const uint8 *iv, unsigned ivlen) -{ - int err; - unsigned bs, - ks, - ivs; - PX_Cipher *c = cx->cipher; - uint8 *ivbuf = NULL; - uint8 *keybuf; - - bs = px_cipher_block_size(c); - ks = px_cipher_key_size(c); - - ivs = px_cipher_iv_size(c); - if (ivs > 0) - { - ivbuf = px_alloc(ivs); - memset(ivbuf, 0, ivs); - if (ivlen > ivs) - memcpy(ivbuf, iv, ivs); - else - memcpy(ivbuf, iv, ivlen); - } - - if (klen > ks) - klen = ks; - keybuf = px_alloc(ks); - memset(keybuf, 0, ks); - memcpy(keybuf, key, klen); - - err = px_cipher_init(c, keybuf, klen, ivbuf); - - if (ivbuf) - px_free(ivbuf); - px_free(keybuf); - - return err; -} - -static int -combo_encrypt(PX_Combo *cx, const uint8 *data, unsigned dlen, - uint8 *res, unsigned *rlen) -{ - int err = 0; - uint8 *bbuf; - unsigned bs, - maxlen, - bpos, - i, - pad; - - PX_Cipher *c = cx->cipher; - - bbuf = NULL; - maxlen = *rlen; - bs = px_cipher_block_size(c); - - /* encrypt */ - if (bs > 1) - { - bbuf = px_alloc(bs * 4); - bpos = dlen % bs; - *rlen = dlen - bpos; - memcpy(bbuf, data + *rlen, bpos); - - /* encrypt full-block data */ - if (*rlen) - { - err = px_cipher_encrypt(c, data, *rlen, res); - if (err) - goto out; - } - - /* bbuf has now bpos bytes of stuff */ - if (cx->padding) - { - pad = bs - (bpos % bs); - for (i = 0; i < pad; i++) - bbuf[bpos++] = pad; - } - else if (bpos % bs) - { - /* ERROR? */ - pad = bs - (bpos % bs); - for (i = 0; i < pad; i++) - bbuf[bpos++] = 0; - } - - /* encrypt the rest - pad */ - if (bpos) - { - err = px_cipher_encrypt(c, bbuf, bpos, res + *rlen); - *rlen += bpos; - } - } - else - { - /* stream cipher/mode - no pad needed */ - err = px_cipher_encrypt(c, data, dlen, res); - if (err) - goto out; - *rlen = dlen; - } -out: - if (bbuf) - px_free(bbuf); - - return err; -} - -static int -combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen, - uint8 *res, unsigned *rlen) -{ - unsigned bs, - i, - pad; - unsigned pad_ok; - - PX_Cipher *c = cx->cipher; - - /* decide whether zero-length input is allowed */ - if (dlen == 0) - { - /* with padding, empty ciphertext is not allowed */ - if (cx->padding) - return PXE_DECRYPT_FAILED; - - /* without padding, report empty result */ - *rlen = 0; - return 0; - } - - bs = px_cipher_block_size(c); - if (bs > 1 && (dlen % bs) != 0) - goto block_error; - - /* decrypt */ - *rlen = dlen; - px_cipher_decrypt(c, data, dlen, res); - - /* unpad */ - if (bs > 1 && cx->padding) - { - pad = res[*rlen - 1]; - pad_ok = 0; - if (pad > 0 && pad <= bs && pad <= *rlen) - { - pad_ok = 1; - for (i = *rlen - pad; i < *rlen; i++) - if (res[i] != pad) - { - pad_ok = 0; - break; - } - } - - if (pad_ok) - *rlen -= pad; - } - - return 0; - -block_error: - return PXE_NOTBLOCKSIZE; -} - -static void -combo_free(PX_Combo *cx) -{ - if (cx->cipher) - px_cipher_free(cx->cipher); - memset(cx, 0, sizeof(*cx)); - px_free(cx); -} - -/* PARSER */ - -static int -parse_cipher_name(char *full, char **cipher, char **pad) -{ - char *p, - *p2, - *q; - - *cipher = full; - *pad = NULL; - - p = strchr(full, '/'); - if (p != NULL) - *p++ = 0; - while (p != NULL) - { - if ((q = strchr(p, '/')) != NULL) - *q++ = 0; - - if (!*p) - { - p = q; - continue; - } - p2 = strchr(p, ':'); - if (p2 != NULL) - { - *p2++ = 0; - if (!strcmp(p, "pad")) - *pad = p2; - else - return PXE_BAD_OPTION; - } - else - return PXE_BAD_FORMAT; - - p = q; - } - return 0; -} - -/* provider */ - -int -px_find_combo(const char *name, PX_Combo **res) -{ - int err; - char *buf, - *s_cipher, - *s_pad; - - PX_Combo *cx; - - cx = px_alloc(sizeof(*cx)); - memset(cx, 0, sizeof(*cx)); - - buf = px_alloc(strlen(name) + 1); - strcpy(buf, name); - - err = parse_cipher_name(buf, &s_cipher, &s_pad); - if (err) - { - px_free(buf); - px_free(cx); - return err; - } - - err = px_find_cipher(s_cipher, &cx->cipher); - if (err) - goto err1; - - if (s_pad != NULL) - { - if (!strcmp(s_pad, "pkcs")) - cx->padding = 1; - else if (!strcmp(s_pad, "none")) - cx->padding = 0; - else - goto err1; - } - else - cx->padding = 1; - - cx->init = combo_init; - cx->encrypt = combo_encrypt; - cx->decrypt = combo_decrypt; - cx->encrypt_len = combo_encrypt_len; - cx->decrypt_len = combo_decrypt_len; - cx->free = combo_free; - - px_free(buf); - - *res = cx; - - return 0; - -err1: - if (cx->cipher) - px_cipher_free(cx->cipher); - px_free(cx); - px_free(buf); - return PXE_NO_CIPHER; -}
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/101adfab/contrib/pgcrypto/px.h ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/px.h b/contrib/pgcrypto/px.h deleted file mode 100644 index c916e93..0000000 --- a/contrib/pgcrypto/px.h +++ /dev/null @@ -1,249 +0,0 @@ -/* - * px.h - * Header file for pgcrypto. - * - * Copyright (c) 2001 Marko Kreen - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.19 2009/06/11 14:48:52 momjian Exp $ - */ - -#ifndef __PX_H -#define __PX_H - -#include <sys/types.h> -#include <sys/param.h> - -/* keep debug messages? */ -#define PX_DEBUG - -/* a way to disable palloc - * - useful if compiled into standalone - */ -#ifndef PX_OWN_ALLOC -#define px_alloc(s) palloc(s) -#define px_realloc(p, s) repalloc(p, s) -#define px_free(p) pfree(p) -#else -void *px_alloc(size_t s); -void *px_realloc(void *p, size_t s); -void px_free(void *p); -#endif - -/* max len of 'type' parms */ -#define PX_MAX_NAMELEN 128 - -/* max salt returned */ -#define PX_MAX_SALT_LEN 128 - -/* - * PX error codes - */ -#define PXE_OK 0 -#define PXE_ERR_GENERIC -1 -#define PXE_NO_HASH -2 -#define PXE_NO_CIPHER -3 -#define PXE_NOTBLOCKSIZE -4 -#define PXE_BAD_OPTION -5 -#define PXE_BAD_FORMAT -6 -#define PXE_KEY_TOO_BIG -7 -#define PXE_CIPHER_INIT -8 -#define PXE_HASH_UNUSABLE_FOR_HMAC -9 -#define PXE_DEV_READ_ERROR -10 -#define PXE_OSSL_RAND_ERROR -11 -#define PXE_BUG -12 -#define PXE_ARGUMENT_ERROR -13 -#define PXE_UNKNOWN_SALT_ALGO -14 -#define PXE_BAD_SALT_ROUNDS -15 -#define PXE_MCRYPT_INTERNAL -16 -#define PXE_NO_RANDOM -17 -#define PXE_DECRYPT_FAILED -18 - -#define PXE_MBUF_SHORT_READ -50 - -#define PXE_PGP_CORRUPT_DATA -100 -#define PXE_PGP_CORRUPT_ARMOR -101 -#define PXE_PGP_UNSUPPORTED_COMPR -102 -#define PXE_PGP_UNSUPPORTED_CIPHER -103 -#define PXE_PGP_UNSUPPORTED_HASH -104 -#define PXE_PGP_COMPRESSION_ERROR -105 -#define PXE_PGP_NOT_TEXT -106 -#define PXE_PGP_UNEXPECTED_PKT -107 -#define PXE_PGP_NO_BIGNUM -108 -#define PXE_PGP_MATH_FAILED -109 -#define PXE_PGP_SHORT_ELGAMAL_KEY -110 -#define PXE_PGP_RSA_UNSUPPORTED -111 -#define PXE_PGP_UNKNOWN_PUBALGO -112 -#define PXE_PGP_WRONG_KEY -113 -#define PXE_PGP_MULTIPLE_KEYS -114 -#define PXE_PGP_EXPECT_PUBLIC_KEY -115 -#define PXE_PGP_EXPECT_SECRET_KEY -116 -#define PXE_PGP_NOT_V4_KEYPKT -117 -#define PXE_PGP_KEYPKT_CORRUPT -118 -#define PXE_PGP_NO_USABLE_KEY -119 -#define PXE_PGP_NEED_SECRET_PSW -120 -#define PXE_PGP_BAD_S2K_MODE -121 -#define PXE_PGP_UNSUPPORTED_PUBALGO -122 -#define PXE_PGP_MULTIPLE_SUBKEYS -123 - - -typedef struct px_digest PX_MD; -typedef struct px_alias PX_Alias; -typedef struct px_hmac PX_HMAC; -typedef struct px_cipher PX_Cipher; -typedef struct px_combo PX_Combo; - -struct px_digest -{ - unsigned (*result_size) (PX_MD *h); - unsigned (*block_size) (PX_MD *h); - void (*reset) (PX_MD *h); - void (*update) (PX_MD *h, const uint8 *data, unsigned dlen); - void (*finish) (PX_MD *h, uint8 *dst); - void (*free) (PX_MD *h); - /* private */ - union - { - unsigned code; - void *ptr; - } p; -}; - -struct px_alias -{ - char *alias; - char *name; -}; - -struct px_hmac -{ - unsigned (*result_size) (PX_HMAC *h); - unsigned (*block_size) (PX_HMAC *h); - void (*reset) (PX_HMAC *h); - void (*update) (PX_HMAC *h, const uint8 *data, unsigned dlen); - void (*finish) (PX_HMAC *h, uint8 *dst); - void (*free) (PX_HMAC *h); - void (*init) (PX_HMAC *h, const uint8 *key, unsigned klen); - - PX_MD *md; - /* private */ - struct - { - uint8 *ipad; - uint8 *opad; - } p; -}; - -struct px_cipher -{ - unsigned (*block_size) (PX_Cipher *c); - unsigned (*key_size) (PX_Cipher *c); /* max key len */ - unsigned (*iv_size) (PX_Cipher *c); - - int (*init) (PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv); - int (*encrypt) (PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res); - int (*decrypt) (PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res); - void (*free) (PX_Cipher *c); - /* private */ - void *ptr; - int pstat; /* mcrypt uses it */ -}; - -struct px_combo -{ - int (*init) (PX_Combo *cx, const uint8 *key, unsigned klen, - const uint8 *iv, unsigned ivlen); - int (*encrypt) (PX_Combo *cx, const uint8 *data, unsigned dlen, - uint8 *res, unsigned *rlen); - int (*decrypt) (PX_Combo *cx, const uint8 *data, unsigned dlen, - uint8 *res, unsigned *rlen); - unsigned (*encrypt_len) (PX_Combo *cx, unsigned dlen); - unsigned (*decrypt_len) (PX_Combo *cx, unsigned dlen); - void (*free) (PX_Combo *cx); - - PX_Cipher *cipher; - unsigned padding; -}; - -int px_find_digest(const char *name, PX_MD **res); -int px_find_hmac(const char *name, PX_HMAC **res); -int px_find_cipher(const char *name, PX_Cipher **res); -int px_find_combo(const char *name, PX_Combo **res); - -int px_get_random_bytes(uint8 *dst, unsigned count); -int px_get_pseudo_random_bytes(uint8 *dst, unsigned count); -int px_add_entropy(const uint8 *data, unsigned count); - -unsigned px_acquire_system_randomness(uint8 *dst); - -const char *px_strerror(int err); - -const char *px_resolve_alias(const PX_Alias *aliases, const char *name); - -void px_set_debug_handler(void (*handler) (const char *)); - -#ifdef PX_DEBUG -void px_debug(const char *fmt,...); -#else -#define px_debug(...) -#endif - -#define px_md_result_size(md) (md)->result_size(md) -#define px_md_block_size(md) (md)->block_size(md) -#define px_md_reset(md) (md)->reset(md) -#define px_md_update(md, data, dlen) (md)->update(md, data, dlen) -#define px_md_finish(md, buf) (md)->finish(md, buf) -#define px_md_free(md) (md)->free(md) - -#define px_hmac_result_size(hmac) (hmac)->result_size(hmac) -#define px_hmac_block_size(hmac) (hmac)->block_size(hmac) -#define px_hmac_reset(hmac) (hmac)->reset(hmac) -#define px_hmac_init(hmac, key, klen) (hmac)->init(hmac, key, klen) -#define px_hmac_update(hmac, data, dlen) (hmac)->update(hmac, data, dlen) -#define px_hmac_finish(hmac, buf) (hmac)->finish(hmac, buf) -#define px_hmac_free(hmac) (hmac)->free(hmac) - - -#define px_cipher_key_size(c) (c)->key_size(c) -#define px_cipher_block_size(c) (c)->block_size(c) -#define px_cipher_iv_size(c) (c)->iv_size(c) -#define px_cipher_init(c, k, klen, iv) (c)->init(c, k, klen, iv) -#define px_cipher_encrypt(c, data, dlen, res) \ - (c)->encrypt(c, data, dlen, res) -#define px_cipher_decrypt(c, data, dlen, res) \ - (c)->decrypt(c, data, dlen, res) -#define px_cipher_free(c) (c)->free(c) - - -#define px_combo_encrypt_len(c, dlen) (c)->encrypt_len(c, dlen) -#define px_combo_decrypt_len(c, dlen) (c)->decrypt_len(c, dlen) -#define px_combo_init(c, key, klen, iv, ivlen) \ - (c)->init(c, key, klen, iv, ivlen) -#define px_combo_encrypt(c, data, dlen, res, rlen) \ - (c)->encrypt(c, data, dlen, res, rlen) -#define px_combo_decrypt(c, data, dlen, res, rlen) \ - (c)->decrypt(c, data, dlen, res, rlen) -#define px_combo_free(c) (c)->free(c) - -#endif /* __PX_H */ http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/101adfab/contrib/pgcrypto/random.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/random.c b/contrib/pgcrypto/random.c deleted file mode 100644 index b22e029..0000000 --- a/contrib/pgcrypto/random.c +++ /dev/null @@ -1,244 +0,0 @@ -/* - * random.c - * Acquire randomness from system. For seeding RNG. - * - * Copyright (c) 2001 Marko Kreen - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.17 2006/06/08 03:29:30 momjian Exp $ - */ - -#include "postgres.h" - -#include "px.h" - -/* how many bytes to ask from system random provider */ -#define RND_BYTES 32 - -/* - * Try to read from /dev/urandom or /dev/random on these OS'es. - * - * The list can be pretty liberal, as the device not existing - * is expected event. - */ -#if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) \ - || defined(__NetBSD__) || defined(__DragonFly__) \ - || defined(__darwin__) || defined(__SOLARIS__) \ - || defined(__hpux) || defined(__HPUX__) \ - || defined(__CYGWIN__) || defined(_AIX) - -#define TRY_DEV_RANDOM - -#include <fcntl.h> -#include <unistd.h> - -static int -safe_read(int fd, void *buf, size_t count) -{ - int done = 0; - char *p = buf; - int res; - - while (count) - { - res = read(fd, p, count); - if (res <= 0) - { - if (errno == EINTR) - continue; - return PXE_DEV_READ_ERROR; - } - p += res; - done += res; - count -= res; - } - return done; -} - -static uint8 * -try_dev_random(uint8 *dst) -{ - int fd; - int res; - - fd = open("/dev/urandom", O_RDONLY, 0); - if (fd == -1) - { - fd = open("/dev/random", O_RDONLY, 0); - if (fd == -1) - return dst; - } - res = safe_read(fd, dst, RND_BYTES); - close(fd); - if (res > 0) - dst += res; - return dst; -} -#endif - -/* - * Try to find randomness on Windows - */ -#ifdef WIN32 - -#define TRY_WIN32_GENRAND -#define TRY_WIN32_PERFC - -#include <windows.h> -#include <wincrypt.h> - -/* - * this function is from libtomcrypt - * - * try to use Microsoft crypto API - */ -static uint8 * -try_win32_genrand(uint8 *dst) -{ - int res; - HCRYPTPROV h = 0; - - res = CryptAcquireContext(&h, NULL, MS_DEF_PROV, PROV_RSA_FULL, - (CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET)); - if (!res) - res = CryptAcquireContext(&h, NULL, MS_DEF_PROV, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET | CRYPT_NEWKEYSET); - if (!res) - return dst; - - res = CryptGenRandom(h, RND_BYTES, dst); - if (res == TRUE) - dst += RND_BYTES; - - CryptReleaseContext(h, 0); - return dst; -} - -static uint8 * -try_win32_perfc(uint8 *dst) -{ - int res; - LARGE_INTEGER time; - - res = QueryPerformanceCounter(&time); - if (!res) - return dst; - - memcpy(dst, &time, sizeof(time)); - return dst + sizeof(time); -} -#endif /* WIN32 */ - - -/* - * If we are not on Windows, then hopefully we are - * on a unix-like system. Use the usual suspects - * for randomness. - */ -#ifndef WIN32 - -#define TRY_UNIXSTD - -#include <sys/types.h> -#include <sys/time.h> -#include <time.h> -#include <unistd.h> - -/* - * Everything here is predictible, only needs some patience. - * - * But there is a chance that the system-specific functions - * did not work. So keep faith and try to slow the attacker down. - */ -static uint8 * -try_unix_std(uint8 *dst) -{ - pid_t pid; - int x; - PX_MD *md; - struct timeval tv; - int res; - - /* process id */ - pid = getpid(); - memcpy(dst, (uint8 *) &pid, sizeof(pid)); - dst += sizeof(pid); - - /* time */ - gettimeofday(&tv, NULL); - memcpy(dst, (uint8 *) &tv, sizeof(tv)); - dst += sizeof(tv); - - /* pointless, but should not hurt */ - x = random(); - memcpy(dst, (uint8 *) &x, sizeof(x)); - dst += sizeof(x); - - /* let's be desperate */ - res = px_find_digest("sha1", &md); - if (res >= 0) - { - uint8 *ptr; - uint8 stack[8192]; - int alloc = 32 * 1024; - - px_md_update(md, stack, sizeof(stack)); - ptr = px_alloc(alloc); - px_md_update(md, ptr, alloc); - px_free(ptr); - - px_md_finish(md, dst); - px_md_free(md); - - dst += 20; - } - - return dst; -} -#endif - -/* - * try to extract some randomness for initial seeding - * - * dst should have room for 1024 bytes. - */ -unsigned -px_acquire_system_randomness(uint8 *dst) -{ - uint8 *p = dst; - -#ifdef TRY_DEV_RANDOM - p = try_dev_random(p); -#endif -#ifdef TRY_WIN32_GENRAND - p = try_win32_genrand(p); -#endif -#ifdef TRY_WIN32_PERFC - p = try_win32_perfc(p); -#endif -#ifdef TRY_UNIXSTD - p = try_unix_std(p); -#endif - return p - dst; -} http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/101adfab/contrib/pgcrypto/rijndael.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/rijndael.c b/contrib/pgcrypto/rijndael.c deleted file mode 100644 index cf9eca9..0000000 --- a/contrib/pgcrypto/rijndael.c +++ /dev/null @@ -1,677 +0,0 @@ -/* $OpenBSD: rijndael.c,v 1.6 2000/12/09 18:51:34 markus Exp $ */ - -/* $PostgreSQL: pgsql/contrib/pgcrypto/rijndael.c,v 1.14 2009/06/11 14:48:52 momjian Exp $ */ - -/* This is an independent implementation of the encryption algorithm: */ -/* */ -/* RIJNDAEL by Joan Daemen and Vincent Rijmen */ -/* */ -/* which is a candidate algorithm in the Advanced Encryption Standard */ -/* programme of the US National Institute of Standards and Technology. */ -/* */ -/* Copyright in this implementation is held by Dr B R Gladman but I */ -/* hereby give permission for its free direct or derivative use subject */ -/* to acknowledgment of its origin and compliance with any conditions */ -/* that the originators of the algorithm place on its exploitation. */ -/* */ -/* Dr Brian Gladman ([email protected]) 14th January 1999 */ - -/* Timing data for Rijndael (rijndael.c) - -Algorithm: rijndael (rijndael.c) - -128 bit key: -Key Setup: 305/1389 cycles (encrypt/decrypt) -Encrypt: 374 cycles = 68.4 mbits/sec -Decrypt: 352 cycles = 72.7 mbits/sec -Mean: 363 cycles = 70.5 mbits/sec - -192 bit key: -Key Setup: 277/1595 cycles (encrypt/decrypt) -Encrypt: 439 cycles = 58.3 mbits/sec -Decrypt: 425 cycles = 60.2 mbits/sec -Mean: 432 cycles = 59.3 mbits/sec - -256 bit key: -Key Setup: 374/1960 cycles (encrypt/decrypt) -Encrypt: 502 cycles = 51.0 mbits/sec -Decrypt: 498 cycles = 51.4 mbits/sec -Mean: 500 cycles = 51.2 mbits/sec - -*/ - -#include "postgres.h" - -#include <sys/param.h> - -#include "px.h" -#include "rijndael.h" - -#define PRE_CALC_TABLES -#define LARGE_TABLES - -static void gen_tabs(void); - -/* 3. Basic macros for speeding up generic operations */ - -/* Circular rotate of 32 bit values */ - -#define rotr(x,n) (((x) >> ((int)(n))) | ((x) << (32 - (int)(n)))) -#define rotl(x,n) (((x) << ((int)(n))) | ((x) >> (32 - (int)(n)))) - -/* Invert byte order in a 32 bit variable */ - -#define bswap(x) ((rotl((x), 8) & 0x00ff00ff) | (rotr((x), 8) & 0xff00ff00)) - -/* Extract byte from a 32 bit quantity (little endian notation) */ - -#define byte(x,n) ((u1byte)((x) >> (8 * (n)))) - -#ifdef WORDS_BIGENDIAN -#define io_swap(x) bswap(x) -#else -#define io_swap(x) (x) -#endif - -#ifdef PRINT_TABS -#undef PRE_CALC_TABLES -#endif - -#ifdef PRE_CALC_TABLES - -#include "rijndael.tbl" -#define tab_gen 1 -#else /* !PRE_CALC_TABLES */ - -static u1byte pow_tab[256]; -static u1byte log_tab[256]; -static u1byte sbx_tab[256]; -static u1byte isb_tab[256]; -static u4byte rco_tab[10]; -static u4byte ft_tab[4][256]; -static u4byte it_tab[4][256]; - -#ifdef LARGE_TABLES -static u4byte fl_tab[4][256]; -static u4byte il_tab[4][256]; -#endif - -static u4byte tab_gen = 0; -#endif /* !PRE_CALC_TABLES */ - -#define ff_mult(a,b) ((a) && (b) ? pow_tab[(log_tab[a] + log_tab[b]) % 255] : 0) - -#define f_rn(bo, bi, n, k) \ - (bo)[n] = ft_tab[0][byte((bi)[n],0)] ^ \ - ft_tab[1][byte((bi)[((n) + 1) & 3],1)] ^ \ - ft_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \ - ft_tab[3][byte((bi)[((n) + 3) & 3],3)] ^ *((k) + (n)) - -#define i_rn(bo, bi, n, k) \ - (bo)[n] = it_tab[0][byte((bi)[n],0)] ^ \ - it_tab[1][byte((bi)[((n) + 3) & 3],1)] ^ \ - it_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \ - it_tab[3][byte((bi)[((n) + 1) & 3],3)] ^ *((k) + (n)) - -#ifdef LARGE_TABLES - -#define ls_box(x) \ - ( fl_tab[0][byte(x, 0)] ^ \ - fl_tab[1][byte(x, 1)] ^ \ - fl_tab[2][byte(x, 2)] ^ \ - fl_tab[3][byte(x, 3)] ) - -#define f_rl(bo, bi, n, k) \ - (bo)[n] = fl_tab[0][byte((bi)[n],0)] ^ \ - fl_tab[1][byte((bi)[((n) + 1) & 3],1)] ^ \ - fl_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \ - fl_tab[3][byte((bi)[((n) + 3) & 3],3)] ^ *((k) + (n)) - -#define i_rl(bo, bi, n, k) \ - (bo)[n] = il_tab[0][byte((bi)[n],0)] ^ \ - il_tab[1][byte((bi)[((n) + 3) & 3],1)] ^ \ - il_tab[2][byte((bi)[((n) + 2) & 3],2)] ^ \ - il_tab[3][byte((bi)[((n) + 1) & 3],3)] ^ *((k) + (n)) -#else - -#define ls_box(x) \ - ((u4byte)sbx_tab[byte(x, 0)] << 0) ^ \ - ((u4byte)sbx_tab[byte(x, 1)] << 8) ^ \ - ((u4byte)sbx_tab[byte(x, 2)] << 16) ^ \ - ((u4byte)sbx_tab[byte(x, 3)] << 24) - -#define f_rl(bo, bi, n, k) \ - (bo)[n] = (u4byte)sbx_tab[byte((bi)[n],0)] ^ \ - rotl(((u4byte)sbx_tab[byte((bi)[((n) + 1) & 3],1)]), 8) ^ \ - rotl(((u4byte)sbx_tab[byte((bi)[((n) + 2) & 3],2)]), 16) ^ \ - rotl(((u4byte)sbx_tab[byte((bi)[((n) + 3) & 3],3)]), 24) ^ *((k) + (n)) - -#define i_rl(bo, bi, n, k) \ - (bo)[n] = (u4byte)isb_tab[byte((bi)[n],0)] ^ \ - rotl(((u4byte)isb_tab[byte((bi)[((n) + 3) & 3],1)]), 8) ^ \ - rotl(((u4byte)isb_tab[byte((bi)[((n) + 2) & 3],2)]), 16) ^ \ - rotl(((u4byte)isb_tab[byte((bi)[((n) + 1) & 3],3)]), 24) ^ *((k) + (n)) -#endif - -static void -gen_tabs(void) -{ -#ifndef PRE_CALC_TABLES - u4byte i, - t; - u1byte p, - q; - - /* log and power tables for GF(2**8) finite field with */ - /* 0x11b as modular polynomial - the simplest prmitive */ - /* root is 0x11, used here to generate the tables */ - - for (i = 0, p = 1; i < 256; ++i) - { - pow_tab[i] = (u1byte) p; - log_tab[p] = (u1byte) i; - - p = p ^ (p << 1) ^ (p & 0x80 ? 0x01b : 0); - } - - log_tab[1] = 0; - p = 1; - - for (i = 0; i < 10; ++i) - { - rco_tab[i] = p; - - p = (p << 1) ^ (p & 0x80 ? 0x1b : 0); - } - - /* note that the affine byte transformation matrix in */ - /* rijndael specification is in big endian format with */ - /* bit 0 as the most significant bit. In the remainder */ - /* of the specification the bits are numbered from the */ - /* least significant end of a byte. */ - - for (i = 0; i < 256; ++i) - { - p = (i ? pow_tab[255 - log_tab[i]] : 0); - q = p; - q = (q >> 7) | (q << 1); - p ^= q; - q = (q >> 7) | (q << 1); - p ^= q; - q = (q >> 7) | (q << 1); - p ^= q; - q = (q >> 7) | (q << 1); - p ^= q ^ 0x63; - sbx_tab[i] = (u1byte) p; - isb_tab[p] = (u1byte) i; - } - - for (i = 0; i < 256; ++i) - { - p = sbx_tab[i]; - -#ifdef LARGE_TABLES - - t = p; - fl_tab[0][i] = t; - fl_tab[1][i] = rotl(t, 8); - fl_tab[2][i] = rotl(t, 16); - fl_tab[3][i] = rotl(t, 24); -#endif - t = ((u4byte) ff_mult(2, p)) | - ((u4byte) p << 8) | - ((u4byte) p << 16) | - ((u4byte) ff_mult(3, p) << 24); - - ft_tab[0][i] = t; - ft_tab[1][i] = rotl(t, 8); - ft_tab[2][i] = rotl(t, 16); - ft_tab[3][i] = rotl(t, 24); - - p = isb_tab[i]; - -#ifdef LARGE_TABLES - - t = p; - il_tab[0][i] = t; - il_tab[1][i] = rotl(t, 8); - il_tab[2][i] = rotl(t, 16); - il_tab[3][i] = rotl(t, 24); -#endif - t = ((u4byte) ff_mult(14, p)) | - ((u4byte) ff_mult(9, p) << 8) | - ((u4byte) ff_mult(13, p) << 16) | - ((u4byte) ff_mult(11, p) << 24); - - it_tab[0][i] = t; - it_tab[1][i] = rotl(t, 8); - it_tab[2][i] = rotl(t, 16); - it_tab[3][i] = rotl(t, 24); - } - - tab_gen = 1; -#endif /* !PRE_CALC_TABLES */ -} - - -#define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b) - -#define imix_col(y,x) \ -do { \ - u = star_x(x); \ - v = star_x(u); \ - w = star_x(v); \ - t = w ^ (x); \ - (y) = u ^ v ^ w; \ - (y) ^= rotr(u ^ t, 8) ^ \ - rotr(v ^ t, 16) ^ \ - rotr(t,24); \ -} while (0) - -/* initialise the key schedule from the user supplied key */ - -#define loop4(i) \ -do { t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \ - t ^= e_key[4 * i]; e_key[4 * i + 4] = t; \ - t ^= e_key[4 * i + 1]; e_key[4 * i + 5] = t; \ - t ^= e_key[4 * i + 2]; e_key[4 * i + 6] = t; \ - t ^= e_key[4 * i + 3]; e_key[4 * i + 7] = t; \ -} while (0) - -#define loop6(i) \ -do { t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \ - t ^= e_key[6 * (i)]; e_key[6 * (i) + 6] = t; \ - t ^= e_key[6 * (i) + 1]; e_key[6 * (i) + 7] = t; \ - t ^= e_key[6 * (i) + 2]; e_key[6 * (i) + 8] = t; \ - t ^= e_key[6 * (i) + 3]; e_key[6 * (i) + 9] = t; \ - t ^= e_key[6 * (i) + 4]; e_key[6 * (i) + 10] = t; \ - t ^= e_key[6 * (i) + 5]; e_key[6 * (i) + 11] = t; \ -} while (0) - -#define loop8(i) \ -do { t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \ - t ^= e_key[8 * (i)]; e_key[8 * (i) + 8] = t; \ - t ^= e_key[8 * (i) + 1]; e_key[8 * (i) + 9] = t; \ - t ^= e_key[8 * (i) + 2]; e_key[8 * (i) + 10] = t; \ - t ^= e_key[8 * (i) + 3]; e_key[8 * (i) + 11] = t; \ - t = e_key[8 * (i) + 4] ^ ls_box(t); \ - e_key[8 * (i) + 12] = t; \ - t ^= e_key[8 * (i) + 5]; e_key[8 * (i) + 13] = t; \ - t ^= e_key[8 * (i) + 6]; e_key[8 * (i) + 14] = t; \ - t ^= e_key[8 * (i) + 7]; e_key[8 * (i) + 15] = t; \ -} while (0) - -rijndael_ctx * -rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len, - int encrypt) -{ - u4byte i, - t, - u, - v, - w; - u4byte *e_key = ctx->e_key; - u4byte *d_key = ctx->d_key; - - ctx->decrypt = !encrypt; - - if (!tab_gen) - gen_tabs(); - - ctx->k_len = (key_len + 31) / 32; - - e_key[0] = io_swap(in_key[0]); - e_key[1] = io_swap(in_key[1]); - e_key[2] = io_swap(in_key[2]); - e_key[3] = io_swap(in_key[3]); - - switch (ctx->k_len) - { - case 4: - t = e_key[3]; - for (i = 0; i < 10; ++i) - loop4(i); - break; - - case 6: - e_key[4] = io_swap(in_key[4]); - t = e_key[5] = io_swap(in_key[5]); - for (i = 0; i < 8; ++i) - loop6(i); - break; - - case 8: - e_key[4] = io_swap(in_key[4]); - e_key[5] = io_swap(in_key[5]); - e_key[6] = io_swap(in_key[6]); - t = e_key[7] = io_swap(in_key[7]); - for (i = 0; i < 7; ++i) - loop8(i); - break; - } - - if (!encrypt) - { - d_key[0] = e_key[0]; - d_key[1] = e_key[1]; - d_key[2] = e_key[2]; - d_key[3] = e_key[3]; - - for (i = 4; i < 4 * ctx->k_len + 24; ++i) - imix_col(d_key[i], e_key[i]); - } - - return ctx; -} - -/* encrypt a block of text */ - -#define f_nround(bo, bi, k) \ -do { \ - f_rn(bo, bi, 0, k); \ - f_rn(bo, bi, 1, k); \ - f_rn(bo, bi, 2, k); \ - f_rn(bo, bi, 3, k); \ - k += 4; \ -} while (0) - -#define f_lround(bo, bi, k) \ -do { \ - f_rl(bo, bi, 0, k); \ - f_rl(bo, bi, 1, k); \ - f_rl(bo, bi, 2, k); \ - f_rl(bo, bi, 3, k); \ -} while (0) - -void -rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) -{ - u4byte k_len = ctx->k_len; - u4byte *e_key = ctx->e_key; - u4byte b0[4], - b1[4], - *kp; - - b0[0] = io_swap(in_blk[0]) ^ e_key[0]; - b0[1] = io_swap(in_blk[1]) ^ e_key[1]; - b0[2] = io_swap(in_blk[2]) ^ e_key[2]; - b0[3] = io_swap(in_blk[3]) ^ e_key[3]; - - kp = e_key + 4; - - if (k_len > 6) - { - f_nround(b1, b0, kp); - f_nround(b0, b1, kp); - } - - if (k_len > 4) - { - f_nround(b1, b0, kp); - f_nround(b0, b1, kp); - } - - f_nround(b1, b0, kp); - f_nround(b0, b1, kp); - f_nround(b1, b0, kp); - f_nround(b0, b1, kp); - f_nround(b1, b0, kp); - f_nround(b0, b1, kp); - f_nround(b1, b0, kp); - f_nround(b0, b1, kp); - f_nround(b1, b0, kp); - f_lround(b0, b1, kp); - - out_blk[0] = io_swap(b0[0]); - out_blk[1] = io_swap(b0[1]); - out_blk[2] = io_swap(b0[2]); - out_blk[3] = io_swap(b0[3]); -} - -/* decrypt a block of text */ - -#define i_nround(bo, bi, k) \ -do { \ - i_rn(bo, bi, 0, k); \ - i_rn(bo, bi, 1, k); \ - i_rn(bo, bi, 2, k); \ - i_rn(bo, bi, 3, k); \ - k -= 4; \ -} while (0) - -#define i_lround(bo, bi, k) \ -do { \ - i_rl(bo, bi, 0, k); \ - i_rl(bo, bi, 1, k); \ - i_rl(bo, bi, 2, k); \ - i_rl(bo, bi, 3, k); \ -} while (0) - -void -rijndael_decrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) -{ - u4byte b0[4], - b1[4], - *kp; - u4byte k_len = ctx->k_len; - u4byte *e_key = ctx->e_key; - u4byte *d_key = ctx->d_key; - - b0[0] = io_swap(in_blk[0]) ^ e_key[4 * k_len + 24]; - b0[1] = io_swap(in_blk[1]) ^ e_key[4 * k_len + 25]; - b0[2] = io_swap(in_blk[2]) ^ e_key[4 * k_len + 26]; - b0[3] = io_swap(in_blk[3]) ^ e_key[4 * k_len + 27]; - - kp = d_key + 4 * (k_len + 5); - - if (k_len > 6) - { - i_nround(b1, b0, kp); - i_nround(b0, b1, kp); - } - - if (k_len > 4) - { - i_nround(b1, b0, kp); - i_nround(b0, b1, kp); - } - - i_nround(b1, b0, kp); - i_nround(b0, b1, kp); - i_nround(b1, b0, kp); - i_nround(b0, b1, kp); - i_nround(b1, b0, kp); - i_nround(b0, b1, kp); - i_nround(b1, b0, kp); - i_nround(b0, b1, kp); - i_nround(b1, b0, kp); - i_lround(b0, b1, kp); - - out_blk[0] = io_swap(b0[0]); - out_blk[1] = io_swap(b0[1]); - out_blk[2] = io_swap(b0[2]); - out_blk[3] = io_swap(b0[3]); -} - -/* - * conventional interface - * - * ATM it hopes all data is 4-byte aligned - which - * should be true for PX. -marko - */ - -void -aes_set_key(rijndael_ctx *ctx, const uint8 *key, unsigned keybits, int enc) -{ - uint32 *k; - - k = (uint32 *) key; - rijndael_set_key(ctx, k, keybits, enc); -} - -void -aes_ecb_encrypt(rijndael_ctx *ctx, uint8 *data, unsigned len) -{ - unsigned bs = 16; - uint32 *d; - - while (len >= bs) - { - d = (uint32 *) data; - rijndael_encrypt(ctx, d, d); - - len -= bs; - data += bs; - } -} - -void -aes_ecb_decrypt(rijndael_ctx *ctx, uint8 *data, unsigned len) -{ - unsigned bs = 16; - uint32 *d; - - while (len >= bs) - { - d = (uint32 *) data; - rijndael_decrypt(ctx, d, d); - - len -= bs; - data += bs; - } -} - -void -aes_cbc_encrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len) -{ - uint32 *iv = (uint32 *) iva; - uint32 *d = (uint32 *) data; - unsigned bs = 16; - - while (len >= bs) - { - d[0] ^= iv[0]; - d[1] ^= iv[1]; - d[2] ^= iv[2]; - d[3] ^= iv[3]; - - rijndael_encrypt(ctx, d, d); - - iv = d; - d += bs / 4; - len -= bs; - } -} - -void -aes_cbc_decrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len) -{ - uint32 *d = (uint32 *) data; - unsigned bs = 16; - uint32 buf[4], - iv[4]; - - memcpy(iv, iva, bs); - while (len >= bs) - { - buf[0] = d[0]; - buf[1] = d[1]; - buf[2] = d[2]; - buf[3] = d[3]; - - rijndael_decrypt(ctx, buf, d); - - d[0] ^= iv[0]; - d[1] ^= iv[1]; - d[2] ^= iv[2]; - d[3] ^= iv[3]; - - iv[0] = buf[0]; - iv[1] = buf[1]; - iv[2] = buf[2]; - iv[3] = buf[3]; - d += 4; - len -= bs; - } -} - -/* - * pre-calculate tables. - * - * On i386 lifts 17k from .bss to .rodata - * and avoids 1k code and setup time. - * -marko - */ -#ifdef PRINT_TABS - -static void -show256u8(char *name, uint8 *data) -{ - int i; - - printf("static const u1byte %s[256] = {\n ", name); - for (i = 0; i < 256;) - { - printf("%u", pow_tab[i++]); - if (i < 256) - printf(i % 16 ? ", " : ",\n "); - } - printf("\n};\n\n"); -} - - -static void -show4x256u32(char *name, uint32 data[4][256]) -{ - int i, - j; - - printf("static const u4byte %s[4][256] = {\n{\n ", name); - for (i = 0; i < 4; i++) - { - for (j = 0; j < 256;) - { - printf("0x%08x", data[i][j]); - j++; - if (j < 256) - printf(j % 4 ? ", " : ",\n "); - } - printf(i < 3 ? "\n}, {\n " : "\n}\n"); - } - printf("};\n\n"); -} - -int -main() -{ - int i; - char *hdr = "/* Generated by rijndael.c */\n\n"; - - gen_tabs(); - - printf(hdr); - show256u8("pow_tab", pow_tab); - show256u8("log_tab", log_tab); - show256u8("sbx_tab", sbx_tab); - show256u8("isb_tab", isb_tab); - - show4x256u32("ft_tab", ft_tab); - show4x256u32("it_tab", it_tab); -#ifdef LARGE_TABLES - show4x256u32("fl_tab", fl_tab); - show4x256u32("il_tab", il_tab); -#endif - printf("static const u4byte rco_tab[10] = {\n "); - for (i = 0; i < 10; i++) - { - printf("0x%08x", rco_tab[i]); - if (i < 9) - printf(", "); - if (i == 4) - printf("\n "); - } - printf("\n};\n\n"); - return 0; -} - -#endif http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/101adfab/contrib/pgcrypto/rijndael.h ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/rijndael.h b/contrib/pgcrypto/rijndael.h deleted file mode 100644 index e4c4229..0000000 --- a/contrib/pgcrypto/rijndael.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * $PostgreSQL: pgsql/contrib/pgcrypto/rijndael.h,v 1.7 2009/06/11 14:48:52 momjian Exp $ - * - * $OpenBSD: rijndael.h,v 1.3 2001/05/09 23:01:32 markus Exp $ */ - -/* This is an independent implementation of the encryption algorithm: */ -/* */ -/* RIJNDAEL by Joan Daemen and Vincent Rijmen */ -/* */ -/* which is a candidate algorithm in the Advanced Encryption Standard */ -/* programme of the US National Institute of Standards and Technology. */ -/* */ -/* Copyright in this implementation is held by Dr B R Gladman but I */ -/* hereby give permission for its free direct or derivative use subject */ -/* to acknowledgment of its origin and compliance with any conditions */ -/* that the originators of the algorithm place on its exploitation. */ -/* */ -/* Dr Brian Gladman ([email protected]) 14th January 1999 */ - -#ifndef _RIJNDAEL_H_ -#define _RIJNDAEL_H_ - -/* 1. Standard types for AES cryptography source code */ - -typedef uint8 u1byte; /* an 8 bit unsigned character type */ -typedef uint16 u2byte; /* a 16 bit unsigned integer type */ -typedef uint32 u4byte; /* a 32 bit unsigned integer type */ - -typedef int8 s1byte; /* an 8 bit signed character type */ -typedef int16 s2byte; /* a 16 bit signed integer type */ -typedef int32 s4byte; /* a 32 bit signed integer type */ - -typedef struct _rijndael_ctx -{ - u4byte k_len; - int decrypt; - u4byte e_key[64]; - u4byte d_key[64]; -} rijndael_ctx; - - -/* 2. Standard interface for AES cryptographic routines */ - -/* These are all based on 32 bit unsigned values and will therefore */ -/* require endian conversions for big-endian architectures */ - -rijndael_ctx * - rijndael_set_key(rijndael_ctx *, const u4byte *, const u4byte, int); -void rijndael_encrypt(rijndael_ctx *, const u4byte *, u4byte *); -void rijndael_decrypt(rijndael_ctx *, const u4byte *, u4byte *); - -/* conventional interface */ - -void aes_set_key(rijndael_ctx *ctx, const uint8 *key, unsigned keybits, int enc); -void aes_ecb_encrypt(rijndael_ctx *ctx, uint8 *data, unsigned len); -void aes_ecb_decrypt(rijndael_ctx *ctx, uint8 *data, unsigned len); -void aes_cbc_encrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len); -void aes_cbc_decrypt(rijndael_ctx *ctx, uint8 *iva, uint8 *data, unsigned len); - -#endif /* _RIJNDAEL_H_ */
