http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/pgp-mpi.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/pgp-mpi.c b/contrib/pgcrypto/pgp-mpi.c new file mode 100644 index 0000000..c8765b6 --- /dev/null +++ b/contrib/pgcrypto/pgp-mpi.c @@ -0,0 +1,143 @@ +/* + * pgp-mpi.c + * OpenPGP MPI helper functions. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/pgp-mpi.c + */ +#include "postgres.h" + +#include "px.h" +#include "mbuf.h" +#include "pgp.h" + +int +pgp_mpi_alloc(int bits, PGP_MPI **mpi) +{ + PGP_MPI *n; + int len = (bits + 7) / 8; + + if (bits < 0 || bits > 0xFFFF) + { + px_debug("pgp_mpi_alloc: unreasonable request: bits=%d", bits); + return PXE_PGP_CORRUPT_DATA; + } + n = px_alloc(sizeof(*n) + len); + n->bits = bits; + n->bytes = len; + n->data = (uint8 *) (n) + sizeof(*n); + *mpi = n; + return 0; +} + +int +pgp_mpi_create(uint8 *data, int bits, PGP_MPI **mpi) +{ + int res; + PGP_MPI *n; + + res = pgp_mpi_alloc(bits, &n); + if (res < 0) + return res; + memcpy(n->data, data, n->bytes); + *mpi = n; + return 0; +} + +int +pgp_mpi_free(PGP_MPI *mpi) +{ + if (mpi == NULL) + return 0; + memset(mpi, 0, sizeof(*mpi) + mpi->bytes); + px_free(mpi); + return 0; +} + +int +pgp_mpi_read(PullFilter *src, PGP_MPI **mpi) +{ + int res; + uint8 hdr[2]; + int bits; + PGP_MPI *n; + + res = pullf_read_fixed(src, 2, hdr); + if (res < 0) + return res; + bits = ((unsigned) hdr[0] << 8) + hdr[1]; + + res = pgp_mpi_alloc(bits, &n); + if (res < 0) + return res; + + res = pullf_read_fixed(src, n->bytes, n->data); + if (res < 0) + pgp_mpi_free(n); + else + *mpi = n; + return res; +} + +int +pgp_mpi_write(PushFilter *dst, PGP_MPI *n) +{ + int res; + uint8 buf[2]; + + buf[0] = n->bits >> 8; + buf[1] = n->bits & 0xFF; + res = pushf_write(dst, buf, 2); + if (res >= 0) + res = pushf_write(dst, n->data, n->bytes); + return res; +} + +int +pgp_mpi_hash(PX_MD *md, PGP_MPI *n) +{ + uint8 buf[2]; + + buf[0] = n->bits >> 8; + buf[1] = n->bits & 0xFF; + px_md_update(md, buf, 2); + px_md_update(md, n->data, n->bytes); + + return 0; +} + +unsigned +pgp_mpi_cksum(unsigned cksum, PGP_MPI *n) +{ + int i; + + cksum += n->bits >> 8; + cksum += n->bits & 0xFF; + for (i = 0; i < n->bytes; i++) + cksum += n->data[i]; + + return cksum & 0xFFFF; +}
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/pgp-pgsql.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/pgp-pgsql.c b/contrib/pgcrypto/pgp-pgsql.c new file mode 100644 index 0000000..d4eec03 --- /dev/null +++ b/contrib/pgcrypto/pgp-pgsql.c @@ -0,0 +1,919 @@ +/* + * pgp-pgsql.c + * PostgreSQL wrappers for pgp. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/pgp-pgsql.c + */ + +#include "postgres.h" + +#include "mb/pg_wchar.h" +#include "utils/builtins.h" + +#include "mbuf.h" +#include "px.h" +#include "pgp.h" + +/* + * public functions + */ +Datum pgp_sym_encrypt_text(PG_FUNCTION_ARGS); +Datum pgp_sym_encrypt_bytea(PG_FUNCTION_ARGS); +Datum pgp_sym_decrypt_text(PG_FUNCTION_ARGS); +Datum pgp_sym_decrypt_bytea(PG_FUNCTION_ARGS); + +Datum pgp_pub_encrypt_text(PG_FUNCTION_ARGS); +Datum pgp_pub_encrypt_bytea(PG_FUNCTION_ARGS); +Datum pgp_pub_decrypt_text(PG_FUNCTION_ARGS); +Datum pgp_pub_decrypt_bytea(PG_FUNCTION_ARGS); + +Datum pgp_key_id_w(PG_FUNCTION_ARGS); + +Datum pg_armor(PG_FUNCTION_ARGS); +Datum pg_dearmor(PG_FUNCTION_ARGS); + +/* function headers */ + +PG_FUNCTION_INFO_V1(pgp_sym_encrypt_bytea); +PG_FUNCTION_INFO_V1(pgp_sym_encrypt_text); +PG_FUNCTION_INFO_V1(pgp_sym_decrypt_bytea); +PG_FUNCTION_INFO_V1(pgp_sym_decrypt_text); + +PG_FUNCTION_INFO_V1(pgp_pub_encrypt_bytea); +PG_FUNCTION_INFO_V1(pgp_pub_encrypt_text); +PG_FUNCTION_INFO_V1(pgp_pub_decrypt_bytea); +PG_FUNCTION_INFO_V1(pgp_pub_decrypt_text); + +PG_FUNCTION_INFO_V1(pgp_key_id_w); + +PG_FUNCTION_INFO_V1(pg_armor); +PG_FUNCTION_INFO_V1(pg_dearmor); + +/* + * Mix a block of data into RNG. + */ +static void +add_block_entropy(PX_MD *md, text *data) +{ + uint8 sha1[20]; + + px_md_reset(md); + px_md_update(md, (uint8 *) VARDATA(data), VARSIZE(data) - VARHDRSZ); + px_md_finish(md, sha1); + + px_add_entropy(sha1, 20); + + memset(sha1, 0, 20); +} + +/* + * Mix user data into RNG. It is for user own interests to have + * RNG state shuffled. + */ +static void +add_entropy(text *data1, text *data2, text *data3) +{ + PX_MD *md; + uint8 rnd[3]; + + if (!data1 && !data2 && !data3) + return; + + if (px_get_random_bytes(rnd, 3) < 0) + return; + + if (px_find_digest("sha1", &md) < 0) + return; + + /* + * Try to make the feeding unpredictable. + * + * Prefer data over keys, as it's rather likely that key is same in + * several calls. + */ + + /* chance: 7/8 */ + if (data1 && rnd[0] >= 32) + add_block_entropy(md, data1); + + /* chance: 5/8 */ + if (data2 && rnd[1] >= 160) + add_block_entropy(md, data2); + + /* chance: 5/8 */ + if (data3 && rnd[2] >= 160) + add_block_entropy(md, data3); + + px_md_free(md); + memset(rnd, 0, sizeof(rnd)); +} + +/* + * returns src in case of no conversion or error + */ +static text * +convert_charset(text *src, int cset_from, int cset_to) +{ + int src_len = VARSIZE(src) - VARHDRSZ; + unsigned char *dst; + unsigned char *csrc = (unsigned char *) VARDATA(src); + text *res; + + dst = pg_do_encoding_conversion(csrc, src_len, cset_from, cset_to); + if (dst == csrc) + return src; + + res = cstring_to_text((char *) dst); + pfree(dst); + return res; +} + +static text * +convert_from_utf8(text *src) +{ + return convert_charset(src, PG_UTF8, GetDatabaseEncoding()); +} + +static text * +convert_to_utf8(text *src) +{ + return convert_charset(src, GetDatabaseEncoding(), PG_UTF8); +} + +static void +clear_and_pfree(text *p) +{ + memset(p, 0, VARSIZE(p)); + pfree(p); +} + +/* + * expect-* arguments storage + */ +struct debug_expect +{ + int debug; + int expect; + int cipher_algo; + int s2k_mode; + int s2k_cipher_algo; + int s2k_digest_algo; + int compress_algo; + int use_sess_key; + int disable_mdc; + int unicode_mode; +}; + +static void +fill_expect(struct debug_expect * ex, int text_mode) +{ + ex->debug = 0; + ex->expect = 0; + ex->cipher_algo = -1; + ex->s2k_mode = -1; + ex->s2k_cipher_algo = -1; + ex->s2k_digest_algo = -1; + ex->compress_algo = -1; + ex->use_sess_key = -1; + ex->disable_mdc = -1; + ex->unicode_mode = -1; +} + +#define EX_MSG(arg) \ + ereport(NOTICE, (errmsg( \ + "pgp_decrypt: unexpected %s: expected %d got %d", \ + CppAsString(arg), ex->arg, ctx->arg))) + +#define EX_CHECK(arg) do { \ + if (ex->arg >= 0 && ex->arg != ctx->arg) EX_MSG(arg); \ + } while (0) + +static void +check_expect(PGP_Context *ctx, struct debug_expect * ex) +{ + EX_CHECK(cipher_algo); + EX_CHECK(s2k_mode); + EX_CHECK(s2k_digest_algo); + EX_CHECK(use_sess_key); + if (ctx->use_sess_key) + EX_CHECK(s2k_cipher_algo); + EX_CHECK(disable_mdc); + EX_CHECK(compress_algo); + EX_CHECK(unicode_mode); +} + +static void +show_debug(const char *msg) +{ + ereport(NOTICE, (errmsg("dbg: %s", msg))); +} + +static int +set_arg(PGP_Context *ctx, char *key, char *val, + struct debug_expect * ex) +{ + int res = 0; + + if (strcmp(key, "cipher-algo") == 0) + res = pgp_set_cipher_algo(ctx, val); + else if (strcmp(key, "disable-mdc") == 0) + res = pgp_disable_mdc(ctx, atoi(val)); + else if (strcmp(key, "sess-key") == 0) + res = pgp_set_sess_key(ctx, atoi(val)); + else if (strcmp(key, "s2k-mode") == 0) + res = pgp_set_s2k_mode(ctx, atoi(val)); + else if (strcmp(key, "s2k-digest-algo") == 0) + res = pgp_set_s2k_digest_algo(ctx, val); + else if (strcmp(key, "s2k-cipher-algo") == 0) + res = pgp_set_s2k_cipher_algo(ctx, val); + else if (strcmp(key, "compress-algo") == 0) + res = pgp_set_compress_algo(ctx, atoi(val)); + else if (strcmp(key, "compress-level") == 0) + res = pgp_set_compress_level(ctx, atoi(val)); + else if (strcmp(key, "convert-crlf") == 0) + res = pgp_set_convert_crlf(ctx, atoi(val)); + else if (strcmp(key, "unicode-mode") == 0) + res = pgp_set_unicode_mode(ctx, atoi(val)); + /* decrypt debug */ + else if (ex != NULL && strcmp(key, "debug") == 0) + ex->debug = atoi(val); + else if (ex != NULL && strcmp(key, "expect-cipher-algo") == 0) + { + ex->expect = 1; + ex->cipher_algo = pgp_get_cipher_code(val); + } + else if (ex != NULL && strcmp(key, "expect-disable-mdc") == 0) + { + ex->expect = 1; + ex->disable_mdc = atoi(val); + } + else if (ex != NULL && strcmp(key, "expect-sess-key") == 0) + { + ex->expect = 1; + ex->use_sess_key = atoi(val); + } + else if (ex != NULL && strcmp(key, "expect-s2k-mode") == 0) + { + ex->expect = 1; + ex->s2k_mode = atoi(val); + } + else if (ex != NULL && strcmp(key, "expect-s2k-digest-algo") == 0) + { + ex->expect = 1; + ex->s2k_digest_algo = pgp_get_digest_code(val); + } + else if (ex != NULL && strcmp(key, "expect-s2k-cipher-algo") == 0) + { + ex->expect = 1; + ex->s2k_cipher_algo = pgp_get_cipher_code(val); + } + else if (ex != NULL && strcmp(key, "expect-compress-algo") == 0) + { + ex->expect = 1; + ex->compress_algo = atoi(val); + } + else if (ex != NULL && strcmp(key, "expect-unicode-mode") == 0) + { + ex->expect = 1; + ex->unicode_mode = atoi(val); + } + else + res = PXE_ARGUMENT_ERROR; + + return res; +} + +/* + * Find next word. Handle ',' and '=' as words. Skip whitespace. + * Put word info into res_p, res_len. + * Returns ptr to next word. + */ +static char * +getword(char *p, char **res_p, int *res_len) +{ + /* whitespace at start */ + while (*p && (*p == ' ' || *p == '\t' || *p == '\n')) + p++; + + /* word data */ + *res_p = p; + if (*p == '=' || *p == ',') + p++; + else + while (*p && !(*p == ' ' || *p == '\t' || *p == '\n' + || *p == '=' || *p == ',')) + p++; + + /* word end */ + *res_len = p - *res_p; + + /* whitespace at end */ + while (*p && (*p == ' ' || *p == '\t' || *p == '\n')) + p++; + + return p; +} + +/* + * Convert to lowercase asciiz string. + */ +static char * +downcase_convert(const uint8 *s, int len) +{ + int c, + i; + char *res = palloc(len + 1); + + for (i = 0; i < len; i++) + { + c = s[i]; + if (c >= 'A' && c <= 'Z') + c += 'a' - 'A'; + res[i] = c; + } + res[len] = 0; + return res; +} + +static int +parse_args(PGP_Context *ctx, uint8 *args, int arg_len, + struct debug_expect * ex) +{ + char *str = downcase_convert(args, arg_len); + char *key, + *val; + int key_len, + val_len; + int res = 0; + char *p = str; + + while (*p) + { + res = PXE_ARGUMENT_ERROR; + p = getword(p, &key, &key_len); + if (*p++ != '=') + break; + p = getword(p, &val, &val_len); + if (*p == '\0') + ; + else if (*p++ != ',') + break; + + if (*key == 0 || *val == 0 || val_len == 0) + break; + + key[key_len] = 0; + val[val_len] = 0; + + res = set_arg(ctx, key, val, ex); + if (res < 0) + break; + } + pfree(str); + return res; +} + +static MBuf * +create_mbuf_from_vardata(text *data) +{ + return mbuf_create_from_data((uint8 *) VARDATA(data), + VARSIZE(data) - VARHDRSZ); +} + +static void +init_work(PGP_Context **ctx_p, int is_text, + text *args, struct debug_expect * ex) +{ + int err = pgp_init(ctx_p); + + fill_expect(ex, is_text); + + if (err == 0 && args != NULL) + err = parse_args(*ctx_p, (uint8 *) VARDATA(args), + VARSIZE(args) - VARHDRSZ, ex); + + if (err) + { + ereport(ERROR, + (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), + errmsg("%s", px_strerror(err)))); + } + + if (ex->debug) + px_set_debug_handler(show_debug); + + pgp_set_text_mode(*ctx_p, is_text); +} + +static bytea * +encrypt_internal(int is_pubenc, int is_text, + text *data, text *key, text *args) +{ + MBuf *src, + *dst; + uint8 tmp[VARHDRSZ]; + uint8 *restmp; + bytea *res; + int res_len; + PGP_Context *ctx; + int err; + struct debug_expect ex; + text *tmp_data = NULL; + + /* + * Add data and key info RNG. + */ + add_entropy(data, key, NULL); + + init_work(&ctx, is_text, args, &ex); + + if (is_text && pgp_get_unicode_mode(ctx)) + { + tmp_data = convert_to_utf8(data); + if (tmp_data == data) + tmp_data = NULL; + else + data = tmp_data; + } + + src = create_mbuf_from_vardata(data); + dst = mbuf_create(VARSIZE(data) + 128); + + /* + * reserve room for header + */ + mbuf_append(dst, tmp, VARHDRSZ); + + /* + * set key + */ + if (is_pubenc) + { + MBuf *kbuf = create_mbuf_from_vardata(key); + + err = pgp_set_pubkey(ctx, kbuf, + NULL, 0, 0); + mbuf_free(kbuf); + } + else + err = pgp_set_symkey(ctx, (uint8 *) VARDATA(key), + VARSIZE(key) - VARHDRSZ); + + /* + * encrypt + */ + if (err >= 0) + err = pgp_encrypt(ctx, src, dst); + + /* + * check for error + */ + if (err) + { + if (ex.debug) + px_set_debug_handler(NULL); + if (tmp_data) + clear_and_pfree(tmp_data); + pgp_free(ctx); + mbuf_free(src); + mbuf_free(dst); + ereport(ERROR, + (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), + errmsg("%s", px_strerror(err)))); + } + + /* res_len includes VARHDRSZ */ + res_len = mbuf_steal_data(dst, &restmp); + res = (bytea *) restmp; + SET_VARSIZE(res, res_len); + + if (tmp_data) + clear_and_pfree(tmp_data); + pgp_free(ctx); + mbuf_free(src); + mbuf_free(dst); + + px_set_debug_handler(NULL); + + return res; +} + +static bytea * +decrypt_internal(int is_pubenc, int need_text, text *data, + text *key, text *keypsw, text *args) +{ + int err; + MBuf *src = NULL, + *dst = NULL; + uint8 tmp[VARHDRSZ]; + uint8 *restmp; + bytea *res; + int res_len; + PGP_Context *ctx = NULL; + struct debug_expect ex; + int got_unicode = 0; + + + init_work(&ctx, need_text, args, &ex); + + src = mbuf_create_from_data((uint8 *) VARDATA(data), + VARSIZE(data) - VARHDRSZ); + dst = mbuf_create(VARSIZE(data) + 2048); + + /* + * reserve room for header + */ + mbuf_append(dst, tmp, VARHDRSZ); + + /* + * set key + */ + if (is_pubenc) + { + uint8 *psw = NULL; + int psw_len = 0; + MBuf *kbuf; + + if (keypsw) + { + psw = (uint8 *) VARDATA(keypsw); + psw_len = VARSIZE(keypsw) - VARHDRSZ; + } + kbuf = create_mbuf_from_vardata(key); + err = pgp_set_pubkey(ctx, kbuf, psw, psw_len, 1); + mbuf_free(kbuf); + } + else + err = pgp_set_symkey(ctx, (uint8 *) VARDATA(key), + VARSIZE(key) - VARHDRSZ); + + /* + * decrypt + */ + if (err >= 0) + err = pgp_decrypt(ctx, src, dst); + + /* + * failed? + */ + if (err < 0) + goto out; + + if (ex.expect) + check_expect(ctx, &ex); + + /* remember the setting */ + got_unicode = pgp_get_unicode_mode(ctx); + +out: + if (src) + mbuf_free(src); + if (ctx) + pgp_free(ctx); + + if (err) + { + px_set_debug_handler(NULL); + if (dst) + mbuf_free(dst); + ereport(ERROR, + (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), + errmsg("%s", px_strerror(err)))); + } + + res_len = mbuf_steal_data(dst, &restmp); + mbuf_free(dst); + + /* res_len includes VARHDRSZ */ + res = (bytea *) restmp; + SET_VARSIZE(res, res_len); + + if (need_text && got_unicode) + { + text *utf = convert_from_utf8(res); + + if (utf != res) + { + clear_and_pfree(res); + res = utf; + } + } + px_set_debug_handler(NULL); + + /* + * add successful decryptions also into RNG + */ + add_entropy(res, key, keypsw); + + return res; +} + +/* + * Wrappers for symmetric-key functions + */ +Datum +pgp_sym_encrypt_bytea(PG_FUNCTION_ARGS) +{ + bytea *data, + *key; + text *arg = NULL; + text *res; + + data = PG_GETARG_BYTEA_P(0); + key = PG_GETARG_BYTEA_P(1); + if (PG_NARGS() > 2) + arg = PG_GETARG_BYTEA_P(2); + + res = encrypt_internal(0, 0, data, key, arg); + + PG_FREE_IF_COPY(data, 0); + PG_FREE_IF_COPY(key, 1); + if (PG_NARGS() > 2) + PG_FREE_IF_COPY(arg, 2); + PG_RETURN_TEXT_P(res); +} + +Datum +pgp_sym_encrypt_text(PG_FUNCTION_ARGS) +{ + bytea *data, + *key; + text *arg = NULL; + text *res; + + data = PG_GETARG_BYTEA_P(0); + key = PG_GETARG_BYTEA_P(1); + if (PG_NARGS() > 2) + arg = PG_GETARG_BYTEA_P(2); + + res = encrypt_internal(0, 1, data, key, arg); + + PG_FREE_IF_COPY(data, 0); + PG_FREE_IF_COPY(key, 1); + if (PG_NARGS() > 2) + PG_FREE_IF_COPY(arg, 2); + PG_RETURN_TEXT_P(res); +} + + +Datum +pgp_sym_decrypt_bytea(PG_FUNCTION_ARGS) +{ + bytea *data, + *key; + text *arg = NULL; + text *res; + + data = PG_GETARG_BYTEA_P(0); + key = PG_GETARG_BYTEA_P(1); + if (PG_NARGS() > 2) + arg = PG_GETARG_BYTEA_P(2); + + res = decrypt_internal(0, 0, data, key, NULL, arg); + + PG_FREE_IF_COPY(data, 0); + PG_FREE_IF_COPY(key, 1); + if (PG_NARGS() > 2) + PG_FREE_IF_COPY(arg, 2); + PG_RETURN_TEXT_P(res); +} + +Datum +pgp_sym_decrypt_text(PG_FUNCTION_ARGS) +{ + bytea *data, + *key; + text *arg = NULL; + text *res; + + data = PG_GETARG_BYTEA_P(0); + key = PG_GETARG_BYTEA_P(1); + if (PG_NARGS() > 2) + arg = PG_GETARG_BYTEA_P(2); + + res = decrypt_internal(0, 1, data, key, NULL, arg); + + PG_FREE_IF_COPY(data, 0); + PG_FREE_IF_COPY(key, 1); + if (PG_NARGS() > 2) + PG_FREE_IF_COPY(arg, 2); + PG_RETURN_TEXT_P(res); +} + +/* + * Wrappers for public-key functions + */ + +Datum +pgp_pub_encrypt_bytea(PG_FUNCTION_ARGS) +{ + bytea *data, + *key; + text *arg = NULL; + text *res; + + data = PG_GETARG_BYTEA_P(0); + key = PG_GETARG_BYTEA_P(1); + if (PG_NARGS() > 2) + arg = PG_GETARG_BYTEA_P(2); + + res = encrypt_internal(1, 0, data, key, arg); + + PG_FREE_IF_COPY(data, 0); + PG_FREE_IF_COPY(key, 1); + if (PG_NARGS() > 2) + PG_FREE_IF_COPY(arg, 2); + PG_RETURN_TEXT_P(res); +} + +Datum +pgp_pub_encrypt_text(PG_FUNCTION_ARGS) +{ + bytea *data, + *key; + text *arg = NULL; + text *res; + + data = PG_GETARG_BYTEA_P(0); + key = PG_GETARG_BYTEA_P(1); + if (PG_NARGS() > 2) + arg = PG_GETARG_BYTEA_P(2); + + res = encrypt_internal(1, 1, data, key, arg); + + PG_FREE_IF_COPY(data, 0); + PG_FREE_IF_COPY(key, 1); + if (PG_NARGS() > 2) + PG_FREE_IF_COPY(arg, 2); + PG_RETURN_TEXT_P(res); +} + + +Datum +pgp_pub_decrypt_bytea(PG_FUNCTION_ARGS) +{ + bytea *data, + *key; + text *psw = NULL, + *arg = NULL; + text *res; + + data = PG_GETARG_BYTEA_P(0); + key = PG_GETARG_BYTEA_P(1); + if (PG_NARGS() > 2) + psw = PG_GETARG_BYTEA_P(2); + if (PG_NARGS() > 3) + arg = PG_GETARG_BYTEA_P(3); + + res = decrypt_internal(1, 0, data, key, psw, arg); + + PG_FREE_IF_COPY(data, 0); + PG_FREE_IF_COPY(key, 1); + if (PG_NARGS() > 2) + PG_FREE_IF_COPY(psw, 2); + if (PG_NARGS() > 3) + PG_FREE_IF_COPY(arg, 3); + PG_RETURN_TEXT_P(res); +} + +Datum +pgp_pub_decrypt_text(PG_FUNCTION_ARGS) +{ + bytea *data, + *key; + text *psw = NULL, + *arg = NULL; + text *res; + + data = PG_GETARG_BYTEA_P(0); + key = PG_GETARG_BYTEA_P(1); + if (PG_NARGS() > 2) + psw = PG_GETARG_BYTEA_P(2); + if (PG_NARGS() > 3) + arg = PG_GETARG_BYTEA_P(3); + + res = decrypt_internal(1, 1, data, key, psw, arg); + + PG_FREE_IF_COPY(data, 0); + PG_FREE_IF_COPY(key, 1); + if (PG_NARGS() > 2) + PG_FREE_IF_COPY(psw, 2); + if (PG_NARGS() > 3) + PG_FREE_IF_COPY(arg, 3); + PG_RETURN_TEXT_P(res); +} + + +/* + * Wrappers for PGP ascii armor + */ + +Datum +pg_armor(PG_FUNCTION_ARGS) +{ + bytea *data; + text *res; + int data_len, + res_len, + guess_len; + + data = PG_GETARG_BYTEA_P(0); + data_len = VARSIZE(data) - VARHDRSZ; + + guess_len = pgp_armor_enc_len(data_len); + res = palloc(VARHDRSZ + guess_len); + + res_len = pgp_armor_encode((uint8 *) VARDATA(data), data_len, + (uint8 *) VARDATA(res)); + if (res_len > guess_len) + ereport(ERROR, + (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), + errmsg("Overflow - encode estimate too small"))); + SET_VARSIZE(res, VARHDRSZ + res_len); + + PG_FREE_IF_COPY(data, 0); + PG_RETURN_TEXT_P(res); +} + +Datum +pg_dearmor(PG_FUNCTION_ARGS) +{ + text *data; + bytea *res; + int data_len, + res_len, + guess_len; + + data = PG_GETARG_TEXT_P(0); + data_len = VARSIZE(data) - VARHDRSZ; + + guess_len = pgp_armor_dec_len(data_len); + res = palloc(VARHDRSZ + guess_len); + + res_len = pgp_armor_decode((uint8 *) VARDATA(data), data_len, + (uint8 *) VARDATA(res)); + if (res_len < 0) + ereport(ERROR, + (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), + errmsg("%s", px_strerror(res_len)))); + if (res_len > guess_len) + ereport(ERROR, + (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), + errmsg("Overflow - decode estimate too small"))); + SET_VARSIZE(res, VARHDRSZ + res_len); + + PG_FREE_IF_COPY(data, 0); + PG_RETURN_TEXT_P(res); +} + +/* + * Wrappers for PGP key id + */ + +Datum +pgp_key_id_w(PG_FUNCTION_ARGS) +{ + bytea *data; + text *res; + int res_len; + MBuf *buf; + + data = PG_GETARG_BYTEA_P(0); + buf = create_mbuf_from_vardata(data); + res = palloc(VARHDRSZ + 17); + + res_len = pgp_get_keyid(buf, VARDATA(res)); + mbuf_free(buf); + if (res_len < 0) + ereport(ERROR, + (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), + errmsg("%s", px_strerror(res_len)))); + SET_VARSIZE(res, VARHDRSZ + res_len); + + PG_FREE_IF_COPY(data, 0); + PG_RETURN_TEXT_P(res); +} http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/pgp-pubdec.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/pgp-pubdec.c b/contrib/pgcrypto/pgp-pubdec.c new file mode 100644 index 0000000..fe5fae0 --- /dev/null +++ b/contrib/pgcrypto/pgp-pubdec.c @@ -0,0 +1,236 @@ +/* + * pgp-pubdec.c + * Decrypt public-key encrypted session key. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/pgp-pubdec.c + */ +#include "postgres.h" + +#include "px.h" +#include "mbuf.h" +#include "pgp.h" + +/* + * padded msg = 02 || PS || 00 || M + * PS - pad bytes + * M - msg + */ +static uint8 * +check_eme_pkcs1_v15(uint8 *data, int len) +{ + uint8 *data_end = data + len; + uint8 *p = data; + int rnd = 0; + + if (len < 1 + 8 + 1) + return NULL; + + if (*p++ != 2) + return NULL; + + while (p < data_end && *p) + { + p++; + rnd++; + } + + if (p == data_end) + return NULL; + if (*p != 0) + return NULL; + if (rnd < 8) + return NULL; + return p + 1; +} + +/* + * secret message: 1 byte algo, sesskey, 2 byte cksum + * ignore algo in cksum + */ +static int +control_cksum(uint8 *msg, int msglen) +{ + int i; + unsigned my_cksum, + got_cksum; + + if (msglen < 3) + return PXE_PGP_WRONG_KEY; + + my_cksum = 0; + for (i = 1; i < msglen - 2; i++) + my_cksum += msg[i]; + my_cksum &= 0xFFFF; + got_cksum = ((unsigned) (msg[msglen - 2]) << 8) + msg[msglen - 1]; + if (my_cksum != got_cksum) + { + px_debug("pubenc cksum failed"); + return PXE_PGP_WRONG_KEY; + } + return 0; +} + +static int +decrypt_elgamal(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p) +{ + int res; + PGP_MPI *c1 = NULL; + PGP_MPI *c2 = NULL; + + if (pk->algo != PGP_PUB_ELG_ENCRYPT) + return PXE_PGP_WRONG_KEY; + + /* read elgamal encrypted data */ + res = pgp_mpi_read(pkt, &c1); + if (res < 0) + goto out; + res = pgp_mpi_read(pkt, &c2); + if (res < 0) + goto out; + + /* decrypt */ + res = pgp_elgamal_decrypt(pk, c1, c2, m_p); + +out: + pgp_mpi_free(c1); + pgp_mpi_free(c2); + return res; +} + +static int +decrypt_rsa(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p) +{ + int res; + PGP_MPI *c; + + if (pk->algo != PGP_PUB_RSA_ENCRYPT + && pk->algo != PGP_PUB_RSA_ENCRYPT_SIGN) + return PXE_PGP_WRONG_KEY; + + /* read rsa encrypted data */ + res = pgp_mpi_read(pkt, &c); + if (res < 0) + return res; + + /* decrypt */ + res = pgp_rsa_decrypt(pk, c, m_p); + + pgp_mpi_free(c); + return res; +} + +/* key id is missing - user is expected to try all keys */ +static const uint8 + any_key[] = {0, 0, 0, 0, 0, 0, 0, 0}; + +int +pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt) +{ + int ver; + int algo; + int res; + uint8 key_id[8]; + PGP_PubKey *pk; + uint8 *msg; + int msglen; + PGP_MPI *m; + + pk = ctx->pub_key; + if (pk == NULL) + { + px_debug("no pubkey?"); + return PXE_BUG; + } + + GETBYTE(pkt, ver); + if (ver != 3) + { + px_debug("unknown pubenc_sesskey pkt ver=%d", ver); + return PXE_PGP_CORRUPT_DATA; + } + + /* + * check if keyid's match - user-friendly msg + */ + res = pullf_read_fixed(pkt, 8, key_id); + if (res < 0) + return res; + if (memcmp(key_id, any_key, 8) != 0 + && memcmp(key_id, pk->key_id, 8) != 0) + { + px_debug("key_id's does not match"); + return PXE_PGP_WRONG_KEY; + } + + /* + * Decrypt + */ + GETBYTE(pkt, algo); + switch (algo) + { + case PGP_PUB_ELG_ENCRYPT: + res = decrypt_elgamal(pk, pkt, &m); + break; + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + res = decrypt_rsa(pk, pkt, &m); + break; + default: + res = PXE_PGP_UNKNOWN_PUBALGO; + } + if (res < 0) + return res; + + /* + * extract message + */ + msg = check_eme_pkcs1_v15(m->data, m->bytes); + if (msg == NULL) + { + px_debug("check_eme_pkcs1_v15 failed"); + res = PXE_PGP_WRONG_KEY; + goto out; + } + msglen = m->bytes - (msg - m->data); + + res = control_cksum(msg, msglen); + if (res < 0) + goto out; + + /* + * got sesskey + */ + ctx->cipher_algo = *msg; + ctx->sess_key_len = msglen - 3; + memcpy(ctx->sess_key, msg + 1, ctx->sess_key_len); + +out: + pgp_mpi_free(m); + if (res < 0) + return res; + return pgp_expect_packet_end(pkt); +} http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/pgp-pubenc.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/pgp-pubenc.c b/contrib/pgcrypto/pgp-pubenc.c new file mode 100644 index 0000000..943d2e4 --- /dev/null +++ b/contrib/pgcrypto/pgp-pubenc.c @@ -0,0 +1,250 @@ +/* + * pgp-pubenc.c + * Encrypt session key with public key. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/pgp-pubenc.c + */ +#include "postgres.h" + +#include "px.h" +#include "mbuf.h" +#include "pgp.h" + +/* + * padded msg: 02 || non-zero pad bytes || 00 || msg + */ +static int +pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p) +{ + int res; + uint8 *buf, + *p; + int pad_len = res_len - 2 - data_len; + + if (pad_len < 8) + return PXE_BUG; + + buf = px_alloc(res_len); + buf[0] = 0x02; + res = px_get_random_bytes(buf + 1, pad_len); + if (res < 0) + { + px_free(buf); + return res; + } + + /* pad must not contain zero bytes */ + p = buf + 1; + while (p < buf + 1 + pad_len) + { + if (*p == 0) + { + res = px_get_random_bytes(p, 1); + if (res < 0) + break; + } + if (*p != 0) + p++; + } + + if (res < 0) + { + memset(buf, 0, res_len); + px_free(buf); + return res; + } + + buf[pad_len + 1] = 0; + memcpy(buf + pad_len + 2, data, data_len); + *res_p = buf; + + return 0; +} + +static int +create_secmsg(PGP_Context *ctx, PGP_MPI **msg_p, int full_bytes) +{ + uint8 *secmsg; + int res, + i; + unsigned cksum = 0; + int klen = ctx->sess_key_len; + uint8 *padded = NULL; + PGP_MPI *m = NULL; + + /* calc checksum */ + for (i = 0; i < klen; i++) + cksum += ctx->sess_key[i]; + + /* + * create "secret message" + */ + secmsg = px_alloc(klen + 3); + secmsg[0] = ctx->cipher_algo; + memcpy(secmsg + 1, ctx->sess_key, klen); + secmsg[klen + 1] = (cksum >> 8) & 0xFF; + secmsg[klen + 2] = cksum & 0xFF; + + /* + * now create a large integer of it + */ + res = pad_eme_pkcs1_v15(secmsg, klen + 3, full_bytes, &padded); + if (res >= 0) + { + /* first byte will be 0x02 */ + int full_bits = full_bytes * 8 - 6; + + res = pgp_mpi_create(padded, full_bits, &m); + } + + if (padded) + { + memset(padded, 0, full_bytes); + px_free(padded); + } + memset(secmsg, 0, klen + 3); + px_free(secmsg); + + if (res >= 0) + *msg_p = m; + + return res; +} + +static int +encrypt_and_write_elgamal(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt) +{ + int res; + PGP_MPI *m = NULL, + *c1 = NULL, + *c2 = NULL; + + /* create padded msg */ + res = create_secmsg(ctx, &m, pk->pub.elg.p->bytes - 1); + if (res < 0) + goto err; + + /* encrypt it */ + res = pgp_elgamal_encrypt(pk, m, &c1, &c2); + if (res < 0) + goto err; + + /* write out */ + res = pgp_mpi_write(pkt, c1); + if (res < 0) + goto err; + res = pgp_mpi_write(pkt, c2); + +err: + pgp_mpi_free(m); + pgp_mpi_free(c1); + pgp_mpi_free(c2); + return res; +} + +static int +encrypt_and_write_rsa(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt) +{ + int res; + PGP_MPI *m = NULL, + *c = NULL; + + /* create padded msg */ + res = create_secmsg(ctx, &m, pk->pub.rsa.n->bytes - 1); + if (res < 0) + goto err; + + /* encrypt it */ + res = pgp_rsa_encrypt(pk, m, &c); + if (res < 0) + goto err; + + /* write out */ + res = pgp_mpi_write(pkt, c); + +err: + pgp_mpi_free(m); + pgp_mpi_free(c); + return res; +} + +int +pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst) +{ + int res; + PGP_PubKey *pk = ctx->pub_key; + uint8 ver = 3; + PushFilter *pkt = NULL; + uint8 algo; + + if (pk == NULL) + { + px_debug("no pubkey?\n"); + return PXE_BUG; + } + + algo = pk->algo; + + /* + * now write packet + */ + res = pgp_create_pkt_writer(dst, PGP_PKT_PUBENCRYPTED_SESSKEY, &pkt); + if (res < 0) + goto err; + res = pushf_write(pkt, &ver, 1); + if (res < 0) + goto err; + res = pushf_write(pkt, pk->key_id, 8); + if (res < 0) + goto err; + res = pushf_write(pkt, &algo, 1); + if (res < 0) + goto err; + + switch (algo) + { + case PGP_PUB_ELG_ENCRYPT: + res = encrypt_and_write_elgamal(ctx, pk, pkt); + break; + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + res = encrypt_and_write_rsa(ctx, pk, pkt); + break; + } + if (res < 0) + goto err; + + /* + * done, signal packet end + */ + res = pushf_flush(pkt); +err: + if (pkt) + pushf_free(pkt); + + return res; +} http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/pgp-pubkey.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/pgp-pubkey.c b/contrib/pgcrypto/pgp-pubkey.c new file mode 100644 index 0000000..283e0ec --- /dev/null +++ b/contrib/pgcrypto/pgp-pubkey.c @@ -0,0 +1,584 @@ +/* + * pgp-pubkey.c + * Read public or secret key. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/pgp-pubkey.c + */ +#include "postgres.h" + +#include "px.h" +#include "mbuf.h" +#include "pgp.h" + +int +pgp_key_alloc(PGP_PubKey **pk_p) +{ + PGP_PubKey *pk; + + pk = px_alloc(sizeof(*pk)); + memset(pk, 0, sizeof(*pk)); + *pk_p = pk; + return 0; +} + +void +pgp_key_free(PGP_PubKey *pk) +{ + if (pk == NULL) + return; + + switch (pk->algo) + { + case PGP_PUB_ELG_ENCRYPT: + pgp_mpi_free(pk->pub.elg.p); + pgp_mpi_free(pk->pub.elg.g); + pgp_mpi_free(pk->pub.elg.y); + pgp_mpi_free(pk->sec.elg.x); + break; + case PGP_PUB_RSA_SIGN: + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + pgp_mpi_free(pk->pub.rsa.n); + pgp_mpi_free(pk->pub.rsa.e); + pgp_mpi_free(pk->sec.rsa.d); + pgp_mpi_free(pk->sec.rsa.p); + pgp_mpi_free(pk->sec.rsa.q); + pgp_mpi_free(pk->sec.rsa.u); + break; + case PGP_PUB_DSA_SIGN: + pgp_mpi_free(pk->pub.dsa.p); + pgp_mpi_free(pk->pub.dsa.q); + pgp_mpi_free(pk->pub.dsa.g); + pgp_mpi_free(pk->pub.dsa.y); + pgp_mpi_free(pk->sec.dsa.x); + break; + } + memset(pk, 0, sizeof(*pk)); + px_free(pk); +} + +static int +calc_key_id(PGP_PubKey *pk) +{ + int res; + PX_MD *md; + int len; + uint8 hdr[3]; + uint8 hash[20]; + + res = pgp_load_digest(PGP_DIGEST_SHA1, &md); + if (res < 0) + return res; + + len = 1 + 4 + 1; + switch (pk->algo) + { + case PGP_PUB_ELG_ENCRYPT: + len += 2 + pk->pub.elg.p->bytes; + len += 2 + pk->pub.elg.g->bytes; + len += 2 + pk->pub.elg.y->bytes; + break; + case PGP_PUB_RSA_SIGN: + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + len += 2 + pk->pub.rsa.n->bytes; + len += 2 + pk->pub.rsa.e->bytes; + break; + case PGP_PUB_DSA_SIGN: + len += 2 + pk->pub.dsa.p->bytes; + len += 2 + pk->pub.dsa.q->bytes; + len += 2 + pk->pub.dsa.g->bytes; + len += 2 + pk->pub.dsa.y->bytes; + break; + } + + hdr[0] = 0x99; + hdr[1] = len >> 8; + hdr[2] = len & 0xFF; + px_md_update(md, hdr, 3); + + px_md_update(md, &pk->ver, 1); + px_md_update(md, pk->time, 4); + px_md_update(md, &pk->algo, 1); + + switch (pk->algo) + { + case PGP_PUB_ELG_ENCRYPT: + pgp_mpi_hash(md, pk->pub.elg.p); + pgp_mpi_hash(md, pk->pub.elg.g); + pgp_mpi_hash(md, pk->pub.elg.y); + break; + case PGP_PUB_RSA_SIGN: + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + pgp_mpi_hash(md, pk->pub.rsa.n); + pgp_mpi_hash(md, pk->pub.rsa.e); + break; + case PGP_PUB_DSA_SIGN: + pgp_mpi_hash(md, pk->pub.dsa.p); + pgp_mpi_hash(md, pk->pub.dsa.q); + pgp_mpi_hash(md, pk->pub.dsa.g); + pgp_mpi_hash(md, pk->pub.dsa.y); + break; + } + + px_md_finish(md, hash); + px_md_free(md); + + memcpy(pk->key_id, hash + 12, 8); + memset(hash, 0, 20); + + return 0; +} + +int +_pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p) +{ + int res; + PGP_PubKey *pk; + + res = pgp_key_alloc(&pk); + if (res < 0) + return res; + + /* get version */ + GETBYTE(pkt, pk->ver); + if (pk->ver != 4) + { + res = PXE_PGP_NOT_V4_KEYPKT; + goto out; + } + + /* read time */ + res = pullf_read_fixed(pkt, 4, pk->time); + if (res < 0) + goto out; + + /* pubkey algorithm */ + GETBYTE(pkt, pk->algo); + + switch (pk->algo) + { + case PGP_PUB_DSA_SIGN: + res = pgp_mpi_read(pkt, &pk->pub.dsa.p); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->pub.dsa.q); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->pub.dsa.g); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->pub.dsa.y); + if (res < 0) + break; + + res = calc_key_id(pk); + break; + + case PGP_PUB_RSA_SIGN: + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + res = pgp_mpi_read(pkt, &pk->pub.rsa.n); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->pub.rsa.e); + if (res < 0) + break; + + res = calc_key_id(pk); + + if (pk->algo != PGP_PUB_RSA_SIGN) + pk->can_encrypt = 1; + break; + + case PGP_PUB_ELG_ENCRYPT: + res = pgp_mpi_read(pkt, &pk->pub.elg.p); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->pub.elg.g); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->pub.elg.y); + if (res < 0) + break; + + res = calc_key_id(pk); + + pk->can_encrypt = 1; + break; + + default: + px_debug("unknown public algo: %d", pk->algo); + res = PXE_PGP_UNKNOWN_PUBALGO; + } + +out: + if (res < 0) + pgp_key_free(pk); + else + *pk_p = pk; + + return res; +} + +#define HIDE_CLEAR 0 +#define HIDE_CKSUM 255 +#define HIDE_SHA1 254 + +static int +check_key_sha1(PullFilter *src, PGP_PubKey *pk) +{ + int res; + uint8 got_sha1[20]; + uint8 my_sha1[20]; + PX_MD *md; + + res = pullf_read_fixed(src, 20, got_sha1); + if (res < 0) + return res; + + res = pgp_load_digest(PGP_DIGEST_SHA1, &md); + if (res < 0) + goto err; + switch (pk->algo) + { + case PGP_PUB_ELG_ENCRYPT: + pgp_mpi_hash(md, pk->sec.elg.x); + break; + case PGP_PUB_RSA_SIGN: + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + pgp_mpi_hash(md, pk->sec.rsa.d); + pgp_mpi_hash(md, pk->sec.rsa.p); + pgp_mpi_hash(md, pk->sec.rsa.q); + pgp_mpi_hash(md, pk->sec.rsa.u); + break; + case PGP_PUB_DSA_SIGN: + pgp_mpi_hash(md, pk->sec.dsa.x); + break; + } + px_md_finish(md, my_sha1); + px_md_free(md); + + if (memcmp(my_sha1, got_sha1, 20) != 0) + { + px_debug("key sha1 check failed"); + res = PXE_PGP_KEYPKT_CORRUPT; + } +err: + memset(got_sha1, 0, 20); + memset(my_sha1, 0, 20); + return res; +} + +static int +check_key_cksum(PullFilter *src, PGP_PubKey *pk) +{ + int res; + unsigned got_cksum, + my_cksum = 0; + uint8 buf[2]; + + res = pullf_read_fixed(src, 2, buf); + if (res < 0) + return res; + + got_cksum = ((unsigned) buf[0] << 8) + buf[1]; + switch (pk->algo) + { + case PGP_PUB_ELG_ENCRYPT: + my_cksum = pgp_mpi_cksum(0, pk->sec.elg.x); + break; + case PGP_PUB_RSA_SIGN: + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + my_cksum = pgp_mpi_cksum(0, pk->sec.rsa.d); + my_cksum = pgp_mpi_cksum(my_cksum, pk->sec.rsa.p); + my_cksum = pgp_mpi_cksum(my_cksum, pk->sec.rsa.q); + my_cksum = pgp_mpi_cksum(my_cksum, pk->sec.rsa.u); + break; + case PGP_PUB_DSA_SIGN: + my_cksum = pgp_mpi_cksum(0, pk->sec.dsa.x); + break; + } + if (my_cksum != got_cksum) + { + px_debug("key cksum check failed"); + return PXE_PGP_KEYPKT_CORRUPT; + } + return 0; +} + +static int +process_secret_key(PullFilter *pkt, PGP_PubKey **pk_p, + const uint8 *key, int key_len) +{ + int res; + int hide_type; + int cipher_algo; + int bs; + uint8 iv[512]; + PullFilter *pf_decrypt = NULL, + *pf_key; + PGP_CFB *cfb = NULL; + PGP_S2K s2k; + PGP_PubKey *pk; + + /* first read public key part */ + res = _pgp_read_public_key(pkt, &pk); + if (res < 0) + return res; + + /* + * is secret key encrypted? + */ + GETBYTE(pkt, hide_type); + if (hide_type == HIDE_SHA1 || hide_type == HIDE_CKSUM) + { + if (key == NULL) + return PXE_PGP_NEED_SECRET_PSW; + GETBYTE(pkt, cipher_algo); + res = pgp_s2k_read(pkt, &s2k); + if (res < 0) + return res; + + res = pgp_s2k_process(&s2k, cipher_algo, key, key_len); + if (res < 0) + return res; + + bs = pgp_get_cipher_block_size(cipher_algo); + if (bs == 0) + { + px_debug("unknown cipher algo=%d", cipher_algo); + return PXE_PGP_UNSUPPORTED_CIPHER; + } + res = pullf_read_fixed(pkt, bs, iv); + if (res < 0) + return res; + + /* + * create decrypt filter + */ + res = pgp_cfb_create(&cfb, cipher_algo, s2k.key, s2k.key_len, 0, iv); + if (res < 0) + return res; + res = pullf_create(&pf_decrypt, &pgp_decrypt_filter, cfb, pkt); + if (res < 0) + return res; + pf_key = pf_decrypt; + } + else if (hide_type == HIDE_CLEAR) + { + pf_key = pkt; + } + else + { + px_debug("unknown hide type"); + return PXE_PGP_KEYPKT_CORRUPT; + } + + /* read secret key */ + switch (pk->algo) + { + case PGP_PUB_RSA_SIGN: + case PGP_PUB_RSA_ENCRYPT: + case PGP_PUB_RSA_ENCRYPT_SIGN: + res = pgp_mpi_read(pkt, &pk->sec.rsa.d); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->sec.rsa.p); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->sec.rsa.q); + if (res < 0) + break; + res = pgp_mpi_read(pkt, &pk->sec.rsa.u); + if (res < 0) + break; + break; + case PGP_PUB_ELG_ENCRYPT: + res = pgp_mpi_read(pf_key, &pk->sec.elg.x); + break; + case PGP_PUB_DSA_SIGN: + res = pgp_mpi_read(pf_key, &pk->sec.dsa.x); + break; + default: + px_debug("unknown public algo: %d", pk->algo); + res = PXE_PGP_KEYPKT_CORRUPT; + } + /* read checksum / sha1 */ + if (res >= 0) + { + if (hide_type == HIDE_SHA1) + res = check_key_sha1(pf_key, pk); + else + res = check_key_cksum(pf_key, pk); + } + if (res >= 0) + res = pgp_expect_packet_end(pf_key); + + if (pf_decrypt) + pullf_free(pf_decrypt); + if (cfb) + pgp_cfb_free(cfb); + + if (res < 0) + pgp_key_free(pk); + else + *pk_p = pk; + + return res; +} + +static int +internal_read_key(PullFilter *src, PGP_PubKey **pk_p, + const uint8 *psw, int psw_len, int pubtype) +{ + PullFilter *pkt = NULL; + int res; + uint8 tag; + int len; + PGP_PubKey *enc_key = NULL; + PGP_PubKey *pk = NULL; + int got_main_key = 0; + + /* + * Search for encryption key. + * + * Error out on anything fancy. + */ + while (1) + { + res = pgp_parse_pkt_hdr(src, &tag, &len, 0); + if (res <= 0) + break; + res = pgp_create_pkt_reader(&pkt, src, len, res, NULL); + if (res < 0) + break; + + switch (tag) + { + case PGP_PKT_PUBLIC_KEY: + case PGP_PKT_SECRET_KEY: + if (got_main_key) + { + res = PXE_PGP_MULTIPLE_KEYS; + break; + } + got_main_key = 1; + res = pgp_skip_packet(pkt); + break; + + case PGP_PKT_PUBLIC_SUBKEY: + if (pubtype != 0) + res = PXE_PGP_EXPECT_SECRET_KEY; + else + res = _pgp_read_public_key(pkt, &pk); + break; + + case PGP_PKT_SECRET_SUBKEY: + if (pubtype != 1) + res = PXE_PGP_EXPECT_PUBLIC_KEY; + else + res = process_secret_key(pkt, &pk, psw, psw_len); + break; + + case PGP_PKT_SIGNATURE: + case PGP_PKT_MARKER: + case PGP_PKT_TRUST: + case PGP_PKT_USER_ID: + case PGP_PKT_USER_ATTR: + case PGP_PKT_PRIV_61: + res = pgp_skip_packet(pkt); + break; + default: + px_debug("unknown/unexpected packet: %d", tag); + res = PXE_PGP_UNEXPECTED_PKT; + } + pullf_free(pkt); + pkt = NULL; + + if (pk != NULL) + { + if (res >= 0 && pk->can_encrypt) + { + if (enc_key == NULL) + { + enc_key = pk; + pk = NULL; + } + else + res = PXE_PGP_MULTIPLE_SUBKEYS; + } + + if (pk) + pgp_key_free(pk); + pk = NULL; + } + + if (res < 0) + break; + } + + if (pkt) + pullf_free(pkt); + + if (res < 0) + { + if (enc_key) + pgp_key_free(enc_key); + return res; + } + + if (!enc_key) + res = PXE_PGP_NO_USABLE_KEY; + else + *pk_p = enc_key; + return res; +} + +int +pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt, + const uint8 *key, int key_len, int pubtype) +{ + int res; + PullFilter *src; + PGP_PubKey *pk = NULL; + + res = pullf_create_mbuf_reader(&src, keypkt); + if (res < 0) + return res; + + res = internal_read_key(src, &pk, key, key_len, pubtype); + pullf_free(src); + + if (res >= 0) + ctx->pub_key = pk; + + return res < 0 ? res : 0; +} http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/pgp-s2k.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/pgp-s2k.c b/contrib/pgcrypto/pgp-s2k.c new file mode 100644 index 0000000..349234e --- /dev/null +++ b/contrib/pgcrypto/pgp-s2k.c @@ -0,0 +1,296 @@ +/* + * pgp-s2k.c + * OpenPGP string2key functions. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/pgp-s2k.c + */ + +#include "postgres.h" + +#include "px.h" +#include "mbuf.h" +#include "pgp.h" + +static int +calc_s2k_simple(PGP_S2K *s2k, PX_MD *md, const uint8 *key, + unsigned key_len) +{ + unsigned md_rlen; + uint8 buf[PGP_MAX_DIGEST]; + unsigned preload; + unsigned remain; + uint8 *dst = s2k->key; + + md_rlen = px_md_result_size(md); + + remain = s2k->key_len; + preload = 0; + while (remain > 0) + { + px_md_reset(md); + + if (preload) + { + memset(buf, 0, preload); + px_md_update(md, buf, preload); + } + preload++; + + px_md_update(md, key, key_len); + px_md_finish(md, buf); + + if (remain > md_rlen) + { + memcpy(dst, buf, md_rlen); + dst += md_rlen; + remain -= md_rlen; + } + else + { + memcpy(dst, buf, remain); + remain = 0; + } + } + return 0; +} + +static int +calc_s2k_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len) +{ + unsigned md_rlen; + uint8 buf[PGP_MAX_DIGEST]; + unsigned preload = 0; + uint8 *dst; + unsigned remain; + + md_rlen = px_md_result_size(md); + + dst = s2k->key; + remain = s2k->key_len; + while (remain > 0) + { + px_md_reset(md); + + if (preload > 0) + { + memset(buf, 0, preload); + px_md_update(md, buf, preload); + } + preload++; + + px_md_update(md, s2k->salt, PGP_S2K_SALT); + px_md_update(md, key, key_len); + px_md_finish(md, buf); + + if (remain > md_rlen) + { + memcpy(dst, buf, md_rlen); + remain -= md_rlen; + dst += md_rlen; + } + else + { + memcpy(dst, buf, remain); + remain = 0; + } + } + return 0; +} + +static int +calc_s2k_iter_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, + unsigned key_len) +{ + unsigned md_rlen; + uint8 buf[PGP_MAX_DIGEST]; + uint8 *dst; + unsigned preload = 0; + unsigned remain, + c, + cval, + curcnt, + count; + + cval = s2k->iter; + count = ((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6); + + md_rlen = px_md_result_size(md); + + remain = s2k->key_len; + dst = s2k->key; + while (remain > 0) + { + px_md_reset(md); + + if (preload) + { + memset(buf, 0, preload); + px_md_update(md, buf, preload); + } + preload++; + + px_md_update(md, s2k->salt, PGP_S2K_SALT); + px_md_update(md, key, key_len); + curcnt = PGP_S2K_SALT + key_len; + + while (curcnt < count) + { + if (curcnt + PGP_S2K_SALT < count) + c = PGP_S2K_SALT; + else + c = count - curcnt; + px_md_update(md, s2k->salt, c); + curcnt += c; + + if (curcnt + key_len < count) + c = key_len; + else if (curcnt < count) + c = count - curcnt; + else + break; + px_md_update(md, key, c); + curcnt += c; + } + px_md_finish(md, buf); + + if (remain > md_rlen) + { + memcpy(dst, buf, md_rlen); + remain -= md_rlen; + dst += md_rlen; + } + else + { + memcpy(dst, buf, remain); + remain = 0; + } + } + return 0; +} + +/* + * Decide S2K_ISALTED iteration count + * + * Too small: weak + * Too big: slow + * gpg defaults to 96 => 65536 iters + * let it float a bit: 96 + 32 => 262144 iters + */ +static int +decide_count(unsigned rand_byte) +{ + return 96 + (rand_byte & 0x1F); +} + +int +pgp_s2k_fill(PGP_S2K *s2k, int mode, int digest_algo) +{ + int res = 0; + uint8 tmp; + + s2k->mode = mode; + s2k->digest_algo = digest_algo; + + switch (s2k->mode) + { + case 0: + break; + case 1: + res = px_get_pseudo_random_bytes(s2k->salt, PGP_S2K_SALT); + break; + case 3: + res = px_get_pseudo_random_bytes(s2k->salt, PGP_S2K_SALT); + if (res < 0) + break; + res = px_get_pseudo_random_bytes(&tmp, 1); + if (res < 0) + break; + s2k->iter = decide_count(tmp); + break; + default: + res = PXE_PGP_BAD_S2K_MODE; + } + return res; +} + +int +pgp_s2k_read(PullFilter *src, PGP_S2K *s2k) +{ + int res = 0; + + GETBYTE(src, s2k->mode); + GETBYTE(src, s2k->digest_algo); + switch (s2k->mode) + { + case 0: + break; + case 1: + res = pullf_read_fixed(src, 8, s2k->salt); + break; + case 3: + res = pullf_read_fixed(src, 8, s2k->salt); + if (res < 0) + break; + GETBYTE(src, s2k->iter); + break; + default: + res = PXE_PGP_BAD_S2K_MODE; + } + return res; +} + +int +pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int key_len) +{ + int res; + PX_MD *md; + + s2k->key_len = pgp_get_cipher_key_size(cipher); + if (s2k->key_len <= 0) + return PXE_PGP_UNSUPPORTED_CIPHER; + + res = pgp_load_digest(s2k->digest_algo, &md); + if (res < 0) + return res; + + switch (s2k->mode) + { + case 0: + res = calc_s2k_simple(s2k, md, key, key_len); + break; + case 1: + res = calc_s2k_salted(s2k, md, key, key_len); + break; + case 3: + res = calc_s2k_iter_salted(s2k, md, key, key_len); + break; + default: + res = PXE_PGP_BAD_S2K_MODE; + } + px_md_free(md); + return res; +} http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/pgp.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/pgp.c b/contrib/pgcrypto/pgp.c new file mode 100644 index 0000000..b8a6bc4 --- /dev/null +++ b/contrib/pgcrypto/pgp.c @@ -0,0 +1,360 @@ +/* + * pgp.c + * Various utility stuff. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/pgp.c + */ + +#include "postgres.h" + +#include "px.h" +#include "mbuf.h" +#include "pgp.h" + +/* + * Defaults. + */ +static int def_cipher_algo = PGP_SYM_AES_128; +static int def_s2k_cipher_algo = -1; +static int def_s2k_mode = PGP_S2K_ISALTED; +static int def_s2k_digest_algo = PGP_DIGEST_SHA1; +static int def_compress_algo = PGP_COMPR_NONE; +static int def_compress_level = 6; +static int def_disable_mdc = 0; +static int def_use_sess_key = 0; +static int def_text_mode = 0; +static int def_unicode_mode = 0; +static int def_convert_crlf = 0; + +struct digest_info +{ + const char *name; + int code; + const char *int_name; +}; + +struct cipher_info +{ + const char *name; + int code; + const char *int_name; + int key_len; + int block_len; +}; + +static const struct digest_info digest_list[] = { + {"md5", PGP_DIGEST_MD5}, + {"sha1", PGP_DIGEST_SHA1}, + {"sha-1", PGP_DIGEST_SHA1}, + {"ripemd160", PGP_DIGEST_RIPEMD160}, + {"sha256", PGP_DIGEST_SHA256}, + {"sha384", PGP_DIGEST_SHA384}, + {"sha512", PGP_DIGEST_SHA512}, + {NULL, 0} +}; + +static const struct cipher_info cipher_list[] = { + {"3des", PGP_SYM_DES3, "3des-ecb", 192 / 8, 64 / 8}, + {"cast5", PGP_SYM_CAST5, "cast5-ecb", 128 / 8, 64 / 8}, + {"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8}, + {"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8}, + {"aes", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8}, + {"aes128", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8}, + {"aes192", PGP_SYM_AES_192, "aes-ecb", 192 / 8, 128 / 8}, + {"aes256", PGP_SYM_AES_256, "aes-ecb", 256 / 8, 128 / 8}, + {"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256 / 8, 128 / 8}, + {NULL, 0, NULL} +}; + +static const struct cipher_info * +get_cipher_info(int code) +{ + const struct cipher_info *i; + + for (i = cipher_list; i->name; i++) + if (i->code == code) + return i; + return NULL; +} + +int +pgp_get_digest_code(const char *name) +{ + const struct digest_info *i; + + for (i = digest_list; i->name; i++) + if (pg_strcasecmp(i->name, name) == 0) + return i->code; + return PXE_PGP_UNSUPPORTED_HASH; +} + +int +pgp_get_cipher_code(const char *name) +{ + const struct cipher_info *i; + + for (i = cipher_list; i->name; i++) + if (pg_strcasecmp(i->name, name) == 0) + return i->code; + return PXE_PGP_UNSUPPORTED_CIPHER; +} + +const char * +pgp_get_digest_name(int code) +{ + const struct digest_info *i; + + for (i = digest_list; i->name; i++) + if (i->code == code) + return i->name; + return NULL; +} + +const char * +pgp_get_cipher_name(int code) +{ + const struct cipher_info *i = get_cipher_info(code); + + if (i != NULL) + return i->name; + return NULL; +} + +int +pgp_get_cipher_key_size(int code) +{ + const struct cipher_info *i = get_cipher_info(code); + + if (i != NULL) + return i->key_len; + return 0; +} + +int +pgp_get_cipher_block_size(int code) +{ + const struct cipher_info *i = get_cipher_info(code); + + if (i != NULL) + return i->block_len; + return 0; +} + +int +pgp_load_cipher(int code, PX_Cipher **res) +{ + int err; + const struct cipher_info *i = get_cipher_info(code); + + if (i == NULL) + return PXE_PGP_CORRUPT_DATA; + + err = px_find_cipher(i->int_name, res); + if (err == 0) + return 0; + + return PXE_PGP_UNSUPPORTED_CIPHER; +} + +int +pgp_load_digest(int code, PX_MD **res) +{ + int err; + const char *name = pgp_get_digest_name(code); + + if (name == NULL) + return PXE_PGP_CORRUPT_DATA; + + err = px_find_digest(name, res); + if (err == 0) + return 0; + + return PXE_PGP_UNSUPPORTED_HASH; +} + +int +pgp_init(PGP_Context **ctx_p) +{ + PGP_Context *ctx; + + ctx = px_alloc(sizeof *ctx); + memset(ctx, 0, sizeof *ctx); + + ctx->cipher_algo = def_cipher_algo; + ctx->s2k_cipher_algo = def_s2k_cipher_algo; + ctx->s2k_mode = def_s2k_mode; + ctx->s2k_digest_algo = def_s2k_digest_algo; + ctx->compress_algo = def_compress_algo; + ctx->compress_level = def_compress_level; + ctx->disable_mdc = def_disable_mdc; + ctx->use_sess_key = def_use_sess_key; + ctx->unicode_mode = def_unicode_mode; + ctx->convert_crlf = def_convert_crlf; + ctx->text_mode = def_text_mode; + + *ctx_p = ctx; + return 0; +} + +int +pgp_free(PGP_Context *ctx) +{ + if (ctx->pub_key) + pgp_key_free(ctx->pub_key); + memset(ctx, 0, sizeof *ctx); + px_free(ctx); + return 0; +} + +int +pgp_disable_mdc(PGP_Context *ctx, int disable) +{ + ctx->disable_mdc = disable ? 1 : 0; + return 0; +} + +int +pgp_set_sess_key(PGP_Context *ctx, int use) +{ + ctx->use_sess_key = use ? 1 : 0; + return 0; +} + +int +pgp_set_convert_crlf(PGP_Context *ctx, int doit) +{ + ctx->convert_crlf = doit ? 1 : 0; + return 0; +} + +int +pgp_set_s2k_mode(PGP_Context *ctx, int mode) +{ + int err = PXE_OK; + + switch (mode) + { + case PGP_S2K_SIMPLE: + case PGP_S2K_SALTED: + case PGP_S2K_ISALTED: + ctx->s2k_mode = mode; + break; + default: + err = PXE_ARGUMENT_ERROR; + break; + } + return err; +} + +int +pgp_set_compress_algo(PGP_Context *ctx, int algo) +{ + switch (algo) + { + case PGP_COMPR_NONE: + case PGP_COMPR_ZIP: + case PGP_COMPR_ZLIB: + case PGP_COMPR_BZIP2: + ctx->compress_algo = algo; + return 0; + } + return PXE_ARGUMENT_ERROR; +} + +int +pgp_set_compress_level(PGP_Context *ctx, int level) +{ + if (level >= 0 && level <= 9) + { + ctx->compress_level = level; + return 0; + } + return PXE_ARGUMENT_ERROR; +} + +int +pgp_set_text_mode(PGP_Context *ctx, int mode) +{ + ctx->text_mode = mode; + return 0; +} + +int +pgp_set_cipher_algo(PGP_Context *ctx, const char *name) +{ + int code = pgp_get_cipher_code(name); + + if (code < 0) + return code; + ctx->cipher_algo = code; + return 0; +} + +int +pgp_set_s2k_cipher_algo(PGP_Context *ctx, const char *name) +{ + int code = pgp_get_cipher_code(name); + + if (code < 0) + return code; + ctx->s2k_cipher_algo = code; + return 0; +} + +int +pgp_set_s2k_digest_algo(PGP_Context *ctx, const char *name) +{ + int code = pgp_get_digest_code(name); + + if (code < 0) + return code; + ctx->s2k_digest_algo = code; + return 0; +} + +int +pgp_get_unicode_mode(PGP_Context *ctx) +{ + return ctx->unicode_mode; +} + +int +pgp_set_unicode_mode(PGP_Context *ctx, int mode) +{ + ctx->unicode_mode = mode ? 1 : 0; + return 0; +} + +int +pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int len) +{ + if (key == NULL || len < 1) + return PXE_ARGUMENT_ERROR; + ctx->sym_key = key; + ctx->sym_key_len = len; + return 0; +} http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/pgp.h ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/pgp.h b/contrib/pgcrypto/pgp.h new file mode 100644 index 0000000..7ae01cc --- /dev/null +++ b/contrib/pgcrypto/pgp.h @@ -0,0 +1,314 @@ +/* + * pgp.h + * OpenPGP implementation. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/pgp.h + */ + +enum PGP_S2K_TYPE +{ + PGP_S2K_SIMPLE = 0, + PGP_S2K_SALTED = 1, + PGP_S2K_ISALTED = 3 +}; + +enum PGP_PKT_TYPE +{ + PGP_PKT_RESERVED = 0, + PGP_PKT_PUBENCRYPTED_SESSKEY = 1, + PGP_PKT_SIGNATURE = 2, + PGP_PKT_SYMENCRYPTED_SESSKEY = 3, + PGP_PKT_SECRET_KEY = 5, + PGP_PKT_PUBLIC_KEY = 6, + PGP_PKT_SECRET_SUBKEY = 7, + PGP_PKT_COMPRESSED_DATA = 8, + PGP_PKT_SYMENCRYPTED_DATA = 9, + PGP_PKT_MARKER = 10, + PGP_PKT_LITERAL_DATA = 11, + PGP_PKT_TRUST = 12, + PGP_PKT_USER_ID = 13, + PGP_PKT_PUBLIC_SUBKEY = 14, + PGP_PKT_USER_ATTR = 17, + PGP_PKT_SYMENCRYPTED_DATA_MDC = 18, + PGP_PKT_MDC = 19, + PGP_PKT_PRIV_61 = 61 /* occurs in gpg secring */ +}; + +enum PGP_PUB_ALGO_TYPE +{ + PGP_PUB_RSA_ENCRYPT_SIGN = 1, + PGP_PUB_RSA_ENCRYPT = 2, + PGP_PUB_RSA_SIGN = 3, + PGP_PUB_ELG_ENCRYPT = 16, + PGP_PUB_DSA_SIGN = 17 +}; + +enum PGP_SYMENC_TYPE +{ + PGP_SYM_PLAIN = 0, /* ?? */ + PGP_SYM_IDEA = 1, /* obsolete, PGP 2.6 compat */ + PGP_SYM_DES3 = 2, /* must */ + PGP_SYM_CAST5 = 3, /* should */ + PGP_SYM_BLOWFISH = 4, + PGP_SYM_SAFER_SK128 = 5, /* obsolete */ + PGP_SYM_DES_SK = 6, /* obsolete */ + PGP_SYM_AES_128 = 7, /* should */ + PGP_SYM_AES_192 = 8, + PGP_SYM_AES_256 = 9, + PGP_SYM_TWOFISH = 10 +}; + +enum PGP_COMPR_TYPE +{ + PGP_COMPR_NONE = 0, /* must */ + PGP_COMPR_ZIP = 1, /* should */ + PGP_COMPR_ZLIB = 2, + PGP_COMPR_BZIP2 = 3 +}; + +enum PGP_DIGEST_TYPE +{ + PGP_DIGEST_MD5 = 1, /* should, deprecated */ + PGP_DIGEST_SHA1 = 2, /* must */ + PGP_DIGEST_RIPEMD160 = 3, + PGP_DIGEST_XSHA = 4, /* obsolete */ + PGP_DIGEST_MD2 = 5, /* obsolete */ + PGP_DIGEST_TIGER192 = 6, /* obsolete */ + PGP_DIGEST_HAVAL5_160 = 7, /* obsolete */ + PGP_DIGEST_SHA256 = 8, + PGP_DIGEST_SHA384 = 9, + PGP_DIGEST_SHA512 = 10 +}; + +#define PGP_MAX_KEY (256/8) +#define PGP_MAX_BLOCK (256/8) +#define PGP_MAX_DIGEST (512/8) +#define PGP_S2K_SALT 8 + +typedef struct PGP_MPI PGP_MPI; +typedef struct PGP_PubKey PGP_PubKey; +typedef struct PGP_Context PGP_Context; +typedef struct PGP_S2K PGP_S2K; + +struct PGP_S2K +{ + uint8 mode; + uint8 digest_algo; + uint8 salt[8]; + uint8 iter; + /* calculated: */ + uint8 key[PGP_MAX_KEY]; + uint8 key_len; +}; + + +struct PGP_Context +{ + /* + * parameters + */ + PGP_S2K s2k; + int s2k_mode; + int s2k_digest_algo; + int s2k_cipher_algo; + int cipher_algo; + int compress_algo; + int compress_level; + int disable_mdc; + int use_sess_key; + int text_mode; + int convert_crlf; + int unicode_mode; + + /* + * internal variables + */ + int mdc_checked; + int corrupt_prefix; + int in_mdc_pkt; + int use_mdcbuf_filter; + PX_MD *mdc_ctx; + + PGP_PubKey *pub_key; /* ctx owns it */ + const uint8 *sym_key; /* ctx does not own it */ + int sym_key_len; + + /* + * read or generated data + */ + uint8 sess_key[PGP_MAX_KEY]; + unsigned sess_key_len; +}; + +struct PGP_MPI +{ + uint8 *data; + int bits; + int bytes; +}; + +struct PGP_PubKey +{ + uint8 ver; + uint8 time[4]; + uint8 algo; + + /* public part */ + union + { + struct + { + PGP_MPI *p; + PGP_MPI *g; + PGP_MPI *y; + } elg; + struct + { + PGP_MPI *n; + PGP_MPI *e; + } rsa; + struct + { + PGP_MPI *p; + PGP_MPI *q; + PGP_MPI *g; + PGP_MPI *y; + } dsa; + } pub; + + /* secret part */ + union + { + struct + { + PGP_MPI *x; + } elg; + struct + { + PGP_MPI *d; + PGP_MPI *p; + PGP_MPI *q; + PGP_MPI *u; + } rsa; + struct + { + PGP_MPI *x; + } dsa; + } sec; + + uint8 key_id[8]; + int can_encrypt; +}; + +int pgp_init(PGP_Context **ctx); +int pgp_encrypt(PGP_Context *ctx, MBuf *src, MBuf *dst); +int pgp_decrypt(PGP_Context *ctx, MBuf *src, MBuf *dst); +int pgp_free(PGP_Context *ctx); + +int pgp_get_digest_code(const char *name); +int pgp_get_cipher_code(const char *name); +const char *pgp_get_digest_name(int code); +const char *pgp_get_cipher_name(int code); + +int pgp_set_cipher_algo(PGP_Context *ctx, const char *name); +int pgp_set_s2k_mode(PGP_Context *ctx, int type); +int pgp_set_s2k_cipher_algo(PGP_Context *ctx, const char *name); +int pgp_set_s2k_digest_algo(PGP_Context *ctx, const char *name); +int pgp_set_convert_crlf(PGP_Context *ctx, int doit); +int pgp_disable_mdc(PGP_Context *ctx, int disable); +int pgp_set_sess_key(PGP_Context *ctx, int use); +int pgp_set_compress_algo(PGP_Context *ctx, int algo); +int pgp_set_compress_level(PGP_Context *ctx, int level); +int pgp_set_text_mode(PGP_Context *ctx, int mode); +int pgp_set_unicode_mode(PGP_Context *ctx, int mode); +int pgp_get_unicode_mode(PGP_Context *ctx); + +int pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int klen); +int pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt, + const uint8 *key, int klen, int pubtype); + +int pgp_get_keyid(MBuf *pgp_data, char *dst); + +/* internal functions */ + +int pgp_load_digest(int c, PX_MD **res); +int pgp_load_cipher(int c, PX_Cipher **res); +int pgp_get_cipher_key_size(int c); +int pgp_get_cipher_block_size(int c); + +int pgp_s2k_fill(PGP_S2K *s2k, int mode, int digest_algo); +int pgp_s2k_read(PullFilter *src, PGP_S2K *s2k); +int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int klen); + +typedef struct PGP_CFB PGP_CFB; +int +pgp_cfb_create(PGP_CFB **ctx_p, int algo, + const uint8 *key, int key_len, int recync, uint8 *iv); +void pgp_cfb_free(PGP_CFB *ctx); +int pgp_cfb_encrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst); +int pgp_cfb_decrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst); + +int pgp_armor_encode(const uint8 *src, unsigned len, uint8 *dst); +int pgp_armor_decode(const uint8 *src, unsigned len, uint8 *dst); +unsigned pgp_armor_enc_len(unsigned len); +unsigned pgp_armor_dec_len(unsigned len); + +int pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst); +int pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src); + +int pgp_key_alloc(PGP_PubKey **pk_p); +void pgp_key_free(PGP_PubKey *pk); +int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p); + +int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt); +int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len, + int pkttype, PGP_Context *ctx); +int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p, + int allow_ctx); + +int pgp_skip_packet(PullFilter *pkt); +int pgp_expect_packet_end(PullFilter *pkt); + +int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst); +int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p); + +int pgp_mpi_alloc(int bits, PGP_MPI **mpi); +int pgp_mpi_create(uint8 *data, int bits, PGP_MPI **mpi); +int pgp_mpi_free(PGP_MPI *mpi); +int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi); +int pgp_mpi_write(PushFilter *dst, PGP_MPI *n); +int pgp_mpi_hash(PX_MD *md, PGP_MPI *n); +unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI *n); + +int pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *m, + PGP_MPI **c1, PGP_MPI **c2); +int pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *c1, PGP_MPI *c2, + PGP_MPI **m); +int pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c); +int pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *c, PGP_MPI **m); + +extern struct PullFilterOps pgp_decrypt_filter; http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/px-crypt.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/px-crypt.c b/contrib/pgcrypto/px-crypt.c new file mode 100644 index 0000000..63ec038 --- /dev/null +++ b/contrib/pgcrypto/px-crypt.c @@ -0,0 +1,167 @@ +/* + * px-crypt.c + * Wrapper for various crypt algorithms. + * + * Copyright (c) 2001 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/px-crypt.c + */ + +#include "postgres.h" + +#include "px.h" +#include "px-crypt.h" + + +static char * +run_crypt_des(const char *psw, const char *salt, + char *buf, unsigned len) +{ + char *res; + + res = px_crypt_des(psw, salt); + if (strlen(res) > len - 1) + return NULL; + strcpy(buf, res); + return buf; +} + +static char * +run_crypt_md5(const char *psw, const char *salt, + char *buf, unsigned len) +{ + char *res; + + res = px_crypt_md5(psw, salt, buf, len); + return res; +} + +static char * +run_crypt_bf(const char *psw, const char *salt, + char *buf, unsigned len) +{ + char *res; + + res = _crypt_blowfish_rn(psw, salt, buf, len); + return res; +} + +struct px_crypt_algo +{ + char *id; + unsigned id_len; + char *(*crypt) (const char *psw, const char *salt, + char *buf, unsigned len); +}; + +static const struct px_crypt_algo + px_crypt_list[] = { + {"$2a$", 4, run_crypt_bf}, + {"$2x$", 4, run_crypt_bf}, + {"$2$", 3, NULL}, /* N/A */ + {"$1$", 3, run_crypt_md5}, + {"_", 1, run_crypt_des}, + {"", 0, run_crypt_des}, + {NULL, 0, NULL} +}; + +char * +px_crypt(const char *psw, const char *salt, char *buf, unsigned len) +{ + const struct px_crypt_algo *c; + + for (c = px_crypt_list; c->id; c++) + { + if (!c->id_len) + break; + if (strncmp(salt, c->id, c->id_len) == 0) + break; + } + + if (c->crypt == NULL) + return NULL; + + return c->crypt(psw, salt, buf, len); +} + +/* + * salt generators + */ + +struct generator +{ + char *name; + char *(*gen) (unsigned long count, const char *input, int size, + char *output, int output_size); + int input_len; + int def_rounds; + int min_rounds; + int max_rounds; +}; + +static struct generator gen_list[] = { + {"des", _crypt_gensalt_traditional_rn, 2, 0, 0, 0}, + {"md5", _crypt_gensalt_md5_rn, 6, 0, 0, 0}, + {"xdes", _crypt_gensalt_extended_rn, 3, PX_XDES_ROUNDS, 1, 0xFFFFFF}, + {"bf", _crypt_gensalt_blowfish_rn, 16, PX_BF_ROUNDS, 4, 31}, + {NULL, NULL, 0, 0, 0, 0} +}; + +int +px_gen_salt(const char *salt_type, char *buf, int rounds) +{ + int res; + struct generator *g; + char *p; + char rbuf[16]; + + for (g = gen_list; g->name; g++) + if (pg_strcasecmp(g->name, salt_type) == 0) + break; + + if (g->name == NULL) + return PXE_UNKNOWN_SALT_ALGO; + + if (g->def_rounds) + { + if (rounds == 0) + rounds = g->def_rounds; + + if (rounds < g->min_rounds || rounds > g->max_rounds) + return PXE_BAD_SALT_ROUNDS; + } + + res = px_get_pseudo_random_bytes((uint8 *) rbuf, g->input_len); + if (res < 0) + return res; + + p = g->gen(rounds, rbuf, g->input_len, buf, PX_MAX_SALT_LEN); + memset(rbuf, 0, sizeof(rbuf)); + + if (p == NULL) + return PXE_BAD_SALT_ROUNDS; + + return strlen(p); +} http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/px-crypt.h ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/px-crypt.h b/contrib/pgcrypto/px-crypt.h new file mode 100644 index 0000000..7dde9ab --- /dev/null +++ b/contrib/pgcrypto/px-crypt.h @@ -0,0 +1,82 @@ +/* + * px-crypt.h + * Header file for px_crypt(). + * + * Copyright (c) 2001 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/px-crypt.h + */ + +#ifndef _PX_CRYPT_H +#define _PX_CRYPT_H + +/* max room for result */ +#define PX_MAX_CRYPT 128 + +/* max salt returned by gen_salt() */ +#define PX_MAX_SALT_LEN 128 + +/* default rounds for xdes salt */ +/* NetBSD bin/passwd/local_passwd.c has (29 * 25)*/ +#define PX_XDES_ROUNDS (29 * 25) + +/* default for blowfish salt */ +#define PX_BF_ROUNDS 6 + +/* + * main interface + */ +char *px_crypt(const char *psw, const char *salt, char *buf, unsigned buflen); +int px_gen_salt(const char *salt_type, char *dst, int rounds); + +/* + * internal functions + */ + +/* crypt-gensalt.c */ +char *_crypt_gensalt_traditional_rn(unsigned long count, + const char *input, int size, char *output, int output_size); +char *_crypt_gensalt_extended_rn(unsigned long count, + const char *input, int size, char *output, int output_size); +char *_crypt_gensalt_md5_rn(unsigned long count, + const char *input, int size, char *output, int output_size); +char *_crypt_gensalt_blowfish_rn(unsigned long count, + const char *input, int size, char *output, int output_size); + +/* disable 'extended DES crypt' */ +/* #define DISABLE_XDES */ + +/* crypt-blowfish.c */ +char *_crypt_blowfish_rn(const char *key, const char *setting, + char *output, int size); + +/* crypt-des.c */ +char *px_crypt_des(const char *key, const char *setting); + +/* crypt-md5.c */ +char *px_crypt_md5(const char *pw, const char *salt, + char *dst, unsigned dstlen); + +#endif /* _PX_CRYPT_H */ http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/px-hmac.c ---------------------------------------------------------------------- diff --git a/contrib/pgcrypto/px-hmac.c b/contrib/pgcrypto/px-hmac.c new file mode 100644 index 0000000..36efabd --- /dev/null +++ b/contrib/pgcrypto/px-hmac.c @@ -0,0 +1,177 @@ +/* + * px-hmac.c + * HMAC implementation. + * + * Copyright (c) 2001 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * contrib/pgcrypto/px-hmac.c + */ + +#include "postgres.h" + +#include "px.h" + +#define HMAC_IPAD 0x36 +#define HMAC_OPAD 0x5C + +static unsigned +hmac_result_size(PX_HMAC *h) +{ + return px_md_result_size(h->md); +} + +static unsigned +hmac_block_size(PX_HMAC *h) +{ + return px_md_block_size(h->md); +} + +static void +hmac_init(PX_HMAC *h, const uint8 *key, unsigned klen) +{ + unsigned bs, + i; + uint8 *keybuf; + PX_MD *md = h->md; + + bs = px_md_block_size(md); + keybuf = px_alloc(bs); + memset(keybuf, 0, bs); + + if (klen > bs) + { + px_md_update(md, key, klen); + px_md_finish(md, keybuf); + px_md_reset(md); + } + else + memcpy(keybuf, key, klen); + + for (i = 0; i < bs; i++) + { + h->p.ipad[i] = keybuf[i] ^ HMAC_IPAD; + h->p.opad[i] = keybuf[i] ^ HMAC_OPAD; + } + + memset(keybuf, 0, bs); + px_free(keybuf); + + px_md_update(md, h->p.ipad, bs); +} + +static void +hmac_reset(PX_HMAC *h) +{ + PX_MD *md = h->md; + unsigned bs = px_md_block_size(md); + + px_md_reset(md); + px_md_update(md, h->p.ipad, bs); +} + +static void +hmac_update(PX_HMAC *h, const uint8 *data, unsigned dlen) +{ + px_md_update(h->md, data, dlen); +} + +static void +hmac_finish(PX_HMAC *h, uint8 *dst) +{ + PX_MD *md = h->md; + unsigned bs, + hlen; + uint8 *buf; + + bs = px_md_block_size(md); + hlen = px_md_result_size(md); + + buf = px_alloc(hlen); + + px_md_finish(md, buf); + + px_md_reset(md); + px_md_update(md, h->p.opad, bs); + px_md_update(md, buf, hlen); + px_md_finish(md, dst); + + memset(buf, 0, hlen); + px_free(buf); +} + +static void +hmac_free(PX_HMAC *h) +{ + unsigned bs; + + bs = px_md_block_size(h->md); + px_md_free(h->md); + + memset(h->p.ipad, 0, bs); + memset(h->p.opad, 0, bs); + px_free(h->p.ipad); + px_free(h->p.opad); + px_free(h); +} + + +/* PUBLIC FUNCTIONS */ + +int +px_find_hmac(const char *name, PX_HMAC **res) +{ + int err; + PX_MD *md; + PX_HMAC *h; + unsigned bs; + + err = px_find_digest(name, &md); + if (err) + return err; + + bs = px_md_block_size(md); + if (bs < 2) + { + px_md_free(md); + return PXE_HASH_UNUSABLE_FOR_HMAC; + } + + h = px_alloc(sizeof(*h)); + h->p.ipad = px_alloc(bs); + h->p.opad = px_alloc(bs); + h->md = md; + + h->result_size = hmac_result_size; + h->block_size = hmac_block_size; + h->reset = hmac_reset; + h->update = hmac_update; + h->finish = hmac_finish; + h->free = hmac_free; + h->init = hmac_init; + + *res = h; + + return 0; +}
