PostgreSQL Source Code: src/common/cryptohash_openssl.c Source File

PostgreSQL Source Code git master
cryptohash_openssl.c
Go to the documentation of this file.
1/*-------------------------------------------------------------------------
2 *
3 * cryptohash_openssl.c
4 * Set of wrapper routines on top of OpenSSL to support cryptographic
5 * hash functions.
6 *
7 * This should only be used if code is compiled with OpenSSL support.
8 *
9 * Portions Copyright (c) 1996-2025, PostgreSQL Global Development Group
10 * Portions Copyright (c) 1994, Regents of the University of California
11 *
12 * IDENTIFICATION
13 * src/common/cryptohash_openssl.c
14 *
15 *-------------------------------------------------------------------------
16 */
17
18#ifndef FRONTEND
19#include "postgres.h"
20#else
21#include "postgres_fe.h"
22#endif
23
24#include <openssl/err.h>
25#include <openssl/evp.h>
26
27#include "common/cryptohash.h"
28#include "common/md5.h"
29#include "common/sha1.h"
30#include "common/sha2.h"
31#ifndef FRONTEND
32#include "utils/memutils.h"
33#include "utils/resowner.h"
34#endif
35
36/*
37 * In the backend, use an allocation in TopMemoryContext to count for
38 * resowner cleanup handling. In the frontend, use malloc to be able
39 * to return a failure status back to the caller.
40 */
41#ifndef FRONTEND
42 #define ALLOC(size) MemoryContextAlloc(TopMemoryContext, size)
43 #define FREE(ptr) pfree(ptr)
44#else
45#define ALLOC(size) malloc(size)
46#define FREE(ptr) free(ptr)
47#endif
48
49/* Set of error states */
50 typedef enum pg_cryptohash_errno
51{
52 PG_CRYPTOHASH_ERROR_NONE = 0,
53 PG_CRYPTOHASH_ERROR_DEST_LEN,
54 PG_CRYPTOHASH_ERROR_OPENSSL,
55 } pg_cryptohash_errno;
56
57/*
58 * Internal pg_cryptohash_ctx structure.
59 *
60 * This tracks the resource owner associated to each EVP context data
61 * for the backend.
62 */
63struct pg_cryptohash_ctx
64{
65 pg_cryptohash_type type;
66 pg_cryptohash_errno error;
67 const char *errreason;
68
69 EVP_MD_CTX *evpctx;
70
71#ifndef FRONTEND
72 ResourceOwner resowner;
73#endif
74};
75
76/* ResourceOwner callbacks to hold cryptohash contexts */
77#ifndef FRONTEND
78static void ResOwnerReleaseCryptoHash(Datum res);
79
80 static const ResourceOwnerDesc cryptohash_resowner_desc =
81{
82 .name = "OpenSSL cryptohash context",
83 .release_phase = RESOURCE_RELEASE_BEFORE_LOCKS,
84 .release_priority = RELEASE_PRIO_CRYPTOHASH_CONTEXTS,
85 .ReleaseResource = ResOwnerReleaseCryptoHash,
86 .DebugPrint = NULL /* the default message is fine */
87};
88
89/* Convenience wrappers over ResourceOwnerRemember/Forget */
90static inline void
91 ResourceOwnerRememberCryptoHash(ResourceOwner owner, pg_cryptohash_ctx *ctx)
92{
93 ResourceOwnerRemember(owner, PointerGetDatum(ctx), &cryptohash_resowner_desc);
94}
95static inline void
96 ResourceOwnerForgetCryptoHash(ResourceOwner owner, pg_cryptohash_ctx *ctx)
97{
98 ResourceOwnerForget(owner, PointerGetDatum(ctx), &cryptohash_resowner_desc);
99}
100#endif
101
102static const char *
103 SSLerrmessage(unsigned long ecode)
104{
105 if (ecode == 0)
106 return NULL;
107
108 /*
109 * This may return NULL, but we would fall back to a default error path if
110 * that were the case.
111 */
112 return ERR_reason_error_string(ecode);
113}
114
115/*
116 * pg_cryptohash_create
117 *
118 * Allocate a hash context. Returns NULL on failure for an OOM. The
119 * backend issues an error, without returning.
120 */
121pg_cryptohash_ctx *
122 pg_cryptohash_create(pg_cryptohash_type type)
123{
124 pg_cryptohash_ctx *ctx;
125
126 /*
127 * Make sure that the resource owner has space to remember this reference.
128 * This can error out with "out of memory", so do this before any other
129 * allocation to avoid leaking.
130 */
131#ifndef FRONTEND
132 ResourceOwnerEnlarge(CurrentResourceOwner);
133#endif
134
135 ctx = ALLOC(sizeof(pg_cryptohash_ctx));
136 if (ctx == NULL)
137 return NULL;
138 memset(ctx, 0, sizeof(pg_cryptohash_ctx));
139 ctx->type = type;
140 ctx->error = PG_CRYPTOHASH_ERROR_NONE;
141 ctx->errreason = NULL;
142
143 /*
144 * Initialization takes care of assigning the correct type for OpenSSL.
145 * Also ensure that there aren't any unconsumed errors in the queue from
146 * previous runs.
147 */
148 ERR_clear_error();
149 ctx->evpctx = EVP_MD_CTX_create();
150
151 if (ctx->evpctx == NULL)
152 {
153 explicit_bzero(ctx, sizeof(pg_cryptohash_ctx));
154 FREE(ctx);
155#ifndef FRONTEND
156 ereport(ERROR,
157 (errcode(ERRCODE_OUT_OF_MEMORY),
158 errmsg("out of memory")));
159#else
160 return NULL;
161#endif
162 }
163
164#ifndef FRONTEND
165 ctx->resowner = CurrentResourceOwner;
166 ResourceOwnerRememberCryptoHash(CurrentResourceOwner, ctx);
167#endif
168
169 return ctx;
170}
171
172/*
173 * pg_cryptohash_init
174 *
175 * Initialize a hash context. Returns 0 on success, and -1 on failure.
176 */
177int
178 pg_cryptohash_init(pg_cryptohash_ctx *ctx)
179{
180 int status = 0;
181
182 if (ctx == NULL)
183 return -1;
184
185 switch (ctx->type)
186 {
187 case PG_MD5:
188 status = EVP_DigestInit_ex(ctx->evpctx, EVP_md5(), NULL);
189 break;
190 case PG_SHA1:
191 status = EVP_DigestInit_ex(ctx->evpctx, EVP_sha1(), NULL);
192 break;
193 case PG_SHA224:
194 status = EVP_DigestInit_ex(ctx->evpctx, EVP_sha224(), NULL);
195 break;
196 case PG_SHA256:
197 status = EVP_DigestInit_ex(ctx->evpctx, EVP_sha256(), NULL);
198 break;
199 case PG_SHA384:
200 status = EVP_DigestInit_ex(ctx->evpctx, EVP_sha384(), NULL);
201 break;
202 case PG_SHA512:
203 status = EVP_DigestInit_ex(ctx->evpctx, EVP_sha512(), NULL);
204 break;
205 }
206
207 /* OpenSSL internals return 1 on success, 0 on failure */
208 if (status <= 0)
209 {
210 ctx->errreason = SSLerrmessage(ERR_get_error());
211 ctx->error = PG_CRYPTOHASH_ERROR_OPENSSL;
212
213 /*
214 * The OpenSSL error queue should normally be empty since we've
215 * consumed an error, but cipher initialization can in FIPS-enabled
216 * OpenSSL builds generate two errors so clear the queue here as well.
217 */
218 ERR_clear_error();
219 return -1;
220 }
221 return 0;
222}
223
224/*
225 * pg_cryptohash_update
226 *
227 * Update a hash context. Returns 0 on success, and -1 on failure.
228 */
229int
230 pg_cryptohash_update(pg_cryptohash_ctx *ctx, const uint8 *data, size_t len)
231{
232 int status = 0;
233
234 if (ctx == NULL)
235 return -1;
236
237 status = EVP_DigestUpdate(ctx->evpctx, data, len);
238
239 /* OpenSSL internals return 1 on success, 0 on failure */
240 if (status <= 0)
241 {
242 ctx->errreason = SSLerrmessage(ERR_get_error());
243 ctx->error = PG_CRYPTOHASH_ERROR_OPENSSL;
244 return -1;
245 }
246 return 0;
247}
248
249/*
250 * pg_cryptohash_final
251 *
252 * Finalize a hash context. Returns 0 on success, and -1 on failure.
253 */
254int
255 pg_cryptohash_final(pg_cryptohash_ctx *ctx, uint8 *dest, size_t len)
256{
257 int status = 0;
258
259 if (ctx == NULL)
260 return -1;
261
262 switch (ctx->type)
263 {
264 case PG_MD5:
265 if (len < MD5_DIGEST_LENGTH)
266 {
267 ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN;
268 return -1;
269 }
270 break;
271 case PG_SHA1:
272 if (len < SHA1_DIGEST_LENGTH)
273 {
274 ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN;
275 return -1;
276 }
277 break;
278 case PG_SHA224:
279 if (len < PG_SHA224_DIGEST_LENGTH)
280 {
281 ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN;
282 return -1;
283 }
284 break;
285 case PG_SHA256:
286 if (len < PG_SHA256_DIGEST_LENGTH)
287 {
288 ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN;
289 return -1;
290 }
291 break;
292 case PG_SHA384:
293 if (len < PG_SHA384_DIGEST_LENGTH)
294 {
295 ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN;
296 return -1;
297 }
298 break;
299 case PG_SHA512:
300 if (len < PG_SHA512_DIGEST_LENGTH)
301 {
302 ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN;
303 return -1;
304 }
305 break;
306 }
307
308 status = EVP_DigestFinal_ex(ctx->evpctx, dest, 0);
309
310 /* OpenSSL internals return 1 on success, 0 on failure */
311 if (status <= 0)
312 {
313 ctx->errreason = SSLerrmessage(ERR_get_error());
314 ctx->error = PG_CRYPTOHASH_ERROR_OPENSSL;
315 return -1;
316 }
317 return 0;
318}
319
320/*
321 * pg_cryptohash_free
322 *
323 * Free a hash context.
324 */
325void
326 pg_cryptohash_free(pg_cryptohash_ctx *ctx)
327{
328 if (ctx == NULL)
329 return;
330
331 EVP_MD_CTX_destroy(ctx->evpctx);
332
333#ifndef FRONTEND
334 if (ctx->resowner)
335 ResourceOwnerForgetCryptoHash(ctx->resowner, ctx);
336#endif
337
338 explicit_bzero(ctx, sizeof(pg_cryptohash_ctx));
339 FREE(ctx);
340}
341
342/*
343 * pg_cryptohash_error
344 *
345 * Returns a static string providing details about an error that
346 * happened during a computation.
347 */
348const char *
349 pg_cryptohash_error(pg_cryptohash_ctx *ctx)
350{
351 /*
352 * This implementation would never fail because of an out-of-memory error,
353 * except when creating the context.
354 */
355 if (ctx == NULL)
356 return _("out of memory");
357
358 /*
359 * If a reason is provided, rely on it, else fallback to any error code
360 * set.
361 */
362 if (ctx->errreason)
363 return ctx->errreason;
364
365 switch (ctx->error)
366 {
367 case PG_CRYPTOHASH_ERROR_NONE:
368 return _("success");
369 case PG_CRYPTOHASH_ERROR_DEST_LEN:
370 return _("destination buffer too small");
371 case PG_CRYPTOHASH_ERROR_OPENSSL:
372 return _("OpenSSL failure");
373 }
374
375 Assert(false); /* cannot be reached */
376 return _("success");
377}
378
379/* ResourceOwner callbacks */
380
381#ifndef FRONTEND
382static void
383 ResOwnerReleaseCryptoHash(Datum res)
384{
385 pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) DatumGetPointer(res);
386
387 ctx->resowner = NULL;
388 pg_cryptohash_free(ctx);
389}
390#endif
uint8_t uint8
Definition: c.h:536
pg_cryptohash_errno
Definition: cryptohash.c:45
pg_cryptohash_type
Definition: cryptohash.h:20
@ PG_SHA512
Definition: cryptohash.h:26
@ PG_SHA224
Definition: cryptohash.h:23
@ PG_SHA384
Definition: cryptohash.h:25
@ PG_SHA1
Definition: cryptohash.h:22
@ PG_SHA256
Definition: cryptohash.h:24
@ PG_MD5
Definition: cryptohash.h:21
const char * pg_cryptohash_error(pg_cryptohash_ctx *ctx)
#define FREE(ptr)
static void ResOwnerReleaseCryptoHash(Datum res)
static const char * SSLerrmessage(unsigned long ecode)
int pg_cryptohash_update(pg_cryptohash_ctx *ctx, const uint8 *data, size_t len)
pg_cryptohash_ctx * pg_cryptohash_create(pg_cryptohash_type type)
int pg_cryptohash_init(pg_cryptohash_ctx *ctx)
static void ResourceOwnerForgetCryptoHash(ResourceOwner owner, pg_cryptohash_ctx *ctx)
static const ResourceOwnerDesc cryptohash_resowner_desc
pg_cryptohash_errno
@ PG_CRYPTOHASH_ERROR_DEST_LEN
@ PG_CRYPTOHASH_ERROR_NONE
@ PG_CRYPTOHASH_ERROR_OPENSSL
#define ALLOC(size)
static void ResourceOwnerRememberCryptoHash(ResourceOwner owner, pg_cryptohash_ctx *ctx)
void pg_cryptohash_free(pg_cryptohash_ctx *ctx)
int pg_cryptohash_final(pg_cryptohash_ctx *ctx, uint8 *dest, size_t len)
int errcode(int sqlerrcode)
Definition: elog.c:854
int errmsg(const char *fmt,...)
Definition: elog.c:1071
_
#define _(x)
Definition: elog.c:91
#define ERROR
Definition: elog.h:39
#define ereport(elevel,...)
Definition: elog.h:150
Assert(PointerIsAligned(start, uint64))
#define MD5_DIGEST_LENGTH
Definition: md5.h:20
dest
const void size_t len
const void * data
void explicit_bzero(void *buf, size_t len)
Definition: explicit_bzero.c:52
static Datum PointerGetDatum(const void *X)
Definition: postgres.h:332
uint64_t Datum
Definition: postgres.h:70
static Pointer DatumGetPointer(Datum X)
Definition: postgres.h:322
ResourceOwner CurrentResourceOwner
Definition: resowner.c:173
void ResourceOwnerForget(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
Definition: resowner.c:561
void ResourceOwnerRemember(ResourceOwner owner, Datum value, const ResourceOwnerDesc *kind)
Definition: resowner.c:521
void ResourceOwnerEnlarge(ResourceOwner owner)
Definition: resowner.c:449
@ RESOURCE_RELEASE_BEFORE_LOCKS
Definition: resowner.h:54
#define RELEASE_PRIO_CRYPTOHASH_CONTEXTS
Definition: resowner.h:67
#define SHA1_DIGEST_LENGTH
Definition: sha1.h:17
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:23
#define PG_SHA384_DIGEST_LENGTH
Definition: sha2.h:26
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:29
#define PG_SHA224_DIGEST_LENGTH
Definition: sha2.h:20
const char * name
Definition: resowner.h:93
Definition: cryptohash.c:52
pg_cryptohash_errno error
Definition: cryptohash.c:54
ResourceOwner resowner
pg_cryptohash_type type
Definition: cryptohash.c:53
EVP_MD_CTX * evpctx
const char * errreason
const char * type

AltStyle によって変換されたページ (->オリジナル) /