[フレーム]

px-crypt.c

Go to the documentation of this file.

1/*

2 * px-crypt.c

3 * Wrapper for various crypt algorithms.

4 *

7 *

8 * Redistribution and use in source and binary forms, with or without

9 * modification, are permitted provided that the following conditions

10 * are met:

11 * 1. Redistributions of source code must retain the above copyright

12 * notice, this list of conditions and the following disclaimer.

13 * 2. Redistributions in binary form must reproduce the above copyright

14 * notice, this list of conditions and the following disclaimer in the

15 * documentation and/or other materials provided with the distribution.

16 *

17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

27 * SUCH DAMAGE.

28 *

29 * contrib/pgcrypto/px-crypt.c

30 */

31

32#include "postgres.h"

33

34#include "px-crypt.h"

35#include "px.h"

36

37static char *

38 run_crypt_des(const char *psw, const char *salt,

39 char *buf, unsigned len)

40{

41 char *res;

42

43 res = px_crypt_des(psw, salt);

44 if (res == NULL || strlen(res) > len - 1)

45 return NULL;

46 strcpy(buf, res);

47 return buf;

48}

49

50static char *

51 run_crypt_md5(const char *psw, const char *salt,

52 char *buf, unsigned len)

53{

54 char *res;

55

56 res = px_crypt_md5(psw, salt, buf, len);

57 return res;

58}

59

60static char *

61 run_crypt_bf(const char *psw, const char *salt,

62 char *buf, unsigned len)

63{

64 char *res;

65

66 res = _crypt_blowfish_rn(psw, salt, buf, len);

67 return res;

68}

69

70static char *

71 run_crypt_sha(const char *psw, const char *salt,

72 char *buf, unsigned len)

73{

74 char *res;

75

76 res = px_crypt_shacrypt(psw, salt, buf, len);

77 return res;

78}

79

80 struct px_crypt_algo

81{

82 char *id;

83 unsigned id_len;

84 char *(*crypt) (const char *psw, const char *salt,

85 char *buf, unsigned len);

86};

87

88static const struct px_crypt_algo

89 px_crypt_list[] = {

90 {"2ドルa$", 4, run_crypt_bf},

91 {"2ドルx$", 4, run_crypt_bf},

92 {"2ドル$", 3, NULL}, /* N/A */

93 {"1ドル$", 3, run_crypt_md5},

94 {"5ドル$", 3, run_crypt_sha},

95 {"6ドル$", 3, run_crypt_sha},

96 {"_", 1, run_crypt_des},

97 {"", 0, run_crypt_des},

98 {NULL, 0, NULL}

99};

100

101char *

102 px_crypt(const char *psw, const char *salt, char *buf, unsigned len)

103{

104 const struct px_crypt_algo *c;

105

106 CheckBuiltinCryptoMode();

107

108 for (c = px_crypt_list; c->id; c++)

109 {

110 if (!c->id_len)

111 break;

112 if (strncmp(salt, c->id, c->id_len) == 0)

113 break;

114 }

115

116 if (c->crypt == NULL)

117 return NULL;

118

119 return c->crypt(psw, salt, buf, len);

120}

121

122/*

123 * salt generators

124 */

125

126 struct generator

127{

128 char *name;

129 char *(*gen) (unsigned long count, const char *input, int size,

130 char *output, int output_size);

131 int input_len;

132 int def_rounds;

133 int min_rounds;

134 int max_rounds;

135};

136

137 static struct generator gen_list[] = {

138 {"des", _crypt_gensalt_traditional_rn, 2, 0, 0, 0},

139 {"md5", _crypt_gensalt_md5_rn, 6, 0, 0, 0},

140 {"xdes", _crypt_gensalt_extended_rn, 3, PX_XDES_ROUNDS, 1, 0xFFFFFF},

141 {"bf", _crypt_gensalt_blowfish_rn, 16, PX_BF_ROUNDS, 4, 31},

142 {

143 "sha256crypt", _crypt_gensalt_sha256_rn,

144 PX_SHACRYPT_SALT_MAX_LEN, PX_SHACRYPT_ROUNDS_DEFAULT,

145 PX_SHACRYPT_ROUNDS_MIN, PX_SHACRYPT_ROUNDS_MAX

146 },

147 {

148 "sha512crypt", _crypt_gensalt_sha512_rn,

149 PX_SHACRYPT_SALT_MAX_LEN, PX_SHACRYPT_ROUNDS_DEFAULT,

150 PX_SHACRYPT_ROUNDS_MIN, PX_SHACRYPT_ROUNDS_MAX

151 },

152 {NULL, NULL, 0, 0, 0, 0}

153};

154

155int

156 px_gen_salt(const char *salt_type, char *buf, int rounds)

157{

158 struct generator *g;

159 char *p;

160 char rbuf[16];

161

162 CheckBuiltinCryptoMode();

163

164 for (g = gen_list; g->name; g++)

165 if (pg_strcasecmp(g->name, salt_type) == 0)

166 break;

167

168 if (g->name == NULL)

169 return PXE_UNKNOWN_SALT_ALGO;

170

171 if (g->def_rounds)

172 {

173 if (rounds == 0)

174 rounds = g->def_rounds;

175

176 if (rounds < g->min_rounds || rounds > g->max_rounds)

177 return PXE_BAD_SALT_ROUNDS;

178 }

179

180 if (!pg_strong_random(rbuf, g->input_len))

181 return PXE_NO_RANDOM;

182

183 p = g->gen(rounds, rbuf, g->input_len, buf, PX_MAX_SALT_LEN);

184 px_memset(rbuf, 0, sizeof(rbuf));

185

186 if (p == NULL)

187 return PXE_BAD_SALT_ROUNDS;

188

189 return strlen(p);

190}

_crypt_blowfish_rn

char * _crypt_blowfish_rn(const char *key, const char *setting, char *output, int size)

Definition: crypt-blowfish.c:582

px_crypt_des

char * px_crypt_des(const char *key, const char *setting)

Definition: crypt-des.c:651

_crypt_gensalt_sha512_rn

char * _crypt_gensalt_sha512_rn(unsigned long count, char const *input, int size, char *output, int output_size)

Definition: crypt-gensalt.c:243

_crypt_gensalt_traditional_rn

char * _crypt_gensalt_traditional_rn(unsigned long count, const char *input, int size, char *output, int output_size)

Definition: crypt-gensalt.c:25

_crypt_gensalt_sha256_rn

char * _crypt_gensalt_sha256_rn(unsigned long count, const char *input, int size, char *output, int output_size)

Definition: crypt-gensalt.c:258

_crypt_gensalt_md5_rn

char * _crypt_gensalt_md5_rn(unsigned long count, const char *input, int size, char *output, int output_size)

Definition: crypt-gensalt.c:79

_crypt_gensalt_blowfish_rn

char * _crypt_gensalt_blowfish_rn(unsigned long count, const char *input, int size, char *output, int output_size)

Definition: crypt-gensalt.c:161

_crypt_gensalt_extended_rn

char * _crypt_gensalt_extended_rn(unsigned long count, const char *input, int size, char *output, int output_size)

Definition: crypt-gensalt.c:43

px_crypt_md5

char * px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)

Definition: crypt-md5.c:34

px_crypt_shacrypt

char * px_crypt_shacrypt(const char *pw, const char *salt, char *passwd, unsigned dstlen)

Definition: crypt-sha.c:69

input

FILE * input

output

FILE * output

Definition: pg_test_timing.c:235

CheckBuiltinCryptoMode

void CheckBuiltinCryptoMode(void)

Definition: openssl.c:874

len

const void size_t len

Definition: pg_crc32c_sse42.c:28

buf

static char * buf

Definition: pg_test_fsync.c:72

pg_strong_random

bool pg_strong_random(void *buf, size_t len)

Definition: pg_strong_random.c:150

pg_strcasecmp

int pg_strcasecmp(const char *s1, const char *s2)

Definition: pgstrcasecmp.c:36

postgres.h

c

char * c

Definition: preproc-cursor.c:31

run_crypt_des

static char * run_crypt_des(const char *psw, const char *salt, char *buf, unsigned len)

Definition: px-crypt.c:38

px_gen_salt

int px_gen_salt(const char *salt_type, char *buf, int rounds)

Definition: px-crypt.c:156

px_crypt_list

static const struct px_crypt_algo px_crypt_list[]

Definition: px-crypt.c:89

run_crypt_bf

static char * run_crypt_bf(const char *psw, const char *salt, char *buf, unsigned len)

Definition: px-crypt.c:61

gen_list

static struct generator gen_list[]

Definition: px-crypt.c:137

px_crypt

char * px_crypt(const char *psw, const char *salt, char *buf, unsigned len)

Definition: px-crypt.c:102

run_crypt_md5

static char * run_crypt_md5(const char *psw, const char *salt, char *buf, unsigned len)

Definition: px-crypt.c:51

run_crypt_sha

static char * run_crypt_sha(const char *psw, const char *salt, char *buf, unsigned len)

Definition: px-crypt.c:71

px-crypt.h

PX_SHACRYPT_ROUNDS_MAX

#define PX_SHACRYPT_ROUNDS_MAX

Definition: px-crypt.h:70

PX_MAX_SALT_LEN

#define PX_MAX_SALT_LEN

Definition: px-crypt.h:39

PX_BF_ROUNDS

#define PX_BF_ROUNDS

Definition: px-crypt.h:46

PX_XDES_ROUNDS

#define PX_XDES_ROUNDS

Definition: px-crypt.h:43

PX_SHACRYPT_ROUNDS_MIN

#define PX_SHACRYPT_ROUNDS_MIN

Definition: px-crypt.h:67

PX_SHACRYPT_SALT_MAX_LEN

#define PX_SHACRYPT_SALT_MAX_LEN

Definition: px-crypt.h:49

PX_SHACRYPT_ROUNDS_DEFAULT

#define PX_SHACRYPT_ROUNDS_DEFAULT

Definition: px-crypt.h:64

px_memset

void px_memset(void *ptr, int c, size_t len)

Definition: px.c:123

px.h

PXE_BAD_SALT_ROUNDS

#define PXE_BAD_SALT_ROUNDS

Definition: px.h:61

PXE_NO_RANDOM

#define PXE_NO_RANDOM

Definition: px.h:63

PXE_UNKNOWN_SALT_ALGO

#define PXE_UNKNOWN_SALT_ALGO

Definition: px.h:60

generator

Definition: px-crypt.c:127

generator::input_len

int input_len

Definition: px-crypt.c:131

generator::max_rounds

int max_rounds

Definition: px-crypt.c:134

generator::gen

char *(* gen)(unsigned long count, const char *input, int size, char *output, int output_size)

Definition: px-crypt.c:129

generator::def_rounds

int def_rounds

Definition: px-crypt.c:132

generator::name

char * name

Definition: px-crypt.c:128

generator::min_rounds

int min_rounds

Definition: px-crypt.c:133

px_crypt_algo

Definition: px-crypt.c:81

px_crypt_algo::id_len

unsigned id_len

Definition: px-crypt.c:83

px_crypt_algo::id

char * id

Definition: px-crypt.c:82

PostgreSQL Source Code: contrib/pgcrypto/px-crypt.c Source File