diff options
Diffstat (limited to 'src/common/cryptohash.c')
-rw-r--r-- | src/common/cryptohash.c | 278 |
1 files changed, 278 insertions, 0 deletions
diff --git a/src/common/cryptohash.c b/src/common/cryptohash.c new file mode 100644 index 0000000..a295a5c --- /dev/null +++ b/src/common/cryptohash.c @@ -0,0 +1,278 @@ +/*------------------------------------------------------------------------- + * + * cryptohash.c + * Fallback implementations for cryptographic hash functions. + * + * This is the set of in-core functions used when there are no other + * alternative options like OpenSSL. + * + * Portions Copyright (c) 1996-2022, PostgreSQL Global Development Group + * Portions Copyright (c) 1994, Regents of the University of California + * + * IDENTIFICATION + * src/common/cryptohash.c + * + *------------------------------------------------------------------------- + */ + +#ifndef FRONTEND +#include "postgres.h" +#else +#include "postgres_fe.h" +#endif + +#include <sys/param.h> + +#include "common/cryptohash.h" +#include "md5_int.h" +#include "sha1_int.h" +#include "sha2_int.h" + +/* + * In backend, use palloc/pfree to ease the error handling. In frontend, + * use malloc to be able to return a failure status back to the caller. + */ +#ifndef FRONTEND +#define ALLOC(size) palloc(size) +#define FREE(ptr) pfree(ptr) +#else +#define ALLOC(size) malloc(size) +#define FREE(ptr) free(ptr) +#endif + +/* Set of error states */ +typedef enum pg_cryptohash_errno +{ + PG_CRYPTOHASH_ERROR_NONE = 0, + PG_CRYPTOHASH_ERROR_DEST_LEN +} pg_cryptohash_errno; + +/* Internal pg_cryptohash_ctx structure */ +struct pg_cryptohash_ctx +{ + pg_cryptohash_type type; + pg_cryptohash_errno error; + + union + { + pg_md5_ctx md5; + pg_sha1_ctx sha1; + pg_sha224_ctx sha224; + pg_sha256_ctx sha256; + pg_sha384_ctx sha384; + pg_sha512_ctx sha512; + } data; +}; + +/* + * pg_cryptohash_create + * + * Allocate a hash context. Returns NULL on failure for an OOM. The + * backend issues an error, without returning. + */ +pg_cryptohash_ctx * +pg_cryptohash_create(pg_cryptohash_type type) +{ + pg_cryptohash_ctx *ctx; + + /* + * Note that this always allocates enough space for the largest hash. A + * smaller allocation would be enough for md5, sha224 and sha256, but the + * small extra amount of memory does not make it worth complicating this + * code. + */ + ctx = ALLOC(sizeof(pg_cryptohash_ctx)); + if (ctx == NULL) + return NULL; + + memset(ctx, 0, sizeof(pg_cryptohash_ctx)); + ctx->type = type; + ctx->error = PG_CRYPTOHASH_ERROR_NONE; + return ctx; +} + +/* + * pg_cryptohash_init + * + * Initialize a hash context. Note that this implementation is designed + * to never fail, so this always returns 0. + */ +int +pg_cryptohash_init(pg_cryptohash_ctx *ctx) +{ + if (ctx == NULL) + return -1; + + switch (ctx->type) + { + case PG_MD5: + pg_md5_init(&ctx->data.md5); + break; + case PG_SHA1: + pg_sha1_init(&ctx->data.sha1); + break; + case PG_SHA224: + pg_sha224_init(&ctx->data.sha224); + break; + case PG_SHA256: + pg_sha256_init(&ctx->data.sha256); + break; + case PG_SHA384: + pg_sha384_init(&ctx->data.sha384); + break; + case PG_SHA512: + pg_sha512_init(&ctx->data.sha512); + break; + } + + return 0; +} + +/* + * pg_cryptohash_update + * + * Update a hash context. Note that this implementation is designed + * to never fail, so this always returns 0 except if the caller has + * given a NULL context. + */ +int +pg_cryptohash_update(pg_cryptohash_ctx *ctx, const uint8 *data, size_t len) +{ + if (ctx == NULL) + return -1; + + switch (ctx->type) + { + case PG_MD5: + pg_md5_update(&ctx->data.md5, data, len); + break; + case PG_SHA1: + pg_sha1_update(&ctx->data.sha1, data, len); + break; + case PG_SHA224: + pg_sha224_update(&ctx->data.sha224, data, len); + break; + case PG_SHA256: + pg_sha256_update(&ctx->data.sha256, data, len); + break; + case PG_SHA384: + pg_sha384_update(&ctx->data.sha384, data, len); + break; + case PG_SHA512: + pg_sha512_update(&ctx->data.sha512, data, len); + break; + } + + return 0; +} + +/* + * pg_cryptohash_final + * + * Finalize a hash context. Note that this implementation is designed to + * never fail, so this always returns 0 except if the destination buffer + * is not large enough. + */ +int +pg_cryptohash_final(pg_cryptohash_ctx *ctx, uint8 *dest, size_t len) +{ + if (ctx == NULL) + return -1; + + switch (ctx->type) + { + case PG_MD5: + if (len < MD5_DIGEST_LENGTH) + { + ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN; + return -1; + } + pg_md5_final(&ctx->data.md5, dest); + break; + case PG_SHA1: + if (len < SHA1_DIGEST_LENGTH) + { + ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN; + return -1; + } + pg_sha1_final(&ctx->data.sha1, dest); + break; + case PG_SHA224: + if (len < PG_SHA224_DIGEST_LENGTH) + { + ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN; + return -1; + } + pg_sha224_final(&ctx->data.sha224, dest); + break; + case PG_SHA256: + if (len < PG_SHA256_DIGEST_LENGTH) + { + ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN; + return -1; + } + pg_sha256_final(&ctx->data.sha256, dest); + break; + case PG_SHA384: + if (len < PG_SHA384_DIGEST_LENGTH) + { + ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN; + return -1; + } + pg_sha384_final(&ctx->data.sha384, dest); + break; + case PG_SHA512: + if (len < PG_SHA512_DIGEST_LENGTH) + { + ctx->error = PG_CRYPTOHASH_ERROR_DEST_LEN; + return -1; + } + pg_sha512_final(&ctx->data.sha512, dest); + break; + } + + return 0; +} + +/* + * pg_cryptohash_free + * + * Free a hash context. + */ +void +pg_cryptohash_free(pg_cryptohash_ctx *ctx) +{ + if (ctx == NULL) + return; + + explicit_bzero(ctx, sizeof(pg_cryptohash_ctx)); + FREE(ctx); +} + +/* + * pg_cryptohash_error + * + * Returns a static string providing details about an error that + * happened during a computation. + */ +const char * +pg_cryptohash_error(pg_cryptohash_ctx *ctx) +{ + /* + * This implementation would never fail because of an out-of-memory error, + * except when creating the context. + */ + if (ctx == NULL) + return _("out of memory"); + + switch (ctx->error) + { + case PG_CRYPTOHASH_ERROR_NONE: + return _("success"); + case PG_CRYPTOHASH_ERROR_DEST_LEN: + return _("destination buffer too small"); + } + + Assert(false); + return _("success"); +} |