diff options
| author | Neil Conway <neilc@samurai.com> | 2005-03-21 05:22:14 +0000 |
|---|---|---|
| committer | Neil Conway <neilc@samurai.com> | 2005-03-21 05:22:14 +0000 |
| commit | 19b676869a1d9c1bf25a2332bdbe04bb9027c340 (patch) | |
| tree | bf12fc5bff3da3f6d6ac93a9d8ed7aa220f4bd52 | |
| parent | 1ea9169b420bea40228f2a8e5df28b886a099134 (diff) | |
| download | postgresql-19b676869a1d9c1bf25a2332bdbe04bb9027c340.tar.gz postgresql-19b676869a1d9c1bf25a2332bdbe04bb9027c340.zip | |
pgcrypto update:
Reserve px_get_random_bytes() for strong randomness,
add new function px_get_pseudo_random_bytes() for
weak randomness and use it in gen_salt().
On openssl case, use RAND_pseudo_bytes() for
px_get_pseudo_random_bytes().
Final result is that is user has not configured random
souce but kept the 'silly' one, gen_salt() keeps
working, but pgp_encrypt() will throw error.
Marko Kreen
| -rw-r--r-- | contrib/pgcrypto/px-crypt.c | 4 | ||||
| -rw-r--r-- | contrib/pgcrypto/px.c | 3 | ||||
| -rw-r--r-- | contrib/pgcrypto/px.h | 4 | ||||
| -rw-r--r-- | contrib/pgcrypto/random.c | 53 |
4 files changed, 48 insertions, 16 deletions
diff --git a/contrib/pgcrypto/px-crypt.c b/contrib/pgcrypto/px-crypt.c index 8b398c38a0c..5b99d1d0468 100644 --- a/contrib/pgcrypto/px-crypt.c +++ b/contrib/pgcrypto/px-crypt.c @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.10 2005/03/21 05:19:55 neilc Exp $ + * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.11 2005/03/21 05:22:14 neilc Exp $ */ #include <postgres.h> @@ -171,7 +171,7 @@ px_gen_salt(const char *salt_type, char *buf, int rounds) return PXE_BAD_SALT_ROUNDS; } - res = px_get_random_bytes(rbuf, g->input_len); + res = px_get_pseudo_random_bytes(rbuf, g->input_len); if (res < 0) return res; diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c index 259d054bbd2..51f83069179 100644 --- a/contrib/pgcrypto/px.c +++ b/contrib/pgcrypto/px.c @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.10 2005/03/21 05:19:55 neilc Exp $ + * $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.11 2005/03/21 05:22:14 neilc Exp $ */ #include <postgres.h> @@ -56,6 +56,7 @@ static const struct error_desc px_err_list[] = { {PXE_UNKNOWN_SALT_ALGO, "Unknown salt algorithm"}, {PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"}, {PXE_MCRYPT_INTERNAL, "mcrypt internal error"}, + {PXE_NO_RANDOM, "No strong random source"}, {0, NULL}, }; diff --git a/contrib/pgcrypto/px.h b/contrib/pgcrypto/px.h index f205000e8ed..d7a15ffaa35 100644 --- a/contrib/pgcrypto/px.h +++ b/contrib/pgcrypto/px.h @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.11 2005/03/21 05:19:55 neilc Exp $ + * $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.12 2005/03/21 05:22:14 neilc Exp $ */ #ifndef __PX_H @@ -83,6 +83,7 @@ void px_free(void *p); #define PXE_UNKNOWN_SALT_ALGO -14 #define PXE_BAD_SALT_ROUNDS -15 #define PXE_MCRYPT_INTERNAL -16 +#define PXE_NO_RANDOM -17 typedef struct px_digest PX_MD; typedef struct px_alias PX_Alias; @@ -168,6 +169,7 @@ int px_find_cipher(const char *name, PX_Cipher ** res); int px_find_combo(const char *name, PX_Combo ** res); int px_get_random_bytes(uint8 *dst, unsigned count); +int px_get_pseudo_random_bytes(uint8 *dst, unsigned count); const char *px_strerror(int err); diff --git a/contrib/pgcrypto/random.c b/contrib/pgcrypto/random.c index 840d4df7fc4..7f2f5f49258 100644 --- a/contrib/pgcrypto/random.c +++ b/contrib/pgcrypto/random.c @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.9 2005/03/21 05:19:55 neilc Exp $ + * $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.10 2005/03/21 05:22:14 neilc Exp $ */ @@ -78,10 +78,16 @@ px_get_random_bytes(uint8 *dst, unsigned count) return res; } +int +px_get_pseudo_random_bytes(uint8 *dst, unsigned count) +{ + return px_get_random_bytes(dst, count); +} + #elif defined(RAND_SILLY) int -px_get_random_bytes(uint8 *dst, unsigned count) +px_get_pseudo_random_bytes(uint8 *dst, unsigned count) { int i; @@ -90,6 +96,12 @@ px_get_random_bytes(uint8 *dst, unsigned count) return i; } +int +px_get_random_bytes(uint8 *dst, unsigned count) +{ + return PXE_NO_RANDOM; +} + #elif defined(RAND_OPENSSL) #include <openssl/evp.h> @@ -99,22 +111,24 @@ px_get_random_bytes(uint8 *dst, unsigned count) static int openssl_random_init = 0; +/* + * OpenSSL random should re-feeded occasionally. From /dev/urandom + * preferably. + */ +static void init_openssl() +{ + if (RAND_get_rand_method() == NULL) + RAND_set_rand_method(RAND_SSLeay()); + openssl_random_init = 1; +} + int px_get_random_bytes(uint8 *dst, unsigned count) { int res; if (!openssl_random_init) - { - if (RAND_get_rand_method() == NULL) - RAND_set_rand_method(RAND_SSLeay()); - openssl_random_init = 1; - } - - /* - * OpenSSL random should re-feeded occasionally. From /dev/urandom - * preferably. - */ + init_openssl(); res = RAND_bytes(dst, count); if (res == 1) @@ -123,6 +137,21 @@ px_get_random_bytes(uint8 *dst, unsigned count) return PXE_OSSL_RAND_ERROR; } +int +px_get_pseudo_random_bytes(uint8 *dst, unsigned count) +{ + int res; + + if (!openssl_random_init) + init_openssl(); + + res = RAND_pseudo_bytes(dst, count); + if (res == 0 || res == 1) + return count; + + return PXE_OSSL_RAND_ERROR; +} + #else #error "Invalid random source" #endif |