LCOV - code coverage report
Current view: top level - contrib/pgcrypto - px.c (source / functions) Hit Total Coverage
Test: PostgreSQL 13beta1 Lines: 142 174 81.6 %
Date: 2020-06-01 09:07:10 Functions: 14 14 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :  * px.c
       3             :  *      Various cryptographic stuff for PostgreSQL.
       4             :  *
       5             :  * Copyright (c) 2001 Marko Kreen
       6             :  * All rights reserved.
       7             :  *
       8             :  * Redistribution and use in source and binary forms, with or without
       9             :  * modification, are permitted provided that the following conditions
      10             :  * are met:
      11             :  * 1. Redistributions of source code must retain the above copyright
      12             :  *    notice, this list of conditions and the following disclaimer.
      13             :  * 2. Redistributions in binary form must reproduce the above copyright
      14             :  *    notice, this list of conditions and the following disclaimer in the
      15             :  *    documentation and/or other materials provided with the distribution.
      16             :  *
      17             :  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
      18             :  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
      19             :  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
      20             :  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
      21             :  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
      22             :  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
      23             :  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
      24             :  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
      25             :  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
      26             :  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
      27             :  * SUCH DAMAGE.
      28             :  *
      29             :  * contrib/pgcrypto/px.c
      30             :  */
      31             : 
      32             : #include "postgres.h"
      33             : 
      34             : #include "px.h"
      35             : 
      36             : struct error_desc
      37             : {
      38             :     int         err;
      39             :     const char *desc;
      40             : };
      41             : 
      42             : static const struct error_desc px_err_list[] = {
      43             :     {PXE_OK, "Everything ok"},
      44             :     {PXE_ERR_GENERIC, "Some PX error (not specified)"},
      45             :     {PXE_NO_HASH, "No such hash algorithm"},
      46             :     {PXE_NO_CIPHER, "No such cipher algorithm"},
      47             :     {PXE_NOTBLOCKSIZE, "Data not a multiple of block size"},
      48             :     {PXE_BAD_OPTION, "Unknown option"},
      49             :     {PXE_BAD_FORMAT, "Badly formatted type"},
      50             :     {PXE_KEY_TOO_BIG, "Key was too big"},
      51             :     {PXE_CIPHER_INIT, "Cipher cannot be initialized ?"},
      52             :     {PXE_HASH_UNUSABLE_FOR_HMAC, "This hash algorithm is unusable for HMAC"},
      53             :     {PXE_DEV_READ_ERROR, "Error reading from random device"},
      54             :     {PXE_BUG, "pgcrypto bug"},
      55             :     {PXE_ARGUMENT_ERROR, "Illegal argument to function"},
      56             :     {PXE_UNKNOWN_SALT_ALGO, "Unknown salt algorithm"},
      57             :     {PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"},
      58             :     {PXE_MCRYPT_INTERNAL, "mcrypt internal error"},
      59             :     {PXE_NO_RANDOM, "Failed to generate strong random bits"},
      60             :     {PXE_DECRYPT_FAILED, "Decryption failed"},
      61             :     {PXE_PGP_CORRUPT_DATA, "Wrong key or corrupt data"},
      62             :     {PXE_PGP_CORRUPT_ARMOR, "Corrupt ascii-armor"},
      63             :     {PXE_PGP_UNSUPPORTED_COMPR, "Unsupported compression algorithm"},
      64             :     {PXE_PGP_UNSUPPORTED_CIPHER, "Unsupported cipher algorithm"},
      65             :     {PXE_PGP_UNSUPPORTED_HASH, "Unsupported digest algorithm"},
      66             :     {PXE_PGP_COMPRESSION_ERROR, "Compression error"},
      67             :     {PXE_PGP_NOT_TEXT, "Not text data"},
      68             :     {PXE_PGP_UNEXPECTED_PKT, "Unexpected packet in key data"},
      69             :     {PXE_PGP_MATH_FAILED, "Math operation failed"},
      70             :     {PXE_PGP_SHORT_ELGAMAL_KEY, "Elgamal keys must be at least 1024 bits long"},
      71             :     {PXE_PGP_UNKNOWN_PUBALGO, "Unknown public-key encryption algorithm"},
      72             :     {PXE_PGP_WRONG_KEY, "Wrong key"},
      73             :     {PXE_PGP_MULTIPLE_KEYS,
      74             :     "Several keys given - pgcrypto does not handle keyring"},
      75             :     {PXE_PGP_EXPECT_PUBLIC_KEY, "Refusing to encrypt with secret key"},
      76             :     {PXE_PGP_EXPECT_SECRET_KEY, "Cannot decrypt with public key"},
      77             :     {PXE_PGP_NOT_V4_KEYPKT, "Only V4 key packets are supported"},
      78             :     {PXE_PGP_KEYPKT_CORRUPT, "Corrupt key packet"},
      79             :     {PXE_PGP_NO_USABLE_KEY, "No encryption key found"},
      80             :     {PXE_PGP_NEED_SECRET_PSW, "Need password for secret key"},
      81             :     {PXE_PGP_BAD_S2K_MODE, "Bad S2K mode"},
      82             :     {PXE_PGP_UNSUPPORTED_PUBALGO, "Unsupported public key algorithm"},
      83             :     {PXE_PGP_MULTIPLE_SUBKEYS, "Several subkeys not supported"},
      84             : 
      85             :     {0, NULL},
      86             : };
      87             : 
      88             : /*
      89             :  * Call ereport(ERROR, ...), with an error code and message corresponding to
      90             :  * the PXE_* error code given as argument.
      91             :  *
      92             :  * This is similar to px_strerror(err), but for some errors, we fill in the
      93             :  * error code and detail fields more appropriately.
      94             :  */
      95             : void
      96          38 : px_THROW_ERROR(int err)
      97             : {
      98          38 :     if (err == PXE_NO_RANDOM)
      99             :     {
     100           0 :         ereport(ERROR,
     101             :                 (errcode(ERRCODE_INTERNAL_ERROR),
     102             :                  errmsg("could not generate a random number")));
     103             :     }
     104             :     else
     105             :     {
     106             :         /* For other errors, use the message from the above list. */
     107          38 :         ereport(ERROR,
     108             :                 (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
     109             :                  errmsg("%s", px_strerror(err))));
     110             :     }
     111             : }
     112             : 
     113             : const char *
     114          46 : px_strerror(int err)
     115             : {
     116             :     const struct error_desc *e;
     117             : 
     118        1036 :     for (e = px_err_list; e->desc; e++)
     119        1036 :         if (e->err == err)
     120          46 :             return e->desc;
     121           0 :     return "Bad error code";
     122             : }
     123             : 
     124             : /* memset that must not be optimized away */
     125             : void
     126        5852 : px_memset(void *ptr, int c, size_t len)
     127             : {
     128        5852 :     memset(ptr, c, len);
     129        5852 : }
     130             : 
     131             : const char *
     132         382 : px_resolve_alias(const PX_Alias *list, const char *name)
     133             : {
     134        4944 :     while (list->name)
     135             :     {
     136        4660 :         if (pg_strcasecmp(list->alias, name) == 0)
     137          98 :             return list->name;
     138        4562 :         list++;
     139             :     }
     140         284 :     return name;
     141             : }
     142             : 
     143             : static void (*debug_handler) (const char *) = NULL;
     144             : 
     145             : void
     146         230 : px_set_debug_handler(void (*handler) (const char *))
     147             : {
     148         230 :     debug_handler = handler;
     149         230 : }
     150             : 
     151             : void
     152          28 : px_debug(const char *fmt,...)
     153             : {
     154             :     va_list     ap;
     155             : 
     156          28 :     va_start(ap, fmt);
     157          28 :     if (debug_handler)
     158             :     {
     159             :         char        buf[512];
     160             : 
     161          16 :         vsnprintf(buf, sizeof(buf), fmt, ap);
     162          16 :         debug_handler(buf);
     163             :     }
     164          28 :     va_end(ap);
     165          28 : }
     166             : 
     167             : /*
     168             :  * combo - cipher + padding (+ checksum)
     169             :  */
     170             : 
     171             : static unsigned
     172         114 : combo_encrypt_len(PX_Combo *cx, unsigned dlen)
     173             : {
     174         114 :     return dlen + 512;
     175             : }
     176             : 
     177             : static unsigned
     178          30 : combo_decrypt_len(PX_Combo *cx, unsigned dlen)
     179             : {
     180          30 :     return dlen;
     181             : }
     182             : 
     183             : static int
     184         144 : combo_init(PX_Combo *cx, const uint8 *key, unsigned klen,
     185             :            const uint8 *iv, unsigned ivlen)
     186             : {
     187             :     int         err;
     188             :     unsigned    ks,
     189             :                 ivs;
     190         144 :     PX_Cipher  *c = cx->cipher;
     191         144 :     uint8      *ivbuf = NULL;
     192             :     uint8      *keybuf;
     193             : 
     194         144 :     ks = px_cipher_key_size(c);
     195             : 
     196         144 :     ivs = px_cipher_iv_size(c);
     197         144 :     if (ivs > 0)
     198             :     {
     199         144 :         ivbuf = px_alloc(ivs);
     200         144 :         memset(ivbuf, 0, ivs);
     201         144 :         if (ivlen > ivs)
     202           0 :             memcpy(ivbuf, iv, ivs);
     203             :         else
     204         144 :             memcpy(ivbuf, iv, ivlen);
     205             :     }
     206             : 
     207         144 :     if (klen > ks)
     208           0 :         klen = ks;
     209         144 :     keybuf = px_alloc(ks);
     210         144 :     memset(keybuf, 0, ks);
     211         144 :     memcpy(keybuf, key, klen);
     212             : 
     213         144 :     err = px_cipher_init(c, keybuf, klen, ivbuf);
     214             : 
     215         144 :     if (ivbuf)
     216         144 :         px_free(ivbuf);
     217         144 :     px_free(keybuf);
     218             : 
     219         144 :     return err;
     220             : }
     221             : 
     222             : static int
     223         114 : combo_encrypt(PX_Combo *cx, const uint8 *data, unsigned dlen,
     224             :               uint8 *res, unsigned *rlen)
     225             : {
     226         114 :     int         err = 0;
     227             :     uint8      *bbuf;
     228             :     unsigned    bs,
     229             :                 bpos,
     230             :                 i,
     231             :                 pad;
     232             : 
     233         114 :     PX_Cipher  *c = cx->cipher;
     234             : 
     235         114 :     bbuf = NULL;
     236         114 :     bs = px_cipher_block_size(c);
     237             : 
     238             :     /* encrypt */
     239         114 :     if (bs > 1)
     240             :     {
     241         114 :         bbuf = px_alloc(bs * 4);
     242         114 :         bpos = dlen % bs;
     243         114 :         *rlen = dlen - bpos;
     244         114 :         memcpy(bbuf, data + *rlen, bpos);
     245             : 
     246             :         /* encrypt full-block data */
     247         114 :         if (*rlen)
     248             :         {
     249          62 :             err = px_cipher_encrypt(c, data, *rlen, res);
     250          62 :             if (err)
     251           0 :                 goto out;
     252             :         }
     253             : 
     254             :         /* bbuf has now bpos bytes of stuff */
     255         114 :         if (cx->padding)
     256             :         {
     257          78 :             pad = bs - (bpos % bs);
     258         638 :             for (i = 0; i < pad; i++)
     259         560 :                 bbuf[bpos++] = pad;
     260             :         }
     261          36 :         else if (bpos % bs)
     262             :         {
     263             :             /* ERROR? */
     264           0 :             pad = bs - (bpos % bs);
     265           0 :             for (i = 0; i < pad; i++)
     266           0 :                 bbuf[bpos++] = 0;
     267             :         }
     268             : 
     269             :         /* encrypt the rest - pad */
     270         114 :         if (bpos)
     271             :         {
     272          78 :             err = px_cipher_encrypt(c, bbuf, bpos, res + *rlen);
     273          78 :             *rlen += bpos;
     274             :         }
     275             :     }
     276             :     else
     277             :     {
     278             :         /* stream cipher/mode - no pad needed */
     279           0 :         err = px_cipher_encrypt(c, data, dlen, res);
     280           0 :         if (err)
     281           0 :             goto out;
     282           0 :         *rlen = dlen;
     283             :     }
     284         114 : out:
     285         114 :     if (bbuf)
     286         114 :         px_free(bbuf);
     287             : 
     288         114 :     return err;
     289             : }
     290             : 
     291             : static int
     292          30 : combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen,
     293             :               uint8 *res, unsigned *rlen)
     294             : {
     295             :     unsigned    bs,
     296             :                 i,
     297             :                 pad;
     298             :     unsigned    pad_ok;
     299             : 
     300          30 :     PX_Cipher  *c = cx->cipher;
     301             : 
     302             :     /* decide whether zero-length input is allowed */
     303          30 :     if (dlen == 0)
     304             :     {
     305             :         /* with padding, empty ciphertext is not allowed */
     306           0 :         if (cx->padding)
     307           0 :             return PXE_DECRYPT_FAILED;
     308             : 
     309             :         /* without padding, report empty result */
     310           0 :         *rlen = 0;
     311           0 :         return 0;
     312             :     }
     313             : 
     314          30 :     bs = px_cipher_block_size(c);
     315          30 :     if (bs > 1 && (dlen % bs) != 0)
     316           0 :         goto block_error;
     317             : 
     318             :     /* decrypt */
     319          30 :     *rlen = dlen;
     320          30 :     px_cipher_decrypt(c, data, dlen, res);
     321             : 
     322             :     /* unpad */
     323          30 :     if (bs > 1 && cx->padding)
     324             :     {
     325          30 :         pad = res[*rlen - 1];
     326          30 :         pad_ok = 0;
     327          30 :         if (pad > 0 && pad <= bs && pad <= *rlen)
     328             :         {
     329          30 :             pad_ok = 1;
     330         222 :             for (i = *rlen - pad; i < *rlen; i++)
     331         192 :                 if (res[i] != pad)
     332             :                 {
     333           0 :                     pad_ok = 0;
     334           0 :                     break;
     335             :                 }
     336             :         }
     337             : 
     338          30 :         if (pad_ok)
     339          30 :             *rlen -= pad;
     340             :     }
     341             : 
     342          30 :     return 0;
     343             : 
     344           0 : block_error:
     345           0 :     return PXE_NOTBLOCKSIZE;
     346             : }
     347             : 
     348             : static void
     349         144 : combo_free(PX_Combo *cx)
     350             : {
     351         144 :     if (cx->cipher)
     352         144 :         px_cipher_free(cx->cipher);
     353         144 :     px_memset(cx, 0, sizeof(*cx));
     354         144 :     px_free(cx);
     355         144 : }
     356             : 
     357             : /* PARSER */
     358             : 
     359             : static int
     360         146 : parse_cipher_name(char *full, char **cipher, char **pad)
     361             : {
     362             :     char       *p,
     363             :                *p2,
     364             :                *q;
     365             : 
     366         146 :     *cipher = full;
     367         146 :     *pad = NULL;
     368             : 
     369         146 :     p = strchr(full, '/');
     370         146 :     if (p != NULL)
     371          36 :         *p++ = 0;
     372         182 :     while (p != NULL)
     373             :     {
     374          36 :         if ((q = strchr(p, '/')) != NULL)
     375           0 :             *q++ = 0;
     376             : 
     377          36 :         if (!*p)
     378             :         {
     379           0 :             p = q;
     380           0 :             continue;
     381             :         }
     382          36 :         p2 = strchr(p, ':');
     383          36 :         if (p2 != NULL)
     384             :         {
     385          36 :             *p2++ = 0;
     386          36 :             if (strcmp(p, "pad") == 0)
     387          36 :                 *pad = p2;
     388             :             else
     389           0 :                 return PXE_BAD_OPTION;
     390             :         }
     391             :         else
     392           0 :             return PXE_BAD_FORMAT;
     393             : 
     394          36 :         p = q;
     395             :     }
     396         146 :     return 0;
     397             : }
     398             : 
     399             : /* provider */
     400             : 
     401             : int
     402         146 : px_find_combo(const char *name, PX_Combo **res)
     403             : {
     404             :     int         err;
     405             :     char       *buf,
     406             :                *s_cipher,
     407             :                *s_pad;
     408             : 
     409             :     PX_Combo   *cx;
     410             : 
     411         146 :     cx = px_alloc(sizeof(*cx));
     412         146 :     memset(cx, 0, sizeof(*cx));
     413             : 
     414         146 :     buf = px_alloc(strlen(name) + 1);
     415         146 :     strcpy(buf, name);
     416             : 
     417         146 :     err = parse_cipher_name(buf, &s_cipher, &s_pad);
     418         146 :     if (err)
     419             :     {
     420           0 :         px_free(buf);
     421           0 :         px_free(cx);
     422           0 :         return err;
     423             :     }
     424             : 
     425         146 :     err = px_find_cipher(s_cipher, &cx->cipher);
     426         146 :     if (err)
     427           2 :         goto err1;
     428             : 
     429         144 :     if (s_pad != NULL)
     430             :     {
     431          36 :         if (strcmp(s_pad, "pkcs") == 0)
     432           0 :             cx->padding = 1;
     433          36 :         else if (strcmp(s_pad, "none") == 0)
     434          36 :             cx->padding = 0;
     435             :         else
     436           0 :             goto err1;
     437             :     }
     438             :     else
     439         108 :         cx->padding = 1;
     440             : 
     441         144 :     cx->init = combo_init;
     442         144 :     cx->encrypt = combo_encrypt;
     443         144 :     cx->decrypt = combo_decrypt;
     444         144 :     cx->encrypt_len = combo_encrypt_len;
     445         144 :     cx->decrypt_len = combo_decrypt_len;
     446         144 :     cx->free = combo_free;
     447             : 
     448         144 :     px_free(buf);
     449             : 
     450         144 :     *res = cx;
     451             : 
     452         144 :     return 0;
     453             : 
     454           2 : err1:
     455           2 :     if (cx->cipher)
     456           0 :         px_cipher_free(cx->cipher);
     457           2 :     px_free(cx);
     458           2 :     px_free(buf);
     459           2 :     return PXE_NO_CIPHER;
     460             : }

Generated by: LCOV version 1.13