search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Start background writer during archive recovery. Background writer now performs
[PostgreSQL.git] / contrib / pgcrypto / crypt-gensalt.c
blob70392486b7b42e0560773d89ff1fe6bc34b043a2
1 /*
2 * Written by Solar Designer and placed in the public domain.
3 * See crypt_blowfish.c for more information.
4 *
5 * $PostgreSQL$
6 *
7 * This file contains salt generation functions for the traditional and
8 * other common crypt(3) algorithms, except for bcrypt which is defined
9 * entirely in crypt_blowfish.c.
10 *
11 * Put bcrypt generator also here as crypt-blowfish.c
12 * may not be compiled always. -- marko
13 */
14
15 #include "postgres.h"
16
17 #include "px.h"
18 #include "px-crypt.h"
19
20 typedef unsigned int BF_word;
21
22 static unsigned char _crypt_itoa64[64 + 1] =
23 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
24
25 char *
26 _crypt_gensalt_traditional_rn(unsigned long count,
27 const char *input, int size, char *output, int output_size)
28 {
29 if (size < 2 || output_size < 2 + 1 || (count && count != 25))
30 {
31 if (output_size > 0)
32 output[0] = '\0';
33 return NULL;
34 }
35
36 output[0] = _crypt_itoa64[(unsigned int) input[0] & 0x3f];
37 output[1] = _crypt_itoa64[(unsigned int) input[1] & 0x3f];
38 output[2] = '\0';
39
40 return output;
41 }
42
43 char *
44 _crypt_gensalt_extended_rn(unsigned long count,
45 const char *input, int size, char *output, int output_size)
46 {
47 unsigned long value;
48
49 /* Even iteration counts make it easier to detect weak DES keys from a look
50 * at the hash, so they should be avoided */
51 if (size < 3 || output_size < 1 + 4 + 4 + 1 ||
52 (count && (count > 0xffffff || !(count & 1))))
53 {
54 if (output_size > 0)
55 output[0] = '\0';
56 return NULL;
57 }
58
59 if (!count)
60 count = 725;
61
62 output[0] = '_';
63 output[1] = _crypt_itoa64[count & 0x3f];
64 output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
65 output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
66 output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
67 value = (unsigned long) (unsigned char) input[0] |
68 ((unsigned long) (unsigned char) input[1] << 8) |
69 ((unsigned long) (unsigned char) input[2] << 16);
70 output[5] = _crypt_itoa64[value & 0x3f];
71 output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
72 output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
73 output[8] = _crypt_itoa64[(value >> 18) & 0x3f];
74 output[9] = '\0';
75
76 return output;
77 }
78
79 char *
80 _crypt_gensalt_md5_rn(unsigned long count,
81 const char *input, int size, char *output, int output_size)
82 {
83 unsigned long value;
84
85 if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000))
86 {
87 if (output_size > 0)
88 output[0] = '\0';
89 return NULL;
90 }
91
92 output[0] = '$';
93 output[1] = '1';
94 output[2] = '$';
95 value = (unsigned long) (unsigned char) input[0] |
96 ((unsigned long) (unsigned char) input[1] << 8) |
97 ((unsigned long) (unsigned char) input[2] << 16);
98 output[3] = _crypt_itoa64[value & 0x3f];
99 output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
100 output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
101 output[6] = _crypt_itoa64[(value >> 18) & 0x3f];
102 output[7] = '\0';
103
104 if (size >= 6 && output_size >= 3 + 4 + 4 + 1)
105 {
106 value = (unsigned long) (unsigned char) input[3] |
107 ((unsigned long) (unsigned char) input[4] << 8) |
108 ((unsigned long) (unsigned char) input[5] << 16);
109 output[7] = _crypt_itoa64[value & 0x3f];
110 output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
111 output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
112 output[10] = _crypt_itoa64[(value >> 18) & 0x3f];
113 output[11] = '\0';
114 }
115
116 return output;
117 }
118
119
120
121 static unsigned char BF_itoa64[64 + 1] =
122 "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
123
124 static void
125 BF_encode(char *dst, const BF_word * src, int size)
126 {
127 unsigned char *sptr = (unsigned char *) src;
128 unsigned char *end = sptr + size;
129 unsigned char *dptr = (unsigned char *) dst;
130 unsigned int c1,
131 c2;
132
133 do
134 {
135 c1 = *sptr++;
136 *dptr++ = BF_itoa64[c1 >> 2];
137 c1 = (c1 & 0x03) << 4;
138 if (sptr >= end)
139 {
140 *dptr++ = BF_itoa64[c1];
141 break;
142 }
143
144 c2 = *sptr++;
145 c1 |= c2 >> 4;
146 *dptr++ = BF_itoa64[c1];
147 c1 = (c2 & 0x0f) << 2;
148 if (sptr >= end)
149 {
150 *dptr++ = BF_itoa64[c1];
151 break;
152 }
153
154 c2 = *sptr++;
155 c1 |= c2 >> 6;
156 *dptr++ = BF_itoa64[c1];
157 *dptr++ = BF_itoa64[c2 & 0x3f];
158 } while (sptr < end);
159 }
160
161 char *
162 _crypt_gensalt_blowfish_rn(unsigned long count,
163 const char *input, int size, char *output, int output_size)
164 {
165 if (size < 16 || output_size < 7 + 22 + 1 ||
166 (count && (count < 4 || count > 31)))
167 {
168 if (output_size > 0)
169 output[0] = '\0';
170 return NULL;
171 }
172
173 if (!count)
174 count = 5;
175
176 output[0] = '$';
177 output[1] = '2';
178 output[2] = 'a';
179 output[3] = '$';
180 output[4] = '0' + count / 10;
181 output[5] = '0' + count % 10;
182 output[6] = '$';
183
184 BF_encode(&output[7], (BF_word *) input, 16);
185 output[7 + 22] = '\0';
186
187 return output;
188 }
PostgreSQL from CVS