search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Change ALTER TABLE SET WITHOUT OIDS to rewrite the whole table to physically
[PostgreSQL.git] / contrib / pgcrypto / openssl.c
blob0d77c4140e9f17207101c777b16f6879677f46d8
1 /*
2 * openssl.c
3 * Wrapper for OpenSSL library.
4 *
5 * Copyright (c) 2001 Marko Kreen
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $PostgreSQL$
30 */
31
32 #include "postgres.h"
33
34 #include "px.h"
35
36 #include <openssl/evp.h>
37 #include <openssl/blowfish.h>
38 #include <openssl/cast.h>
39 #include <openssl/des.h>
40 #include <openssl/rand.h>
41 #include <openssl/err.h>
42
43 /*
44 * Max lengths we might want to handle.
45 */
46 #define MAX_KEY (512/8)
47 #define MAX_IV (128/8)
48
49 /*
50 * Compatibility with OpenSSL 0.9.6
51 *
52 * It needs AES and newer DES and digest API.
53 */
54 #if OPENSSL_VERSION_NUMBER >= 0x00907000L
55
56 /*
57 * Nothing needed for OpenSSL 0.9.7+
58 */
59
60 #include <openssl/aes.h>
61 #else /* old OPENSSL */
62
63 /*
64 * Emulate OpenSSL AES.
65 */
66
67 #include "rijndael.c"
68
69 #define AES_ENCRYPT 1
70 #define AES_DECRYPT 0
71 #define AES_KEY rijndael_ctx
72
73 static int
74 AES_set_encrypt_key(const uint8 *key, int kbits, AES_KEY *ctx)
75 {
76 aes_set_key(ctx, key, kbits, 1);
77 return 0;
78 }
79
80 static int
81 AES_set_decrypt_key(const uint8 *key, int kbits, AES_KEY *ctx)
82 {
83 aes_set_key(ctx, key, kbits, 0);
84 return 0;
85 }
86
87 static void
88 AES_ecb_encrypt(const uint8 *src, uint8 *dst, AES_KEY *ctx, int enc)
89 {
90 memcpy(dst, src, 16);
91 if (enc)
92 aes_ecb_encrypt(ctx, dst, 16);
93 else
94 aes_ecb_decrypt(ctx, dst, 16);
95 }
96
97 static void
98 AES_cbc_encrypt(const uint8 *src, uint8 *dst, int len, AES_KEY *ctx, uint8 *iv, int enc)
99 {
100 memcpy(dst, src, len);
101 if (enc)
102 {
103 aes_cbc_encrypt(ctx, iv, dst, len);
104 memcpy(iv, dst + len - 16, 16);
105 }
106 else
107 {
108 aes_cbc_decrypt(ctx, iv, dst, len);
109 memcpy(iv, src + len - 16, 16);
110 }
111 }
112
113 /*
114 * Emulate DES_* API
115 */
116
117 #define DES_key_schedule des_key_schedule
118 #define DES_cblock des_cblock
119 #define DES_set_key(k, ks) \
120 des_set_key((k), *(ks))
121 #define DES_ecb_encrypt(i, o, k, e) \
122 des_ecb_encrypt((i), (o), *(k), (e))
123 #define DES_ncbc_encrypt(i, o, l, k, iv, e) \
124 des_ncbc_encrypt((i), (o), (l), *(k), (iv), (e))
125 #define DES_ecb3_encrypt(i, o, k1, k2, k3, e) \
126 des_ecb3_encrypt((des_cblock *)(i), (des_cblock *)(o), \
127 *(k1), *(k2), *(k3), (e))
128 #define DES_ede3_cbc_encrypt(i, o, l, k1, k2, k3, iv, e) \
129 des_ede3_cbc_encrypt((i), (o), \
130 (l), *(k1), *(k2), *(k3), (iv), (e))
131
132 /*
133 * Emulate newer digest API.
134 */
135
136 static void
137 EVP_MD_CTX_init(EVP_MD_CTX *ctx)
138 {
139 memset(ctx, 0, sizeof(*ctx));
140 }
141
142 static int
143 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
144 {
145 memset(ctx, 0, sizeof(*ctx));
146 return 1;
147 }
148
149 static int
150 EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, void *engine)
151 {
152 EVP_DigestInit(ctx, md);
153 return 1;
154 }
155
156 static int
157 EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *res, unsigned int *len)
158 {
159 EVP_DigestFinal(ctx, res, len);
160 return 1;
161 }
162 #endif /* old OpenSSL */
163
164 /*
165 * Provide SHA2 for older OpenSSL < 0.9.8
166 */
167 #if OPENSSL_VERSION_NUMBER < 0x00908000L
168
169 #include "sha2.c"
170 #include "internal-sha2.c"
171
172 typedef void (*init_f) (PX_MD * md);
173
174 static int
175 compat_find_digest(const char *name, PX_MD ** res)
176 {
177 init_f init = NULL;
178
179 if (pg_strcasecmp(name, "sha224") == 0)
180 init = init_sha224;
181 else if (pg_strcasecmp(name, "sha256") == 0)
182 init = init_sha256;
183 else if (pg_strcasecmp(name, "sha384") == 0)
184 init = init_sha384;
185 else if (pg_strcasecmp(name, "sha512") == 0)
186 init = init_sha512;
187 else
188 return PXE_NO_HASH;
189
190 *res = px_alloc(sizeof(PX_MD));
191 init(*res);
192 return 0;
193 }
194 #else
195 #define compat_find_digest(name, res) (PXE_NO_HASH)
196 #endif
197
198 /*
199 * Hashes
200 */
201
202 typedef struct OSSLDigest
203 {
204 const EVP_MD *algo;
205 EVP_MD_CTX ctx;
206 } OSSLDigest;
207
208 static unsigned
209 digest_result_size(PX_MD * h)
210 {
211 OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
212
213 return EVP_MD_CTX_size(&digest->ctx);
214 }
215
216 static unsigned
217 digest_block_size(PX_MD * h)
218 {
219 OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
220
221 return EVP_MD_CTX_block_size(&digest->ctx);
222 }
223
224 static void
225 digest_reset(PX_MD * h)
226 {
227 OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
228
229 EVP_DigestInit_ex(&digest->ctx, digest->algo, NULL);
230 }
231
232 static void
233 digest_update(PX_MD * h, const uint8 *data, unsigned dlen)
234 {
235 OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
236
237 EVP_DigestUpdate(&digest->ctx, data, dlen);
238 }
239
240 static void
241 digest_finish(PX_MD * h, uint8 *dst)
242 {
243 OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
244
245 EVP_DigestFinal_ex(&digest->ctx, dst, NULL);
246 }
247
248 static void
249 digest_free(PX_MD * h)
250 {
251 OSSLDigest *digest = (OSSLDigest *) h->p.ptr;
252
253 EVP_MD_CTX_cleanup(&digest->ctx);
254
255 px_free(digest);
256 px_free(h);
257 }
258
259 static int px_openssl_initialized = 0;
260
261 /* PUBLIC functions */
262
263 int
264 px_find_digest(const char *name, PX_MD ** res)
265 {
266 const EVP_MD *md;
267 PX_MD *h;
268 OSSLDigest *digest;
269
270 if (!px_openssl_initialized)
271 {
272 px_openssl_initialized = 1;
273 OpenSSL_add_all_algorithms();
274 }
275
276 md = EVP_get_digestbyname(name);
277 if (md == NULL)
278 return compat_find_digest(name, res);
279
280 digest = px_alloc(sizeof(*digest));
281 digest->algo = md;
282
283 EVP_MD_CTX_init(&digest->ctx);
284 if (EVP_DigestInit_ex(&digest->ctx, digest->algo, NULL) == 0)
285 return -1;
286
287 h = px_alloc(sizeof(*h));
288 h->result_size = digest_result_size;
289 h->block_size = digest_block_size;
290 h->reset = digest_reset;
291 h->update = digest_update;
292 h->finish = digest_finish;
293 h->free = digest_free;
294 h->p.ptr = (void *) digest;
295
296 *res = h;
297 return 0;
298 }
299
300 /*
301 * Ciphers
302 *
303 * The problem with OpenSSL is that the EVP* family
304 * of functions does not allow enough flexibility
305 * and forces some of the parameters (keylen,
306 * padding) to SSL defaults.
307 *
308 * So need to manage ciphers ourselves.
309 */
310
311 struct ossl_cipher
312 {
313 int (*init) (PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv);
314 int (*encrypt) (PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res);
315 int (*decrypt) (PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res);
316
317 int block_size;
318 int max_key_size;
319 int stream_cipher;
320 };
321
322 typedef struct
323 {
324 union
325 {
326 struct
327 {
328 BF_KEY key;
329 int num;
330 } bf;
331 struct
332 {
333 DES_key_schedule key_schedule;
334 } des;
335 struct
336 {
337 DES_key_schedule k1,
338 k2,
339 k3;
340 } des3;
341 CAST_KEY cast_key;
342 AES_KEY aes_key;
343 } u;
344 uint8 key[MAX_KEY];
345 uint8 iv[MAX_IV];
346 unsigned klen;
347 unsigned init;
348 const struct ossl_cipher *ciph;
349 } ossldata;
350
351 /* generic */
352
353 static unsigned
354 gen_ossl_block_size(PX_Cipher * c)
355 {
356 ossldata *od = (ossldata *) c->ptr;
357
358 return od->ciph->block_size;
359 }
360
361 static unsigned
362 gen_ossl_key_size(PX_Cipher * c)
363 {
364 ossldata *od = (ossldata *) c->ptr;
365
366 return od->ciph->max_key_size;
367 }
368
369 static unsigned
370 gen_ossl_iv_size(PX_Cipher * c)
371 {
372 unsigned ivlen;
373 ossldata *od = (ossldata *) c->ptr;
374
375 ivlen = od->ciph->block_size;
376 return ivlen;
377 }
378
379 static void
380 gen_ossl_free(PX_Cipher * c)
381 {
382 ossldata *od = (ossldata *) c->ptr;
383
384 memset(od, 0, sizeof(*od));
385 px_free(od);
386 px_free(c);
387 }
388
389 /* Blowfish */
390
391 /*
392 * Check if strong crypto is supported. Some openssl installations
393 * support only short keys and unfortunately BF_set_key does not return any
394 * error value. This function tests if is possible to use strong key.
395 */
396 static int
397 bf_check_supported_key_len(void)
398 {
399 static const uint8 key[56] = {
400 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, 0x78, 0x69,
401 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, 0x00, 0x11, 0x22, 0x33,
402 0x44, 0x55, 0x66, 0x77, 0x04, 0x68, 0x91, 0x04, 0xc2, 0xfd,
403 0x3b, 0x2f, 0x58, 0x40, 0x23, 0x64, 0x1a, 0xba, 0x61, 0x76,
404 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e, 0xff, 0xff,
405 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
406 };
407
408 static const uint8 data[8] = {0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
409 static const uint8 res[8] = {0xc0, 0x45, 0x04, 0x01, 0x2e, 0x4e, 0x1f, 0x53};
410 static uint8 out[8];
411
412 BF_KEY bf_key;
413
414 /* encrypt with 448bits key and verify output */
415 BF_set_key(&bf_key, 56, key);
416 BF_ecb_encrypt(data, out, &bf_key, BF_ENCRYPT);
417
418 if (memcmp(out, res, 8) != 0)
419 return 0; /* Output does not match -> strong cipher is
420 * not supported */
421 return 1;
422 }
423
424 static int
425 bf_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
426 {
427 ossldata *od = c->ptr;
428 static int bf_is_strong = -1;
429
430 /*
431 * Test if key len is supported. BF_set_key silently cut large keys and it
432 * could be be a problem when user transfer crypted data from one server
433 * to another.
434 */
435
436 if (bf_is_strong == -1)
437 bf_is_strong = bf_check_supported_key_len();
438
439 if (!bf_is_strong && klen > 16)
440 return PXE_KEY_TOO_BIG;
441
442 /* Key len is supported. We can use it. */
443 BF_set_key(&od->u.bf.key, klen, key);
444 if (iv)
445 memcpy(od->iv, iv, BF_BLOCK);
446 else
447 memset(od->iv, 0, BF_BLOCK);
448 od->u.bf.num = 0;
449 return 0;
450 }
451
452 static int
453 bf_ecb_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
454 {
455 unsigned bs = gen_ossl_block_size(c);
456 unsigned i;
457 ossldata *od = c->ptr;
458
459 for (i = 0; i < dlen / bs; i++)
460 BF_ecb_encrypt(data + i * bs, res + i * bs, &od->u.bf.key, BF_ENCRYPT);
461 return 0;
462 }
463
464 static int
465 bf_ecb_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
466 {
467 unsigned bs = gen_ossl_block_size(c),
468 i;
469 ossldata *od = c->ptr;
470
471 for (i = 0; i < dlen / bs; i++)
472 BF_ecb_encrypt(data + i * bs, res + i * bs, &od->u.bf.key, BF_DECRYPT);
473 return 0;
474 }
475
476 static int
477 bf_cbc_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
478 {
479 ossldata *od = c->ptr;
480
481 BF_cbc_encrypt(data, res, dlen, &od->u.bf.key, od->iv, BF_ENCRYPT);
482 return 0;
483 }
484
485 static int
486 bf_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
487 {
488 ossldata *od = c->ptr;
489
490 BF_cbc_encrypt(data, res, dlen, &od->u.bf.key, od->iv, BF_DECRYPT);
491 return 0;
492 }
493
494 static int
495 bf_cfb64_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
496 {
497 ossldata *od = c->ptr;
498
499 BF_cfb64_encrypt(data, res, dlen, &od->u.bf.key, od->iv,
500 &od->u.bf.num, BF_ENCRYPT);
501 return 0;
502 }
503
504 static int
505 bf_cfb64_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
506 {
507 ossldata *od = c->ptr;
508
509 BF_cfb64_encrypt(data, res, dlen, &od->u.bf.key, od->iv,
510 &od->u.bf.num, BF_DECRYPT);
511 return 0;
512 }
513
514 /* DES */
515
516 static int
517 ossl_des_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
518 {
519 ossldata *od = c->ptr;
520 DES_cblock xkey;
521
522 memset(&xkey, 0, sizeof(xkey));
523 memcpy(&xkey, key, klen > 8 ? 8 : klen);
524 DES_set_key(&xkey, &od->u.des.key_schedule);
525 memset(&xkey, 0, sizeof(xkey));
526
527 if (iv)
528 memcpy(od->iv, iv, 8);
529 else
530 memset(od->iv, 0, 8);
531 return 0;
532 }
533
534 static int
535 ossl_des_ecb_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
536 uint8 *res)
537 {
538 unsigned bs = gen_ossl_block_size(c);
539 unsigned i;
540 ossldata *od = c->ptr;
541
542 for (i = 0; i < dlen / bs; i++)
543 DES_ecb_encrypt((DES_cblock *) (data + i * bs),
544 (DES_cblock *) (res + i * bs),
545 &od->u.des.key_schedule, 1);
546 return 0;
547 }
548
549 static int
550 ossl_des_ecb_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
551 uint8 *res)
552 {
553 unsigned bs = gen_ossl_block_size(c);
554 unsigned i;
555 ossldata *od = c->ptr;
556
557 for (i = 0; i < dlen / bs; i++)
558 DES_ecb_encrypt((DES_cblock *) (data + i * bs),
559 (DES_cblock *) (res + i * bs),
560 &od->u.des.key_schedule, 0);
561 return 0;
562 }
563
564 static int
565 ossl_des_cbc_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
566 uint8 *res)
567 {
568 ossldata *od = c->ptr;
569
570 DES_ncbc_encrypt(data, res, dlen, &od->u.des.key_schedule,
571 (DES_cblock *) od->iv, 1);
572 return 0;
573 }
574
575 static int
576 ossl_des_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
577 uint8 *res)
578 {
579 ossldata *od = c->ptr;
580
581 DES_ncbc_encrypt(data, res, dlen, &od->u.des.key_schedule,
582 (DES_cblock *) od->iv, 0);
583 return 0;
584 }
585
586 /* DES3 */
587
588 static int
589 ossl_des3_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
590 {
591 ossldata *od = c->ptr;
592 DES_cblock xkey1,
593 xkey2,
594 xkey3;
595
596 memset(&xkey1, 0, sizeof(xkey1));
597 memset(&xkey2, 0, sizeof(xkey2));
598 memset(&xkey3, 0, sizeof(xkey3));
599 memcpy(&xkey1, key, klen > 8 ? 8 : klen);
600 if (klen > 8)
601 memcpy(&xkey2, key + 8, (klen - 8) > 8 ? 8 : (klen - 8));
602 if (klen > 16)
603 memcpy(&xkey3, key + 16, (klen - 16) > 8 ? 8 : (klen - 16));
604
605 DES_set_key(&xkey1, &od->u.des3.k1);
606 DES_set_key(&xkey2, &od->u.des3.k2);
607 DES_set_key(&xkey3, &od->u.des3.k3);
608 memset(&xkey1, 0, sizeof(xkey1));
609 memset(&xkey2, 0, sizeof(xkey2));
610 memset(&xkey3, 0, sizeof(xkey3));
611
612 if (iv)
613 memcpy(od->iv, iv, 8);
614 else
615 memset(od->iv, 0, 8);
616 return 0;
617 }
618
619 static int
620 ossl_des3_ecb_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
621 uint8 *res)
622 {
623 unsigned bs = gen_ossl_block_size(c);
624 unsigned i;
625 ossldata *od = c->ptr;
626
627 for (i = 0; i < dlen / bs; i++)
628 DES_ecb3_encrypt((void *) (data + i * bs), (void *) (res + i * bs),
629 &od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3, 1);
630 return 0;
631 }
632
633 static int
634 ossl_des3_ecb_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
635 uint8 *res)
636 {
637 unsigned bs = gen_ossl_block_size(c);
638 unsigned i;
639 ossldata *od = c->ptr;
640
641 for (i = 0; i < dlen / bs; i++)
642 DES_ecb3_encrypt((void *) (data + i * bs), (void *) (res + i * bs),
643 &od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3, 0);
644 return 0;
645 }
646
647 static int
648 ossl_des3_cbc_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
649 uint8 *res)
650 {
651 ossldata *od = c->ptr;
652
653 DES_ede3_cbc_encrypt(data, res, dlen,
654 &od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3,
655 (DES_cblock *) od->iv, 1);
656 return 0;
657 }
658
659 static int
660 ossl_des3_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
661 uint8 *res)
662 {
663 ossldata *od = c->ptr;
664
665 DES_ede3_cbc_encrypt(data, res, dlen,
666 &od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3,
667 (DES_cblock *) od->iv, 0);
668 return 0;
669 }
670
671 /* CAST5 */
672
673 static int
674 ossl_cast_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
675 {
676 ossldata *od = c->ptr;
677 unsigned bs = gen_ossl_block_size(c);
678
679 CAST_set_key(&od->u.cast_key, klen, key);
680 if (iv)
681 memcpy(od->iv, iv, bs);
682 else
683 memset(od->iv, 0, bs);
684 return 0;
685 }
686
687 static int
688 ossl_cast_ecb_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
689 {
690 unsigned bs = gen_ossl_block_size(c);
691 ossldata *od = c->ptr;
692 const uint8 *end = data + dlen - bs;
693
694 for (; data <= end; data += bs, res += bs)
695 CAST_ecb_encrypt(data, res, &od->u.cast_key, CAST_ENCRYPT);
696 return 0;
697 }
698
699 static int
700 ossl_cast_ecb_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
701 {
702 unsigned bs = gen_ossl_block_size(c);
703 ossldata *od = c->ptr;
704 const uint8 *end = data + dlen - bs;
705
706 for (; data <= end; data += bs, res += bs)
707 CAST_ecb_encrypt(data, res, &od->u.cast_key, CAST_DECRYPT);
708 return 0;
709 }
710
711 static int
712 ossl_cast_cbc_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
713 {
714 ossldata *od = c->ptr;
715
716 CAST_cbc_encrypt(data, res, dlen, &od->u.cast_key, od->iv, CAST_ENCRYPT);
717 return 0;
718 }
719
720 static int
721 ossl_cast_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *res)
722 {
723 ossldata *od = c->ptr;
724
725 CAST_cbc_encrypt(data, res, dlen, &od->u.cast_key, od->iv, CAST_DECRYPT);
726 return 0;
727 }
728
729 /* AES */
730
731 static int
732 ossl_aes_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
733 {
734 ossldata *od = c->ptr;
735 unsigned bs = gen_ossl_block_size(c);
736
737 if (klen <= 128 / 8)
738 od->klen = 128 / 8;
739 else if (klen <= 192 / 8)
740 od->klen = 192 / 8;
741 else if (klen <= 256 / 8)
742 od->klen = 256 / 8;
743 else
744 return PXE_KEY_TOO_BIG;
745
746 memcpy(od->key, key, klen);
747
748 if (iv)
749 memcpy(od->iv, iv, bs);
750 else
751 memset(od->iv, 0, bs);
752 return 0;
753 }
754
755 static int
756 ossl_aes_key_init(ossldata * od, int type)
757 {
758 int err;
759
760 /*
761 * Strong key support could be missing on some openssl installations. We
762 * must check return value from set key function.
763 */
764 if (type == AES_ENCRYPT)
765 err = AES_set_encrypt_key(od->key, od->klen * 8, &od->u.aes_key);
766 else
767 err = AES_set_decrypt_key(od->key, od->klen * 8, &od->u.aes_key);
768
769 if (err == 0)
770 {
771 od->init = 1;
772 return 0;
773 }
774 od->init = 0;
775 return PXE_KEY_TOO_BIG;
776 }
777
778 static int
779 ossl_aes_ecb_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
780 uint8 *res)
781 {
782 unsigned bs = gen_ossl_block_size(c);
783 ossldata *od = c->ptr;
784 const uint8 *end = data + dlen - bs;
785 int err;
786
787 if (!od->init)
788 if ((err = ossl_aes_key_init(od, AES_ENCRYPT)) != 0)
789 return err;
790
791 for (; data <= end; data += bs, res += bs)
792 AES_ecb_encrypt(data, res, &od->u.aes_key, AES_ENCRYPT);
793 return 0;
794 }
795
796 static int
797 ossl_aes_ecb_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
798 uint8 *res)
799 {
800 unsigned bs = gen_ossl_block_size(c);
801 ossldata *od = c->ptr;
802 const uint8 *end = data + dlen - bs;
803 int err;
804
805 if (!od->init)
806 if ((err = ossl_aes_key_init(od, AES_DECRYPT)) != 0)
807 return err;
808
809 for (; data <= end; data += bs, res += bs)
810 AES_ecb_encrypt(data, res, &od->u.aes_key, AES_DECRYPT);
811 return 0;
812 }
813
814 static int
815 ossl_aes_cbc_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
816 uint8 *res)
817 {
818 ossldata *od = c->ptr;
819 int err;
820
821 if (!od->init)
822 if ((err = ossl_aes_key_init(od, AES_ENCRYPT)) != 0)
823 return err;
824
825 AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_ENCRYPT);
826 return 0;
827 }
828
829 static int
830 ossl_aes_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
831 uint8 *res)
832 {
833 ossldata *od = c->ptr;
834 int err;
835
836 if (!od->init)
837 if ((err = ossl_aes_key_init(od, AES_DECRYPT)) != 0)
838 return err;
839
840 AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_DECRYPT);
841 return 0;
842 }
843
844 /*
845 * aliases
846 */
847
848 static PX_Alias ossl_aliases[] = {
849 {"bf", "bf-cbc"},
850 {"blowfish", "bf-cbc"},
851 {"blowfish-cbc", "bf-cbc"},
852 {"blowfish-ecb", "bf-ecb"},
853 {"blowfish-cfb", "bf-cfb"},
854 {"des", "des-cbc"},
855 {"3des", "des3-cbc"},
856 {"3des-ecb", "des3-ecb"},
857 {"3des-cbc", "des3-cbc"},
858 {"cast5", "cast5-cbc"},
859 {"aes", "aes-cbc"},
860 {"rijndael", "aes-cbc"},
861 {"rijndael-cbc", "aes-cbc"},
862 {"rijndael-ecb", "aes-ecb"},
863 {NULL}
864 };
865
866 static const struct ossl_cipher ossl_bf_cbc = {
867 bf_init, bf_cbc_encrypt, bf_cbc_decrypt,
868 64 / 8, 448 / 8, 0
869 };
870
871 static const struct ossl_cipher ossl_bf_ecb = {
872 bf_init, bf_ecb_encrypt, bf_ecb_decrypt,
873 64 / 8, 448 / 8, 0
874 };
875
876 static const struct ossl_cipher ossl_bf_cfb = {
877 bf_init, bf_cfb64_encrypt, bf_cfb64_decrypt,
878 64 / 8, 448 / 8, 1
879 };
880
881 static const struct ossl_cipher ossl_des_ecb = {
882 ossl_des_init, ossl_des_ecb_encrypt, ossl_des_ecb_decrypt,
883 64 / 8, 64 / 8, 0
884 };
885
886 static const struct ossl_cipher ossl_des_cbc = {
887 ossl_des_init, ossl_des_cbc_encrypt, ossl_des_cbc_decrypt,
888 64 / 8, 64 / 8, 0
889 };
890
891 static const struct ossl_cipher ossl_des3_ecb = {
892 ossl_des3_init, ossl_des3_ecb_encrypt, ossl_des3_ecb_decrypt,
893 64 / 8, 192 / 8, 0
894 };
895
896 static const struct ossl_cipher ossl_des3_cbc = {
897 ossl_des3_init, ossl_des3_cbc_encrypt, ossl_des3_cbc_decrypt,
898 64 / 8, 192 / 8, 0
899 };
900
901 static const struct ossl_cipher ossl_cast_ecb = {
902 ossl_cast_init, ossl_cast_ecb_encrypt, ossl_cast_ecb_decrypt,
903 64 / 8, 128 / 8, 0
904 };
905
906 static const struct ossl_cipher ossl_cast_cbc = {
907 ossl_cast_init, ossl_cast_cbc_encrypt, ossl_cast_cbc_decrypt,
908 64 / 8, 128 / 8, 0
909 };
910
911 static const struct ossl_cipher ossl_aes_ecb = {
912 ossl_aes_init, ossl_aes_ecb_encrypt, ossl_aes_ecb_decrypt,
913 128 / 8, 256 / 8, 0
914 };
915
916 static const struct ossl_cipher ossl_aes_cbc = {
917 ossl_aes_init, ossl_aes_cbc_encrypt, ossl_aes_cbc_decrypt,
918 128 / 8, 256 / 8, 0
919 };
920
921 /*
922 * Special handlers
923 */
924 struct ossl_cipher_lookup
925 {
926 const char *name;
927 const struct ossl_cipher *ciph;
928 };
929
930 static const struct ossl_cipher_lookup ossl_cipher_types[] = {
931 {"bf-cbc", &ossl_bf_cbc},
932 {"bf-ecb", &ossl_bf_ecb},
933 {"bf-cfb", &ossl_bf_cfb},
934 {"des-ecb", &ossl_des_ecb},
935 {"des-cbc", &ossl_des_cbc},
936 {"des3-ecb", &ossl_des3_ecb},
937 {"des3-cbc", &ossl_des3_cbc},
938 {"cast5-ecb", &ossl_cast_ecb},
939 {"cast5-cbc", &ossl_cast_cbc},
940 {"aes-ecb", &ossl_aes_ecb},
941 {"aes-cbc", &ossl_aes_cbc},
942 {NULL}
943 };
944
945 /* PUBLIC functions */
946
947 int
948 px_find_cipher(const char *name, PX_Cipher ** res)
949 {
950 const struct ossl_cipher_lookup *i;
951 PX_Cipher *c = NULL;
952 ossldata *od;
953
954 name = px_resolve_alias(ossl_aliases, name);
955 for (i = ossl_cipher_types; i->name; i++)
956 if (!strcmp(i->name, name))
957 break;
958 if (i->name == NULL)
959 return PXE_NO_CIPHER;
960
961 od = px_alloc(sizeof(*od));
962 memset(od, 0, sizeof(*od));
963 od->ciph = i->ciph;
964
965 c = px_alloc(sizeof(*c));
966 c->block_size = gen_ossl_block_size;
967 c->key_size = gen_ossl_key_size;
968 c->iv_size = gen_ossl_iv_size;
969 c->free = gen_ossl_free;
970 c->init = od->ciph->init;
971 c->encrypt = od->ciph->encrypt;
972 c->decrypt = od->ciph->decrypt;
973 c->ptr = od;
974
975 *res = c;
976 return 0;
977 }
978
979
980 static int openssl_random_init = 0;
981
982 /*
983 * OpenSSL random should re-feeded occasionally. From /dev/urandom
984 * preferably.
985 */
986 static void
987 init_openssl_rand(void)
988 {
989 if (RAND_get_rand_method() == NULL)
990 RAND_set_rand_method(RAND_SSLeay());
991 openssl_random_init = 1;
992 }
993
994 int
995 px_get_random_bytes(uint8 *dst, unsigned count)
996 {
997 int res;
998
999 if (!openssl_random_init)
1000 init_openssl_rand();
1001
1002 res = RAND_bytes(dst, count);
1003 if (res == 1)
1004 return count;
1005
1006 return PXE_OSSL_RAND_ERROR;
1007 }
1008
1009 int
1010 px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
1011 {
1012 int res;
1013
1014 if (!openssl_random_init)
1015 init_openssl_rand();
1016
1017 res = RAND_pseudo_bytes(dst, count);
1018 if (res == 0 || res == 1)
1019 return count;
1020
1021 return PXE_OSSL_RAND_ERROR;
1022 }
1023
1024 int
1025 px_add_entropy(const uint8 *data, unsigned count)
1026 {
1027 /*
1028 * estimate 0 bits
1029 */
1030 RAND_add(data, count, 0);
1031 return 0;
1032 }
PostgreSQL from CVS