mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

As Kris Jurka found out, pgcrypto does not work with

Browse Source 
OpenSSL 0.9.6x.  The DES functions use the older 'des_'
API, but the newer 3DES functions use the 0.9.7x-only
'DES_' API.

I think I just used /usr/include/openssl/des.h for reference
when implementing them, and had upgraded OpenSSL in the
meantime.

Following patch converts DES also to newer API and provides
compatibility functions for OpenSSL < 0.9.7.

I chose this route because:

- openssl.c uses few DES functions.
- compatibility for old 'des_' API is going away at some point
  of time from OpenSSL.
- as seen from macros, new API is saner
- Thus pgcrypto supports any OpenSSL version from 0.9.5 to 1.0

Tested with OpenSSL 0.9.6c and 0.9.7e.

Marko Kreen
This commit is contained in:
Bruce Momjian 2005-07-10 13:54:34 +00:00
parent e94dd6ab91
commit d51df91897
1 changed files with 38 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
contrib/pgcrypto/openssl.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $PostgreSQL: pgsql/contrib/pgcrypto/openssl.c,v 1.21 2005/07/10 03:55:28 momjian Exp $ * $PostgreSQL: pgsql/contrib/pgcrypto/openssl.c,v 1.22 2005/07/10 13:54:34 momjian Exp $
*/ */
#include <postgres.h> #include <postgres.h>
@ -50,6 +50,26 @@
#include <openssl/aes.h> #include <openssl/aes.h>
#endif #endif
/*
* Compatibility with older OpenSSL API for DES.
*/
#if OPENSSL_VERSION_NUMBER < 0x00907000L
#define DES_key_schedule des_key_schedule
#define DES_cblock des_cblock
#define DES_set_key(k, ks) \
des_set_key((k), *(ks))
#define DES_ecb_encrypt(i, o, k, e) \
des_ecb_encrypt((i), (o), *(k), (e))
#define DES_ncbc_encrypt(i, o, l, k, iv, e) \
des_ncbc_encrypt((i), (o), (l), *(k), (iv), (e))
#define DES_ecb3_encrypt(i, o, k1, k2, k3, e) \
des_ecb3_encrypt((des_cblock *)(i), (des_cblock *)(o), \
*(k1), *(k2), *(k3), (e))
#define DES_ede3_cbc_encrypt(i, o, l, k1, k2, k3, iv, e) \
des_ede3_cbc_encrypt((i), (o), \
(l), *(k1), *(k2), *(k3), (iv), (e))
#endif
/* /*
* Hashes * Hashes
*/ */
@ -178,11 +198,11 @@ typedef struct
} bf; } bf;
struct struct
{ {
des_key_schedule key_schedule; DES_key_schedule key_schedule;
} des; } des;
struct struct
{ {
des_key_schedule k1, k2, k3; DES_key_schedule k1, k2, k3;
} des3; } des3;
CAST_KEY cast_key; CAST_KEY cast_key;
#ifdef GOT_AES #ifdef GOT_AES
@ -318,11 +338,11 @@ static int
ossl_des_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv) ossl_des_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
{ {
ossldata *od = c->ptr; ossldata *od = c->ptr;
des_cblock xkey; DES_cblock xkey;
memset(&xkey, 0, sizeof(xkey)); memset(&xkey, 0, sizeof(xkey));
memcpy(&xkey, key, klen > 8 ? 8 : klen); memcpy(&xkey, key, klen > 8 ? 8 : klen);
des_set_key(&xkey, od->u.des.key_schedule); DES_set_key(&xkey, &od->u.des.key_schedule);
memset(&xkey, 0, sizeof(xkey)); memset(&xkey, 0, sizeof(xkey));
if (iv) if (iv)
@ -341,9 +361,9 @@ ossl_des_ecb_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
ossldata *od = c->ptr; ossldata *od = c->ptr;
for (i = 0; i < dlen / bs; i++) for (i = 0; i < dlen / bs; i++)
des_ecb_encrypt((des_cblock *) (data + i * bs), DES_ecb_encrypt((DES_cblock *) (data + i * bs),
(des_cblock *) (res + i * bs), (DES_cblock *) (res + i * bs),
od->u.des.key_schedule, 1); &od->u.des.key_schedule, 1);
return 0; return 0;
} }
@ -356,9 +376,9 @@ ossl_des_ecb_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
ossldata *od = c->ptr; ossldata *od = c->ptr;
for (i = 0; i < dlen / bs; i++) for (i = 0; i < dlen / bs; i++)
des_ecb_encrypt((des_cblock *) (data + i * bs), DES_ecb_encrypt((DES_cblock *) (data + i * bs),
(des_cblock *) (res + i * bs), (DES_cblock *) (res + i * bs),
od->u.des.key_schedule, 0); &od->u.des.key_schedule, 0);
return 0; return 0;
} }
@ -368,8 +388,8 @@ ossl_des_cbc_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
{ {
ossldata *od = c->ptr; ossldata *od = c->ptr;
des_ncbc_encrypt(data, res, dlen, od->u.des.key_schedule, DES_ncbc_encrypt(data, res, dlen, &od->u.des.key_schedule,
(des_cblock *) od->iv, 1); (DES_cblock *) od->iv, 1);
return 0; return 0;
} }
@ -379,8 +399,8 @@ ossl_des_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
{ {
ossldata *od = c->ptr; ossldata *od = c->ptr;
des_ncbc_encrypt(data, res, dlen, od->u.des.key_schedule, DES_ncbc_encrypt(data, res, dlen, &od->u.des.key_schedule,
(des_cblock *) od->iv, 0); (DES_cblock *) od->iv, 0);
return 0; return 0;
} }
@ -390,7 +410,7 @@ static int
ossl_des3_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv) ossl_des3_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
{ {
ossldata *od = c->ptr; ossldata *od = c->ptr;
des_cblock xkey1, DES_cblock xkey1,
xkey2, xkey2,
xkey3; xkey3;
@ -453,7 +473,7 @@ ossl_des3_cbc_encrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
DES_ede3_cbc_encrypt(data, res, dlen, DES_ede3_cbc_encrypt(data, res, dlen,
&od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3, &od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3,
(des_cblock *) od->iv, 1); (DES_cblock *) od->iv, 1);
return 0; return 0;
} }
@ -465,7 +485,7 @@ ossl_des3_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
DES_ede3_cbc_encrypt(data, res, dlen, DES_ede3_cbc_encrypt(data, res, dlen,
&od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3, &od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3,
(des_cblock *) od->iv, 0); (DES_cblock *) od->iv, 0);
return 0; return 0;
} }