Some more hackery around cryptohashes (some fixes + SHA1)
Started by Michael Paquierabout 5 years ago5 messages
Hi all,
The remnant work that I have on my agenda to replace the remaining
low-level cryptohash calls of OpenSSL (SHAXXInit and such) by EVP is
the stuff related to SHA1, that gets used in two places: pgcrypto and
uuid-ossp.
First, I got to wonder if it would be better to support SHA1 directly
in cryptohash{_openssl}.c, glue some code to pgcrypto to use EVP
discreetly or just do nothing. Contrary to SHA256 and MD5 that are
used for authentication or backup manifests, SHA1 has a limited use in
core, so I wanted first to just stick something in pgcrypto or just
let it go, hoping for the day where we'd remove those two modules but
that's not a call I think we can make now.
But then, my very-recent history with uuid-ossp has made me look at
what kind of tricks we use to pull in SHA1 from pgcrypto to
uuid-ossp, and I did not like much the shortcuts used in ./configure
or uuid-ossp's Makefile to get those files when needed, depending on
the version of libuuid used (grep for UUID_EXTRA_OBJS for example).
So, I got to look at the second option of moving SHA1 directly into
the new cryptohash stuff, and quite liked the cleanup this gives.
Please find attached a set of two patches:
- 0001 is a set of small adjustments for the existing code of
cryptohashes: some cleanup for MD5 in uuid-ossp, and more importantly
one fix to call explicit_bzero() on the context data for the fallback
implementations. With the existing code, we may leave behind some
context data. That could become a problem if somebody has access to
this area of the memory even when they should not be able to do so,
something that should not happen, but I see no reason to not play it
safe and eliminate any traces. If there are no objections, I'd like
to apply this part.
- 0002 is the addition of sha1 in the cryptohash infra, that includes
the cleanup between uuid-ossp and pgcrypto. This makes any caller of
cryptohash for SHA1 to use EVP when building with OpenSSL, or the
fallback implementation. I have adapted the fallback implementation
of SHA1 to have some symmetry with src/common/{md5.c,sha2.c}.
I am adding this patch set to the next commit fest. Thanks for
reading!
--
Michael
Attachments:
0001-Adjust-some-code-of-cryptohash.patchtext/x-diff; charset=us-asciiDownload
From 9d9a9bb6d9b4eb93ecf3e7e3c5695a2ac2c2a2d7 Mon Sep 17 00:00:00 2001
From: Michael Paquier <michael@paquier.xyz>
Date: Thu, 10 Dec 2020 16:34:19 +0900
Subject: [PATCH 1/2] Adjust some code of cryptohash
This adjusts the code around recent changes for cryptohash functions:
- Add a variable in md5.h to track down the size of a digest result,
taken from pgcrypto/.
- Call explicit_bzero() on the context data when freeing the thing for
fallback implementations.
- Clean up some code related to recent changes of uuid-ossp.
---
src/include/common/md5.h | 4 ++++
src/common/cryptohash.c | 20 ++++++++++++++++++++
contrib/pgcrypto/internal.c | 4 ----
contrib/uuid-ossp/.gitignore | 1 -
contrib/uuid-ossp/uuid-ossp.c | 4 ++--
5 files changed, 26 insertions(+), 7 deletions(-)
diff --git a/src/include/common/md5.h b/src/include/common/md5.h
index 53036d2d17..5dac70cbc5 100644
--- a/src/include/common/md5.h
+++ b/src/include/common/md5.h
@@ -16,6 +16,10 @@
#ifndef PG_MD5_H
#define PG_MD5_H
+/* Size of result generated by MD5 computation */
+#define MD5_DIGEST_LENGTH 16
+
+/* password-related data */
#define MD5_PASSWD_CHARSET "0123456789abcdef"
#define MD5_PASSWD_LEN 35
diff --git a/src/common/cryptohash.c b/src/common/cryptohash.c
index 5cc2572eb6..cf4588bad7 100644
--- a/src/common/cryptohash.c
+++ b/src/common/cryptohash.c
@@ -197,6 +197,26 @@ pg_cryptohash_free(pg_cryptohash_ctx *ctx)
{
if (ctx == NULL)
return;
+
+ switch (ctx->type)
+ {
+ case PG_MD5:
+ explicit_bzero(ctx->data, sizeof(pg_md5_ctx));
+ break;
+ case PG_SHA224:
+ explicit_bzero(ctx->data, sizeof(pg_sha224_ctx));
+ break;
+ case PG_SHA256:
+ explicit_bzero(ctx->data, sizeof(pg_sha256_ctx));
+ break;
+ case PG_SHA384:
+ explicit_bzero(ctx->data, sizeof(pg_sha384_ctx));
+ break;
+ case PG_SHA512:
+ explicit_bzero(ctx->data, sizeof(pg_sha512_ctx));
+ break;
+ }
+
FREE(ctx->data);
explicit_bzero(ctx, sizeof(pg_cryptohash_ctx));
FREE(ctx);
diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c
index e6d90c5656..ea377bdf83 100644
--- a/contrib/pgcrypto/internal.c
+++ b/contrib/pgcrypto/internal.c
@@ -41,10 +41,6 @@
#include "common/cryptohash.h"
#include "common/md5.h"
-#ifndef MD5_DIGEST_LENGTH
-#define MD5_DIGEST_LENGTH 16
-#endif
-
#ifndef SHA1_DIGEST_LENGTH
#ifdef SHA1_RESULTLEN
#define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
diff --git a/contrib/uuid-ossp/.gitignore b/contrib/uuid-ossp/.gitignore
index 6c989c7872..d7260edc61 100644
--- a/contrib/uuid-ossp/.gitignore
+++ b/contrib/uuid-ossp/.gitignore
@@ -1,4 +1,3 @@
-/md5.c
/sha1.c
# Generated subdirectories
/log/
diff --git a/contrib/uuid-ossp/uuid-ossp.c b/contrib/uuid-ossp/uuid-ossp.c
index 8f81c94e72..2ff7d9448b 100644
--- a/contrib/uuid-ossp/uuid-ossp.c
+++ b/contrib/uuid-ossp/uuid-ossp.c
@@ -41,8 +41,8 @@
#undef uuid_hash
/*
- * Some BSD variants offer md5 and sha1 implementations but Linux does not,
- * so we use a copy of the ones from pgcrypto. Not needed with OSSP, though.
+ * Some BSD variants offer sha1 implementation but Linux does not, so we use
+ * a copy from pgcrypto. Not needed with OSSP, though.
*/
#ifndef HAVE_UUID_OSSP
#include "sha1.h"
--
2.29.2
0002-Introduce-SHA1-in-cryptohash-infrastructure.patchtext/x-diff; charset=us-asciiDownload
From 6b46b933c6b1f778391dc969d4b3e55227df0812 Mon Sep 17 00:00:00 2001
From: Michael Paquier <michael@paquier.xyz>
Date: Thu, 10 Dec 2020 17:01:01 +0900
Subject: [PATCH 2/2] Introduce SHA1 in cryptohash infrastructure
---
src/include/common/cryptohash.h | 1 +
src/include/common/sha1.h | 19 +
src/common/Makefile | 1 +
src/common/cryptohash.c | 16 +
src/common/cryptohash_openssl.c | 3 +
src/common/sha1.c | 369 ++++++++++++++++++
.../pgcrypto/sha1.h => src/common/sha1_int.h | 43 +-
contrib/pgcrypto/Makefile | 2 +-
contrib/pgcrypto/internal.c | 31 +-
contrib/pgcrypto/sha1.c | 331 ----------------
contrib/uuid-ossp/.gitignore | 1 -
contrib/uuid-ossp/Makefile | 6 -
contrib/uuid-ossp/uuid-ossp.c | 27 +-
configure | 19 +-
configure.ac | 24 +-
src/Makefile.global.in | 1 -
src/tools/msvc/Mkvcbuild.pm | 9 +-
17 files changed, 480 insertions(+), 423 deletions(-)
create mode 100644 src/include/common/sha1.h
create mode 100644 src/common/sha1.c
rename contrib/pgcrypto/sha1.h => src/common/sha1_int.h (72%)
delete mode 100644 contrib/pgcrypto/sha1.c
diff --git a/src/include/common/cryptohash.h b/src/include/common/cryptohash.h
index 6ead1cb8e5..ca7fffc8eb 100644
--- a/src/include/common/cryptohash.h
+++ b/src/include/common/cryptohash.h
@@ -19,6 +19,7 @@
typedef enum
{
PG_MD5 = 0,
+ PG_SHA1,
PG_SHA224,
PG_SHA256,
PG_SHA384,
diff --git a/src/include/common/sha1.h b/src/include/common/sha1.h
new file mode 100644
index 0000000000..a61bc47ded
--- /dev/null
+++ b/src/include/common/sha1.h
@@ -0,0 +1,19 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1.h
+ * Constants related to SHA1.
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * src/include/common/sha1.h
+ *
+ *-------------------------------------------------------------------------
+ */
+#ifndef PG_SHA1_H
+#define PG_SHA1_H
+
+/* Size of result generated by SHA1 computation */
+#define SHA1_DIGEST_LENGTH 20
+
+#endif /* PG_SHA1_H */
diff --git a/src/common/Makefile b/src/common/Makefile
index af891cb0ce..4bb74097d2 100644
--- a/src/common/Makefile
+++ b/src/common/Makefile
@@ -87,6 +87,7 @@ else
OBJS_COMMON += \
cryptohash.o \
md5.o \
+ sha1.o \
sha2.o
endif
diff --git a/src/common/cryptohash.c b/src/common/cryptohash.c
index cf4588bad7..ee227aab16 100644
--- a/src/common/cryptohash.c
+++ b/src/common/cryptohash.c
@@ -25,6 +25,7 @@
#include "common/cryptohash.h"
#include "md5_int.h"
+#include "sha1_int.h"
#include "sha2_int.h"
/*
@@ -61,6 +62,9 @@ pg_cryptohash_create(pg_cryptohash_type type)
case PG_MD5:
ctx->data = ALLOC(sizeof(pg_md5_ctx));
break;
+ case PG_SHA1:
+ ctx->data = ALLOC(sizeof(pg_sha1_ctx));
+ break;
case PG_SHA224:
ctx->data = ALLOC(sizeof(pg_sha224_ctx));
break;
@@ -102,6 +106,9 @@ pg_cryptohash_init(pg_cryptohash_ctx *ctx)
case PG_MD5:
pg_md5_init((pg_md5_ctx *) ctx->data);
break;
+ case PG_SHA1:
+ pg_sha1_init((pg_sha1_ctx *) ctx->data);
+ break;
case PG_SHA224:
pg_sha224_init((pg_sha224_ctx *) ctx->data);
break;
@@ -136,6 +143,9 @@ pg_cryptohash_update(pg_cryptohash_ctx *ctx, const uint8 *data, size_t len)
case PG_MD5:
pg_md5_update((pg_md5_ctx *) ctx->data, data, len);
break;
+ case PG_SHA1:
+ pg_sha1_update((pg_sha1_ctx *) ctx->data, data, len);
+ break;
case PG_SHA224:
pg_sha224_update((pg_sha224_ctx *) ctx->data, data, len);
break;
@@ -170,6 +180,9 @@ pg_cryptohash_final(pg_cryptohash_ctx *ctx, uint8 *dest)
case PG_MD5:
pg_md5_final((pg_md5_ctx *) ctx->data, dest);
break;
+ case PG_SHA1:
+ pg_sha1_final((pg_sha1_ctx *) ctx->data, dest);
+ break;
case PG_SHA224:
pg_sha224_final((pg_sha224_ctx *) ctx->data, dest);
break;
@@ -203,6 +216,9 @@ pg_cryptohash_free(pg_cryptohash_ctx *ctx)
case PG_MD5:
explicit_bzero(ctx->data, sizeof(pg_md5_ctx));
break;
+ case PG_SHA1:
+ explicit_bzero(ctx->data, sizeof(pg_sha1_ctx));
+ break;
case PG_SHA224:
explicit_bzero(ctx->data, sizeof(pg_sha224_ctx));
break;
diff --git a/src/common/cryptohash_openssl.c b/src/common/cryptohash_openssl.c
index 118651c415..a8544877c0 100644
--- a/src/common/cryptohash_openssl.c
+++ b/src/common/cryptohash_openssl.c
@@ -138,6 +138,9 @@ pg_cryptohash_init(pg_cryptohash_ctx *ctx)
case PG_MD5:
status = EVP_DigestInit_ex(state->evpctx, EVP_md5(), NULL);
break;
+ case PG_SHA1:
+ status = EVP_DigestInit_ex(state->evpctx, EVP_sha1(), NULL);
+ break;
case PG_SHA224:
status = EVP_DigestInit_ex(state->evpctx, EVP_sha224(), NULL);
break;
diff --git a/src/common/sha1.c b/src/common/sha1.c
new file mode 100644
index 0000000000..675da187ac
--- /dev/null
+++ b/src/common/sha1.c
@@ -0,0 +1,369 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1.c
+ * Implements the SHA1 Secure Hash Algorithm
+ *
+ * Fallback implementation of SHA1, as specified in RFC 3174.
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/common/sha1.c
+ *
+ *-------------------------------------------------------------------------
+ */
+
+/* $KAME: sha1.c,v 1.3 2000/02/22 14:01:18 itojun Exp $ */
+
+/*
+ * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+/*
+ * FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
+ * based on: http://www.itl.nist.gov/fipspubs/fip180-1.htm
+ * implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
+ */
+
+#ifndef FRONTEND
+#include "postgres.h"
+#else
+#include "postgres_fe.h"
+#endif
+
+#include <sys/param.h>
+
+#include "sha1_int.h"
+
+/* constant table */
+static uint32 _K[] = {0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6};
+
+#define K(t) _K[(t) / 20]
+
+#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d)))
+#define F1(b, c, d) (((b) ^ (c)) ^ (d))
+#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define F3(b, c, d) (((b) ^ (c)) ^ (d))
+
+#define S(n, x) (((x) << (n)) | ((x) >> (32 - (n))))
+
+#define H(n) (ctx->h.b32[(n)])
+#define COUNT (ctx->count)
+#define BCOUNT (ctx->c.b64[0] / 8)
+#define W(n) (ctx->m.b32[(n)])
+
+#define PUTPAD(x) \
+do { \
+ ctx->m.b8[(COUNT % 64)] = (x); \
+ COUNT++; \
+ COUNT %= 64; \
+ if (COUNT % 64 == 0) \
+ sha1_step(ctx); \
+} while (0)
+
+static void
+sha1_step(pg_sha1_ctx *ctx)
+{
+ uint32 a,
+ b,
+ c,
+ d,
+ e;
+ size_t t,
+ s;
+ uint32 tmp;
+
+#ifndef WORDS_BIGENDIAN
+ pg_sha1_ctx tctx;
+
+ memmove(&tctx.m.b8[0], &ctx->m.b8[0], 64);
+ ctx->m.b8[0] = tctx.m.b8[3];
+ ctx->m.b8[1] = tctx.m.b8[2];
+ ctx->m.b8[2] = tctx.m.b8[1];
+ ctx->m.b8[3] = tctx.m.b8[0];
+ ctx->m.b8[4] = tctx.m.b8[7];
+ ctx->m.b8[5] = tctx.m.b8[6];
+ ctx->m.b8[6] = tctx.m.b8[5];
+ ctx->m.b8[7] = tctx.m.b8[4];
+ ctx->m.b8[8] = tctx.m.b8[11];
+ ctx->m.b8[9] = tctx.m.b8[10];
+ ctx->m.b8[10] = tctx.m.b8[9];
+ ctx->m.b8[11] = tctx.m.b8[8];
+ ctx->m.b8[12] = tctx.m.b8[15];
+ ctx->m.b8[13] = tctx.m.b8[14];
+ ctx->m.b8[14] = tctx.m.b8[13];
+ ctx->m.b8[15] = tctx.m.b8[12];
+ ctx->m.b8[16] = tctx.m.b8[19];
+ ctx->m.b8[17] = tctx.m.b8[18];
+ ctx->m.b8[18] = tctx.m.b8[17];
+ ctx->m.b8[19] = tctx.m.b8[16];
+ ctx->m.b8[20] = tctx.m.b8[23];
+ ctx->m.b8[21] = tctx.m.b8[22];
+ ctx->m.b8[22] = tctx.m.b8[21];
+ ctx->m.b8[23] = tctx.m.b8[20];
+ ctx->m.b8[24] = tctx.m.b8[27];
+ ctx->m.b8[25] = tctx.m.b8[26];
+ ctx->m.b8[26] = tctx.m.b8[25];
+ ctx->m.b8[27] = tctx.m.b8[24];
+ ctx->m.b8[28] = tctx.m.b8[31];
+ ctx->m.b8[29] = tctx.m.b8[30];
+ ctx->m.b8[30] = tctx.m.b8[29];
+ ctx->m.b8[31] = tctx.m.b8[28];
+ ctx->m.b8[32] = tctx.m.b8[35];
+ ctx->m.b8[33] = tctx.m.b8[34];
+ ctx->m.b8[34] = tctx.m.b8[33];
+ ctx->m.b8[35] = tctx.m.b8[32];
+ ctx->m.b8[36] = tctx.m.b8[39];
+ ctx->m.b8[37] = tctx.m.b8[38];
+ ctx->m.b8[38] = tctx.m.b8[37];
+ ctx->m.b8[39] = tctx.m.b8[36];
+ ctx->m.b8[40] = tctx.m.b8[43];
+ ctx->m.b8[41] = tctx.m.b8[42];
+ ctx->m.b8[42] = tctx.m.b8[41];
+ ctx->m.b8[43] = tctx.m.b8[40];
+ ctx->m.b8[44] = tctx.m.b8[47];
+ ctx->m.b8[45] = tctx.m.b8[46];
+ ctx->m.b8[46] = tctx.m.b8[45];
+ ctx->m.b8[47] = tctx.m.b8[44];
+ ctx->m.b8[48] = tctx.m.b8[51];
+ ctx->m.b8[49] = tctx.m.b8[50];
+ ctx->m.b8[50] = tctx.m.b8[49];
+ ctx->m.b8[51] = tctx.m.b8[48];
+ ctx->m.b8[52] = tctx.m.b8[55];
+ ctx->m.b8[53] = tctx.m.b8[54];
+ ctx->m.b8[54] = tctx.m.b8[53];
+ ctx->m.b8[55] = tctx.m.b8[52];
+ ctx->m.b8[56] = tctx.m.b8[59];
+ ctx->m.b8[57] = tctx.m.b8[58];
+ ctx->m.b8[58] = tctx.m.b8[57];
+ ctx->m.b8[59] = tctx.m.b8[56];
+ ctx->m.b8[60] = tctx.m.b8[63];
+ ctx->m.b8[61] = tctx.m.b8[62];
+ ctx->m.b8[62] = tctx.m.b8[61];
+ ctx->m.b8[63] = tctx.m.b8[60];
+#endif
+
+ a = H(0);
+ b = H(1);
+ c = H(2);
+ d = H(3);
+ e = H(4);
+
+ for (t = 0; t < 20; t++)
+ {
+ s = t & 0x0f;
+ if (t >= 16)
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 20; t < 40; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 40; t < 60; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 60; t < 80; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+
+ H(0) = H(0) + a;
+ H(1) = H(1) + b;
+ H(2) = H(2) + c;
+ H(3) = H(3) + d;
+ H(4) = H(4) + e;
+
+ memset(&ctx->m.b8[0], 0, 64);
+}
+
+static void
+sha1_pad(pg_sha1_ctx *ctx)
+{
+ size_t padlen; /* pad length in bytes */
+ size_t padstart;
+
+ PUTPAD(0x80);
+
+ padstart = COUNT % 64;
+ padlen = 64 - padstart;
+ if (padlen < 8)
+ {
+ memset(&ctx->m.b8[padstart], 0, padlen);
+ COUNT += padlen;
+ COUNT %= 64;
+ sha1_step(ctx);
+ padstart = COUNT % 64; /* should be 0 */
+ padlen = 64 - padstart; /* should be 64 */
+ }
+ memset(&ctx->m.b8[padstart], 0, padlen - 8);
+ COUNT += (padlen - 8);
+ COUNT %= 64;
+#ifdef WORDS_BIGENDIAN
+ PUTPAD(ctx->c.b8[0]);
+ PUTPAD(ctx->c.b8[1]);
+ PUTPAD(ctx->c.b8[2]);
+ PUTPAD(ctx->c.b8[3]);
+ PUTPAD(ctx->c.b8[4]);
+ PUTPAD(ctx->c.b8[5]);
+ PUTPAD(ctx->c.b8[6]);
+ PUTPAD(ctx->c.b8[7]);
+#else
+ PUTPAD(ctx->c.b8[7]);
+ PUTPAD(ctx->c.b8[6]);
+ PUTPAD(ctx->c.b8[5]);
+ PUTPAD(ctx->c.b8[4]);
+ PUTPAD(ctx->c.b8[3]);
+ PUTPAD(ctx->c.b8[2]);
+ PUTPAD(ctx->c.b8[1]);
+ PUTPAD(ctx->c.b8[0]);
+#endif
+}
+
+static void
+sha1_result(uint8 *digest0, pg_sha1_ctx *ctx)
+{
+ uint8 *digest;
+
+ digest = (uint8 *) digest0;
+
+#ifdef WORDS_BIGENDIAN
+ memmove(digest, &ctx->h.b8[0], 20);
+#else
+ digest[0] = ctx->h.b8[3];
+ digest[1] = ctx->h.b8[2];
+ digest[2] = ctx->h.b8[1];
+ digest[3] = ctx->h.b8[0];
+ digest[4] = ctx->h.b8[7];
+ digest[5] = ctx->h.b8[6];
+ digest[6] = ctx->h.b8[5];
+ digest[7] = ctx->h.b8[4];
+ digest[8] = ctx->h.b8[11];
+ digest[9] = ctx->h.b8[10];
+ digest[10] = ctx->h.b8[9];
+ digest[11] = ctx->h.b8[8];
+ digest[12] = ctx->h.b8[15];
+ digest[13] = ctx->h.b8[14];
+ digest[14] = ctx->h.b8[13];
+ digest[15] = ctx->h.b8[12];
+ digest[16] = ctx->h.b8[19];
+ digest[17] = ctx->h.b8[18];
+ digest[18] = ctx->h.b8[17];
+ digest[19] = ctx->h.b8[16];
+#endif
+}
+
+/* External routines for this MD5 implementation */
+
+/*
+ * pg_sha1_init
+ *
+ * Initialize a SHA1 context.
+ */
+void
+pg_sha1_init(pg_sha1_ctx *ctx)
+{
+ memset(ctx, 0, sizeof(pg_sha1_ctx));
+ H(0) = 0x67452301;
+ H(1) = 0xefcdab89;
+ H(2) = 0x98badcfe;
+ H(3) = 0x10325476;
+ H(4) = 0xc3d2e1f0;
+}
+
+/*
+ * pg_sha1_update
+ *
+ * Update a SHA1 context.
+ */
+void
+pg_sha1_update(pg_sha1_ctx *ctx, const uint8 *data, size_t len)
+{
+ const uint8 *input;
+ size_t gaplen;
+ size_t gapstart;
+ size_t off;
+ size_t copysiz;
+
+ input = (const uint8 *) data;
+ off = 0;
+
+ while (off < len)
+ {
+ gapstart = COUNT % 64;
+ gaplen = 64 - gapstart;
+
+ copysiz = (gaplen < len - off) ? gaplen : len - off;
+ memmove(&ctx->m.b8[gapstart], &input[off], copysiz);
+ COUNT += copysiz;
+ COUNT %= 64;
+ ctx->c.b64[0] += copysiz * 8;
+ if (COUNT % 64 == 0)
+ sha1_step(ctx);
+ off += copysiz;
+ }
+}
+
+/*
+ * pg_sha1_final
+ *
+ * Finalize a SHA1 context.
+ */
+void
+pg_sha1_final(pg_sha1_ctx *ctx, uint8 *dest)
+{
+ sha1_pad(ctx);
+ sha1_result(dest, ctx);
+}
diff --git a/contrib/pgcrypto/sha1.h b/src/common/sha1_int.h
similarity index 72%
rename from contrib/pgcrypto/sha1.h
rename to src/common/sha1_int.h
index 4300694a34..46727ddb28 100644
--- a/contrib/pgcrypto/sha1.h
+++ b/src/common/sha1_int.h
@@ -1,3 +1,17 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1_int.h
+ * Internal headers for fallback implementation of SHA1
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/common/sha1_int.h
+ *
+ *-------------------------------------------------------------------------
+ */
+
/* contrib/pgcrypto/sha1.h */
/* $KAME: sha1.h,v 1.4 2000/02/22 14:01:18 itojun Exp $ */
@@ -35,10 +49,12 @@
* implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
*/
-#ifndef _NETINET6_SHA1_H_
-#define _NETINET6_SHA1_H_
+#ifndef PG_SHA1_INT_H
+#define PG_SHA1_INT_H
-struct sha1_ctxt
+#include "common/sha1.h"
+
+typedef struct
{
union
{
@@ -56,20 +72,11 @@ struct sha1_ctxt
uint32 b32[16];
} m;
uint8 count;
-};
+} pg_sha1_ctx;
-extern void sha1_init(struct sha1_ctxt *);
-extern void sha1_pad(struct sha1_ctxt *);
-extern void sha1_loop(struct sha1_ctxt *, const uint8 *, size_t);
-extern void sha1_result(struct sha1_ctxt *, uint8 *);
+/* Interface routines for MD5 */
+extern void pg_sha1_init(pg_sha1_ctx *ctx);
+extern void pg_sha1_update(pg_sha1_ctx *ctx, const uint8 *data, size_t len);
+extern void pg_sha1_final(pg_sha1_ctx *ctx, uint8 *dest);
-/* compatibility with other SHA1 source codes */
-typedef struct sha1_ctxt SHA1_CTX;
-
-#define SHA1Init(x) sha1_init((x))
-#define SHA1Update(x, y, z) sha1_loop((x), (y), (z))
-#define SHA1Final(x, y) sha1_result((y), (x))
-
-#define SHA1_RESULTLEN (160/8)
-
-#endif /* _NETINET6_SHA1_H_ */
+#endif /* PG_SHA1_INT_H */
diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
index d881e85add..316a26e58d 100644
--- a/contrib/pgcrypto/Makefile
+++ b/contrib/pgcrypto/Makefile
@@ -1,6 +1,6 @@
# contrib/pgcrypto/Makefile
-INT_SRCS = sha1.c internal.c internal-sha2.c blf.c rijndael.c \
+INT_SRCS = internal.c internal-sha2.c blf.c rijndael.c \
pgp-mpi-internal.c imath.c
INT_TESTS = sha2
diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c
index ea377bdf83..c6d86419aa 100644
--- a/contrib/pgcrypto/internal.c
+++ b/contrib/pgcrypto/internal.c
@@ -36,18 +36,10 @@
#include "blf.h"
#include "px.h"
#include "rijndael.h"
-#include "sha1.h"
#include "common/cryptohash.h"
#include "common/md5.h"
-
-#ifndef SHA1_DIGEST_LENGTH
-#ifdef SHA1_RESULTLEN
-#define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
-#else
-#define SHA1_DIGEST_LENGTH 20
-#endif
-#endif
+#include "common/sha1.h"
#define SHA1_BLOCK_SIZE 64
#define MD5_BLOCK_SIZE 64
@@ -141,34 +133,33 @@ int_sha1_block_len(PX_MD *h)
static void
int_sha1_update(PX_MD *h, const uint8 *data, unsigned dlen)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Update(ctx, data, dlen);
+ pg_cryptohash_update(ctx, data, dlen);
}
static void
int_sha1_reset(PX_MD *h)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Init(ctx);
+ pg_cryptohash_init(ctx);
}
static void
int_sha1_finish(PX_MD *h, uint8 *dst)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Final(dst, ctx);
+ pg_cryptohash_final(ctx, dst);
}
static void
int_sha1_free(PX_MD *h)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- px_memset(ctx, 0, sizeof(*ctx));
- pfree(ctx);
+ pg_cryptohash_free(ctx);
pfree(h);
}
@@ -196,9 +187,9 @@ init_md5(PX_MD *md)
static void
init_sha1(PX_MD *md)
{
- SHA1_CTX *ctx;
+ pg_cryptohash_ctx *ctx;
- ctx = palloc0(sizeof(*ctx));
+ ctx = pg_cryptohash_create(PG_SHA1);
md->p.ptr = ctx;
diff --git a/contrib/pgcrypto/sha1.c b/contrib/pgcrypto/sha1.c
deleted file mode 100644
index 64671ac64d..0000000000
--- a/contrib/pgcrypto/sha1.c
+++ /dev/null
@@ -1,331 +0,0 @@
-/* $KAME: sha1.c,v 1.3 2000/02/22 14:01:18 itojun Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * contrib/pgcrypto/sha1.c
- */
-/*
- * FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
- * based on: http://www.itl.nist.gov/fipspubs/fip180-1.htm
- * implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
- */
-
-#include "postgres.h"
-
-#include <sys/param.h>
-
-#include "sha1.h"
-
-/* constant table */
-static uint32 _K[] = {0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6};
-
-#define K(t) _K[(t) / 20]
-
-#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d)))
-#define F1(b, c, d) (((b) ^ (c)) ^ (d))
-#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
-#define F3(b, c, d) (((b) ^ (c)) ^ (d))
-
-#define S(n, x) (((x) << (n)) | ((x) >> (32 - (n))))
-
-#define H(n) (ctxt->h.b32[(n)])
-#define COUNT (ctxt->count)
-#define BCOUNT (ctxt->c.b64[0] / 8)
-#define W(n) (ctxt->m.b32[(n)])
-
-#define PUTPAD(x) \
-do { \
- ctxt->m.b8[(COUNT % 64)] = (x); \
- COUNT++; \
- COUNT %= 64; \
- if (COUNT % 64 == 0) \
- sha1_step(ctxt); \
-} while (0)
-
-static void sha1_step(struct sha1_ctxt *);
-
-static void
-sha1_step(struct sha1_ctxt *ctxt)
-{
- uint32 a,
- b,
- c,
- d,
- e;
- size_t t,
- s;
- uint32 tmp;
-
-#ifndef WORDS_BIGENDIAN
- struct sha1_ctxt tctxt;
-
- memmove(&tctxt.m.b8[0], &ctxt->m.b8[0], 64);
- ctxt->m.b8[0] = tctxt.m.b8[3];
- ctxt->m.b8[1] = tctxt.m.b8[2];
- ctxt->m.b8[2] = tctxt.m.b8[1];
- ctxt->m.b8[3] = tctxt.m.b8[0];
- ctxt->m.b8[4] = tctxt.m.b8[7];
- ctxt->m.b8[5] = tctxt.m.b8[6];
- ctxt->m.b8[6] = tctxt.m.b8[5];
- ctxt->m.b8[7] = tctxt.m.b8[4];
- ctxt->m.b8[8] = tctxt.m.b8[11];
- ctxt->m.b8[9] = tctxt.m.b8[10];
- ctxt->m.b8[10] = tctxt.m.b8[9];
- ctxt->m.b8[11] = tctxt.m.b8[8];
- ctxt->m.b8[12] = tctxt.m.b8[15];
- ctxt->m.b8[13] = tctxt.m.b8[14];
- ctxt->m.b8[14] = tctxt.m.b8[13];
- ctxt->m.b8[15] = tctxt.m.b8[12];
- ctxt->m.b8[16] = tctxt.m.b8[19];
- ctxt->m.b8[17] = tctxt.m.b8[18];
- ctxt->m.b8[18] = tctxt.m.b8[17];
- ctxt->m.b8[19] = tctxt.m.b8[16];
- ctxt->m.b8[20] = tctxt.m.b8[23];
- ctxt->m.b8[21] = tctxt.m.b8[22];
- ctxt->m.b8[22] = tctxt.m.b8[21];
- ctxt->m.b8[23] = tctxt.m.b8[20];
- ctxt->m.b8[24] = tctxt.m.b8[27];
- ctxt->m.b8[25] = tctxt.m.b8[26];
- ctxt->m.b8[26] = tctxt.m.b8[25];
- ctxt->m.b8[27] = tctxt.m.b8[24];
- ctxt->m.b8[28] = tctxt.m.b8[31];
- ctxt->m.b8[29] = tctxt.m.b8[30];
- ctxt->m.b8[30] = tctxt.m.b8[29];
- ctxt->m.b8[31] = tctxt.m.b8[28];
- ctxt->m.b8[32] = tctxt.m.b8[35];
- ctxt->m.b8[33] = tctxt.m.b8[34];
- ctxt->m.b8[34] = tctxt.m.b8[33];
- ctxt->m.b8[35] = tctxt.m.b8[32];
- ctxt->m.b8[36] = tctxt.m.b8[39];
- ctxt->m.b8[37] = tctxt.m.b8[38];
- ctxt->m.b8[38] = tctxt.m.b8[37];
- ctxt->m.b8[39] = tctxt.m.b8[36];
- ctxt->m.b8[40] = tctxt.m.b8[43];
- ctxt->m.b8[41] = tctxt.m.b8[42];
- ctxt->m.b8[42] = tctxt.m.b8[41];
- ctxt->m.b8[43] = tctxt.m.b8[40];
- ctxt->m.b8[44] = tctxt.m.b8[47];
- ctxt->m.b8[45] = tctxt.m.b8[46];
- ctxt->m.b8[46] = tctxt.m.b8[45];
- ctxt->m.b8[47] = tctxt.m.b8[44];
- ctxt->m.b8[48] = tctxt.m.b8[51];
- ctxt->m.b8[49] = tctxt.m.b8[50];
- ctxt->m.b8[50] = tctxt.m.b8[49];
- ctxt->m.b8[51] = tctxt.m.b8[48];
- ctxt->m.b8[52] = tctxt.m.b8[55];
- ctxt->m.b8[53] = tctxt.m.b8[54];
- ctxt->m.b8[54] = tctxt.m.b8[53];
- ctxt->m.b8[55] = tctxt.m.b8[52];
- ctxt->m.b8[56] = tctxt.m.b8[59];
- ctxt->m.b8[57] = tctxt.m.b8[58];
- ctxt->m.b8[58] = tctxt.m.b8[57];
- ctxt->m.b8[59] = tctxt.m.b8[56];
- ctxt->m.b8[60] = tctxt.m.b8[63];
- ctxt->m.b8[61] = tctxt.m.b8[62];
- ctxt->m.b8[62] = tctxt.m.b8[61];
- ctxt->m.b8[63] = tctxt.m.b8[60];
-#endif
-
- a = H(0);
- b = H(1);
- c = H(2);
- d = H(3);
- e = H(4);
-
- for (t = 0; t < 20; t++)
- {
- s = t & 0x0f;
- if (t >= 16)
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 20; t < 40; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 40; t < 60; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 60; t < 80; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
-
- H(0) = H(0) + a;
- H(1) = H(1) + b;
- H(2) = H(2) + c;
- H(3) = H(3) + d;
- H(4) = H(4) + e;
-
- memset(&ctxt->m.b8[0], 0, 64);
-}
-
-/*------------------------------------------------------------*/
-
-void
-sha1_init(struct sha1_ctxt *ctxt)
-{
- memset(ctxt, 0, sizeof(struct sha1_ctxt));
- H(0) = 0x67452301;
- H(1) = 0xefcdab89;
- H(2) = 0x98badcfe;
- H(3) = 0x10325476;
- H(4) = 0xc3d2e1f0;
-}
-
-void
-sha1_pad(struct sha1_ctxt *ctxt)
-{
- size_t padlen; /* pad length in bytes */
- size_t padstart;
-
- PUTPAD(0x80);
-
- padstart = COUNT % 64;
- padlen = 64 - padstart;
- if (padlen < 8)
- {
- memset(&ctxt->m.b8[padstart], 0, padlen);
- COUNT += padlen;
- COUNT %= 64;
- sha1_step(ctxt);
- padstart = COUNT % 64; /* should be 0 */
- padlen = 64 - padstart; /* should be 64 */
- }
- memset(&ctxt->m.b8[padstart], 0, padlen - 8);
- COUNT += (padlen - 8);
- COUNT %= 64;
-#ifdef WORDS_BIGENDIAN
- PUTPAD(ctxt->c.b8[0]);
- PUTPAD(ctxt->c.b8[1]);
- PUTPAD(ctxt->c.b8[2]);
- PUTPAD(ctxt->c.b8[3]);
- PUTPAD(ctxt->c.b8[4]);
- PUTPAD(ctxt->c.b8[5]);
- PUTPAD(ctxt->c.b8[6]);
- PUTPAD(ctxt->c.b8[7]);
-#else
- PUTPAD(ctxt->c.b8[7]);
- PUTPAD(ctxt->c.b8[6]);
- PUTPAD(ctxt->c.b8[5]);
- PUTPAD(ctxt->c.b8[4]);
- PUTPAD(ctxt->c.b8[3]);
- PUTPAD(ctxt->c.b8[2]);
- PUTPAD(ctxt->c.b8[1]);
- PUTPAD(ctxt->c.b8[0]);
-#endif
-}
-
-void
-sha1_loop(struct sha1_ctxt *ctxt, const uint8 *input0, size_t len)
-{
- const uint8 *input;
- size_t gaplen;
- size_t gapstart;
- size_t off;
- size_t copysiz;
-
- input = (const uint8 *) input0;
- off = 0;
-
- while (off < len)
- {
- gapstart = COUNT % 64;
- gaplen = 64 - gapstart;
-
- copysiz = (gaplen < len - off) ? gaplen : len - off;
- memmove(&ctxt->m.b8[gapstart], &input[off], copysiz);
- COUNT += copysiz;
- COUNT %= 64;
- ctxt->c.b64[0] += copysiz * 8;
- if (COUNT % 64 == 0)
- sha1_step(ctxt);
- off += copysiz;
- }
-}
-
-void
-sha1_result(struct sha1_ctxt *ctxt, uint8 *digest0)
-{
- uint8 *digest;
-
- digest = (uint8 *) digest0;
- sha1_pad(ctxt);
-#ifdef WORDS_BIGENDIAN
- memmove(digest, &ctxt->h.b8[0], 20);
-#else
- digest[0] = ctxt->h.b8[3];
- digest[1] = ctxt->h.b8[2];
- digest[2] = ctxt->h.b8[1];
- digest[3] = ctxt->h.b8[0];
- digest[4] = ctxt->h.b8[7];
- digest[5] = ctxt->h.b8[6];
- digest[6] = ctxt->h.b8[5];
- digest[7] = ctxt->h.b8[4];
- digest[8] = ctxt->h.b8[11];
- digest[9] = ctxt->h.b8[10];
- digest[10] = ctxt->h.b8[9];
- digest[11] = ctxt->h.b8[8];
- digest[12] = ctxt->h.b8[15];
- digest[13] = ctxt->h.b8[14];
- digest[14] = ctxt->h.b8[13];
- digest[15] = ctxt->h.b8[12];
- digest[16] = ctxt->h.b8[19];
- digest[17] = ctxt->h.b8[18];
- digest[18] = ctxt->h.b8[17];
- digest[19] = ctxt->h.b8[16];
-#endif
-}
diff --git a/contrib/uuid-ossp/.gitignore b/contrib/uuid-ossp/.gitignore
index d7260edc61..5dcb3ff972 100644
--- a/contrib/uuid-ossp/.gitignore
+++ b/contrib/uuid-ossp/.gitignore
@@ -1,4 +1,3 @@
-/sha1.c
# Generated subdirectories
/log/
/results/
diff --git a/contrib/uuid-ossp/Makefile b/contrib/uuid-ossp/Makefile
index 0859a5397c..c42edf5f1a 100644
--- a/contrib/uuid-ossp/Makefile
+++ b/contrib/uuid-ossp/Makefile
@@ -2,7 +2,6 @@
MODULE_big = uuid-ossp
OBJS = \
- $(UUID_EXTRA_OBJS) \
$(WIN32RES) \
uuid-ossp.o
@@ -19,8 +18,6 @@ pgcrypto_src = $(top_srcdir)/contrib/pgcrypto
PG_CPPFLAGS = -I$(pgcrypto_src)
-EXTRA_CLEAN = sha1.c
-
ifdef USE_PGXS
PG_CONFIG = pg_config
PGXS := $(shell $(PG_CONFIG) --pgxs)
@@ -31,6 +28,3 @@ top_builddir = ../..
include $(top_builddir)/src/Makefile.global
include $(top_srcdir)/contrib/contrib-global.mk
endif
-
-sha1.c: % : $(pgcrypto_src)/%
- rm -f $@ && $(LN_S) $< .
diff --git a/contrib/uuid-ossp/uuid-ossp.c b/contrib/uuid-ossp/uuid-ossp.c
index 2ff7d9448b..928eb62b08 100644
--- a/contrib/uuid-ossp/uuid-ossp.c
+++ b/contrib/uuid-ossp/uuid-ossp.c
@@ -15,6 +15,7 @@
#include "fmgr.h"
#include "common/cryptohash.h"
+#include "common/sha1.h"
#include "port/pg_bswap.h"
#include "utils/builtins.h"
#include "utils/uuid.h"
@@ -40,15 +41,6 @@
#undef uuid_hash
-/*
- * Some BSD variants offer sha1 implementation but Linux does not, so we use
- * a copy from pgcrypto. Not needed with OSSP, though.
- */
-#ifndef HAVE_UUID_OSSP
-#include "sha1.h"
-#endif
-
-
/* Check our UUID length against OSSP's; better both be 16 */
#if defined(HAVE_UUID_OSSP) && (UUID_LEN != UUID_LEN_BIN)
#error UUID length mismatch
@@ -338,13 +330,18 @@ uuid_generate_internal(int v, unsigned char *ns, const char *ptr, int len)
}
else
{
- SHA1_CTX ctx;
- unsigned char sha1result[SHA1_RESULTLEN];
+ pg_cryptohash_ctx *ctx = pg_cryptohash_create(PG_SHA1);
+ unsigned char sha1result[SHA1_DIGEST_LENGTH];
+
+ if (pg_cryptohash_init(ctx) < 0)
+ elog(ERROR, "could not initialize %s context", "SHA1");
+ if (pg_cryptohash_update(ctx, ns, sizeof(uu)) < 0 ||
+ pg_cryptohash_update(ctx, (unsigned char *) ptr, len) < 0)
+ elog(ERROR, "could not update %s context", "SHA1");
+ if (pg_cryptohash_final(ctx, sha1result) < 0)
+ elog(ERROR, "could not finalize %s context", "SHA1");
+ pg_cryptohash_free(ctx);
- SHA1Init(&ctx);
- SHA1Update(&ctx, ns, sizeof(uu));
- SHA1Update(&ctx, (unsigned char *) ptr, len);
- SHA1Final(sha1result, &ctx);
memcpy(&uu, sha1result, sizeof(uu));
}
diff --git a/configure b/configure
index 11a4284e5b..5ade5e303e 100755
--- a/configure
+++ b/configure
@@ -705,7 +705,6 @@ XML2_LIBS
XML2_CFLAGS
XML2_CONFIG
with_libxml
-UUID_EXTRA_OBJS
with_uuid
with_readline
with_systemd
@@ -8303,30 +8302,26 @@ if test "$with_ossp_uuid" = yes ; then
with_uuid=ossp
fi
-if test "$with_uuid" = bsd ; then
+if test "$with_uuid" != no ; then
+ if test "$with_uuid" = bsd ; then
$as_echo "#define HAVE_UUID_BSD 1" >>confdefs.h
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = e2fs ; then
+ elif test "$with_uuid" = e2fs ; then
$as_echo "#define HAVE_UUID_E2FS 1" >>confdefs.h
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = ossp ; then
+ elif test "$with_uuid" = ossp ; then
$as_echo "#define HAVE_UUID_OSSP 1" >>confdefs.h
- UUID_EXTRA_OBJS=""
-elif test "$with_uuid" = no ; then
- UUID_EXTRA_OBJS=""
-else
- as_fn_error $? "--with-uuid must specify one of bsd, e2fs, or ossp" "$LINENO" 5
+ else
+ as_fn_error $? "--with-uuid must specify one of bsd, e2fs, or ossp" "$LINENO" 5
+ fi
fi
-
#
# XML
#
diff --git a/configure.ac b/configure.ac
index fc523c6aeb..b71387f71b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -919,22 +919,18 @@ if test "$with_ossp_uuid" = yes ; then
with_uuid=ossp
fi
-if test "$with_uuid" = bsd ; then
- AC_DEFINE([HAVE_UUID_BSD], 1, [Define to 1 if you have BSD UUID support.])
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = e2fs ; then
- AC_DEFINE([HAVE_UUID_E2FS], 1, [Define to 1 if you have E2FS UUID support.])
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = ossp ; then
- AC_DEFINE([HAVE_UUID_OSSP], 1, [Define to 1 if you have OSSP UUID support.])
- UUID_EXTRA_OBJS=""
-elif test "$with_uuid" = no ; then
- UUID_EXTRA_OBJS=""
-else
- AC_MSG_ERROR([--with-uuid must specify one of bsd, e2fs, or ossp])
+if test "$with_uuid" != no ; then
+ if test "$with_uuid" = bsd ; then
+ AC_DEFINE([HAVE_UUID_BSD], 1, [Define to 1 if you have BSD UUID support.])
+ elif test "$with_uuid" = e2fs ; then
+ AC_DEFINE([HAVE_UUID_E2FS], 1, [Define to 1 if you have E2FS UUID support.])
+ elif test "$with_uuid" = ossp ; then
+ AC_DEFINE([HAVE_UUID_OSSP], 1, [Define to 1 if you have OSSP UUID support.])
+ else
+ AC_MSG_ERROR([--with-uuid must specify one of bsd, e2fs, or ossp])
+ fi
fi
AC_SUBST(with_uuid)
-AC_SUBST(UUID_EXTRA_OBJS)
#
diff --git a/src/Makefile.global.in b/src/Makefile.global.in
index 7ca1e9aac5..9a1688c97c 100644
--- a/src/Makefile.global.in
+++ b/src/Makefile.global.in
@@ -289,7 +289,6 @@ LIBS = @LIBS@
LDAP_LIBS_FE = @LDAP_LIBS_FE@
LDAP_LIBS_BE = @LDAP_LIBS_BE@
UUID_LIBS = @UUID_LIBS@
-UUID_EXTRA_OBJS = @UUID_EXTRA_OBJS@
LLVM_LIBS=@LLVM_LIBS@
LD = @LD@
with_gnu_ld = @with_gnu_ld@
diff --git a/src/tools/msvc/Mkvcbuild.pm b/src/tools/msvc/Mkvcbuild.pm
index f92c14030d..142adf6557 100644
--- a/src/tools/msvc/Mkvcbuild.pm
+++ b/src/tools/msvc/Mkvcbuild.pm
@@ -136,6 +136,7 @@ sub mkvcbuild
{
push(@pgcommonallfiles, 'cryptohash.c');
push(@pgcommonallfiles, 'md5.c');
+ push(@pgcommonallfiles, 'sha1.c');
push(@pgcommonallfiles, 'sha2.c');
}
@@ -465,10 +466,10 @@ sub mkvcbuild
else
{
$pgcrypto->AddFiles(
- 'contrib/pgcrypto', 'sha1.c',
- 'internal.c', 'internal-sha2.c',
- 'blf.c', 'rijndael.c',
- 'pgp-mpi-internal.c', 'imath.c');
+ 'contrib/pgcrypto', 'internal.c',
+ 'internal-sha2.c', 'blf.c',
+ 'rijndael.c', 'pgp-mpi-internal.c',
+ 'imath.c');
}
$pgcrypto->AddReference($postgres);
$pgcrypto->AddLibrary('ws2_32.lib');
--
2.29.2
Re: Some more hackery around cryptohashes (some fixes + SHA1)
On Thu, Dec 10, 2020 at 05:07:05PM +0900, Michael Paquier wrote:
- 0001 is a set of small adjustments for the existing code of
cryptohashes: some cleanup for MD5 in uuid-ossp, and more importantly
one fix to call explicit_bzero() on the context data for the fallback
implementations. With the existing code, we may leave behind some
context data. That could become a problem if somebody has access to
this area of the memory even when they should not be able to do so,
something that should not happen, but I see no reason to not play it
safe and eliminate any traces. If there are no objections, I'd like
to apply this part.
This is a nice cleanup, so I have moved ahead and applied it. A
rebased version of the SHA1 business is attached.
--
Michael
Attachments:
v2-0001-Introduce-SHA1-in-cryptohash-infrastructure.patchtext/x-diff; charset=us-asciiDownload
From f8a84df2a1981fdefadad6689f24c7a9b1579426 Mon Sep 17 00:00:00 2001
From: Michael Paquier <michael@paquier.xyz>
Date: Thu, 10 Dec 2020 17:01:01 +0900
Subject: [PATCH v2] Introduce SHA1 in cryptohash infrastructure
---
src/include/common/cryptohash.h | 1 +
src/include/common/sha1.h | 19 +
src/common/Makefile | 1 +
src/common/cryptohash.c | 16 +
src/common/cryptohash_openssl.c | 3 +
src/common/sha1.c | 369 ++++++++++++++++++
.../pgcrypto/sha1.h => src/common/sha1_int.h | 43 +-
contrib/pgcrypto/Makefile | 2 +-
contrib/pgcrypto/internal.c | 31 +-
contrib/pgcrypto/sha1.c | 331 ----------------
contrib/uuid-ossp/.gitignore | 1 -
contrib/uuid-ossp/Makefile | 6 -
contrib/uuid-ossp/uuid-ossp.c | 27 +-
configure | 19 +-
configure.ac | 24 +-
src/Makefile.global.in | 1 -
src/tools/msvc/Mkvcbuild.pm | 9 +-
17 files changed, 480 insertions(+), 423 deletions(-)
create mode 100644 src/include/common/sha1.h
create mode 100644 src/common/sha1.c
rename contrib/pgcrypto/sha1.h => src/common/sha1_int.h (72%)
delete mode 100644 contrib/pgcrypto/sha1.c
diff --git a/src/include/common/cryptohash.h b/src/include/common/cryptohash.h
index 6ead1cb8e5..ca7fffc8eb 100644
--- a/src/include/common/cryptohash.h
+++ b/src/include/common/cryptohash.h
@@ -19,6 +19,7 @@
typedef enum
{
PG_MD5 = 0,
+ PG_SHA1,
PG_SHA224,
PG_SHA256,
PG_SHA384,
diff --git a/src/include/common/sha1.h b/src/include/common/sha1.h
new file mode 100644
index 0000000000..a61bc47ded
--- /dev/null
+++ b/src/include/common/sha1.h
@@ -0,0 +1,19 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1.h
+ * Constants related to SHA1.
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * src/include/common/sha1.h
+ *
+ *-------------------------------------------------------------------------
+ */
+#ifndef PG_SHA1_H
+#define PG_SHA1_H
+
+/* Size of result generated by SHA1 computation */
+#define SHA1_DIGEST_LENGTH 20
+
+#endif /* PG_SHA1_H */
diff --git a/src/common/Makefile b/src/common/Makefile
index af891cb0ce..4bb74097d2 100644
--- a/src/common/Makefile
+++ b/src/common/Makefile
@@ -87,6 +87,7 @@ else
OBJS_COMMON += \
cryptohash.o \
md5.o \
+ sha1.o \
sha2.o
endif
diff --git a/src/common/cryptohash.c b/src/common/cryptohash.c
index cf4588bad7..ee227aab16 100644
--- a/src/common/cryptohash.c
+++ b/src/common/cryptohash.c
@@ -25,6 +25,7 @@
#include "common/cryptohash.h"
#include "md5_int.h"
+#include "sha1_int.h"
#include "sha2_int.h"
/*
@@ -61,6 +62,9 @@ pg_cryptohash_create(pg_cryptohash_type type)
case PG_MD5:
ctx->data = ALLOC(sizeof(pg_md5_ctx));
break;
+ case PG_SHA1:
+ ctx->data = ALLOC(sizeof(pg_sha1_ctx));
+ break;
case PG_SHA224:
ctx->data = ALLOC(sizeof(pg_sha224_ctx));
break;
@@ -102,6 +106,9 @@ pg_cryptohash_init(pg_cryptohash_ctx *ctx)
case PG_MD5:
pg_md5_init((pg_md5_ctx *) ctx->data);
break;
+ case PG_SHA1:
+ pg_sha1_init((pg_sha1_ctx *) ctx->data);
+ break;
case PG_SHA224:
pg_sha224_init((pg_sha224_ctx *) ctx->data);
break;
@@ -136,6 +143,9 @@ pg_cryptohash_update(pg_cryptohash_ctx *ctx, const uint8 *data, size_t len)
case PG_MD5:
pg_md5_update((pg_md5_ctx *) ctx->data, data, len);
break;
+ case PG_SHA1:
+ pg_sha1_update((pg_sha1_ctx *) ctx->data, data, len);
+ break;
case PG_SHA224:
pg_sha224_update((pg_sha224_ctx *) ctx->data, data, len);
break;
@@ -170,6 +180,9 @@ pg_cryptohash_final(pg_cryptohash_ctx *ctx, uint8 *dest)
case PG_MD5:
pg_md5_final((pg_md5_ctx *) ctx->data, dest);
break;
+ case PG_SHA1:
+ pg_sha1_final((pg_sha1_ctx *) ctx->data, dest);
+ break;
case PG_SHA224:
pg_sha224_final((pg_sha224_ctx *) ctx->data, dest);
break;
@@ -203,6 +216,9 @@ pg_cryptohash_free(pg_cryptohash_ctx *ctx)
case PG_MD5:
explicit_bzero(ctx->data, sizeof(pg_md5_ctx));
break;
+ case PG_SHA1:
+ explicit_bzero(ctx->data, sizeof(pg_sha1_ctx));
+ break;
case PG_SHA224:
explicit_bzero(ctx->data, sizeof(pg_sha224_ctx));
break;
diff --git a/src/common/cryptohash_openssl.c b/src/common/cryptohash_openssl.c
index 118651c415..a8544877c0 100644
--- a/src/common/cryptohash_openssl.c
+++ b/src/common/cryptohash_openssl.c
@@ -138,6 +138,9 @@ pg_cryptohash_init(pg_cryptohash_ctx *ctx)
case PG_MD5:
status = EVP_DigestInit_ex(state->evpctx, EVP_md5(), NULL);
break;
+ case PG_SHA1:
+ status = EVP_DigestInit_ex(state->evpctx, EVP_sha1(), NULL);
+ break;
case PG_SHA224:
status = EVP_DigestInit_ex(state->evpctx, EVP_sha224(), NULL);
break;
diff --git a/src/common/sha1.c b/src/common/sha1.c
new file mode 100644
index 0000000000..675da187ac
--- /dev/null
+++ b/src/common/sha1.c
@@ -0,0 +1,369 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1.c
+ * Implements the SHA1 Secure Hash Algorithm
+ *
+ * Fallback implementation of SHA1, as specified in RFC 3174.
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/common/sha1.c
+ *
+ *-------------------------------------------------------------------------
+ */
+
+/* $KAME: sha1.c,v 1.3 2000/02/22 14:01:18 itojun Exp $ */
+
+/*
+ * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+/*
+ * FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
+ * based on: http://www.itl.nist.gov/fipspubs/fip180-1.htm
+ * implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
+ */
+
+#ifndef FRONTEND
+#include "postgres.h"
+#else
+#include "postgres_fe.h"
+#endif
+
+#include <sys/param.h>
+
+#include "sha1_int.h"
+
+/* constant table */
+static uint32 _K[] = {0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6};
+
+#define K(t) _K[(t) / 20]
+
+#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d)))
+#define F1(b, c, d) (((b) ^ (c)) ^ (d))
+#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define F3(b, c, d) (((b) ^ (c)) ^ (d))
+
+#define S(n, x) (((x) << (n)) | ((x) >> (32 - (n))))
+
+#define H(n) (ctx->h.b32[(n)])
+#define COUNT (ctx->count)
+#define BCOUNT (ctx->c.b64[0] / 8)
+#define W(n) (ctx->m.b32[(n)])
+
+#define PUTPAD(x) \
+do { \
+ ctx->m.b8[(COUNT % 64)] = (x); \
+ COUNT++; \
+ COUNT %= 64; \
+ if (COUNT % 64 == 0) \
+ sha1_step(ctx); \
+} while (0)
+
+static void
+sha1_step(pg_sha1_ctx *ctx)
+{
+ uint32 a,
+ b,
+ c,
+ d,
+ e;
+ size_t t,
+ s;
+ uint32 tmp;
+
+#ifndef WORDS_BIGENDIAN
+ pg_sha1_ctx tctx;
+
+ memmove(&tctx.m.b8[0], &ctx->m.b8[0], 64);
+ ctx->m.b8[0] = tctx.m.b8[3];
+ ctx->m.b8[1] = tctx.m.b8[2];
+ ctx->m.b8[2] = tctx.m.b8[1];
+ ctx->m.b8[3] = tctx.m.b8[0];
+ ctx->m.b8[4] = tctx.m.b8[7];
+ ctx->m.b8[5] = tctx.m.b8[6];
+ ctx->m.b8[6] = tctx.m.b8[5];
+ ctx->m.b8[7] = tctx.m.b8[4];
+ ctx->m.b8[8] = tctx.m.b8[11];
+ ctx->m.b8[9] = tctx.m.b8[10];
+ ctx->m.b8[10] = tctx.m.b8[9];
+ ctx->m.b8[11] = tctx.m.b8[8];
+ ctx->m.b8[12] = tctx.m.b8[15];
+ ctx->m.b8[13] = tctx.m.b8[14];
+ ctx->m.b8[14] = tctx.m.b8[13];
+ ctx->m.b8[15] = tctx.m.b8[12];
+ ctx->m.b8[16] = tctx.m.b8[19];
+ ctx->m.b8[17] = tctx.m.b8[18];
+ ctx->m.b8[18] = tctx.m.b8[17];
+ ctx->m.b8[19] = tctx.m.b8[16];
+ ctx->m.b8[20] = tctx.m.b8[23];
+ ctx->m.b8[21] = tctx.m.b8[22];
+ ctx->m.b8[22] = tctx.m.b8[21];
+ ctx->m.b8[23] = tctx.m.b8[20];
+ ctx->m.b8[24] = tctx.m.b8[27];
+ ctx->m.b8[25] = tctx.m.b8[26];
+ ctx->m.b8[26] = tctx.m.b8[25];
+ ctx->m.b8[27] = tctx.m.b8[24];
+ ctx->m.b8[28] = tctx.m.b8[31];
+ ctx->m.b8[29] = tctx.m.b8[30];
+ ctx->m.b8[30] = tctx.m.b8[29];
+ ctx->m.b8[31] = tctx.m.b8[28];
+ ctx->m.b8[32] = tctx.m.b8[35];
+ ctx->m.b8[33] = tctx.m.b8[34];
+ ctx->m.b8[34] = tctx.m.b8[33];
+ ctx->m.b8[35] = tctx.m.b8[32];
+ ctx->m.b8[36] = tctx.m.b8[39];
+ ctx->m.b8[37] = tctx.m.b8[38];
+ ctx->m.b8[38] = tctx.m.b8[37];
+ ctx->m.b8[39] = tctx.m.b8[36];
+ ctx->m.b8[40] = tctx.m.b8[43];
+ ctx->m.b8[41] = tctx.m.b8[42];
+ ctx->m.b8[42] = tctx.m.b8[41];
+ ctx->m.b8[43] = tctx.m.b8[40];
+ ctx->m.b8[44] = tctx.m.b8[47];
+ ctx->m.b8[45] = tctx.m.b8[46];
+ ctx->m.b8[46] = tctx.m.b8[45];
+ ctx->m.b8[47] = tctx.m.b8[44];
+ ctx->m.b8[48] = tctx.m.b8[51];
+ ctx->m.b8[49] = tctx.m.b8[50];
+ ctx->m.b8[50] = tctx.m.b8[49];
+ ctx->m.b8[51] = tctx.m.b8[48];
+ ctx->m.b8[52] = tctx.m.b8[55];
+ ctx->m.b8[53] = tctx.m.b8[54];
+ ctx->m.b8[54] = tctx.m.b8[53];
+ ctx->m.b8[55] = tctx.m.b8[52];
+ ctx->m.b8[56] = tctx.m.b8[59];
+ ctx->m.b8[57] = tctx.m.b8[58];
+ ctx->m.b8[58] = tctx.m.b8[57];
+ ctx->m.b8[59] = tctx.m.b8[56];
+ ctx->m.b8[60] = tctx.m.b8[63];
+ ctx->m.b8[61] = tctx.m.b8[62];
+ ctx->m.b8[62] = tctx.m.b8[61];
+ ctx->m.b8[63] = tctx.m.b8[60];
+#endif
+
+ a = H(0);
+ b = H(1);
+ c = H(2);
+ d = H(3);
+ e = H(4);
+
+ for (t = 0; t < 20; t++)
+ {
+ s = t & 0x0f;
+ if (t >= 16)
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 20; t < 40; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 40; t < 60; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 60; t < 80; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+
+ H(0) = H(0) + a;
+ H(1) = H(1) + b;
+ H(2) = H(2) + c;
+ H(3) = H(3) + d;
+ H(4) = H(4) + e;
+
+ memset(&ctx->m.b8[0], 0, 64);
+}
+
+static void
+sha1_pad(pg_sha1_ctx *ctx)
+{
+ size_t padlen; /* pad length in bytes */
+ size_t padstart;
+
+ PUTPAD(0x80);
+
+ padstart = COUNT % 64;
+ padlen = 64 - padstart;
+ if (padlen < 8)
+ {
+ memset(&ctx->m.b8[padstart], 0, padlen);
+ COUNT += padlen;
+ COUNT %= 64;
+ sha1_step(ctx);
+ padstart = COUNT % 64; /* should be 0 */
+ padlen = 64 - padstart; /* should be 64 */
+ }
+ memset(&ctx->m.b8[padstart], 0, padlen - 8);
+ COUNT += (padlen - 8);
+ COUNT %= 64;
+#ifdef WORDS_BIGENDIAN
+ PUTPAD(ctx->c.b8[0]);
+ PUTPAD(ctx->c.b8[1]);
+ PUTPAD(ctx->c.b8[2]);
+ PUTPAD(ctx->c.b8[3]);
+ PUTPAD(ctx->c.b8[4]);
+ PUTPAD(ctx->c.b8[5]);
+ PUTPAD(ctx->c.b8[6]);
+ PUTPAD(ctx->c.b8[7]);
+#else
+ PUTPAD(ctx->c.b8[7]);
+ PUTPAD(ctx->c.b8[6]);
+ PUTPAD(ctx->c.b8[5]);
+ PUTPAD(ctx->c.b8[4]);
+ PUTPAD(ctx->c.b8[3]);
+ PUTPAD(ctx->c.b8[2]);
+ PUTPAD(ctx->c.b8[1]);
+ PUTPAD(ctx->c.b8[0]);
+#endif
+}
+
+static void
+sha1_result(uint8 *digest0, pg_sha1_ctx *ctx)
+{
+ uint8 *digest;
+
+ digest = (uint8 *) digest0;
+
+#ifdef WORDS_BIGENDIAN
+ memmove(digest, &ctx->h.b8[0], 20);
+#else
+ digest[0] = ctx->h.b8[3];
+ digest[1] = ctx->h.b8[2];
+ digest[2] = ctx->h.b8[1];
+ digest[3] = ctx->h.b8[0];
+ digest[4] = ctx->h.b8[7];
+ digest[5] = ctx->h.b8[6];
+ digest[6] = ctx->h.b8[5];
+ digest[7] = ctx->h.b8[4];
+ digest[8] = ctx->h.b8[11];
+ digest[9] = ctx->h.b8[10];
+ digest[10] = ctx->h.b8[9];
+ digest[11] = ctx->h.b8[8];
+ digest[12] = ctx->h.b8[15];
+ digest[13] = ctx->h.b8[14];
+ digest[14] = ctx->h.b8[13];
+ digest[15] = ctx->h.b8[12];
+ digest[16] = ctx->h.b8[19];
+ digest[17] = ctx->h.b8[18];
+ digest[18] = ctx->h.b8[17];
+ digest[19] = ctx->h.b8[16];
+#endif
+}
+
+/* External routines for this MD5 implementation */
+
+/*
+ * pg_sha1_init
+ *
+ * Initialize a SHA1 context.
+ */
+void
+pg_sha1_init(pg_sha1_ctx *ctx)
+{
+ memset(ctx, 0, sizeof(pg_sha1_ctx));
+ H(0) = 0x67452301;
+ H(1) = 0xefcdab89;
+ H(2) = 0x98badcfe;
+ H(3) = 0x10325476;
+ H(4) = 0xc3d2e1f0;
+}
+
+/*
+ * pg_sha1_update
+ *
+ * Update a SHA1 context.
+ */
+void
+pg_sha1_update(pg_sha1_ctx *ctx, const uint8 *data, size_t len)
+{
+ const uint8 *input;
+ size_t gaplen;
+ size_t gapstart;
+ size_t off;
+ size_t copysiz;
+
+ input = (const uint8 *) data;
+ off = 0;
+
+ while (off < len)
+ {
+ gapstart = COUNT % 64;
+ gaplen = 64 - gapstart;
+
+ copysiz = (gaplen < len - off) ? gaplen : len - off;
+ memmove(&ctx->m.b8[gapstart], &input[off], copysiz);
+ COUNT += copysiz;
+ COUNT %= 64;
+ ctx->c.b64[0] += copysiz * 8;
+ if (COUNT % 64 == 0)
+ sha1_step(ctx);
+ off += copysiz;
+ }
+}
+
+/*
+ * pg_sha1_final
+ *
+ * Finalize a SHA1 context.
+ */
+void
+pg_sha1_final(pg_sha1_ctx *ctx, uint8 *dest)
+{
+ sha1_pad(ctx);
+ sha1_result(dest, ctx);
+}
diff --git a/contrib/pgcrypto/sha1.h b/src/common/sha1_int.h
similarity index 72%
rename from contrib/pgcrypto/sha1.h
rename to src/common/sha1_int.h
index 4300694a34..46727ddb28 100644
--- a/contrib/pgcrypto/sha1.h
+++ b/src/common/sha1_int.h
@@ -1,3 +1,17 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1_int.h
+ * Internal headers for fallback implementation of SHA1
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/common/sha1_int.h
+ *
+ *-------------------------------------------------------------------------
+ */
+
/* contrib/pgcrypto/sha1.h */
/* $KAME: sha1.h,v 1.4 2000/02/22 14:01:18 itojun Exp $ */
@@ -35,10 +49,12 @@
* implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
*/
-#ifndef _NETINET6_SHA1_H_
-#define _NETINET6_SHA1_H_
+#ifndef PG_SHA1_INT_H
+#define PG_SHA1_INT_H
-struct sha1_ctxt
+#include "common/sha1.h"
+
+typedef struct
{
union
{
@@ -56,20 +72,11 @@ struct sha1_ctxt
uint32 b32[16];
} m;
uint8 count;
-};
+} pg_sha1_ctx;
-extern void sha1_init(struct sha1_ctxt *);
-extern void sha1_pad(struct sha1_ctxt *);
-extern void sha1_loop(struct sha1_ctxt *, const uint8 *, size_t);
-extern void sha1_result(struct sha1_ctxt *, uint8 *);
+/* Interface routines for MD5 */
+extern void pg_sha1_init(pg_sha1_ctx *ctx);
+extern void pg_sha1_update(pg_sha1_ctx *ctx, const uint8 *data, size_t len);
+extern void pg_sha1_final(pg_sha1_ctx *ctx, uint8 *dest);
-/* compatibility with other SHA1 source codes */
-typedef struct sha1_ctxt SHA1_CTX;
-
-#define SHA1Init(x) sha1_init((x))
-#define SHA1Update(x, y, z) sha1_loop((x), (y), (z))
-#define SHA1Final(x, y) sha1_result((y), (x))
-
-#define SHA1_RESULTLEN (160/8)
-
-#endif /* _NETINET6_SHA1_H_ */
+#endif /* PG_SHA1_INT_H */
diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
index d881e85add..316a26e58d 100644
--- a/contrib/pgcrypto/Makefile
+++ b/contrib/pgcrypto/Makefile
@@ -1,6 +1,6 @@
# contrib/pgcrypto/Makefile
-INT_SRCS = sha1.c internal.c internal-sha2.c blf.c rijndael.c \
+INT_SRCS = internal.c internal-sha2.c blf.c rijndael.c \
pgp-mpi-internal.c imath.c
INT_TESTS = sha2
diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c
index ea377bdf83..c6d86419aa 100644
--- a/contrib/pgcrypto/internal.c
+++ b/contrib/pgcrypto/internal.c
@@ -36,18 +36,10 @@
#include "blf.h"
#include "px.h"
#include "rijndael.h"
-#include "sha1.h"
#include "common/cryptohash.h"
#include "common/md5.h"
-
-#ifndef SHA1_DIGEST_LENGTH
-#ifdef SHA1_RESULTLEN
-#define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
-#else
-#define SHA1_DIGEST_LENGTH 20
-#endif
-#endif
+#include "common/sha1.h"
#define SHA1_BLOCK_SIZE 64
#define MD5_BLOCK_SIZE 64
@@ -141,34 +133,33 @@ int_sha1_block_len(PX_MD *h)
static void
int_sha1_update(PX_MD *h, const uint8 *data, unsigned dlen)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Update(ctx, data, dlen);
+ pg_cryptohash_update(ctx, data, dlen);
}
static void
int_sha1_reset(PX_MD *h)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Init(ctx);
+ pg_cryptohash_init(ctx);
}
static void
int_sha1_finish(PX_MD *h, uint8 *dst)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Final(dst, ctx);
+ pg_cryptohash_final(ctx, dst);
}
static void
int_sha1_free(PX_MD *h)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- px_memset(ctx, 0, sizeof(*ctx));
- pfree(ctx);
+ pg_cryptohash_free(ctx);
pfree(h);
}
@@ -196,9 +187,9 @@ init_md5(PX_MD *md)
static void
init_sha1(PX_MD *md)
{
- SHA1_CTX *ctx;
+ pg_cryptohash_ctx *ctx;
- ctx = palloc0(sizeof(*ctx));
+ ctx = pg_cryptohash_create(PG_SHA1);
md->p.ptr = ctx;
diff --git a/contrib/pgcrypto/sha1.c b/contrib/pgcrypto/sha1.c
deleted file mode 100644
index 64671ac64d..0000000000
--- a/contrib/pgcrypto/sha1.c
+++ /dev/null
@@ -1,331 +0,0 @@
-/* $KAME: sha1.c,v 1.3 2000/02/22 14:01:18 itojun Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * contrib/pgcrypto/sha1.c
- */
-/*
- * FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
- * based on: http://www.itl.nist.gov/fipspubs/fip180-1.htm
- * implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
- */
-
-#include "postgres.h"
-
-#include <sys/param.h>
-
-#include "sha1.h"
-
-/* constant table */
-static uint32 _K[] = {0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6};
-
-#define K(t) _K[(t) / 20]
-
-#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d)))
-#define F1(b, c, d) (((b) ^ (c)) ^ (d))
-#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
-#define F3(b, c, d) (((b) ^ (c)) ^ (d))
-
-#define S(n, x) (((x) << (n)) | ((x) >> (32 - (n))))
-
-#define H(n) (ctxt->h.b32[(n)])
-#define COUNT (ctxt->count)
-#define BCOUNT (ctxt->c.b64[0] / 8)
-#define W(n) (ctxt->m.b32[(n)])
-
-#define PUTPAD(x) \
-do { \
- ctxt->m.b8[(COUNT % 64)] = (x); \
- COUNT++; \
- COUNT %= 64; \
- if (COUNT % 64 == 0) \
- sha1_step(ctxt); \
-} while (0)
-
-static void sha1_step(struct sha1_ctxt *);
-
-static void
-sha1_step(struct sha1_ctxt *ctxt)
-{
- uint32 a,
- b,
- c,
- d,
- e;
- size_t t,
- s;
- uint32 tmp;
-
-#ifndef WORDS_BIGENDIAN
- struct sha1_ctxt tctxt;
-
- memmove(&tctxt.m.b8[0], &ctxt->m.b8[0], 64);
- ctxt->m.b8[0] = tctxt.m.b8[3];
- ctxt->m.b8[1] = tctxt.m.b8[2];
- ctxt->m.b8[2] = tctxt.m.b8[1];
- ctxt->m.b8[3] = tctxt.m.b8[0];
- ctxt->m.b8[4] = tctxt.m.b8[7];
- ctxt->m.b8[5] = tctxt.m.b8[6];
- ctxt->m.b8[6] = tctxt.m.b8[5];
- ctxt->m.b8[7] = tctxt.m.b8[4];
- ctxt->m.b8[8] = tctxt.m.b8[11];
- ctxt->m.b8[9] = tctxt.m.b8[10];
- ctxt->m.b8[10] = tctxt.m.b8[9];
- ctxt->m.b8[11] = tctxt.m.b8[8];
- ctxt->m.b8[12] = tctxt.m.b8[15];
- ctxt->m.b8[13] = tctxt.m.b8[14];
- ctxt->m.b8[14] = tctxt.m.b8[13];
- ctxt->m.b8[15] = tctxt.m.b8[12];
- ctxt->m.b8[16] = tctxt.m.b8[19];
- ctxt->m.b8[17] = tctxt.m.b8[18];
- ctxt->m.b8[18] = tctxt.m.b8[17];
- ctxt->m.b8[19] = tctxt.m.b8[16];
- ctxt->m.b8[20] = tctxt.m.b8[23];
- ctxt->m.b8[21] = tctxt.m.b8[22];
- ctxt->m.b8[22] = tctxt.m.b8[21];
- ctxt->m.b8[23] = tctxt.m.b8[20];
- ctxt->m.b8[24] = tctxt.m.b8[27];
- ctxt->m.b8[25] = tctxt.m.b8[26];
- ctxt->m.b8[26] = tctxt.m.b8[25];
- ctxt->m.b8[27] = tctxt.m.b8[24];
- ctxt->m.b8[28] = tctxt.m.b8[31];
- ctxt->m.b8[29] = tctxt.m.b8[30];
- ctxt->m.b8[30] = tctxt.m.b8[29];
- ctxt->m.b8[31] = tctxt.m.b8[28];
- ctxt->m.b8[32] = tctxt.m.b8[35];
- ctxt->m.b8[33] = tctxt.m.b8[34];
- ctxt->m.b8[34] = tctxt.m.b8[33];
- ctxt->m.b8[35] = tctxt.m.b8[32];
- ctxt->m.b8[36] = tctxt.m.b8[39];
- ctxt->m.b8[37] = tctxt.m.b8[38];
- ctxt->m.b8[38] = tctxt.m.b8[37];
- ctxt->m.b8[39] = tctxt.m.b8[36];
- ctxt->m.b8[40] = tctxt.m.b8[43];
- ctxt->m.b8[41] = tctxt.m.b8[42];
- ctxt->m.b8[42] = tctxt.m.b8[41];
- ctxt->m.b8[43] = tctxt.m.b8[40];
- ctxt->m.b8[44] = tctxt.m.b8[47];
- ctxt->m.b8[45] = tctxt.m.b8[46];
- ctxt->m.b8[46] = tctxt.m.b8[45];
- ctxt->m.b8[47] = tctxt.m.b8[44];
- ctxt->m.b8[48] = tctxt.m.b8[51];
- ctxt->m.b8[49] = tctxt.m.b8[50];
- ctxt->m.b8[50] = tctxt.m.b8[49];
- ctxt->m.b8[51] = tctxt.m.b8[48];
- ctxt->m.b8[52] = tctxt.m.b8[55];
- ctxt->m.b8[53] = tctxt.m.b8[54];
- ctxt->m.b8[54] = tctxt.m.b8[53];
- ctxt->m.b8[55] = tctxt.m.b8[52];
- ctxt->m.b8[56] = tctxt.m.b8[59];
- ctxt->m.b8[57] = tctxt.m.b8[58];
- ctxt->m.b8[58] = tctxt.m.b8[57];
- ctxt->m.b8[59] = tctxt.m.b8[56];
- ctxt->m.b8[60] = tctxt.m.b8[63];
- ctxt->m.b8[61] = tctxt.m.b8[62];
- ctxt->m.b8[62] = tctxt.m.b8[61];
- ctxt->m.b8[63] = tctxt.m.b8[60];
-#endif
-
- a = H(0);
- b = H(1);
- c = H(2);
- d = H(3);
- e = H(4);
-
- for (t = 0; t < 20; t++)
- {
- s = t & 0x0f;
- if (t >= 16)
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 20; t < 40; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 40; t < 60; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 60; t < 80; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
-
- H(0) = H(0) + a;
- H(1) = H(1) + b;
- H(2) = H(2) + c;
- H(3) = H(3) + d;
- H(4) = H(4) + e;
-
- memset(&ctxt->m.b8[0], 0, 64);
-}
-
-/*------------------------------------------------------------*/
-
-void
-sha1_init(struct sha1_ctxt *ctxt)
-{
- memset(ctxt, 0, sizeof(struct sha1_ctxt));
- H(0) = 0x67452301;
- H(1) = 0xefcdab89;
- H(2) = 0x98badcfe;
- H(3) = 0x10325476;
- H(4) = 0xc3d2e1f0;
-}
-
-void
-sha1_pad(struct sha1_ctxt *ctxt)
-{
- size_t padlen; /* pad length in bytes */
- size_t padstart;
-
- PUTPAD(0x80);
-
- padstart = COUNT % 64;
- padlen = 64 - padstart;
- if (padlen < 8)
- {
- memset(&ctxt->m.b8[padstart], 0, padlen);
- COUNT += padlen;
- COUNT %= 64;
- sha1_step(ctxt);
- padstart = COUNT % 64; /* should be 0 */
- padlen = 64 - padstart; /* should be 64 */
- }
- memset(&ctxt->m.b8[padstart], 0, padlen - 8);
- COUNT += (padlen - 8);
- COUNT %= 64;
-#ifdef WORDS_BIGENDIAN
- PUTPAD(ctxt->c.b8[0]);
- PUTPAD(ctxt->c.b8[1]);
- PUTPAD(ctxt->c.b8[2]);
- PUTPAD(ctxt->c.b8[3]);
- PUTPAD(ctxt->c.b8[4]);
- PUTPAD(ctxt->c.b8[5]);
- PUTPAD(ctxt->c.b8[6]);
- PUTPAD(ctxt->c.b8[7]);
-#else
- PUTPAD(ctxt->c.b8[7]);
- PUTPAD(ctxt->c.b8[6]);
- PUTPAD(ctxt->c.b8[5]);
- PUTPAD(ctxt->c.b8[4]);
- PUTPAD(ctxt->c.b8[3]);
- PUTPAD(ctxt->c.b8[2]);
- PUTPAD(ctxt->c.b8[1]);
- PUTPAD(ctxt->c.b8[0]);
-#endif
-}
-
-void
-sha1_loop(struct sha1_ctxt *ctxt, const uint8 *input0, size_t len)
-{
- const uint8 *input;
- size_t gaplen;
- size_t gapstart;
- size_t off;
- size_t copysiz;
-
- input = (const uint8 *) input0;
- off = 0;
-
- while (off < len)
- {
- gapstart = COUNT % 64;
- gaplen = 64 - gapstart;
-
- copysiz = (gaplen < len - off) ? gaplen : len - off;
- memmove(&ctxt->m.b8[gapstart], &input[off], copysiz);
- COUNT += copysiz;
- COUNT %= 64;
- ctxt->c.b64[0] += copysiz * 8;
- if (COUNT % 64 == 0)
- sha1_step(ctxt);
- off += copysiz;
- }
-}
-
-void
-sha1_result(struct sha1_ctxt *ctxt, uint8 *digest0)
-{
- uint8 *digest;
-
- digest = (uint8 *) digest0;
- sha1_pad(ctxt);
-#ifdef WORDS_BIGENDIAN
- memmove(digest, &ctxt->h.b8[0], 20);
-#else
- digest[0] = ctxt->h.b8[3];
- digest[1] = ctxt->h.b8[2];
- digest[2] = ctxt->h.b8[1];
- digest[3] = ctxt->h.b8[0];
- digest[4] = ctxt->h.b8[7];
- digest[5] = ctxt->h.b8[6];
- digest[6] = ctxt->h.b8[5];
- digest[7] = ctxt->h.b8[4];
- digest[8] = ctxt->h.b8[11];
- digest[9] = ctxt->h.b8[10];
- digest[10] = ctxt->h.b8[9];
- digest[11] = ctxt->h.b8[8];
- digest[12] = ctxt->h.b8[15];
- digest[13] = ctxt->h.b8[14];
- digest[14] = ctxt->h.b8[13];
- digest[15] = ctxt->h.b8[12];
- digest[16] = ctxt->h.b8[19];
- digest[17] = ctxt->h.b8[18];
- digest[18] = ctxt->h.b8[17];
- digest[19] = ctxt->h.b8[16];
-#endif
-}
diff --git a/contrib/uuid-ossp/.gitignore b/contrib/uuid-ossp/.gitignore
index d7260edc61..5dcb3ff972 100644
--- a/contrib/uuid-ossp/.gitignore
+++ b/contrib/uuid-ossp/.gitignore
@@ -1,4 +1,3 @@
-/sha1.c
# Generated subdirectories
/log/
/results/
diff --git a/contrib/uuid-ossp/Makefile b/contrib/uuid-ossp/Makefile
index 0859a5397c..c42edf5f1a 100644
--- a/contrib/uuid-ossp/Makefile
+++ b/contrib/uuid-ossp/Makefile
@@ -2,7 +2,6 @@
MODULE_big = uuid-ossp
OBJS = \
- $(UUID_EXTRA_OBJS) \
$(WIN32RES) \
uuid-ossp.o
@@ -19,8 +18,6 @@ pgcrypto_src = $(top_srcdir)/contrib/pgcrypto
PG_CPPFLAGS = -I$(pgcrypto_src)
-EXTRA_CLEAN = sha1.c
-
ifdef USE_PGXS
PG_CONFIG = pg_config
PGXS := $(shell $(PG_CONFIG) --pgxs)
@@ -31,6 +28,3 @@ top_builddir = ../..
include $(top_builddir)/src/Makefile.global
include $(top_srcdir)/contrib/contrib-global.mk
endif
-
-sha1.c: % : $(pgcrypto_src)/%
- rm -f $@ && $(LN_S) $< .
diff --git a/contrib/uuid-ossp/uuid-ossp.c b/contrib/uuid-ossp/uuid-ossp.c
index 2ff7d9448b..928eb62b08 100644
--- a/contrib/uuid-ossp/uuid-ossp.c
+++ b/contrib/uuid-ossp/uuid-ossp.c
@@ -15,6 +15,7 @@
#include "fmgr.h"
#include "common/cryptohash.h"
+#include "common/sha1.h"
#include "port/pg_bswap.h"
#include "utils/builtins.h"
#include "utils/uuid.h"
@@ -40,15 +41,6 @@
#undef uuid_hash
-/*
- * Some BSD variants offer sha1 implementation but Linux does not, so we use
- * a copy from pgcrypto. Not needed with OSSP, though.
- */
-#ifndef HAVE_UUID_OSSP
-#include "sha1.h"
-#endif
-
-
/* Check our UUID length against OSSP's; better both be 16 */
#if defined(HAVE_UUID_OSSP) && (UUID_LEN != UUID_LEN_BIN)
#error UUID length mismatch
@@ -338,13 +330,18 @@ uuid_generate_internal(int v, unsigned char *ns, const char *ptr, int len)
}
else
{
- SHA1_CTX ctx;
- unsigned char sha1result[SHA1_RESULTLEN];
+ pg_cryptohash_ctx *ctx = pg_cryptohash_create(PG_SHA1);
+ unsigned char sha1result[SHA1_DIGEST_LENGTH];
+
+ if (pg_cryptohash_init(ctx) < 0)
+ elog(ERROR, "could not initialize %s context", "SHA1");
+ if (pg_cryptohash_update(ctx, ns, sizeof(uu)) < 0 ||
+ pg_cryptohash_update(ctx, (unsigned char *) ptr, len) < 0)
+ elog(ERROR, "could not update %s context", "SHA1");
+ if (pg_cryptohash_final(ctx, sha1result) < 0)
+ elog(ERROR, "could not finalize %s context", "SHA1");
+ pg_cryptohash_free(ctx);
- SHA1Init(&ctx);
- SHA1Update(&ctx, ns, sizeof(uu));
- SHA1Update(&ctx, (unsigned char *) ptr, len);
- SHA1Final(sha1result, &ctx);
memcpy(&uu, sha1result, sizeof(uu));
}
diff --git a/configure b/configure
index 11a4284e5b..5ade5e303e 100755
--- a/configure
+++ b/configure
@@ -705,7 +705,6 @@ XML2_LIBS
XML2_CFLAGS
XML2_CONFIG
with_libxml
-UUID_EXTRA_OBJS
with_uuid
with_readline
with_systemd
@@ -8303,30 +8302,26 @@ if test "$with_ossp_uuid" = yes ; then
with_uuid=ossp
fi
-if test "$with_uuid" = bsd ; then
+if test "$with_uuid" != no ; then
+ if test "$with_uuid" = bsd ; then
$as_echo "#define HAVE_UUID_BSD 1" >>confdefs.h
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = e2fs ; then
+ elif test "$with_uuid" = e2fs ; then
$as_echo "#define HAVE_UUID_E2FS 1" >>confdefs.h
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = ossp ; then
+ elif test "$with_uuid" = ossp ; then
$as_echo "#define HAVE_UUID_OSSP 1" >>confdefs.h
- UUID_EXTRA_OBJS=""
-elif test "$with_uuid" = no ; then
- UUID_EXTRA_OBJS=""
-else
- as_fn_error $? "--with-uuid must specify one of bsd, e2fs, or ossp" "$LINENO" 5
+ else
+ as_fn_error $? "--with-uuid must specify one of bsd, e2fs, or ossp" "$LINENO" 5
+ fi
fi
-
#
# XML
#
diff --git a/configure.ac b/configure.ac
index fc523c6aeb..b71387f71b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -919,22 +919,18 @@ if test "$with_ossp_uuid" = yes ; then
with_uuid=ossp
fi
-if test "$with_uuid" = bsd ; then
- AC_DEFINE([HAVE_UUID_BSD], 1, [Define to 1 if you have BSD UUID support.])
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = e2fs ; then
- AC_DEFINE([HAVE_UUID_E2FS], 1, [Define to 1 if you have E2FS UUID support.])
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = ossp ; then
- AC_DEFINE([HAVE_UUID_OSSP], 1, [Define to 1 if you have OSSP UUID support.])
- UUID_EXTRA_OBJS=""
-elif test "$with_uuid" = no ; then
- UUID_EXTRA_OBJS=""
-else
- AC_MSG_ERROR([--with-uuid must specify one of bsd, e2fs, or ossp])
+if test "$with_uuid" != no ; then
+ if test "$with_uuid" = bsd ; then
+ AC_DEFINE([HAVE_UUID_BSD], 1, [Define to 1 if you have BSD UUID support.])
+ elif test "$with_uuid" = e2fs ; then
+ AC_DEFINE([HAVE_UUID_E2FS], 1, [Define to 1 if you have E2FS UUID support.])
+ elif test "$with_uuid" = ossp ; then
+ AC_DEFINE([HAVE_UUID_OSSP], 1, [Define to 1 if you have OSSP UUID support.])
+ else
+ AC_MSG_ERROR([--with-uuid must specify one of bsd, e2fs, or ossp])
+ fi
fi
AC_SUBST(with_uuid)
-AC_SUBST(UUID_EXTRA_OBJS)
#
diff --git a/src/Makefile.global.in b/src/Makefile.global.in
index 7ca1e9aac5..9a1688c97c 100644
--- a/src/Makefile.global.in
+++ b/src/Makefile.global.in
@@ -289,7 +289,6 @@ LIBS = @LIBS@
LDAP_LIBS_FE = @LDAP_LIBS_FE@
LDAP_LIBS_BE = @LDAP_LIBS_BE@
UUID_LIBS = @UUID_LIBS@
-UUID_EXTRA_OBJS = @UUID_EXTRA_OBJS@
LLVM_LIBS=@LLVM_LIBS@
LD = @LD@
with_gnu_ld = @with_gnu_ld@
diff --git a/src/tools/msvc/Mkvcbuild.pm b/src/tools/msvc/Mkvcbuild.pm
index f92c14030d..142adf6557 100644
--- a/src/tools/msvc/Mkvcbuild.pm
+++ b/src/tools/msvc/Mkvcbuild.pm
@@ -136,6 +136,7 @@ sub mkvcbuild
{
push(@pgcommonallfiles, 'cryptohash.c');
push(@pgcommonallfiles, 'md5.c');
+ push(@pgcommonallfiles, 'sha1.c');
push(@pgcommonallfiles, 'sha2.c');
}
@@ -465,10 +466,10 @@ sub mkvcbuild
else
{
$pgcrypto->AddFiles(
- 'contrib/pgcrypto', 'sha1.c',
- 'internal.c', 'internal-sha2.c',
- 'blf.c', 'rijndael.c',
- 'pgp-mpi-internal.c', 'imath.c');
+ 'contrib/pgcrypto', 'internal.c',
+ 'internal-sha2.c', 'blf.c',
+ 'rijndael.c', 'pgp-mpi-internal.c',
+ 'imath.c');
}
$pgcrypto->AddReference($postgres);
$pgcrypto->AddLibrary('ws2_32.lib');
--
2.29.2
Re: Some more hackery around cryptohashes (some fixes + SHA1)
On Mon, Dec 14, 2020 at 12:48:15PM +0900, Michael Paquier wrote:
This is a nice cleanup, so I have moved ahead and applied it. A
rebased version of the SHA1 business is attached.
Rebased version attached to address the conflicts caused by 55fe26a.
I have fixed three places in pgcrypto where this missed to issue an
error if one of the init/update/final cryptohash calls failed for
SHA1.
--
Michael
Attachments:
v3-0001-Introduce-SHA1-in-cryptohash-infrastructure.patchtext/x-diff; charset=us-asciiDownload
From fc0819047f18f664efa075a578af66c83854b82c Mon Sep 17 00:00:00 2001
From: Michael Paquier <michael@paquier.xyz>
Date: Thu, 7 Jan 2021 12:31:10 +0900
Subject: [PATCH v3] Introduce SHA1 in cryptohash infrastructure
---
src/include/common/cryptohash.h | 1 +
src/include/common/sha1.h | 19 +
src/common/Makefile | 1 +
src/common/cryptohash.c | 11 +
src/common/cryptohash_openssl.c | 3 +
src/common/sha1.c | 369 ++++++++++++++++++
.../pgcrypto/sha1.h => src/common/sha1_int.h | 43 +-
contrib/pgcrypto/Makefile | 2 +-
contrib/pgcrypto/internal.c | 34 +-
contrib/pgcrypto/sha1.c | 331 ----------------
contrib/uuid-ossp/.gitignore | 1 -
contrib/uuid-ossp/Makefile | 6 -
contrib/uuid-ossp/uuid-ossp.c | 27 +-
configure | 19 +-
configure.ac | 24 +-
src/Makefile.global.in | 1 -
src/tools/msvc/Mkvcbuild.pm | 9 +-
17 files changed, 478 insertions(+), 423 deletions(-)
create mode 100644 src/include/common/sha1.h
create mode 100644 src/common/sha1.c
rename contrib/pgcrypto/sha1.h => src/common/sha1_int.h (72%)
delete mode 100644 contrib/pgcrypto/sha1.c
diff --git a/src/include/common/cryptohash.h b/src/include/common/cryptohash.h
index 3ecaf62113..32d7784ca5 100644
--- a/src/include/common/cryptohash.h
+++ b/src/include/common/cryptohash.h
@@ -19,6 +19,7 @@
typedef enum
{
PG_MD5 = 0,
+ PG_SHA1,
PG_SHA224,
PG_SHA256,
PG_SHA384,
diff --git a/src/include/common/sha1.h b/src/include/common/sha1.h
new file mode 100644
index 0000000000..a61bc47ded
--- /dev/null
+++ b/src/include/common/sha1.h
@@ -0,0 +1,19 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1.h
+ * Constants related to SHA1.
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * src/include/common/sha1.h
+ *
+ *-------------------------------------------------------------------------
+ */
+#ifndef PG_SHA1_H
+#define PG_SHA1_H
+
+/* Size of result generated by SHA1 computation */
+#define SHA1_DIGEST_LENGTH 20
+
+#endif /* PG_SHA1_H */
diff --git a/src/common/Makefile b/src/common/Makefile
index f624977939..04a4da0576 100644
--- a/src/common/Makefile
+++ b/src/common/Makefile
@@ -88,6 +88,7 @@ else
OBJS_COMMON += \
cryptohash.o \
md5.o \
+ sha1.o \
sha2.o
endif
diff --git a/src/common/cryptohash.c b/src/common/cryptohash.c
index efedadd626..eecf17081b 100644
--- a/src/common/cryptohash.c
+++ b/src/common/cryptohash.c
@@ -25,6 +25,7 @@
#include "common/cryptohash.h"
#include "md5_int.h"
+#include "sha1_int.h"
#include "sha2_int.h"
/*
@@ -47,6 +48,7 @@ struct pg_cryptohash_ctx
union
{
pg_md5_ctx md5;
+ pg_sha1_ctx sha1;
pg_sha224_ctx sha224;
pg_sha256_ctx sha256;
pg_sha384_ctx sha384;
@@ -97,6 +99,9 @@ pg_cryptohash_init(pg_cryptohash_ctx *ctx)
case PG_MD5:
pg_md5_init(&ctx->data.md5);
break;
+ case PG_SHA1:
+ pg_sha1_init(&ctx->data.sha1);
+ break;
case PG_SHA224:
pg_sha224_init(&ctx->data.sha224);
break;
@@ -132,6 +137,9 @@ pg_cryptohash_update(pg_cryptohash_ctx *ctx, const uint8 *data, size_t len)
case PG_MD5:
pg_md5_update(&ctx->data.md5, data, len);
break;
+ case PG_SHA1:
+ pg_sha1_update(&ctx->data.sha1, data, len);
+ break;
case PG_SHA224:
pg_sha224_update(&ctx->data.sha224, data, len);
break;
@@ -167,6 +175,9 @@ pg_cryptohash_final(pg_cryptohash_ctx *ctx, uint8 *dest)
case PG_MD5:
pg_md5_final(&ctx->data.md5, dest);
break;
+ case PG_SHA1:
+ pg_sha1_final(&ctx->data.sha1, dest);
+ break;
case PG_SHA224:
pg_sha224_final(&ctx->data.sha224, dest);
break;
diff --git a/src/common/cryptohash_openssl.c b/src/common/cryptohash_openssl.c
index 551ec392b6..006e867403 100644
--- a/src/common/cryptohash_openssl.c
+++ b/src/common/cryptohash_openssl.c
@@ -131,6 +131,9 @@ pg_cryptohash_init(pg_cryptohash_ctx *ctx)
case PG_MD5:
status = EVP_DigestInit_ex(ctx->evpctx, EVP_md5(), NULL);
break;
+ case PG_SHA1:
+ status = EVP_DigestInit_ex(ctx->evpctx, EVP_sha1(), NULL);
+ break;
case PG_SHA224:
status = EVP_DigestInit_ex(ctx->evpctx, EVP_sha224(), NULL);
break;
diff --git a/src/common/sha1.c b/src/common/sha1.c
new file mode 100644
index 0000000000..f8ed4d6808
--- /dev/null
+++ b/src/common/sha1.c
@@ -0,0 +1,369 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1.c
+ * Implements the SHA1 Secure Hash Algorithm
+ *
+ * Fallback implementation of SHA1, as specified in RFC 3174.
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/common/sha1.c
+ *
+ *-------------------------------------------------------------------------
+ */
+
+/* $KAME: sha1.c,v 1.3 2000/02/22 14:01:18 itojun Exp $ */
+
+/*
+ * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+/*
+ * FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
+ * based on: http://www.itl.nist.gov/fipspubs/fip180-1.htm
+ * implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
+ */
+
+#ifndef FRONTEND
+#include "postgres.h"
+#else
+#include "postgres_fe.h"
+#endif
+
+#include <sys/param.h>
+
+#include "sha1_int.h"
+
+/* constant table */
+static uint32 _K[] = {0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6};
+
+#define K(t) _K[(t) / 20]
+
+#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d)))
+#define F1(b, c, d) (((b) ^ (c)) ^ (d))
+#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define F3(b, c, d) (((b) ^ (c)) ^ (d))
+
+#define S(n, x) (((x) << (n)) | ((x) >> (32 - (n))))
+
+#define H(n) (ctx->h.b32[(n)])
+#define COUNT (ctx->count)
+#define BCOUNT (ctx->c.b64[0] / 8)
+#define W(n) (ctx->m.b32[(n)])
+
+#define PUTPAD(x) \
+do { \
+ ctx->m.b8[(COUNT % 64)] = (x); \
+ COUNT++; \
+ COUNT %= 64; \
+ if (COUNT % 64 == 0) \
+ sha1_step(ctx); \
+} while (0)
+
+static void
+sha1_step(pg_sha1_ctx *ctx)
+{
+ uint32 a,
+ b,
+ c,
+ d,
+ e;
+ size_t t,
+ s;
+ uint32 tmp;
+
+#ifndef WORDS_BIGENDIAN
+ pg_sha1_ctx tctx;
+
+ memmove(&tctx.m.b8[0], &ctx->m.b8[0], 64);
+ ctx->m.b8[0] = tctx.m.b8[3];
+ ctx->m.b8[1] = tctx.m.b8[2];
+ ctx->m.b8[2] = tctx.m.b8[1];
+ ctx->m.b8[3] = tctx.m.b8[0];
+ ctx->m.b8[4] = tctx.m.b8[7];
+ ctx->m.b8[5] = tctx.m.b8[6];
+ ctx->m.b8[6] = tctx.m.b8[5];
+ ctx->m.b8[7] = tctx.m.b8[4];
+ ctx->m.b8[8] = tctx.m.b8[11];
+ ctx->m.b8[9] = tctx.m.b8[10];
+ ctx->m.b8[10] = tctx.m.b8[9];
+ ctx->m.b8[11] = tctx.m.b8[8];
+ ctx->m.b8[12] = tctx.m.b8[15];
+ ctx->m.b8[13] = tctx.m.b8[14];
+ ctx->m.b8[14] = tctx.m.b8[13];
+ ctx->m.b8[15] = tctx.m.b8[12];
+ ctx->m.b8[16] = tctx.m.b8[19];
+ ctx->m.b8[17] = tctx.m.b8[18];
+ ctx->m.b8[18] = tctx.m.b8[17];
+ ctx->m.b8[19] = tctx.m.b8[16];
+ ctx->m.b8[20] = tctx.m.b8[23];
+ ctx->m.b8[21] = tctx.m.b8[22];
+ ctx->m.b8[22] = tctx.m.b8[21];
+ ctx->m.b8[23] = tctx.m.b8[20];
+ ctx->m.b8[24] = tctx.m.b8[27];
+ ctx->m.b8[25] = tctx.m.b8[26];
+ ctx->m.b8[26] = tctx.m.b8[25];
+ ctx->m.b8[27] = tctx.m.b8[24];
+ ctx->m.b8[28] = tctx.m.b8[31];
+ ctx->m.b8[29] = tctx.m.b8[30];
+ ctx->m.b8[30] = tctx.m.b8[29];
+ ctx->m.b8[31] = tctx.m.b8[28];
+ ctx->m.b8[32] = tctx.m.b8[35];
+ ctx->m.b8[33] = tctx.m.b8[34];
+ ctx->m.b8[34] = tctx.m.b8[33];
+ ctx->m.b8[35] = tctx.m.b8[32];
+ ctx->m.b8[36] = tctx.m.b8[39];
+ ctx->m.b8[37] = tctx.m.b8[38];
+ ctx->m.b8[38] = tctx.m.b8[37];
+ ctx->m.b8[39] = tctx.m.b8[36];
+ ctx->m.b8[40] = tctx.m.b8[43];
+ ctx->m.b8[41] = tctx.m.b8[42];
+ ctx->m.b8[42] = tctx.m.b8[41];
+ ctx->m.b8[43] = tctx.m.b8[40];
+ ctx->m.b8[44] = tctx.m.b8[47];
+ ctx->m.b8[45] = tctx.m.b8[46];
+ ctx->m.b8[46] = tctx.m.b8[45];
+ ctx->m.b8[47] = tctx.m.b8[44];
+ ctx->m.b8[48] = tctx.m.b8[51];
+ ctx->m.b8[49] = tctx.m.b8[50];
+ ctx->m.b8[50] = tctx.m.b8[49];
+ ctx->m.b8[51] = tctx.m.b8[48];
+ ctx->m.b8[52] = tctx.m.b8[55];
+ ctx->m.b8[53] = tctx.m.b8[54];
+ ctx->m.b8[54] = tctx.m.b8[53];
+ ctx->m.b8[55] = tctx.m.b8[52];
+ ctx->m.b8[56] = tctx.m.b8[59];
+ ctx->m.b8[57] = tctx.m.b8[58];
+ ctx->m.b8[58] = tctx.m.b8[57];
+ ctx->m.b8[59] = tctx.m.b8[56];
+ ctx->m.b8[60] = tctx.m.b8[63];
+ ctx->m.b8[61] = tctx.m.b8[62];
+ ctx->m.b8[62] = tctx.m.b8[61];
+ ctx->m.b8[63] = tctx.m.b8[60];
+#endif
+
+ a = H(0);
+ b = H(1);
+ c = H(2);
+ d = H(3);
+ e = H(4);
+
+ for (t = 0; t < 20; t++)
+ {
+ s = t & 0x0f;
+ if (t >= 16)
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 20; t < 40; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 40; t < 60; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+ for (t = 60; t < 80; t++)
+ {
+ s = t & 0x0f;
+ W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
+ tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t);
+ e = d;
+ d = c;
+ c = S(30, b);
+ b = a;
+ a = tmp;
+ }
+
+ H(0) = H(0) + a;
+ H(1) = H(1) + b;
+ H(2) = H(2) + c;
+ H(3) = H(3) + d;
+ H(4) = H(4) + e;
+
+ memset(&ctx->m.b8[0], 0, 64);
+}
+
+static void
+sha1_pad(pg_sha1_ctx *ctx)
+{
+ size_t padlen; /* pad length in bytes */
+ size_t padstart;
+
+ PUTPAD(0x80);
+
+ padstart = COUNT % 64;
+ padlen = 64 - padstart;
+ if (padlen < 8)
+ {
+ memset(&ctx->m.b8[padstart], 0, padlen);
+ COUNT += padlen;
+ COUNT %= 64;
+ sha1_step(ctx);
+ padstart = COUNT % 64; /* should be 0 */
+ padlen = 64 - padstart; /* should be 64 */
+ }
+ memset(&ctx->m.b8[padstart], 0, padlen - 8);
+ COUNT += (padlen - 8);
+ COUNT %= 64;
+#ifdef WORDS_BIGENDIAN
+ PUTPAD(ctx->c.b8[0]);
+ PUTPAD(ctx->c.b8[1]);
+ PUTPAD(ctx->c.b8[2]);
+ PUTPAD(ctx->c.b8[3]);
+ PUTPAD(ctx->c.b8[4]);
+ PUTPAD(ctx->c.b8[5]);
+ PUTPAD(ctx->c.b8[6]);
+ PUTPAD(ctx->c.b8[7]);
+#else
+ PUTPAD(ctx->c.b8[7]);
+ PUTPAD(ctx->c.b8[6]);
+ PUTPAD(ctx->c.b8[5]);
+ PUTPAD(ctx->c.b8[4]);
+ PUTPAD(ctx->c.b8[3]);
+ PUTPAD(ctx->c.b8[2]);
+ PUTPAD(ctx->c.b8[1]);
+ PUTPAD(ctx->c.b8[0]);
+#endif
+}
+
+static void
+sha1_result(uint8 *digest0, pg_sha1_ctx *ctx)
+{
+ uint8 *digest;
+
+ digest = (uint8 *) digest0;
+
+#ifdef WORDS_BIGENDIAN
+ memmove(digest, &ctx->h.b8[0], 20);
+#else
+ digest[0] = ctx->h.b8[3];
+ digest[1] = ctx->h.b8[2];
+ digest[2] = ctx->h.b8[1];
+ digest[3] = ctx->h.b8[0];
+ digest[4] = ctx->h.b8[7];
+ digest[5] = ctx->h.b8[6];
+ digest[6] = ctx->h.b8[5];
+ digest[7] = ctx->h.b8[4];
+ digest[8] = ctx->h.b8[11];
+ digest[9] = ctx->h.b8[10];
+ digest[10] = ctx->h.b8[9];
+ digest[11] = ctx->h.b8[8];
+ digest[12] = ctx->h.b8[15];
+ digest[13] = ctx->h.b8[14];
+ digest[14] = ctx->h.b8[13];
+ digest[15] = ctx->h.b8[12];
+ digest[16] = ctx->h.b8[19];
+ digest[17] = ctx->h.b8[18];
+ digest[18] = ctx->h.b8[17];
+ digest[19] = ctx->h.b8[16];
+#endif
+}
+
+/* External routines for this SHA1 implementation */
+
+/*
+ * pg_sha1_init
+ *
+ * Initialize a SHA1 context.
+ */
+void
+pg_sha1_init(pg_sha1_ctx *ctx)
+{
+ memset(ctx, 0, sizeof(pg_sha1_ctx));
+ H(0) = 0x67452301;
+ H(1) = 0xefcdab89;
+ H(2) = 0x98badcfe;
+ H(3) = 0x10325476;
+ H(4) = 0xc3d2e1f0;
+}
+
+/*
+ * pg_sha1_update
+ *
+ * Update a SHA1 context.
+ */
+void
+pg_sha1_update(pg_sha1_ctx *ctx, const uint8 *data, size_t len)
+{
+ const uint8 *input;
+ size_t gaplen;
+ size_t gapstart;
+ size_t off;
+ size_t copysiz;
+
+ input = (const uint8 *) data;
+ off = 0;
+
+ while (off < len)
+ {
+ gapstart = COUNT % 64;
+ gaplen = 64 - gapstart;
+
+ copysiz = (gaplen < len - off) ? gaplen : len - off;
+ memmove(&ctx->m.b8[gapstart], &input[off], copysiz);
+ COUNT += copysiz;
+ COUNT %= 64;
+ ctx->c.b64[0] += copysiz * 8;
+ if (COUNT % 64 == 0)
+ sha1_step(ctx);
+ off += copysiz;
+ }
+}
+
+/*
+ * pg_sha1_final
+ *
+ * Finalize a SHA1 context.
+ */
+void
+pg_sha1_final(pg_sha1_ctx *ctx, uint8 *dest)
+{
+ sha1_pad(ctx);
+ sha1_result(dest, ctx);
+}
diff --git a/contrib/pgcrypto/sha1.h b/src/common/sha1_int.h
similarity index 72%
rename from contrib/pgcrypto/sha1.h
rename to src/common/sha1_int.h
index 4300694a34..40fbffcd0b 100644
--- a/contrib/pgcrypto/sha1.h
+++ b/src/common/sha1_int.h
@@ -1,3 +1,17 @@
+/*-------------------------------------------------------------------------
+ *
+ * sha1_int.h
+ * Internal headers for fallback implementation of SHA1
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/common/sha1_int.h
+ *
+ *-------------------------------------------------------------------------
+ */
+
/* contrib/pgcrypto/sha1.h */
/* $KAME: sha1.h,v 1.4 2000/02/22 14:01:18 itojun Exp $ */
@@ -35,10 +49,12 @@
* implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
*/
-#ifndef _NETINET6_SHA1_H_
-#define _NETINET6_SHA1_H_
+#ifndef PG_SHA1_INT_H
+#define PG_SHA1_INT_H
-struct sha1_ctxt
+#include "common/sha1.h"
+
+typedef struct
{
union
{
@@ -56,20 +72,11 @@ struct sha1_ctxt
uint32 b32[16];
} m;
uint8 count;
-};
+} pg_sha1_ctx;
-extern void sha1_init(struct sha1_ctxt *);
-extern void sha1_pad(struct sha1_ctxt *);
-extern void sha1_loop(struct sha1_ctxt *, const uint8 *, size_t);
-extern void sha1_result(struct sha1_ctxt *, uint8 *);
+/* Interface routines for SHA1 */
+extern void pg_sha1_init(pg_sha1_ctx *ctx);
+extern void pg_sha1_update(pg_sha1_ctx *ctx, const uint8 *data, size_t len);
+extern void pg_sha1_final(pg_sha1_ctx *ctx, uint8 *dest);
-/* compatibility with other SHA1 source codes */
-typedef struct sha1_ctxt SHA1_CTX;
-
-#define SHA1Init(x) sha1_init((x))
-#define SHA1Update(x, y, z) sha1_loop((x), (y), (z))
-#define SHA1Final(x, y) sha1_result((y), (x))
-
-#define SHA1_RESULTLEN (160/8)
-
-#endif /* _NETINET6_SHA1_H_ */
+#endif /* PG_SHA1_INT_H */
diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
index d881e85add..316a26e58d 100644
--- a/contrib/pgcrypto/Makefile
+++ b/contrib/pgcrypto/Makefile
@@ -1,6 +1,6 @@
# contrib/pgcrypto/Makefile
-INT_SRCS = sha1.c internal.c internal-sha2.c blf.c rijndael.c \
+INT_SRCS = internal.c internal-sha2.c blf.c rijndael.c \
pgp-mpi-internal.c imath.c
INT_TESTS = sha2
diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c
index ea377bdf83..79440ba36f 100644
--- a/contrib/pgcrypto/internal.c
+++ b/contrib/pgcrypto/internal.c
@@ -36,18 +36,10 @@
#include "blf.h"
#include "px.h"
#include "rijndael.h"
-#include "sha1.h"
#include "common/cryptohash.h"
#include "common/md5.h"
-
-#ifndef SHA1_DIGEST_LENGTH
-#ifdef SHA1_RESULTLEN
-#define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
-#else
-#define SHA1_DIGEST_LENGTH 20
-#endif
-#endif
+#include "common/sha1.h"
#define SHA1_BLOCK_SIZE 64
#define MD5_BLOCK_SIZE 64
@@ -141,34 +133,36 @@ int_sha1_block_len(PX_MD *h)
static void
int_sha1_update(PX_MD *h, const uint8 *data, unsigned dlen)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Update(ctx, data, dlen);
+ if (pg_cryptohash_update(ctx, data, dlen) < 0)
+ elog(ERROR, "could not update %s context", "SHA1");
}
static void
int_sha1_reset(PX_MD *h)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Init(ctx);
+ if (pg_cryptohash_init(ctx) < 0)
+ elog(ERROR, "could not initialize %s context", "SHA1");
}
static void
int_sha1_finish(PX_MD *h, uint8 *dst)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- SHA1Final(dst, ctx);
+ if (pg_cryptohash_final(ctx, dst) < 0)
+ elog(ERROR, "could not finalize %s context", "SHA1");
}
static void
int_sha1_free(PX_MD *h)
{
- SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
- px_memset(ctx, 0, sizeof(*ctx));
- pfree(ctx);
+ pg_cryptohash_free(ctx);
pfree(h);
}
@@ -196,9 +190,9 @@ init_md5(PX_MD *md)
static void
init_sha1(PX_MD *md)
{
- SHA1_CTX *ctx;
+ pg_cryptohash_ctx *ctx;
- ctx = palloc0(sizeof(*ctx));
+ ctx = pg_cryptohash_create(PG_SHA1);
md->p.ptr = ctx;
diff --git a/contrib/pgcrypto/sha1.c b/contrib/pgcrypto/sha1.c
deleted file mode 100644
index 64671ac64d..0000000000
--- a/contrib/pgcrypto/sha1.c
+++ /dev/null
@@ -1,331 +0,0 @@
-/* $KAME: sha1.c,v 1.3 2000/02/22 14:01:18 itojun Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * contrib/pgcrypto/sha1.c
- */
-/*
- * FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
- * based on: http://www.itl.nist.gov/fipspubs/fip180-1.htm
- * implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
- */
-
-#include "postgres.h"
-
-#include <sys/param.h>
-
-#include "sha1.h"
-
-/* constant table */
-static uint32 _K[] = {0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6};
-
-#define K(t) _K[(t) / 20]
-
-#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d)))
-#define F1(b, c, d) (((b) ^ (c)) ^ (d))
-#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
-#define F3(b, c, d) (((b) ^ (c)) ^ (d))
-
-#define S(n, x) (((x) << (n)) | ((x) >> (32 - (n))))
-
-#define H(n) (ctxt->h.b32[(n)])
-#define COUNT (ctxt->count)
-#define BCOUNT (ctxt->c.b64[0] / 8)
-#define W(n) (ctxt->m.b32[(n)])
-
-#define PUTPAD(x) \
-do { \
- ctxt->m.b8[(COUNT % 64)] = (x); \
- COUNT++; \
- COUNT %= 64; \
- if (COUNT % 64 == 0) \
- sha1_step(ctxt); \
-} while (0)
-
-static void sha1_step(struct sha1_ctxt *);
-
-static void
-sha1_step(struct sha1_ctxt *ctxt)
-{
- uint32 a,
- b,
- c,
- d,
- e;
- size_t t,
- s;
- uint32 tmp;
-
-#ifndef WORDS_BIGENDIAN
- struct sha1_ctxt tctxt;
-
- memmove(&tctxt.m.b8[0], &ctxt->m.b8[0], 64);
- ctxt->m.b8[0] = tctxt.m.b8[3];
- ctxt->m.b8[1] = tctxt.m.b8[2];
- ctxt->m.b8[2] = tctxt.m.b8[1];
- ctxt->m.b8[3] = tctxt.m.b8[0];
- ctxt->m.b8[4] = tctxt.m.b8[7];
- ctxt->m.b8[5] = tctxt.m.b8[6];
- ctxt->m.b8[6] = tctxt.m.b8[5];
- ctxt->m.b8[7] = tctxt.m.b8[4];
- ctxt->m.b8[8] = tctxt.m.b8[11];
- ctxt->m.b8[9] = tctxt.m.b8[10];
- ctxt->m.b8[10] = tctxt.m.b8[9];
- ctxt->m.b8[11] = tctxt.m.b8[8];
- ctxt->m.b8[12] = tctxt.m.b8[15];
- ctxt->m.b8[13] = tctxt.m.b8[14];
- ctxt->m.b8[14] = tctxt.m.b8[13];
- ctxt->m.b8[15] = tctxt.m.b8[12];
- ctxt->m.b8[16] = tctxt.m.b8[19];
- ctxt->m.b8[17] = tctxt.m.b8[18];
- ctxt->m.b8[18] = tctxt.m.b8[17];
- ctxt->m.b8[19] = tctxt.m.b8[16];
- ctxt->m.b8[20] = tctxt.m.b8[23];
- ctxt->m.b8[21] = tctxt.m.b8[22];
- ctxt->m.b8[22] = tctxt.m.b8[21];
- ctxt->m.b8[23] = tctxt.m.b8[20];
- ctxt->m.b8[24] = tctxt.m.b8[27];
- ctxt->m.b8[25] = tctxt.m.b8[26];
- ctxt->m.b8[26] = tctxt.m.b8[25];
- ctxt->m.b8[27] = tctxt.m.b8[24];
- ctxt->m.b8[28] = tctxt.m.b8[31];
- ctxt->m.b8[29] = tctxt.m.b8[30];
- ctxt->m.b8[30] = tctxt.m.b8[29];
- ctxt->m.b8[31] = tctxt.m.b8[28];
- ctxt->m.b8[32] = tctxt.m.b8[35];
- ctxt->m.b8[33] = tctxt.m.b8[34];
- ctxt->m.b8[34] = tctxt.m.b8[33];
- ctxt->m.b8[35] = tctxt.m.b8[32];
- ctxt->m.b8[36] = tctxt.m.b8[39];
- ctxt->m.b8[37] = tctxt.m.b8[38];
- ctxt->m.b8[38] = tctxt.m.b8[37];
- ctxt->m.b8[39] = tctxt.m.b8[36];
- ctxt->m.b8[40] = tctxt.m.b8[43];
- ctxt->m.b8[41] = tctxt.m.b8[42];
- ctxt->m.b8[42] = tctxt.m.b8[41];
- ctxt->m.b8[43] = tctxt.m.b8[40];
- ctxt->m.b8[44] = tctxt.m.b8[47];
- ctxt->m.b8[45] = tctxt.m.b8[46];
- ctxt->m.b8[46] = tctxt.m.b8[45];
- ctxt->m.b8[47] = tctxt.m.b8[44];
- ctxt->m.b8[48] = tctxt.m.b8[51];
- ctxt->m.b8[49] = tctxt.m.b8[50];
- ctxt->m.b8[50] = tctxt.m.b8[49];
- ctxt->m.b8[51] = tctxt.m.b8[48];
- ctxt->m.b8[52] = tctxt.m.b8[55];
- ctxt->m.b8[53] = tctxt.m.b8[54];
- ctxt->m.b8[54] = tctxt.m.b8[53];
- ctxt->m.b8[55] = tctxt.m.b8[52];
- ctxt->m.b8[56] = tctxt.m.b8[59];
- ctxt->m.b8[57] = tctxt.m.b8[58];
- ctxt->m.b8[58] = tctxt.m.b8[57];
- ctxt->m.b8[59] = tctxt.m.b8[56];
- ctxt->m.b8[60] = tctxt.m.b8[63];
- ctxt->m.b8[61] = tctxt.m.b8[62];
- ctxt->m.b8[62] = tctxt.m.b8[61];
- ctxt->m.b8[63] = tctxt.m.b8[60];
-#endif
-
- a = H(0);
- b = H(1);
- c = H(2);
- d = H(3);
- e = H(4);
-
- for (t = 0; t < 20; t++)
- {
- s = t & 0x0f;
- if (t >= 16)
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 20; t < 40; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 40; t < 60; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
- for (t = 60; t < 80; t++)
- {
- s = t & 0x0f;
- W(s) = S(1, W((s + 13) & 0x0f) ^ W((s + 8) & 0x0f) ^ W((s + 2) & 0x0f) ^ W(s));
- tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t);
- e = d;
- d = c;
- c = S(30, b);
- b = a;
- a = tmp;
- }
-
- H(0) = H(0) + a;
- H(1) = H(1) + b;
- H(2) = H(2) + c;
- H(3) = H(3) + d;
- H(4) = H(4) + e;
-
- memset(&ctxt->m.b8[0], 0, 64);
-}
-
-/*------------------------------------------------------------*/
-
-void
-sha1_init(struct sha1_ctxt *ctxt)
-{
- memset(ctxt, 0, sizeof(struct sha1_ctxt));
- H(0) = 0x67452301;
- H(1) = 0xefcdab89;
- H(2) = 0x98badcfe;
- H(3) = 0x10325476;
- H(4) = 0xc3d2e1f0;
-}
-
-void
-sha1_pad(struct sha1_ctxt *ctxt)
-{
- size_t padlen; /* pad length in bytes */
- size_t padstart;
-
- PUTPAD(0x80);
-
- padstart = COUNT % 64;
- padlen = 64 - padstart;
- if (padlen < 8)
- {
- memset(&ctxt->m.b8[padstart], 0, padlen);
- COUNT += padlen;
- COUNT %= 64;
- sha1_step(ctxt);
- padstart = COUNT % 64; /* should be 0 */
- padlen = 64 - padstart; /* should be 64 */
- }
- memset(&ctxt->m.b8[padstart], 0, padlen - 8);
- COUNT += (padlen - 8);
- COUNT %= 64;
-#ifdef WORDS_BIGENDIAN
- PUTPAD(ctxt->c.b8[0]);
- PUTPAD(ctxt->c.b8[1]);
- PUTPAD(ctxt->c.b8[2]);
- PUTPAD(ctxt->c.b8[3]);
- PUTPAD(ctxt->c.b8[4]);
- PUTPAD(ctxt->c.b8[5]);
- PUTPAD(ctxt->c.b8[6]);
- PUTPAD(ctxt->c.b8[7]);
-#else
- PUTPAD(ctxt->c.b8[7]);
- PUTPAD(ctxt->c.b8[6]);
- PUTPAD(ctxt->c.b8[5]);
- PUTPAD(ctxt->c.b8[4]);
- PUTPAD(ctxt->c.b8[3]);
- PUTPAD(ctxt->c.b8[2]);
- PUTPAD(ctxt->c.b8[1]);
- PUTPAD(ctxt->c.b8[0]);
-#endif
-}
-
-void
-sha1_loop(struct sha1_ctxt *ctxt, const uint8 *input0, size_t len)
-{
- const uint8 *input;
- size_t gaplen;
- size_t gapstart;
- size_t off;
- size_t copysiz;
-
- input = (const uint8 *) input0;
- off = 0;
-
- while (off < len)
- {
- gapstart = COUNT % 64;
- gaplen = 64 - gapstart;
-
- copysiz = (gaplen < len - off) ? gaplen : len - off;
- memmove(&ctxt->m.b8[gapstart], &input[off], copysiz);
- COUNT += copysiz;
- COUNT %= 64;
- ctxt->c.b64[0] += copysiz * 8;
- if (COUNT % 64 == 0)
- sha1_step(ctxt);
- off += copysiz;
- }
-}
-
-void
-sha1_result(struct sha1_ctxt *ctxt, uint8 *digest0)
-{
- uint8 *digest;
-
- digest = (uint8 *) digest0;
- sha1_pad(ctxt);
-#ifdef WORDS_BIGENDIAN
- memmove(digest, &ctxt->h.b8[0], 20);
-#else
- digest[0] = ctxt->h.b8[3];
- digest[1] = ctxt->h.b8[2];
- digest[2] = ctxt->h.b8[1];
- digest[3] = ctxt->h.b8[0];
- digest[4] = ctxt->h.b8[7];
- digest[5] = ctxt->h.b8[6];
- digest[6] = ctxt->h.b8[5];
- digest[7] = ctxt->h.b8[4];
- digest[8] = ctxt->h.b8[11];
- digest[9] = ctxt->h.b8[10];
- digest[10] = ctxt->h.b8[9];
- digest[11] = ctxt->h.b8[8];
- digest[12] = ctxt->h.b8[15];
- digest[13] = ctxt->h.b8[14];
- digest[14] = ctxt->h.b8[13];
- digest[15] = ctxt->h.b8[12];
- digest[16] = ctxt->h.b8[19];
- digest[17] = ctxt->h.b8[18];
- digest[18] = ctxt->h.b8[17];
- digest[19] = ctxt->h.b8[16];
-#endif
-}
diff --git a/contrib/uuid-ossp/.gitignore b/contrib/uuid-ossp/.gitignore
index d7260edc61..5dcb3ff972 100644
--- a/contrib/uuid-ossp/.gitignore
+++ b/contrib/uuid-ossp/.gitignore
@@ -1,4 +1,3 @@
-/sha1.c
# Generated subdirectories
/log/
/results/
diff --git a/contrib/uuid-ossp/Makefile b/contrib/uuid-ossp/Makefile
index 0859a5397c..c42edf5f1a 100644
--- a/contrib/uuid-ossp/Makefile
+++ b/contrib/uuid-ossp/Makefile
@@ -2,7 +2,6 @@
MODULE_big = uuid-ossp
OBJS = \
- $(UUID_EXTRA_OBJS) \
$(WIN32RES) \
uuid-ossp.o
@@ -19,8 +18,6 @@ pgcrypto_src = $(top_srcdir)/contrib/pgcrypto
PG_CPPFLAGS = -I$(pgcrypto_src)
-EXTRA_CLEAN = sha1.c
-
ifdef USE_PGXS
PG_CONFIG = pg_config
PGXS := $(shell $(PG_CONFIG) --pgxs)
@@ -31,6 +28,3 @@ top_builddir = ../..
include $(top_builddir)/src/Makefile.global
include $(top_srcdir)/contrib/contrib-global.mk
endif
-
-sha1.c: % : $(pgcrypto_src)/%
- rm -f $@ && $(LN_S) $< .
diff --git a/contrib/uuid-ossp/uuid-ossp.c b/contrib/uuid-ossp/uuid-ossp.c
index 049efc979f..49a4a59264 100644
--- a/contrib/uuid-ossp/uuid-ossp.c
+++ b/contrib/uuid-ossp/uuid-ossp.c
@@ -15,6 +15,7 @@
#include "fmgr.h"
#include "common/cryptohash.h"
+#include "common/sha1.h"
#include "port/pg_bswap.h"
#include "utils/builtins.h"
#include "utils/uuid.h"
@@ -40,15 +41,6 @@
#undef uuid_hash
-/*
- * Some BSD variants offer sha1 implementation but Linux does not, so we use
- * a copy from pgcrypto. Not needed with OSSP, though.
- */
-#ifndef HAVE_UUID_OSSP
-#include "sha1.h"
-#endif
-
-
/* Check our UUID length against OSSP's; better both be 16 */
#if defined(HAVE_UUID_OSSP) && (UUID_LEN != UUID_LEN_BIN)
#error UUID length mismatch
@@ -338,13 +330,18 @@ uuid_generate_internal(int v, unsigned char *ns, const char *ptr, int len)
}
else
{
- SHA1_CTX ctx;
- unsigned char sha1result[SHA1_RESULTLEN];
+ pg_cryptohash_ctx *ctx = pg_cryptohash_create(PG_SHA1);
+ unsigned char sha1result[SHA1_DIGEST_LENGTH];
+
+ if (pg_cryptohash_init(ctx) < 0)
+ elog(ERROR, "could not initialize %s context", "SHA1");
+ if (pg_cryptohash_update(ctx, ns, sizeof(uu)) < 0 ||
+ pg_cryptohash_update(ctx, (unsigned char *) ptr, len) < 0)
+ elog(ERROR, "could not update %s context", "SHA1");
+ if (pg_cryptohash_final(ctx, sha1result) < 0)
+ elog(ERROR, "could not finalize %s context", "SHA1");
+ pg_cryptohash_free(ctx);
- SHA1Init(&ctx);
- SHA1Update(&ctx, ns, sizeof(uu));
- SHA1Update(&ctx, (unsigned char *) ptr, len);
- SHA1Final(sha1result, &ctx);
memcpy(&uu, sha1result, sizeof(uu));
}
diff --git a/configure b/configure
index e51b8ce6ec..7169e870cf 100755
--- a/configure
+++ b/configure
@@ -705,7 +705,6 @@ XML2_LIBS
XML2_CFLAGS
XML2_CONFIG
with_libxml
-UUID_EXTRA_OBJS
with_uuid
with_readline
with_systemd
@@ -8303,30 +8302,26 @@ if test "$with_ossp_uuid" = yes ; then
with_uuid=ossp
fi
-if test "$with_uuid" = bsd ; then
+if test "$with_uuid" != no ; then
+ if test "$with_uuid" = bsd ; then
$as_echo "#define HAVE_UUID_BSD 1" >>confdefs.h
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = e2fs ; then
+ elif test "$with_uuid" = e2fs ; then
$as_echo "#define HAVE_UUID_E2FS 1" >>confdefs.h
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = ossp ; then
+ elif test "$with_uuid" = ossp ; then
$as_echo "#define HAVE_UUID_OSSP 1" >>confdefs.h
- UUID_EXTRA_OBJS=""
-elif test "$with_uuid" = no ; then
- UUID_EXTRA_OBJS=""
-else
- as_fn_error $? "--with-uuid must specify one of bsd, e2fs, or ossp" "$LINENO" 5
+ else
+ as_fn_error $? "--with-uuid must specify one of bsd, e2fs, or ossp" "$LINENO" 5
+ fi
fi
-
#
# XML
#
diff --git a/configure.ac b/configure.ac
index 054839f0f2..33c3a151c4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -919,22 +919,18 @@ if test "$with_ossp_uuid" = yes ; then
with_uuid=ossp
fi
-if test "$with_uuid" = bsd ; then
- AC_DEFINE([HAVE_UUID_BSD], 1, [Define to 1 if you have BSD UUID support.])
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = e2fs ; then
- AC_DEFINE([HAVE_UUID_E2FS], 1, [Define to 1 if you have E2FS UUID support.])
- UUID_EXTRA_OBJS="sha1.o"
-elif test "$with_uuid" = ossp ; then
- AC_DEFINE([HAVE_UUID_OSSP], 1, [Define to 1 if you have OSSP UUID support.])
- UUID_EXTRA_OBJS=""
-elif test "$with_uuid" = no ; then
- UUID_EXTRA_OBJS=""
-else
- AC_MSG_ERROR([--with-uuid must specify one of bsd, e2fs, or ossp])
+if test "$with_uuid" != no ; then
+ if test "$with_uuid" = bsd ; then
+ AC_DEFINE([HAVE_UUID_BSD], 1, [Define to 1 if you have BSD UUID support.])
+ elif test "$with_uuid" = e2fs ; then
+ AC_DEFINE([HAVE_UUID_E2FS], 1, [Define to 1 if you have E2FS UUID support.])
+ elif test "$with_uuid" = ossp ; then
+ AC_DEFINE([HAVE_UUID_OSSP], 1, [Define to 1 if you have OSSP UUID support.])
+ else
+ AC_MSG_ERROR([--with-uuid must specify one of bsd, e2fs, or ossp])
+ fi
fi
AC_SUBST(with_uuid)
-AC_SUBST(UUID_EXTRA_OBJS)
#
diff --git a/src/Makefile.global.in b/src/Makefile.global.in
index 7ca1e9aac5..9a1688c97c 100644
--- a/src/Makefile.global.in
+++ b/src/Makefile.global.in
@@ -289,7 +289,6 @@ LIBS = @LIBS@
LDAP_LIBS_FE = @LDAP_LIBS_FE@
LDAP_LIBS_BE = @LDAP_LIBS_BE@
UUID_LIBS = @UUID_LIBS@
-UUID_EXTRA_OBJS = @UUID_EXTRA_OBJS@
LLVM_LIBS=@LLVM_LIBS@
LD = @LD@
with_gnu_ld = @with_gnu_ld@
diff --git a/src/tools/msvc/Mkvcbuild.pm b/src/tools/msvc/Mkvcbuild.pm
index 7f014a12c9..10307c8e19 100644
--- a/src/tools/msvc/Mkvcbuild.pm
+++ b/src/tools/msvc/Mkvcbuild.pm
@@ -136,6 +136,7 @@ sub mkvcbuild
{
push(@pgcommonallfiles, 'cryptohash.c');
push(@pgcommonallfiles, 'md5.c');
+ push(@pgcommonallfiles, 'sha1.c');
push(@pgcommonallfiles, 'sha2.c');
}
@@ -465,10 +466,10 @@ sub mkvcbuild
else
{
$pgcrypto->AddFiles(
- 'contrib/pgcrypto', 'sha1.c',
- 'internal.c', 'internal-sha2.c',
- 'blf.c', 'rijndael.c',
- 'pgp-mpi-internal.c', 'imath.c');
+ 'contrib/pgcrypto', 'internal.c',
+ 'internal-sha2.c', 'blf.c',
+ 'rijndael.c', 'pgp-mpi-internal.c',
+ 'imath.c');
}
$pgcrypto->AddReference($postgres);
$pgcrypto->AddLibrary('ws2_32.lib');
--
2.30.0
Re: Some more hackery around cryptohashes (some fixes + SHA1)
On 07/01/2021 05:41, Michael Paquier wrote:
On Mon, Dec 14, 2020 at 12:48:15PM +0900, Michael Paquier wrote:
This is a nice cleanup, so I have moved ahead and applied it. A
rebased version of the SHA1 business is attached.Rebased version attached to address the conflicts caused by 55fe26a.
I have fixed three places in pgcrypto where this missed to issue an
error if one of the init/update/final cryptohash calls failed for
SHA1.
diff --git a/contrib/pgcrypto/sha1.h b/src/common/sha1_int.h similarity index 72% rename from contrib/pgcrypto/sha1.h rename to src/common/sha1_int.h index 4300694a34..40fbffcd0b 100644 --- a/contrib/pgcrypto/sha1.h +++ b/src/common/sha1_int.h @@ -1,3 +1,17 @@ +/*------------------------------------------------------------------------- + * + * sha1_int.h + * Internal headers for fallback implementation of SHA1 + * + * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group + * Portions Copyright (c) 1994, Regents of the University of California + * + * IDENTIFICATION + * src/common/sha1_int.h + * + *------------------------------------------------------------------------- + */ + /* contrib/pgcrypto/sha1.h */ /* $KAME: sha1.h,v 1.4 2000/02/22 14:01:18 itojun Exp $ */
Leftover reference to "contrib/pgcrypto/sha1.h"
Other than that, looks good to me.
- Heikki
Re: Some more hackery around cryptohashes (some fixes + SHA1)
On Fri, Jan 22, 2021 at 03:50:04PM +0200, Heikki Linnakangas wrote:
Leftover reference to "contrib/pgcrypto/sha1.h"
Other than that, looks good to me.
Thanks! I have looked at that again this morning, and this was still
one indentation short. I have also run more tests with different
combinations of --with-openssl and --with-uuid just to be sure, and
applied it.
--
Michael