3
* Wrapper for builtin functions
5
* Copyright (c) 2001 Marko Kreen
8
* Redistribution and use in source and binary forms, with or without
9
* modification, are permitted provided that the following conditions
11
* 1. Redistributions of source code must retain the above copyright
12
* notice, this list of conditions and the following disclaimer.
13
* 2. Redistributions in binary form must reproduce the above copyright
14
* notice, this list of conditions and the following disclaimer in the
15
* documentation and/or other materials provided with the distribution.
17
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29
* contrib/pgcrypto/internal.c
44
* System reseeds should be separated at least this much.
46
#define SYSTEM_RESEED_MIN (20*60) /* 20 min */
48
* How often to roll dice.
50
#define SYSTEM_RESEED_CHECK_TIME (10*60) /* 10 min */
52
* The chance is x/256 that the reseed happens.
54
#define SYSTEM_RESEED_CHANCE (4) /* 256/4 * 10min ~ 10h */
57
* If this much time has passed, force reseed.
59
#define SYSTEM_RESEED_MAX (12*60*60) /* 12h */
62
#ifndef MD5_DIGEST_LENGTH
63
#define MD5_DIGEST_LENGTH 16
66
#ifndef SHA1_DIGEST_LENGTH
68
#define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
70
#define SHA1_DIGEST_LENGTH 20
74
#define SHA1_BLOCK_SIZE 64
75
#define MD5_BLOCK_SIZE 64
77
static void init_md5(PX_MD *h);
78
static void init_sha1(PX_MD *h);
80
void init_sha224(PX_MD *h);
81
void init_sha256(PX_MD *h);
82
void init_sha384(PX_MD *h);
83
void init_sha512(PX_MD *h);
88
void (*init) (PX_MD *h);
91
static const struct int_digest
95
{"sha224", init_sha224},
96
{"sha256", init_sha256},
97
{"sha384", init_sha384},
98
{"sha512", init_sha512},
105
int_md5_len(PX_MD *h)
107
return MD5_DIGEST_LENGTH;
111
int_md5_block_len(PX_MD *h)
113
return MD5_BLOCK_SIZE;
117
int_md5_update(PX_MD *h, const uint8 *data, unsigned dlen)
119
MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
121
MD5Update(ctx, data, dlen);
125
int_md5_reset(PX_MD *h)
127
MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
133
int_md5_finish(PX_MD *h, uint8 *dst)
135
MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
141
int_md5_free(PX_MD *h)
143
MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
145
memset(ctx, 0, sizeof(*ctx));
153
int_sha1_len(PX_MD *h)
155
return SHA1_DIGEST_LENGTH;
159
int_sha1_block_len(PX_MD *h)
161
return SHA1_BLOCK_SIZE;
165
int_sha1_update(PX_MD *h, const uint8 *data, unsigned dlen)
167
SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
169
SHA1Update(ctx, data, dlen);
173
int_sha1_reset(PX_MD *h)
175
SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
181
int_sha1_finish(PX_MD *h, uint8 *dst)
183
SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
189
int_sha1_free(PX_MD *h)
191
SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
193
memset(ctx, 0, sizeof(*ctx));
205
ctx = px_alloc(sizeof(*ctx));
206
memset(ctx, 0, sizeof(*ctx));
210
md->result_size = int_md5_len;
211
md->block_size = int_md5_block_len;
212
md->reset = int_md5_reset;
213
md->update = int_md5_update;
214
md->finish = int_md5_finish;
215
md->free = int_md5_free;
225
ctx = px_alloc(sizeof(*ctx));
226
memset(ctx, 0, sizeof(*ctx));
230
md->result_size = int_sha1_len;
231
md->block_size = int_sha1_block_len;
232
md->reset = int_sha1_reset;
233
md->update = int_sha1_update;
234
md->finish = int_sha1_finish;
235
md->free = int_sha1_free;
244
#define INT_MAX_KEY (512/8)
245
#define INT_MAX_IV (128/8)
249
uint8 keybuf[INT_MAX_KEY];
250
uint8 iv[INT_MAX_IV];
262
intctx_free(PX_Cipher *c)
264
struct int_ctx *cx = (struct int_ctx *) c->ptr;
268
memset(cx, 0, sizeof *cx);
282
rj_block_size(PX_Cipher *c)
288
rj_key_size(PX_Cipher *c)
294
rj_iv_size(PX_Cipher *c)
300
rj_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
302
struct int_ctx *cx = (struct int_ctx *) c->ptr;
305
cx->keylen = 128 / 8;
306
else if (klen <= 192 / 8)
307
cx->keylen = 192 / 8;
308
else if (klen <= 256 / 8)
309
cx->keylen = 256 / 8;
311
return PXE_KEY_TOO_BIG;
313
memcpy(&cx->keybuf, key, klen);
316
memcpy(cx->iv, iv, 128 / 8);
322
rj_real_init(struct int_ctx * cx, int dir)
324
aes_set_key(&cx->ctx.rj, cx->keybuf, cx->keylen * 8, dir);
329
rj_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
331
struct int_ctx *cx = (struct int_ctx *) c->ptr;
335
if (rj_real_init(cx, 1))
336
return PXE_CIPHER_INIT;
343
return PXE_NOTBLOCKSIZE;
345
memcpy(res, data, dlen);
347
if (cx->mode == MODE_CBC)
349
aes_cbc_encrypt(&cx->ctx.rj, cx->iv, res, dlen);
350
memcpy(cx->iv, res + dlen - 16, 16);
353
aes_ecb_encrypt(&cx->ctx.rj, res, dlen);
359
rj_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
361
struct int_ctx *cx = (struct int_ctx *) c->ptr;
364
if (rj_real_init(cx, 0))
365
return PXE_CIPHER_INIT;
371
return PXE_NOTBLOCKSIZE;
373
memcpy(res, data, dlen);
375
if (cx->mode == MODE_CBC)
377
aes_cbc_decrypt(&cx->ctx.rj, cx->iv, res, dlen);
378
memcpy(cx->iv, data + dlen - 16, 16);
381
aes_ecb_decrypt(&cx->ctx.rj, res, dlen);
396
c = px_alloc(sizeof *c);
397
memset(c, 0, sizeof *c);
399
c->block_size = rj_block_size;
400
c->key_size = rj_key_size;
401
c->iv_size = rj_iv_size;
403
c->encrypt = rj_encrypt;
404
c->decrypt = rj_decrypt;
405
c->free = intctx_free;
407
cx = px_alloc(sizeof *cx);
408
memset(cx, 0, sizeof *cx);
420
bf_block_size(PX_Cipher *c)
426
bf_key_size(PX_Cipher *c)
432
bf_iv_size(PX_Cipher *c)
438
bf_init(PX_Cipher *c, const uint8 *key, unsigned klen, const uint8 *iv)
440
struct int_ctx *cx = (struct int_ctx *) c->ptr;
442
blowfish_setkey(&cx->ctx.bf, key, klen);
444
blowfish_setiv(&cx->ctx.bf, iv);
450
bf_encrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
452
struct int_ctx *cx = (struct int_ctx *) c->ptr;
453
BlowfishContext *bfctx = &cx->ctx.bf;
459
return PXE_NOTBLOCKSIZE;
461
memcpy(res, data, dlen);
465
blowfish_encrypt_ecb(res, dlen, bfctx);
468
blowfish_encrypt_cbc(res, dlen, bfctx);
475
bf_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
477
struct int_ctx *cx = (struct int_ctx *) c->ptr;
478
BlowfishContext *bfctx = &cx->ctx.bf;
484
return PXE_NOTBLOCKSIZE;
486
memcpy(res, data, dlen);
490
blowfish_decrypt_ecb(res, dlen, bfctx);
493
blowfish_decrypt_cbc(res, dlen, bfctx);
505
c = px_alloc(sizeof *c);
506
memset(c, 0, sizeof *c);
508
c->block_size = bf_block_size;
509
c->key_size = bf_key_size;
510
c->iv_size = bf_iv_size;
512
c->encrypt = bf_encrypt;
513
c->decrypt = bf_decrypt;
514
c->free = intctx_free;
516
cx = px_alloc(sizeof *cx);
517
memset(cx, 0, sizeof *cx);
528
return rj_load(MODE_ECB);
534
return rj_load(MODE_CBC);
540
return bf_load(MODE_ECB);
546
return bf_load(MODE_CBC);
552
PX_Cipher *(*load) (void);
555
static const struct int_cipher
557
{"bf-cbc", bf_cbc_load},
558
{"bf-ecb", bf_ecb_load},
559
{"aes-128-cbc", rj_128_cbc},
560
{"aes-128-ecb", rj_128_ecb},
564
static const PX_Alias int_aliases[] = {
566
{"blowfish", "bf-cbc"},
567
{"aes", "aes-128-cbc"},
568
{"aes-ecb", "aes-128-ecb"},
569
{"aes-cbc", "aes-128-cbc"},
570
{"aes-128", "aes-128-cbc"},
571
{"rijndael", "aes-128-cbc"},
572
{"rijndael-128", "aes-128-cbc"},
576
/* PUBLIC FUNCTIONS */
579
px_find_digest(const char *name, PX_MD **res)
581
const struct int_digest *p;
584
for (p = int_digest_list; p->name; p++)
585
if (pg_strcasecmp(p->name, name) == 0)
587
h = px_alloc(sizeof(*h));
598
px_find_cipher(const char *name, PX_Cipher **res)
603
name = px_resolve_alias(int_aliases, name);
605
for (i = 0; int_ciphers[i].name; i++)
606
if (strcmp(int_ciphers[i].name, name) == 0)
608
c = int_ciphers[i].load();
613
return PXE_NO_CIPHER;
620
* Randomness provider
624
* Use always strong randomness.
627
px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
629
return px_get_random_bytes(dst, count);
632
static time_t seed_time = 0;
633
static time_t check_time = 0;
647
else if ((t - seed_time) < SYSTEM_RESEED_MIN)
649
else if ((t - seed_time) > SYSTEM_RESEED_MAX)
651
else if (check_time == 0 ||
652
(t - check_time) > SYSTEM_RESEED_CHECK_TIME)
657
px_get_random_bytes(buf, 1);
658
skip = buf[0] >= SYSTEM_RESEED_CHANCE;
661
memset(buf, 0, sizeof(buf));
666
n = px_acquire_system_randomness(buf);
668
fortuna_add_entropy(buf, n);
671
memset(buf, 0, sizeof(buf));
675
px_get_random_bytes(uint8 *dst, unsigned count)
678
fortuna_get_bytes(count, dst);
683
px_add_entropy(const uint8 *data, unsigned count)
686
fortuna_add_entropy(data, count);