Move SHA2 routines to a new generic API layer for crypto hashes
Two new routines to allocate a hash context and to free it are created,
as these become necessary for the goal behind this refactoring: switch
the all cryptohash implementations for OpenSSL to use EVP (for FIPS and
also because upstream does not recommend the use of low-level cryptohash
functions for 20 years). Note that OpenSSL hides the internals of
cryptohash contexts since 1.1.0, so it is necessary to leave the
allocation to OpenSSL itself, explaining the need for those two new
routines. This part is going to require more work to properly track
hash contexts with resource owners, but this not introduced here.
Still, this refactoring makes the move possible.
This reduces the number of routines for all SHA2 implementations from
twelve (SHA{224,256,386,512} with init, update and final calls) to five
(create, free, init, update and final calls) by incorporating the hash
type directly into the hash context data.
The new cryptohash routines are moved to a new file, called cryptohash.c
for the fallback implementations, with SHA2 specifics becoming a part
internal to src/common/. OpenSSL specifics are part of
cryptohash_openssl.c. This infrastructure is usable for more hash
types, like MD5 or HMAC.
Any code paths using the internal SHA2 routines are adapted to report
correctly errors, which are most of the changes of this commit. The
zones mostly impacted are checksum manifests, libpq and SCRAM.
Note that e21cbb4 was a first attempt to switch SHA2 to EVP, but it
lacked the refactoring needed for libpq, as done here.
This patch has been tested on Linux and Windows, with and without
OpenSSL, and down to 1.0.1, the oldest version supported on HEAD.
Author: Michael Paquier
Reviewed-by: Daniel Gustafsson
Discussion: https://postgr.es/m/20200924025314.GE7405@paquier.xyz
2020-12-02 02:37:20 +01:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
|
*
|
|
|
|
|
* sha2_int.h
|
|
|
|
|
* Internal headers for fallback implementation of SHA{224,256,384,512}
|
|
|
|
|
*
|
2024-01-04 02:49:05 +01:00
|
|
|
* Portions Copyright (c) 2016-2024, PostgreSQL Global Development Group
|
Move SHA2 routines to a new generic API layer for crypto hashes
Two new routines to allocate a hash context and to free it are created,
as these become necessary for the goal behind this refactoring: switch
the all cryptohash implementations for OpenSSL to use EVP (for FIPS and
also because upstream does not recommend the use of low-level cryptohash
functions for 20 years). Note that OpenSSL hides the internals of
cryptohash contexts since 1.1.0, so it is necessary to leave the
allocation to OpenSSL itself, explaining the need for those two new
routines. This part is going to require more work to properly track
hash contexts with resource owners, but this not introduced here.
Still, this refactoring makes the move possible.
This reduces the number of routines for all SHA2 implementations from
twelve (SHA{224,256,386,512} with init, update and final calls) to five
(create, free, init, update and final calls) by incorporating the hash
type directly into the hash context data.
The new cryptohash routines are moved to a new file, called cryptohash.c
for the fallback implementations, with SHA2 specifics becoming a part
internal to src/common/. OpenSSL specifics are part of
cryptohash_openssl.c. This infrastructure is usable for more hash
types, like MD5 or HMAC.
Any code paths using the internal SHA2 routines are adapted to report
correctly errors, which are most of the changes of this commit. The
zones mostly impacted are checksum manifests, libpq and SCRAM.
Note that e21cbb4 was a first attempt to switch SHA2 to EVP, but it
lacked the refactoring needed for libpq, as done here.
This patch has been tested on Linux and Windows, with and without
OpenSSL, and down to 1.0.1, the oldest version supported on HEAD.
Author: Michael Paquier
Reviewed-by: Daniel Gustafsson
Discussion: https://postgr.es/m/20200924025314.GE7405@paquier.xyz
2020-12-02 02:37:20 +01:00
|
|
|
*
|
|
|
|
|
* IDENTIFICATION
|
|
|
|
|
* src/common/sha2_int.h
|
|
|
|
|
*
|
|
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* $OpenBSD: sha2.h,v 1.2 2004/04/28 23:11:57 millert Exp $ */
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* FILE: sha2.h
|
|
|
|
|
* AUTHOR: Aaron D. Gifford <me@aarongifford.com>
|
|
|
|
|
*
|
|
|
|
|
* Copyright (c) 2000-2001, Aaron D. Gifford
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
|
* are met:
|
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
|
* 3. Neither the name of the copyright holder nor the names of contributors
|
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
|
* without specific prior written permission.
|
|
|
|
|
*
|
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
|
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
|
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
|
*
|
|
|
|
|
* $From: sha2.h,v 1.1 2001/11/08 00:02:01 adg Exp adg $
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef PG_SHA2_INT_H
|
|
|
|
|
#define PG_SHA2_INT_H
|
|
|
|
|
|
|
|
|
|
#include "common/sha2.h"
|
|
|
|
|
|
|
|
|
|
typedef struct pg_sha256_ctx
|
|
|
|
|
{
|
|
|
|
|
uint32 state[8];
|
|
|
|
|
uint64 bitcount;
|
|
|
|
|
uint8 buffer[PG_SHA256_BLOCK_LENGTH];
|
|
|
|
|
} pg_sha256_ctx;
|
|
|
|
|
typedef struct pg_sha512_ctx
|
|
|
|
|
{
|
|
|
|
|
uint64 state[8];
|
|
|
|
|
uint64 bitcount[2];
|
|
|
|
|
uint8 buffer[PG_SHA512_BLOCK_LENGTH];
|
|
|
|
|
} pg_sha512_ctx;
|
|
|
|
|
typedef struct pg_sha256_ctx pg_sha224_ctx;
|
|
|
|
|
typedef struct pg_sha512_ctx pg_sha384_ctx;
|
|
|
|
|
|
|
|
|
|
/* Interface routines for SHA224/256/384/512 */
|
|
|
|
|
extern void pg_sha224_init(pg_sha224_ctx *ctx);
|
|
|
|
|
extern void pg_sha224_update(pg_sha224_ctx *ctx, const uint8 *input0,
|
|
|
|
|
size_t len);
|
|
|
|
|
extern void pg_sha224_final(pg_sha224_ctx *ctx, uint8 *dest);
|
|
|
|
|
|
|
|
|
|
extern void pg_sha256_init(pg_sha256_ctx *ctx);
|
|
|
|
|
extern void pg_sha256_update(pg_sha256_ctx *ctx, const uint8 *input0,
|
|
|
|
|
size_t len);
|
|
|
|
|
extern void pg_sha256_final(pg_sha256_ctx *ctx, uint8 *dest);
|
|
|
|
|
|
|
|
|
|
extern void pg_sha384_init(pg_sha384_ctx *ctx);
|
|
|
|
|
extern void pg_sha384_update(pg_sha384_ctx *ctx,
|
|
|
|
|
const uint8 *, size_t len);
|
|
|
|
|
extern void pg_sha384_final(pg_sha384_ctx *ctx, uint8 *dest);
|
|
|
|
|
|
|
|
|
|
extern void pg_sha512_init(pg_sha512_ctx *ctx);
|
|
|
|
|
extern void pg_sha512_update(pg_sha512_ctx *ctx, const uint8 *input0,
|
|
|
|
|
size_t len);
|
|
|
|
|
extern void pg_sha512_final(pg_sha512_ctx *ctx, uint8 *dest);
|
|
|
|
|
|
|
|
|
|
#endif /* PG_SHA2_INT_H */
|
