Fix and simplify some code related to cryptohashes

This commit addresses two issues:
- In pgcrypto, MD5 computation called pg_cryptohash_{init,update,final}
without checking for the result status.
- Simplify pg_checksum_raw_context to use only one variable for all the
SHA2 options available in checksum manifests.

Reported-by: Heikki Linnakangas
Discussion: https://postgr.es/m/f62f26bb-47a5-8411-46e5-4350823e06a5@iki.fi
This commit is contained in:
Michael Paquier 2021-01-08 10:37:03 +09:00
parent 9ffe227837
commit 15b824da97
3 changed files with 32 additions and 41 deletions

View File

@ -96,7 +96,8 @@ int_md5_update(PX_MD *h, const uint8 *data, unsigned dlen)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
pg_cryptohash_update(ctx, data, dlen);
if (pg_cryptohash_update(ctx, data, dlen) < 0)
elog(ERROR, "could not update %s context", "MD5");
}
static void
@ -104,7 +105,8 @@ int_md5_reset(PX_MD *h)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
pg_cryptohash_init(ctx);
if (pg_cryptohash_init(ctx) < 0)
elog(ERROR, "could not initialize %s context", "MD5");
}
static void
@ -112,7 +114,8 @@ int_md5_finish(PX_MD *h, uint8 *dst)
{
pg_cryptohash_ctx *ctx = (pg_cryptohash_ctx *) h->p.ptr;
pg_cryptohash_final(ctx, dst);
if (pg_cryptohash_final(ctx, dst) < 0)
elog(ERROR, "could not finalize %s context", "MD5");
}
static void

View File

@ -93,42 +93,42 @@ pg_checksum_init(pg_checksum_context *context, pg_checksum_type type)
INIT_CRC32C(context->raw_context.c_crc32c);
break;
case CHECKSUM_TYPE_SHA224:
context->raw_context.c_sha224 = pg_cryptohash_create(PG_SHA224);
if (context->raw_context.c_sha224 == NULL)
context->raw_context.c_sha2 = pg_cryptohash_create(PG_SHA224);
if (context->raw_context.c_sha2 == NULL)
return -1;
if (pg_cryptohash_init(context->raw_context.c_sha224) < 0)
if (pg_cryptohash_init(context->raw_context.c_sha2) < 0)
{
pg_cryptohash_free(context->raw_context.c_sha224);
pg_cryptohash_free(context->raw_context.c_sha2);
return -1;
}
break;
case CHECKSUM_TYPE_SHA256:
context->raw_context.c_sha256 = pg_cryptohash_create(PG_SHA256);
if (context->raw_context.c_sha256 == NULL)
context->raw_context.c_sha2 = pg_cryptohash_create(PG_SHA256);
if (context->raw_context.c_sha2 == NULL)
return -1;
if (pg_cryptohash_init(context->raw_context.c_sha256) < 0)
if (pg_cryptohash_init(context->raw_context.c_sha2) < 0)
{
pg_cryptohash_free(context->raw_context.c_sha256);
pg_cryptohash_free(context->raw_context.c_sha2);
return -1;
}
break;
case CHECKSUM_TYPE_SHA384:
context->raw_context.c_sha384 = pg_cryptohash_create(PG_SHA384);
if (context->raw_context.c_sha384 == NULL)
context->raw_context.c_sha2 = pg_cryptohash_create(PG_SHA384);
if (context->raw_context.c_sha2 == NULL)
return -1;
if (pg_cryptohash_init(context->raw_context.c_sha384) < 0)
if (pg_cryptohash_init(context->raw_context.c_sha2) < 0)
{
pg_cryptohash_free(context->raw_context.c_sha384);
pg_cryptohash_free(context->raw_context.c_sha2);
return -1;
}
break;
case CHECKSUM_TYPE_SHA512:
context->raw_context.c_sha512 = pg_cryptohash_create(PG_SHA512);
if (context->raw_context.c_sha512 == NULL)
context->raw_context.c_sha2 = pg_cryptohash_create(PG_SHA512);
if (context->raw_context.c_sha2 == NULL)
return -1;
if (pg_cryptohash_init(context->raw_context.c_sha512) < 0)
if (pg_cryptohash_init(context->raw_context.c_sha2) < 0)
{
pg_cryptohash_free(context->raw_context.c_sha512);
pg_cryptohash_free(context->raw_context.c_sha2);
return -1;
}
break;
@ -154,19 +154,10 @@ pg_checksum_update(pg_checksum_context *context, const uint8 *input,
COMP_CRC32C(context->raw_context.c_crc32c, input, len);
break;
case CHECKSUM_TYPE_SHA224:
if (pg_cryptohash_update(context->raw_context.c_sha224, input, len) < 0)
return -1;
break;
case CHECKSUM_TYPE_SHA256:
if (pg_cryptohash_update(context->raw_context.c_sha256, input, len) < 0)
return -1;
break;
case CHECKSUM_TYPE_SHA384:
if (pg_cryptohash_update(context->raw_context.c_sha384, input, len) < 0)
return -1;
break;
case CHECKSUM_TYPE_SHA512:
if (pg_cryptohash_update(context->raw_context.c_sha512, input, len) < 0)
if (pg_cryptohash_update(context->raw_context.c_sha2, input, len) < 0)
return -1;
break;
}
@ -207,27 +198,27 @@ pg_checksum_final(pg_checksum_context *context, uint8 *output)
memcpy(output, &context->raw_context.c_crc32c, retval);
break;
case CHECKSUM_TYPE_SHA224:
if (pg_cryptohash_final(context->raw_context.c_sha224, output) < 0)
if (pg_cryptohash_final(context->raw_context.c_sha2, output) < 0)
return -1;
pg_cryptohash_free(context->raw_context.c_sha224);
pg_cryptohash_free(context->raw_context.c_sha2);
retval = PG_SHA224_DIGEST_LENGTH;
break;
case CHECKSUM_TYPE_SHA256:
if (pg_cryptohash_final(context->raw_context.c_sha256, output) < 0)
if (pg_cryptohash_final(context->raw_context.c_sha2, output) < 0)
return -1;
pg_cryptohash_free(context->raw_context.c_sha256);
pg_cryptohash_free(context->raw_context.c_sha2);
retval = PG_SHA224_DIGEST_LENGTH;
break;
case CHECKSUM_TYPE_SHA384:
if (pg_cryptohash_final(context->raw_context.c_sha384, output) < 0)
if (pg_cryptohash_final(context->raw_context.c_sha2, output) < 0)
return -1;
pg_cryptohash_free(context->raw_context.c_sha384);
pg_cryptohash_free(context->raw_context.c_sha2);
retval = PG_SHA384_DIGEST_LENGTH;
break;
case CHECKSUM_TYPE_SHA512:
if (pg_cryptohash_final(context->raw_context.c_sha512, output) < 0)
if (pg_cryptohash_final(context->raw_context.c_sha2, output) < 0)
return -1;
pg_cryptohash_free(context->raw_context.c_sha512);
pg_cryptohash_free(context->raw_context.c_sha2);
retval = PG_SHA512_DIGEST_LENGTH;
break;
}

View File

@ -42,10 +42,7 @@ typedef enum pg_checksum_type
typedef union pg_checksum_raw_context
{
pg_crc32c c_crc32c;
pg_cryptohash_ctx *c_sha224;
pg_cryptohash_ctx *c_sha256;
pg_cryptohash_ctx *c_sha384;
pg_cryptohash_ctx *c_sha512;
pg_cryptohash_ctx *c_sha2;
} pg_checksum_raw_context;
/*