pgcrypto update:

Neil Conway · Neil Conway · commit 19b676869a1d · 2005-03-21T05:22:14.000Z
Reserve px_get_random_bytes() for strong randomness,
add new function px_get_pseudo_random_bytes() for
weak randomness and use it in gen_salt().

On openssl case, use RAND_pseudo_bytes() for
px_get_pseudo_random_bytes().

Final result is that is user has not configured random
souce but kept the 'silly' one, gen_salt() keeps
working, but pgp_encrypt() will throw error.

Marko Kreen
diff --git a/contrib/pgcrypto/px-crypt.c b/contrib/pgcrypto/px-crypt.c
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.10 2005/03/21 05:19:55 neilc Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.11 2005/03/21 05:22:14 neilc Exp $
  */
 
 #include <postgres.h>
@@ -171,7 +171,7 @@ px_gen_salt(const char *salt_type, char *buf, int rounds)
 			return PXE_BAD_SALT_ROUNDS;
 	}
 
-	res = px_get_random_bytes(rbuf, g->input_len);
+	res = px_get_pseudo_random_bytes(rbuf, g->input_len);
 	if (res < 0)
 		return res;
 
diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.10 2005/03/21 05:19:55 neilc Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.11 2005/03/21 05:22:14 neilc Exp $
  */
 
 #include <postgres.h>
@@ -56,6 +56,7 @@ static const struct error_desc px_err_list[] = {
 	{PXE_UNKNOWN_SALT_ALGO, "Unknown salt algorithm"},
 	{PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"},
 	{PXE_MCRYPT_INTERNAL, "mcrypt internal error"},
+	{PXE_NO_RANDOM, "No strong random source"},
 	{0, NULL},
 };
 
diff --git a/contrib/pgcrypto/px.h b/contrib/pgcrypto/px.h
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.11 2005/03/21 05:19:55 neilc Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.12 2005/03/21 05:22:14 neilc Exp $
  */
 
 #ifndef __PX_H
@@ -83,6 +83,7 @@ void		px_free(void *p);
 #define PXE_UNKNOWN_SALT_ALGO		-14
 #define PXE_BAD_SALT_ROUNDS			-15
 #define PXE_MCRYPT_INTERNAL			-16
+#define PXE_NO_RANDOM				-17
 
 typedef struct px_digest PX_MD;
 typedef struct px_alias PX_Alias;
@@ -168,6 +169,7 @@ int			px_find_cipher(const char *name, PX_Cipher ** res);
 int			px_find_combo(const char *name, PX_Combo ** res);
 
 int			px_get_random_bytes(uint8 *dst, unsigned count);
+int			px_get_pseudo_random_bytes(uint8 *dst, unsigned count);
 
 const char *px_strerror(int err);
 
diff --git a/contrib/pgcrypto/random.c b/contrib/pgcrypto/random.c
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.9 2005/03/21 05:19:55 neilc Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.10 2005/03/21 05:22:14 neilc Exp $
  */
 
 
@@ -78,10 +78,16 @@ px_get_random_bytes(uint8 *dst, unsigned count)
 	return res;
 }
 
+int
+px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
+{
+	return px_get_random_bytes(dst, count);
+}
+
 #elif defined(RAND_SILLY)
 
 int
-px_get_random_bytes(uint8 *dst, unsigned count)
+px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
 {
 	int			i;
 
@@ -90,6 +96,12 @@ px_get_random_bytes(uint8 *dst, unsigned count)
 	return i;
 }
 
+int
+px_get_random_bytes(uint8 *dst, unsigned count)
+{
+	return PXE_NO_RANDOM;
+}
+
 #elif defined(RAND_OPENSSL)
 
 #include <openssl/evp.h>
@@ -99,22 +111,24 @@ px_get_random_bytes(uint8 *dst, unsigned count)
 
 static int	openssl_random_init = 0;
 
+/*
+ * OpenSSL random should re-feeded occasionally. From /dev/urandom
+ * preferably.
+ */
+static void init_openssl()
+{
+	if (RAND_get_rand_method() == NULL)
+		RAND_set_rand_method(RAND_SSLeay());
+	openssl_random_init = 1;
+}
+
 int
 px_get_random_bytes(uint8 *dst, unsigned count)
 {
 	int			res;
 
 	if (!openssl_random_init)
-	{
-		if (RAND_get_rand_method() == NULL)
-			RAND_set_rand_method(RAND_SSLeay());
-		openssl_random_init = 1;
-	}
-
-	/*
-	 * OpenSSL random should re-feeded occasionally. From /dev/urandom
-	 * preferably.
-	 */
+		init_openssl();
 
 	res = RAND_bytes(dst, count);
 	if (res == 1)
@@ -123,6 +137,21 @@ px_get_random_bytes(uint8 *dst, unsigned count)
 	return PXE_OSSL_RAND_ERROR;
 }
 
+int
+px_get_pseudo_random_bytes(uint8 *dst, unsigned count)
+{
+	int			res;
+
+	if (!openssl_random_init)
+		init_openssl();
+
+	res = RAND_pseudo_bytes(dst, count);
+	if (res == 0 || res == 1)
+		return count;
+
+	return PXE_OSSL_RAND_ERROR;
+}
+
 #else
 #error "Invalid random source"
 #endif

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@`
`26`	`26`	`* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
`27`	`27`	`* SUCH DAMAGE.`
`28`	`28`	`*`
`29`		`- * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.10 2005/03/21 05:19:55 neilc Exp $`
	`29`	`+ * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.11 2005/03/21 05:22:14 neilc Exp $`
`30`	`30`	`*/`
`31`	`31`
`32`	`32`	`#include <postgres.h>`
`@@ -171,7 +171,7 @@ px_gen_salt(const char salt_type, char buf, int rounds)`
`171`	`171`	`return PXE_BAD_SALT_ROUNDS;`
`172`	`172`	`}`
`173`	`173`
`174`		`- res = px_get_random_bytes(rbuf, g->input_len);`
	`174`	`+ res = px_get_pseudo_random_bytes(rbuf, g->input_len);`
`175`	`175`	`if (res < 0)`
`176`	`176`	`return res;`
`177`	`177`