Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 3c52d17

Browse files
committed
Add support for AES cipher with older OpenSSL libraries.
Marko Kreen
1 parent 8826fe8 commit 3c52d17

File tree

1 file changed

+41
-14
lines changed

1 file changed

+41
-14
lines changed

contrib/pgcrypto/openssl.c

+41-14
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@
2626
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2727
* SUCH DAMAGE.
2828
*
29-
* $PostgreSQL: pgsql/contrib/pgcrypto/openssl.c,v 1.22 2005/07/10 13:54:34 momjian Exp $
29+
* $PostgreSQL: pgsql/contrib/pgcrypto/openssl.c,v 1.23 2005/07/11 14:38:05 tgl Exp $
3030
*/
3131

3232
#include <postgres.h>
@@ -44,11 +44,47 @@
4444
/*
4545
* Does OpenSSL support AES?
4646
*/
47-
#undef GOT_AES
4847
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
49-
#define GOT_AES
48+
49+
/* Yes, it does. */
5050
#include <openssl/aes.h>
51-
#endif
51+
52+
#else /* old OPENSSL */
53+
54+
/*
55+
* No, it does not. So use included rijndael code to emulate it.
56+
*/
57+
#include "rijndael.c"
58+
59+
#define AES_ENCRYPT 1
60+
#define AES_DECRYPT 0
61+
#define AES_KEY rijndael_ctx
62+
63+
#define AES_set_encrypt_key(key, kbits, ctx) \
64+
aes_set_key((ctx), (key), (kbits), 1)
65+
66+
#define AES_set_decrypt_key(key, kbits, ctx) \
67+
aes_set_key((ctx), (key), (kbits), 0)
68+
69+
#define AES_ecb_encrypt(src, dst, ctx, enc) \
70+
do { \
71+
memcpy((dst), (src), 16); \
72+
if (enc) \
73+
aes_ecb_encrypt((ctx), (dst), 16); \
74+
else \
75+
aes_ecb_decrypt((ctx), (dst), 16); \
76+
} while (0)
77+
78+
#define AES_cbc_encrypt(src, dst, len, ctx, iv, enc) \
79+
do { \
80+
memcpy((dst), (src), (len)); \
81+
if (enc) \
82+
aes_cbc_encrypt((ctx), (iv), (dst), (len)); \
83+
else \
84+
aes_cbc_decrypt((ctx), (iv), (dst), (len)); \
85+
} while (0)
86+
87+
#endif /* old OPENSSL */
5288

5389
/*
5490
* Compatibility with older OpenSSL API for DES.
@@ -205,9 +241,7 @@ typedef struct
205241
DES_key_schedule k1, k2, k3;
206242
} des3;
207243
CAST_KEY cast_key;
208-
#ifdef GOT_AES
209244
AES_KEY aes_key;
210-
#endif
211245
} u;
212246
uint8 key[EVP_MAX_KEY_LENGTH];
213247
uint8 iv[EVP_MAX_IV_LENGTH];
@@ -549,8 +583,6 @@ ossl_cast_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen, uint8 *re
549583

550584
/* AES */
551585

552-
#ifdef GOT_AES
553-
554586
static int
555587
ossl_aes_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
556588
{
@@ -642,7 +674,6 @@ ossl_aes_cbc_decrypt(PX_Cipher * c, const uint8 *data, unsigned dlen,
642674
AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_DECRYPT);
643675
return 0;
644676
}
645-
#endif
646677

647678
/*
648679
* aliases
@@ -711,7 +742,6 @@ static const struct ossl_cipher ossl_cast_cbc = {
711742
64 / 8, 128 / 8, 0
712743
};
713744

714-
#ifdef GOT_AES
715745
static const struct ossl_cipher ossl_aes_ecb = {
716746
ossl_aes_init, ossl_aes_ecb_encrypt, ossl_aes_ecb_decrypt,
717747
128 / 8, 256 / 8, 0
@@ -721,7 +751,6 @@ static const struct ossl_cipher ossl_aes_cbc = {
721751
ossl_aes_init, ossl_aes_cbc_encrypt, ossl_aes_cbc_decrypt,
722752
128 / 8, 256 / 8, 0
723753
};
724-
#endif
725754

726755
/*
727756
* Special handlers
@@ -742,10 +771,8 @@ static const struct ossl_cipher_lookup ossl_cipher_types[] = {
742771
{"des3-cbc", &ossl_des3_cbc},
743772
{"cast5-ecb", &ossl_cast_ecb},
744773
{"cast5-cbc", &ossl_cast_cbc},
745-
#ifdef GOT_AES
746774
{"aes-ecb", &ossl_aes_ecb},
747775
{"aes-cbc", &ossl_aes_cbc},
748-
#endif
749776
{NULL}
750777
};
751778

@@ -790,7 +817,7 @@ static int openssl_random_init = 0;
790817
* OpenSSL random should re-feeded occasionally. From /dev/urandom
791818
* preferably.
792819
*/
793-
static void init_openssl_rand()
820+
static void init_openssl_rand(void)
794821
{
795822
if (RAND_get_rand_method() == NULL)
796823
RAND_set_rand_method(RAND_SSLeay());

0 commit comments

Comments
 (0)