Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 73e2431

Browse files
committed
Major pgcrypto changes:
of password-based encryption from RFC2440 (OpenPGP). The goal of this code is to be more featureful encryption solution than current encrypt(), which only functionality is running cipher over data. Compared to encrypt(), pgp_encrypt() does following: * It uses the equvialent of random Inital Vector to get cipher into random state before it processes user data * Stores SHA-1 of the data into result so any modification will be detected. * Remembers if data was text or binary - thus it can decrypt to/from text data. This was a major nuisance for encrypt(). * Stores info about used algorithms with result, so user needs not remember them - more user friendly! * Uses String2Key algorithms (similar to crypt()) with random salt to generate full-length binary key to be used for encrypting. * Uses standard format for data - you can feed it to GnuPG, if needed. Optional features (off by default): * Can use separate session key - user data will be encrypted with totally random key, which will be encrypted with S2K generated key and attached to result. * Data compression with zlib. * Can convert between CRLF<->LF line-endings - to get fully RFC2440-compliant behaviour. This is off by default as pgcrypto does not know the line-endings of user data. Interface is simple: pgp_encrypt(data text, key text) returns bytea pgp_decrypt(data text, key text) returns text pgp_encrypt_bytea(data bytea, key text) returns bytea pgp_decrypt_bytea(data bytea, key text) returns bytea To change parameters (cipher, compression, mdc): pgp_encrypt(data text, key text, parms text) returns bytea pgp_decrypt(data text, key text, parms text) returns text pgp_encrypt_bytea(data bytea, key text, parms text) returns bytea pgp_decrypt_bytea(data bytea, key text, parms text) returns bytea Parameter names I lifted from gpg: pgp_encrypt('message', 'key', 'compress-algo=1,cipher-algo=aes256') For text data, pgp_encrypt simply encrypts the PostgreSQL internal data. This maps to RFC2440 data type 't' - 'extenally specified encoding'. But this may cause problems if data is dumped and reloaded into database which as different internal encoding. My next goal is to implement data type 'u' - which means data is in UTF-8 encoding by converting internal encoding to UTF-8 and back. And there wont be any compatibility problems with current code, I think its ok to submit this without UTF-8 encoding by converting internal encoding to UTF-8 and back. And there wont be any compatibility problems with current code, I think its ok to submit this without UTF-8 support. Here is v4 of PGP encrypt. This depends on previously sent Fortuna-patch, as it uses the px_add_entropy function. - New function: pgp_key_id() for finding key id's. - Add SHA1 of user data and key into RNG pools. We need to get randomness from somewhere, and it is in user best interests to contribute. - Regenerate pgp-armor test for SQL_ASCII database. - Cleanup the key handling so that the pubkey support is less hackish. Marko Kreen
1 parent 4fcf8b1 commit 73e2431

File tree

5 files changed

+408
-17
lines changed

5 files changed

+408
-17
lines changed

contrib/pgcrypto/Makefile

+19-6
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,35 @@
11
#
2-
# $PostgreSQL: pgsql/contrib/pgcrypto/Makefile,v 1.19 2005/07/10 03:55:28 momjian Exp $
2+
# $PostgreSQL: pgsql/contrib/pgcrypto/Makefile,v 1.20 2005/07/10 03:57:55 momjian Exp $
33
#
44

55
INT_SRCS = md5.c sha1.c sha2.c internal.c blf.c rijndael.c \
6-
fortuna.c random.c
6+
fortuna.c random.c pgp-mpi-internal.c
77
INT_TESTS = sha2
88

9-
OSSL_SRCS = openssl.c
9+
OSSL_SRCS = openssl.c pgp-mpi-openssl.c
1010
OSSL_TESTS = des 3des cast5
1111

12+
ZLIB_OFF_CFLAGS = -DDISABLE_ZLIB
13+
ZLIB_TST = pgp-compression
14+
ZLIB_OFF_TST = pgp-zlib-DISABLED
15+
PUBENC_ON = pgp-pubkey-decrypt pgp-pubkey-encrypt pgp-info
16+
PUBENC_OFF = pgp-pubkey-DISABLED
17+
1218
CF_SRCS = $(if $(subst no,,$(with_openssl)), $(OSSL_SRCS), $(INT_SRCS))
1319
CF_TESTS = $(if $(subst no,,$(with_openssl)), $(OSSL_TESTS), $(INT_TESTS))
14-
CF_CFLAGS =
20+
CF_CFLAGS = $(if $(subst yes,,$(with_zlib)), $(ZLIB_OFF_CFLAGS))
21+
CF_PGP_TESTS = $(if $(subst no,,$(with_zlib)), $(ZLIB_TST), $(ZLIB_OFF_TST)) \
22+
$(if $(subst no,,$(with_openssl)), $(PUBENC_ON), $(PUBENC_OFF))
1523

1624
PG_CPPFLAGS = $(CF_CFLAGS)
1725

1826
SRCS = pgcrypto.c px.c px-hmac.c px-crypt.c misc.c \
1927
crypt-gensalt.c crypt-blowfish.c crypt-des.c \
20-
crypt-md5.c $(CF_SRCS)
28+
crypt-md5.c $(CF_SRCS) \
29+
mbuf.c pgp.c pgp-armor.c pgp-cfb.c pgp-compress.c \
30+
pgp-decrypt.c pgp-encrypt.c pgp-info.c pgp-mpi.c \
31+
pgp-pubdec.c pgp-pubenc.c pgp-pubkey.c pgp-s2k.c \
32+
pgp-pgsql.c
2133

2234
MODULE_big = pgcrypto
2335
OBJS = $(SRCS:.c=.o)
@@ -27,7 +39,8 @@ EXTRA_CLEAN = gen-rtab
2739

2840
REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \
2941
$(CF_TESTS) \
30-
crypt-des crypt-md5 crypt-blowfish crypt-xdes
42+
crypt-des crypt-md5 crypt-blowfish crypt-xdes \
43+
pgp-armor pgp-decrypt pgp-encrypt $(CF_PGP_TESTS)
3144

3245

3346
ifdef USE_PGXS

contrib/pgcrypto/README.pgcrypto

+159-4
Original file line numberDiff line numberDiff line change
@@ -11,10 +11,10 @@ Edit makefile, if you want to use any external library.
1111

1212
NB! Default randomness source is libc random() function. This
1313
is so only to get pgcrypto build everywhere. Randomness is
14-
needed for gen_salt() function. So if you plan using it, you
15-
should definitely change that by editing Makefile. You should
16-
be using urandom device if your OS supports it, otherwise link
17-
pgcrypto against OpenSSL library and use its PRNG.
14+
needed for gen_salt() and pgp_encrypt() functions. So if you plan
15+
using those, you should definitely change that by editing Makefile.
16+
You can should use urandom device if your OS supports it, otherwise
17+
link pgcrypto against OpenSSL library and use its PRNG.
1818

1919
After editing Makefile:
2020

@@ -108,6 +108,161 @@ gen_salt(type::text, rounds::int4)::text
108108
For maximum security, you should choose the 'bf' crypt
109109
and use maximum number of rounds you can still tolerate.
110110

111+
armor(bytea)::text
112+
dearmor(text)::bytea
113+
114+
Those wrap/unwrap data into PGP Ascii Armor which
115+
is basically Base64 with CRC and additional formatting.
116+
117+
pgp_sym_encrypt(data::text, key::text)::bytea
118+
pgp_sym_encrypt(data::text, key::text, arg::text)::bytea
119+
pgp_sym_encrypt_bytea(data::bytea, key::text)::bytea
120+
pgp_sym_encrypt_bytea(data::bytea, key::text, arg::text)::bytea
121+
122+
pgp_sym_decrypt(data::bytea, key::text)::text
123+
pgp_sym_decrypt(data::bytea, key::text, arg::text)::text
124+
pgp_sym_decrypt_bytea(data::text, key::text)::bytea
125+
pgp_sym_decrypt_bytea(data::text, key::text, arg::text)::bytea
126+
127+
Encrypt data into OpenPGP Symmetrically Encrypted Data
128+
message. And decrypt it from it.
129+
130+
Note that the pgp_sym_encrypt_bytea functions tag the data
131+
as binary, as the pgp_sym_encrypt will tag the data as text.
132+
You can not decrypt the binary data as text. But you can
133+
decrypt text data as binary. This rule avoids having
134+
broken textual data in PostgreSQL.
135+
136+
Both encrypt and decrypt accept also third argument, which
137+
is parameters to the function in following format:
138+
139+
parm=val[,parm=val]...
140+
141+
Example:
142+
143+
select pgp_sym_encrypt('data', 'psw',
144+
'compress-algo=2, unicode-mode=1');
145+
146+
Accepted parameters are:
147+
148+
cipher-algo: bf, aes, aes128, aes192, aes256
149+
Cipher algorithm to use. OpenSSL gives additional algorithms:
150+
3des, cast5
151+
Default: aes128
152+
153+
compress-algo: 0, 1, 2
154+
Which compression algorithm to use.
155+
0 - no compression
156+
1 - ZIP compression
157+
2 - ZLIB compression [=ZIP plus meta-data and block-CRC's]
158+
Default: 0
159+
160+
compress-level: 0, 1-9
161+
How much to compress. Bigger level compresses smaller
162+
but also slower. 0 disables compression.
163+
Default: 6
164+
165+
convert-crlf: 0, 1
166+
Whether to convert \n into \r\n when encrypting and
167+
\r\n to \n when decrypting. RFC2440 specifies that
168+
text packets should use "\r\n" line-feeds.
169+
Use this to get fully RFC-compliant behaviour.
170+
Default: 0
171+
172+
disable-mdc: 0, 1
173+
Do not protect data with SHA-1. Note that SHA-1 protected
174+
packet is from upcoming update to RFC2440. (Currently at
175+
version RFC2440bis-13.) You need to disable it if you need
176+
compatibility with ancient PGP products. Recent gnupg.org
177+
and pgp.com software supports it fine.
178+
Default: 0
179+
180+
enable-session-key: 0, 1
181+
Use separate session key.
182+
Default: 0
183+
184+
s2k-mode: 0, 1, 3
185+
Which S2K algorithm to use. 0 is dangerous - without salt.
186+
Default: 3
187+
188+
s2k-digest-algo: md5, sha1
189+
Which digest algorithm to use in S2K calculation.
190+
Default: SHA-1
191+
192+
s2k-cipher-algo: bf, aes, aes128, aes192, aes256
193+
Which cipher to use for encrypting separate session key.
194+
Default: same as cipher-algo.
195+
196+
unicode-mode: 0, 1
197+
Whether to convert textual data from database internal
198+
encoding to UTF-8 and back.
199+
Default: 0
200+
201+
Only 'convert-crlf' applies to both encrypt and decrypt,
202+
all others apply only to encrypt - decrypt gets the
203+
settings from PGP data.
204+
205+
206+
pgp_pub_encrypt(data::text, key::bytea)::bytea
207+
pgp_pub_encrypt(data::text, key::bytea, arg::text)::bytea
208+
pgp_pub_encrypt_bytea(data::bytea, bytea::text)::bytea
209+
pgp_pub_encrypt_bytea(data::bytea, bytea::text, arg::text)::bytea
210+
211+
pgp_pub_decrypt(data::bytea, key::bytea)::text
212+
pgp_pub_decrypt(data::bytea, key::bytea, psw::text)::text
213+
pgp_pub_decrypt(data::bytea, key::bytea, psw::text, arg::text)::text
214+
pgp_pub_decrypt_bytea(data::text, key::bytea)::bytea
215+
pgp_pub_decrypt_bytea(data::text, key::bytea, psw::text)::bytea
216+
pgp_pub_decrypt_bytea(data::text, key::bytea, psw::text, arg::bytea)::bytea
217+
218+
Encrypt data into OpenPGP Public-Key Encrypted Data
219+
message. And decrypt it from it. The arg parameter is
220+
described in pgp_sym_* section.
221+
222+
The key must be a public-key packet for pgp_pub_encrypt
223+
functions and a secret key packet for pgp_pub_decrypt
224+
functions. Trying to encrypt with secret key gives a error.
225+
While being technically possible, it is probably a sign of
226+
user error and leaking secret keys.
227+
228+
Here is a example how to generate them:
229+
230+
Generate a new key:
231+
232+
gpg --gen-key
233+
234+
You need to pick "DSA and Elgamal" key type, others
235+
are sign-only.
236+
237+
List keys:
238+
239+
gpg --list-secret-keys
240+
241+
Export ascii-armored public key:
242+
243+
gpg -a --export KEYID > public.key
244+
245+
Export ascii-armored secret key:
246+
247+
gpg -a --export-secret-keys KEYID > secret.key
248+
249+
You need to use dearmor() on them before giving giving
250+
them to pgp_pub_* functions. Ofcourse, if you can handle
251+
binary data, you can drop "-a" from gpg.
252+
253+
254+
pgp_key_id(key / data)
255+
256+
It shows you either key ID if given PGP public or secret
257+
key. Or it gives the key ID what was used for encrypting
258+
the data, if given encrypted data.
259+
260+
It can return 2 special key ID's:
261+
262+
SYMKEY - it got symmetrically encrypted data.
263+
ANYKEY - the data packet key ID is clear. That means
264+
you should try all you secret keys on it.
265+
111266
encrypt(data::bytea, key::bytea, type::text)::bytea
112267
decrypt(data::bytea, key::bytea, type::text)::bytea
113268
encrypt_iv(data::bytea, key::bytea, iv::bytea, type::text)::bytea

contrib/pgcrypto/pgcrypto.sql.in

+137
Original file line numberDiff line numberDiff line change
@@ -71,4 +71,141 @@ RETURNS bool
7171
AS 'MODULE_PATHNAME', 'pg_cipher_exists'
7272
LANGUAGE 'C' IMMUTABLE STRICT;
7373

74+
--
75+
-- pgp_sym_encrypt(data, key)
76+
--
77+
CREATE OR REPLACE FUNCTION pgp_sym_encrypt(text, text)
78+
RETURNS bytea
79+
AS 'MODULE_PATHNAME', 'pgp_sym_encrypt_text'
80+
LANGUAGE 'C' STRICT;
81+
82+
CREATE OR REPLACE FUNCTION pgp_sym_encrypt_bytea(bytea, text)
83+
RETURNS bytea
84+
AS 'MODULE_PATHNAME', 'pgp_sym_encrypt_bytea'
85+
LANGUAGE 'C' STRICT;
86+
87+
--
88+
-- pgp_sym_encrypt(data, key, args)
89+
--
90+
CREATE OR REPLACE FUNCTION pgp_sym_encrypt(text, text, text)
91+
RETURNS bytea
92+
AS 'MODULE_PATHNAME', 'pgp_sym_encrypt_text'
93+
LANGUAGE 'C' STRICT;
94+
95+
CREATE OR REPLACE FUNCTION pgp_sym_encrypt_bytea(bytea, text, text)
96+
RETURNS bytea
97+
AS 'MODULE_PATHNAME', 'pgp_sym_encrypt_bytea'
98+
LANGUAGE 'C' STRICT;
99+
100+
--
101+
-- pgp_sym_decrypt(data, key)
102+
--
103+
CREATE OR REPLACE FUNCTION pgp_sym_decrypt(bytea, text)
104+
RETURNS text
105+
AS 'MODULE_PATHNAME', 'pgp_sym_decrypt_text'
106+
LANGUAGE 'C' IMMUTABLE STRICT;
107+
108+
CREATE OR REPLACE FUNCTION pgp_sym_decrypt_bytea(bytea, text)
109+
RETURNS bytea
110+
AS 'MODULE_PATHNAME', 'pgp_sym_decrypt_bytea'
111+
LANGUAGE 'C' IMMUTABLE STRICT;
112+
113+
--
114+
-- pgp_sym_decrypt(data, key, args)
115+
--
116+
CREATE OR REPLACE FUNCTION pgp_sym_decrypt(bytea, text, text)
117+
RETURNS text
118+
AS 'MODULE_PATHNAME', 'pgp_sym_decrypt_text'
119+
LANGUAGE 'C' IMMUTABLE STRICT;
120+
121+
CREATE OR REPLACE FUNCTION pgp_sym_decrypt_bytea(bytea, text, text)
122+
RETURNS bytea
123+
AS 'MODULE_PATHNAME', 'pgp_sym_decrypt_bytea'
124+
LANGUAGE 'C' IMMUTABLE STRICT;
125+
126+
--
127+
-- pgp_pub_encrypt(data, key)
128+
--
129+
CREATE OR REPLACE FUNCTION pgp_pub_encrypt(text, bytea)
130+
RETURNS bytea
131+
AS 'MODULE_PATHNAME', 'pgp_pub_encrypt_text'
132+
LANGUAGE 'C' STRICT;
133+
134+
CREATE OR REPLACE FUNCTION pgp_pub_encrypt_bytea(bytea, bytea)
135+
RETURNS bytea
136+
AS 'MODULE_PATHNAME', 'pgp_pub_encrypt_bytea'
137+
LANGUAGE 'C' STRICT;
138+
139+
--
140+
-- pgp_pub_encrypt(data, key, args)
141+
--
142+
CREATE OR REPLACE FUNCTION pgp_pub_encrypt(text, bytea, text)
143+
RETURNS bytea
144+
AS 'MODULE_PATHNAME', 'pgp_pub_encrypt_text'
145+
LANGUAGE 'C' STRICT;
146+
147+
CREATE OR REPLACE FUNCTION pgp_pub_encrypt_bytea(bytea, bytea, text)
148+
RETURNS bytea
149+
AS 'MODULE_PATHNAME', 'pgp_pub_encrypt_bytea'
150+
LANGUAGE 'C' STRICT;
151+
152+
--
153+
-- pgp_pub_decrypt(data, key)
154+
--
155+
CREATE OR REPLACE FUNCTION pgp_pub_decrypt(bytea, bytea)
156+
RETURNS text
157+
AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_text'
158+
LANGUAGE 'C' IMMUTABLE STRICT;
159+
160+
CREATE OR REPLACE FUNCTION pgp_pub_decrypt_bytea(bytea, bytea)
161+
RETURNS bytea
162+
AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_bytea'
163+
LANGUAGE 'C' IMMUTABLE STRICT;
164+
165+
--
166+
-- pgp_pub_decrypt(data, key, psw)
167+
--
168+
CREATE OR REPLACE FUNCTION pgp_pub_decrypt(bytea, bytea, text)
169+
RETURNS text
170+
AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_text'
171+
LANGUAGE 'C' IMMUTABLE STRICT;
172+
173+
CREATE OR REPLACE FUNCTION pgp_pub_decrypt_bytea(bytea, bytea, text)
174+
RETURNS bytea
175+
AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_bytea'
176+
LANGUAGE 'C' IMMUTABLE STRICT;
177+
178+
--
179+
-- pgp_pub_decrypt(data, key, psw, arg)
180+
--
181+
CREATE OR REPLACE FUNCTION pgp_pub_decrypt(bytea, bytea, text, text)
182+
RETURNS text
183+
AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_text'
184+
LANGUAGE 'C' IMMUTABLE STRICT;
185+
186+
CREATE OR REPLACE FUNCTION pgp_pub_decrypt_bytea(bytea, bytea, text, text)
187+
RETURNS bytea
188+
AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_bytea'
189+
LANGUAGE 'C' IMMUTABLE STRICT;
190+
191+
--
192+
-- PGP key ID
193+
--
194+
CREATE OR REPLACE FUNCTION pgp_key_id(bytea)
195+
RETURNS text
196+
AS 'MODULE_PATHNAME', 'pgp_key_id_w'
197+
LANGUAGE 'C' IMMUTABLE STRICT;
198+
199+
--
200+
-- pgp armor
201+
--
202+
CREATE OR REPLACE FUNCTION armor(bytea)
203+
RETURNS text
204+
AS 'MODULE_PATHNAME', 'pg_armor'
205+
LANGUAGE 'C' IMMUTABLE STRICT;
206+
207+
CREATE OR REPLACE FUNCTION dearmor(text)
208+
RETURNS bytea
209+
AS 'MODULE_PATHNAME', 'pg_dearmor'
210+
LANGUAGE 'C' IMMUTABLE STRICT;
74211

0 commit comments

Comments
 (0)