More pgcrypto fixes: handle long messages correctly, suppress

compiler warnings.  Marko Kreen and Kris Jurka.

diff --git a/contrib/pgcrypto/expected/3des.out b/contrib/pgcrypto/expected/3des.out
index 7b6e3dcfdf58a2be2a72c613fdae96238161d199..3e6a88e8bf4ada30e1426a084fd6faad2cc096f2 100644 (file)
--- a/contrib/pgcrypto/expected/3des.out
+++ b/contrib/pgcrypto/expected/3des.out
@@ -54,3 +54,16 @@ select decrypt_iv(decode('50735067b073bb93', 'hex'), '0123456', 'abcd', '3des');
  foo
 (1 row)
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '0123456789012345678901', '3des'), 'hex');
+                              encode                              
+------------------------------------------------------------------
+ b71e3422269d0ded19468f33d65cd663c28e0871984792a7b3ba0ddcecec8d2c
+(1 row)
+
+select decrypt(encrypt('Lets try a longer message.', '0123456789012345678901', '3des'), '0123456789012345678901', '3des');
+          decrypt           
+----------------------------
+ Lets try a longer message.
+(1 row)
+

diff --git a/contrib/pgcrypto/expected/blowfish.out b/contrib/pgcrypto/expected/blowfish.out
index 7558aa937a5de26dfa87c382f95e63065296b2f9..5c09cf5cd9446bc91b4ba23b33b97e4f0f7c2177 100644 (file)
--- a/contrib/pgcrypto/expected/blowfish.out
+++ b/contrib/pgcrypto/expected/blowfish.out
@@ -158,3 +158,16 @@ select decrypt_iv(decode('95c7e89322525d59', 'hex'), '0123456', 'abcd', 'bf');
  foo
 (1 row)
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '0123456789', 'bf'), 'hex');
+                              encode                              
+------------------------------------------------------------------
+ a76059f7a1b627b5b84080d9beb337714c7a7f8b70300023e5feb6dfa6813536
+(1 row)
+
+select decrypt(encrypt('Lets try a longer message.', '0123456789', 'bf'), '0123456789', 'bf');
+          decrypt           
+----------------------------
+ Lets try a longer message.
+(1 row)
+

diff --git a/contrib/pgcrypto/expected/cast5.out b/contrib/pgcrypto/expected/cast5.out
index f5b3cf67503369481c503e76a036a6db57c4646e..4ca824e2f879db498ecc02618782452560a95775 100644 (file)
--- a/contrib/pgcrypto/expected/cast5.out
+++ b/contrib/pgcrypto/expected/cast5.out
@@ -71,3 +71,16 @@ select decrypt_iv(decode('384a970695ce016a', 'hex'),
  foo
 (1 row)
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '0123456789', 'cast5'), 'hex');
+                              encode                              
+------------------------------------------------------------------
+ 04fcffc91533e1505dadcb10766d9fed0937818e663e402384e049942ba60fff
+(1 row)
+
+select decrypt(encrypt('Lets try a longer message.', '0123456789', 'cast5'), '0123456789', 'cast5');
+          decrypt           
+----------------------------
+ Lets try a longer message.
+(1 row)
+

diff --git a/contrib/pgcrypto/expected/des.out b/contrib/pgcrypto/expected/des.out
index 333b30d8cceb1d8817c73695ab99cc727623b15c..00513c4e6aca3c4458448e2f8c6fba87d9a9a654 100644 (file)
--- a/contrib/pgcrypto/expected/des.out
+++ b/contrib/pgcrypto/expected/des.out
@@ -46,3 +46,16 @@ select decrypt_iv(decode('50735067b073bb93', 'hex'), '0123456', 'abcd', 'des');
  foo
 (1 row)
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '01234567', 'des'), 'hex');
+                              encode                              
+------------------------------------------------------------------
+ 5ad146043e5f30967e06a0fcbae602daf4ff2a5fd0ed12d6c5913cf85f1e36ca
+(1 row)
+
+select decrypt(encrypt('Lets try a longer message.', '01234567', 'des'), '01234567', 'des');
+          decrypt           
+----------------------------
+ Lets try a longer message.
+(1 row)
+

diff --git a/contrib/pgcrypto/expected/rijndael.out b/contrib/pgcrypto/expected/rijndael.out
index fbbbc871894c0f2d35c0551ac657eed4467eaa98..cb336e335d4674ceadb204e6d17d18abc16356b1 100644 (file)
--- a/contrib/pgcrypto/expected/rijndael.out
+++ b/contrib/pgcrypto/expected/rijndael.out
@@ -109,3 +109,16 @@ select decrypt_iv(decode('2c24cb7da91d6d5699801268b0f5adad', 'hex'),
  foo
 (1 row)
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '0123456789', 'aes'), 'hex');
+                              encode                              
+------------------------------------------------------------------
+ d9beb785dd5403ed02f66b755bb191b93ed93ca54930153f2c3b9ec7785056ad
+(1 row)
+
+select decrypt(encrypt('Lets try a longer message.', '0123456789', 'aes'), '0123456789', 'aes');
+          decrypt           
+----------------------------
+ Lets try a longer message.
+(1 row)
+

diff --git a/contrib/pgcrypto/openssl.c b/contrib/pgcrypto/openssl.c
index eb7cbbf0c602aba26c36c0ced9d73f143112676e..67358c941f31eabb9e71ed67285c6544fc943170 100644 (file)
--- a/contrib/pgcrypto/openssl.c
+++ b/contrib/pgcrypto/openssl.c
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/openssl.c,v 1.24 2005/07/11 15:07:59 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/openssl.c,v 1.25 2005/07/12 20:27:42 tgl Exp $
  */
 
 #include "postgres.h"
@@ -40,6 +40,11 @@
 #include <openssl/rand.h>
 #include <openssl/err.h>
 
+/*
+ * Max lengths we might want to handle.
+ */
+#define MAX_KEY                (512/8)
+#define MAX_IV         (128/8)
 
 /*
  * Does OpenSSL support AES? 
@@ -78,10 +83,13 @@
 #define AES_cbc_encrypt(src, dst, len, ctx, iv, enc) \
        do { \
                memcpy((dst), (src), (len)); \
-               if (enc) \
+               if (enc) { \
                        aes_cbc_encrypt((ctx), (iv), (dst), (len)); \
-               else \
+                       memcpy((iv), (dst) + (len) - 16, 16); \
+               } else { \
                        aes_cbc_decrypt((ctx), (iv), (dst), (len)); \
+                       memcpy(iv, (src) + (len) - 16, 16); \
+               } \
        } while (0)
 
 #endif /* old OPENSSL */
@@ -243,8 +251,8 @@ typedef struct
                CAST_KEY        cast_key;
                AES_KEY         aes_key;
        }                       u;
-       uint8           key[EVP_MAX_KEY_LENGTH];
-       uint8           iv[EVP_MAX_IV_LENGTH];
+       uint8           key[MAX_KEY];
+       uint8           iv[MAX_IV];
        unsigned        klen;
        unsigned        init;
        const struct ossl_cipher *ciph;

diff --git a/contrib/pgcrypto/sha2.c b/contrib/pgcrypto/sha2.c
index cb5e59443139816dfd62005d88c48426afdeb4c1..adabdea13964f01ec4bc3316cb4ad4d7a7423220 100644 (file)
--- a/contrib/pgcrypto/sha2.c
+++ b/contrib/pgcrypto/sha2.c
@@ -33,7 +33,7 @@
  *
  * $From: sha2.c,v 1.1 2001/11/08 00:01:51 adg Exp adg $
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/sha2.c,v 1.3 2005/07/11 15:40:38 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/sha2.c,v 1.4 2005/07/12 20:27:42 tgl Exp $
  */
 
 #include "postgres.h"
@@ -170,7 +170,7 @@ void SHA512_Transform(SHA512_CTX *, const uint8 *);
 
 /*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
 /* Hash constant words K for SHA-256: */
-const static uint32 K256[64] = {
+static const uint32 K256[64] = {
        0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
        0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
        0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
@@ -190,7 +190,7 @@ const static uint32 K256[64] = {
 };
 
 /* Initial hash value H for SHA-256: */
-const static uint32 sha256_initial_hash_value[8] = {
+static const uint32 sha256_initial_hash_value[8] = {
        0x6a09e667UL,
        0xbb67ae85UL,
        0x3c6ef372UL,
@@ -202,7 +202,7 @@ const static uint32 sha256_initial_hash_value[8] = {
 };
 
 /* Hash constant words K for SHA-384 and SHA-512: */
-const static uint64 K512[80] = {
+static const uint64 K512[80] = {
        0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
        0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
        0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
@@ -246,7 +246,7 @@ const static uint64 K512[80] = {
 };
 
 /* Initial hash value H for SHA-384 */
-const static uint64 sha384_initial_hash_value[8] = {
+static const uint64 sha384_initial_hash_value[8] = {
        0xcbbb9d5dc1059ed8ULL,
        0x629a292a367cd507ULL,
        0x9159015a3070dd17ULL,
@@ -258,7 +258,7 @@ const static uint64 sha384_initial_hash_value[8] = {
 };
 
 /* Initial hash value H for SHA-512 */
-const static uint64 sha512_initial_hash_value[8] = {
+static const uint64 sha512_initial_hash_value[8] = {
        0x6a09e667f3bcc908ULL,
        0xbb67ae8584caa73bULL,
        0x3c6ef372fe94f82bULL,

diff --git a/contrib/pgcrypto/sql/3des.sql b/contrib/pgcrypto/sql/3des.sql
index 7e20aff5c0780dac3ed95f69eaf06f922e060bf7..99b936fa14597280f6030bea9591d099f404a22b 100644 (file)
--- a/contrib/pgcrypto/sql/3des.sql
+++ b/contrib/pgcrypto/sql/3des.sql
@@ -24,3 +24,7 @@ select decrypt(encrypt('foo', '0123456', '3des'), '0123456', '3des');
 select encode(encrypt_iv('foo', '0123456', 'abcd', '3des'), 'hex');
 select decrypt_iv(decode('50735067b073bb93', 'hex'), '0123456', 'abcd', '3des');
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '0123456789012345678901', '3des'), 'hex');
+select decrypt(encrypt('Lets try a longer message.', '0123456789012345678901', '3des'), '0123456789012345678901', '3des');
+

diff --git a/contrib/pgcrypto/sql/blowfish.sql b/contrib/pgcrypto/sql/blowfish.sql
index 565282cb0f326fc00b7be99c841f9986afc27101..c0383f54218044b1c6f8fffc457b2b00704640e3 100644 (file)
--- a/contrib/pgcrypto/sql/blowfish.sql
+++ b/contrib/pgcrypto/sql/blowfish.sql
@@ -85,3 +85,7 @@ select decrypt(encrypt('foo', '0123456', 'bf'), '0123456', 'bf');
 select encode(encrypt_iv('foo', '0123456', 'abcd', 'bf'), 'hex');
 select decrypt_iv(decode('95c7e89322525d59', 'hex'), '0123456', 'abcd', 'bf');
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '0123456789', 'bf'), 'hex');
+select decrypt(encrypt('Lets try a longer message.', '0123456789', 'bf'), '0123456789', 'bf');
+

diff --git a/contrib/pgcrypto/sql/cast5.sql b/contrib/pgcrypto/sql/cast5.sql
index 553ae4f0f2aa569745c82818a5cdc178f9176bea..0761f34e758b41ccc2e19a79dd98b942bc456939 100644 (file)
--- a/contrib/pgcrypto/sql/cast5.sql
+++ b/contrib/pgcrypto/sql/cast5.sql
@@ -40,3 +40,7 @@ select encode(encrypt_iv('foo', '0123456', 'abcd', 'cast5'), 'hex');
 select decrypt_iv(decode('384a970695ce016a', 'hex'),
                 '0123456', 'abcd', 'cast5');
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '0123456789', 'cast5'), 'hex');
+select decrypt(encrypt('Lets try a longer message.', '0123456789', 'cast5'), '0123456789', 'cast5');
+

diff --git a/contrib/pgcrypto/sql/des.sql b/contrib/pgcrypto/sql/des.sql
index 3b55ca5e3a62c6c2396fadfb021e3eabb84b6861..179bd83ba91f2b7ca4060544c22a71eaeb900332 100644 (file)
--- a/contrib/pgcrypto/sql/des.sql
+++ b/contrib/pgcrypto/sql/des.sql
@@ -22,3 +22,7 @@ select decrypt(encrypt('foo', '0123456', 'des'), '0123456', 'des');
 select encode(encrypt_iv('foo', '0123456', 'abcd', 'des'), 'hex');
 select decrypt_iv(decode('50735067b073bb93', 'hex'), '0123456', 'abcd', 'des');
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '01234567', 'des'), 'hex');
+select decrypt(encrypt('Lets try a longer message.', '01234567', 'des'), '01234567', 'des');
+

diff --git a/contrib/pgcrypto/sql/rijndael.sql b/contrib/pgcrypto/sql/rijndael.sql
index c609a635df5d5cb6b61613ec89c50430dced1186..4d6af0ffaa22a6247f2fe9e400e87f7a0dcc2b7e 100644 (file)
--- a/contrib/pgcrypto/sql/rijndael.sql
+++ b/contrib/pgcrypto/sql/rijndael.sql
@@ -56,3 +56,7 @@ select encode(encrypt_iv('foo', '0123456', 'abcd', 'aes'), 'hex');
 select decrypt_iv(decode('2c24cb7da91d6d5699801268b0f5adad', 'hex'),
                '0123456', 'abcd', 'aes'); 
 
+-- long message
+select encode(encrypt('Lets try a longer message.', '0123456789', 'aes'), 'hex');
+select decrypt(encrypt('Lets try a longer message.', '0123456789', 'aes'), '0123456789', 'aes');
+