Improve some code around cryptohash functions

michaelpq · michaelpq · commit 9b584953e7bf · 2020-12-14T12:38:13.000+09:00
This adjusts some code related to recent changes for cryptohash functions: - Add a variable in md5.h to track down the size of a computed result, moved from pgcrypto. Note that pg_md5_hash() assumed a result of this size already. - Call explicit_bzero() on the hashed data when freeing the context for fallback implementations. For MD5, particularly, it would be annoying to leave some non-zeroed data around. - Clean up some code related to recent changes of uuid-ossp. .gitignore still included md5.c and a comment was incorrect. Discussion: https://postgr.es/m/X9HXKTgrvJvYO7Oh@paquier.xyz
diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c
@@ -41,10 +41,6 @@
 #include "common/cryptohash.h"
 #include "common/md5.h"
 
-#ifndef MD5_DIGEST_LENGTH
-#define MD5_DIGEST_LENGTH 16
-#endif
-
 #ifndef SHA1_DIGEST_LENGTH
 #ifdef SHA1_RESULTLEN
 #define SHA1_DIGEST_LENGTH SHA1_RESULTLEN
diff --git a/contrib/uuid-ossp/.gitignore b/contrib/uuid-ossp/.gitignore
@@ -1,4 +1,3 @@
-/md5.c
 /sha1.c
 # Generated subdirectories
 /log/
diff --git a/contrib/uuid-ossp/uuid-ossp.c b/contrib/uuid-ossp/uuid-ossp.c
@@ -41,8 +41,8 @@
 #undef uuid_hash
 
 /*
- * Some BSD variants offer md5 and sha1 implementations but Linux does not,
- * so we use a copy of the ones from pgcrypto.  Not needed with OSSP, though.
+ * Some BSD variants offer sha1 implementation but Linux does not, so we use
+ * a copy from pgcrypto.  Not needed with OSSP, though.
  */
 #ifndef HAVE_UUID_OSSP
 #include "sha1.h"
diff --git a/src/common/cryptohash.c b/src/common/cryptohash.c
@@ -197,6 +197,26 @@ pg_cryptohash_free(pg_cryptohash_ctx *ctx)
 {
 	if (ctx == NULL)
 		return;
+
+	switch (ctx->type)
+	{
+		case PG_MD5:
+			explicit_bzero(ctx->data, sizeof(pg_md5_ctx));
+			break;
+		case PG_SHA224:
+			explicit_bzero(ctx->data, sizeof(pg_sha224_ctx));
+			break;
+		case PG_SHA256:
+			explicit_bzero(ctx->data, sizeof(pg_sha256_ctx));
+			break;
+		case PG_SHA384:
+			explicit_bzero(ctx->data, sizeof(pg_sha384_ctx));
+			break;
+		case PG_SHA512:
+			explicit_bzero(ctx->data, sizeof(pg_sha512_ctx));
+			break;
+	}
+
 	FREE(ctx->data);
 	explicit_bzero(ctx, sizeof(pg_cryptohash_ctx));
 	FREE(ctx);
diff --git a/src/common/md5_common.c b/src/common/md5_common.c
@@ -69,7 +69,7 @@ bytesToHex(uint8 b[16], char *s)
 bool
 pg_md5_hash(const void *buff, size_t len, char *hexsum)
 {
-	uint8		sum[16];
+	uint8		sum[MD5_DIGEST_LENGTH];
 	pg_cryptohash_ctx *ctx;
 
 	ctx = pg_cryptohash_create(PG_MD5);
diff --git a/src/include/common/md5.h b/src/include/common/md5.h
@@ -16,6 +16,10 @@
 #ifndef PG_MD5_H
 #define PG_MD5_H
 
+/* Size of result generated by MD5 computation */
+#define MD5_DIGEST_LENGTH 16
+
+/* password-related data */
 #define MD5_PASSWD_CHARSET	"0123456789abcdef"
 #define MD5_PASSWD_LEN	35
 

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,3 @@`
`1`		`-/md5.c`
`2`	`1`	`/sha1.c`
`3`	`2`	`# Generated subdirectories`
`4`	`3`	`/log/`
Original file line number	Diff line number	Diff line change
`@@ -69,7 +69,7 @@ bytesToHex(uint8 b[16], char *s)`
`69`	`69`	`bool`
`70`	`70`	`pg_md5_hash(const void buff, size_t len, char hexsum)`
`71`	`71`	`{`
`72`		`- uint8 sum[16];`
	`72`	`+ uint8 sum[MD5_DIGEST_LENGTH];`
`73`	`73`	`pg_cryptohash_ctx *ctx;`
`74`	`74`
`75`	`75`	`ctx = pg_cryptohash_create(PG_MD5);`