On Fri, Dec 18, 2020 at 08:41:01AM +0900, Michael Paquier wrote: > Knowing that we are in a period of vacations for a lot of people, and > that this is a sensitive area of the code that involves > authentication, I think that it is better to let this thread brew > longer and get more eyes to look at it. As this also concerns > external SSL libraries like libnss, making sure that the APIs have a > shape flexible enough would be good. Based on my own checks with > OpenSSL and libnss, I think that's more than enough. But let's be > sure.
FWIW, I got my eyes on this stuff again today, and please find attached a v2, where I have fixed a certain number of issues: - Fixed a memory leak with the shrink buffer in the fallback implementation. - Fixed a couple of incorrect comments. - The logic around the resowner was a bit busted with OpenSSL <= 1.0.2. So I haev reorganized the code a bit. This has been tested on Windows and Linux across all the versions of OpenSSL we support on HEAD. I am also attaching a small module called hmacfuncs that I used as a way to validate this patch across all the versions of OpenSSL and the fallback implementation. As a reference, this matches with the results from Wikipedia here: https://en.wikipedia.org/wiki/HMAC#Examples -- Michael
From 4b4699b9d24f7b26edf7cdb9892b32a71965c396 Mon Sep 17 00:00:00 2001
From: Michael Paquier <mich...@paquier.xyz>
Date: Fri, 18 Dec 2020 15:43:41 +0900
Subject: [PATCH v2] Refactor HMAC implementations
---
src/include/common/hmac.h | 33 +++
src/include/common/md5.h | 2 +
src/include/common/scram-common.h | 13 --
src/include/pg_config.h.in | 6 +
src/include/utils/resowner_private.h | 7 +
src/backend/libpq/auth-scram.c | 61 ++---
src/backend/utils/resowner/resowner.c | 61 +++++
src/common/Makefile | 4 +-
src/common/hmac.c | 309 ++++++++++++++++++++++++++
src/common/hmac_openssl.c | 241 ++++++++++++++++++++
src/common/scram-common.c | 158 +++----------
src/interfaces/libpq/fe-auth-scram.c | 70 +++---
configure | 2 +-
configure.ac | 2 +-
src/tools/msvc/Mkvcbuild.pm | 2 +
src/tools/msvc/Solution.pm | 4 +
src/tools/pgindent/typedefs.list | 3 +-
17 files changed, 780 insertions(+), 198 deletions(-)
create mode 100644 src/include/common/hmac.h
create mode 100644 src/common/hmac.c
create mode 100644 src/common/hmac_openssl.c
diff --git a/src/include/common/hmac.h b/src/include/common/hmac.h
new file mode 100644
index 0000000000..0b69f7a730
--- /dev/null
+++ b/src/include/common/hmac.h
@@ -0,0 +1,33 @@
+/*-------------------------------------------------------------------------
+ *
+ * hmac.h
+ * Generic headers for HMAC
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/include/common/hmac.h
+ *
+ *-------------------------------------------------------------------------
+ */
+
+#ifndef PG_HMAC_H
+#define PG_HMAC_H
+
+#include "common/cryptohash.h"
+
+typedef struct pg_hmac_ctx
+{
+ pg_cryptohash_type type;
+ /* private area used by each HMAC implementation */
+ void *data;
+} pg_hmac_ctx;
+
+extern pg_hmac_ctx *pg_hmac_create(pg_cryptohash_type type);
+extern int pg_hmac_init(pg_hmac_ctx *ctx, const uint8 *key, size_t len);
+extern int pg_hmac_update(pg_hmac_ctx *ctx, const uint8 *data, size_t len);
+extern int pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest);
+extern void pg_hmac_free(pg_hmac_ctx *ctx);
+
+#endif /* PG_HMAC_H */
diff --git a/src/include/common/md5.h b/src/include/common/md5.h
index 5dac70cbc5..ff22270416 100644
--- a/src/include/common/md5.h
+++ b/src/include/common/md5.h
@@ -18,6 +18,8 @@
/* Size of result generated by MD5 computation */
#define MD5_DIGEST_LENGTH 16
+/* Block size for MD5 */
+#define MD5_BLOCK_SIZE 64
/* password-related data */
#define MD5_PASSWD_CHARSET "0123456789abcdef"
diff --git a/src/include/common/scram-common.h b/src/include/common/scram-common.h
index f4a7c60725..9138b751d2 100644
--- a/src/include/common/scram-common.h
+++ b/src/include/common/scram-common.h
@@ -46,19 +46,6 @@
*/
#define SCRAM_DEFAULT_ITERATIONS 4096
-/*
- * Context data for HMAC used in SCRAM authentication.
- */
-typedef struct
-{
- pg_cryptohash_ctx *sha256ctx;
- uint8 k_opad[SHA256_HMAC_B];
-} scram_HMAC_ctx;
-
-extern int scram_HMAC_init(scram_HMAC_ctx *ctx, const uint8 *key, int keylen);
-extern int scram_HMAC_update(scram_HMAC_ctx *ctx, const char *str, int slen);
-extern int scram_HMAC_final(uint8 *result, scram_HMAC_ctx *ctx);
-
extern int scram_SaltedPassword(const char *password, const char *salt,
int saltlen, int iterations, uint8 *result);
extern int scram_H(const uint8 *str, int len, uint8 *result);
diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
index de8f838e53..5258c0bac8 100644
--- a/src/include/pg_config.h.in
+++ b/src/include/pg_config.h.in
@@ -268,6 +268,12 @@
/* Define to 1 if you have the `history_truncate_file' function. */
#undef HAVE_HISTORY_TRUNCATE_FILE
+/* Define to 1 if you have the `HMAC_CTX_new' function. */
+#undef HAVE_HMAC_CTX_FREE
+
+/* Define to 1 if you have the `HMAC_CTX_free' function. */
+#undef HAVE_HMAC_CTX_NEW
+
/* Define to 1 if you have the <ifaddrs.h> header file. */
#undef HAVE_IFADDRS_H
diff --git a/src/include/utils/resowner_private.h b/src/include/utils/resowner_private.h
index c373788bc1..4da5d40aa2 100644
--- a/src/include/utils/resowner_private.h
+++ b/src/include/utils/resowner_private.h
@@ -102,4 +102,11 @@ extern void ResourceOwnerRememberCryptoHash(ResourceOwner owner,
extern void ResourceOwnerForgetCryptoHash(ResourceOwner owner,
Datum handle);
+/* support for HMAC context management */
+extern void ResourceOwnerEnlargeHMAC(ResourceOwner owner);
+extern void ResourceOwnerRememberHMAC(ResourceOwner owner,
+ Datum handle);
+extern void ResourceOwnerForgetHMAC(ResourceOwner owner,
+ Datum handle);
+
#endif /* RESOWNER_PRIVATE_H */
diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c
index 6879a81618..6850c4fa0e 100644
--- a/src/backend/libpq/auth-scram.c
+++ b/src/backend/libpq/auth-scram.c
@@ -95,6 +95,7 @@
#include "catalog/pg_authid.h"
#include "catalog/pg_control.h"
#include "common/base64.h"
+#include "common/hmac.h"
#include "common/saslprep.h"
#include "common/scram-common.h"
#include "common/sha2.h"
@@ -1100,7 +1101,7 @@ verify_client_proof(scram_state *state)
uint8 ClientSignature[SCRAM_KEY_LEN];
uint8 ClientKey[SCRAM_KEY_LEN];
uint8 client_StoredKey[SCRAM_KEY_LEN];
- scram_HMAC_ctx ctx;
+ pg_hmac_ctx *ctx = pg_hmac_create(PG_SHA256);
int i;
/*
@@ -1108,23 +1109,25 @@ verify_client_proof(scram_state *state)
* here even when processing the calculations as this could involve a mock
* authentication.
*/
- if (scram_HMAC_init(&ctx, state->StoredKey, SCRAM_KEY_LEN) < 0 ||
- scram_HMAC_update(&ctx,
- state->client_first_message_bare,
- strlen(state->client_first_message_bare)) < 0 ||
- scram_HMAC_update(&ctx, ",", 1) < 0 ||
- scram_HMAC_update(&ctx,
- state->server_first_message,
- strlen(state->server_first_message)) < 0 ||
- scram_HMAC_update(&ctx, ",", 1) < 0 ||
- scram_HMAC_update(&ctx,
- state->client_final_message_without_proof,
- strlen(state->client_final_message_without_proof)) < 0 ||
- scram_HMAC_final(ClientSignature, &ctx) < 0)
+ if (pg_hmac_init(ctx, state->StoredKey, SCRAM_KEY_LEN) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->client_first_message_bare,
+ strlen(state->client_first_message_bare)) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) ",", 1) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->server_first_message,
+ strlen(state->server_first_message)) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) ",", 1) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->client_final_message_without_proof,
+ strlen(state->client_final_message_without_proof)) < 0 ||
+ pg_hmac_final(ctx, ClientSignature) < 0)
{
elog(ERROR, "could not calculate client signature");
}
+ pg_hmac_free(ctx);
+
/* Extract the ClientKey that the client calculated from the proof */
for (i = 0; i < SCRAM_KEY_LEN; i++)
ClientKey[i] = state->ClientProof[i] ^ ClientSignature[i];
@@ -1359,26 +1362,28 @@ build_server_final_message(scram_state *state)
uint8 ServerSignature[SCRAM_KEY_LEN];
char *server_signature_base64;
int siglen;
- scram_HMAC_ctx ctx;
+ pg_hmac_ctx *ctx = pg_hmac_create(PG_SHA256);
/* calculate ServerSignature */
- if (scram_HMAC_init(&ctx, state->ServerKey, SCRAM_KEY_LEN) < 0 ||
- scram_HMAC_update(&ctx,
- state->client_first_message_bare,
- strlen(state->client_first_message_bare)) < 0 ||
- scram_HMAC_update(&ctx, ",", 1) < 0 ||
- scram_HMAC_update(&ctx,
- state->server_first_message,
- strlen(state->server_first_message)) < 0 ||
- scram_HMAC_update(&ctx, ",", 1) < 0 ||
- scram_HMAC_update(&ctx,
- state->client_final_message_without_proof,
- strlen(state->client_final_message_without_proof)) < 0 ||
- scram_HMAC_final(ServerSignature, &ctx) < 0)
+ if (pg_hmac_init(ctx, state->ServerKey, SCRAM_KEY_LEN) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->client_first_message_bare,
+ strlen(state->client_first_message_bare)) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) ",", 1) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->server_first_message,
+ strlen(state->server_first_message)) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) ",", 1) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->client_final_message_without_proof,
+ strlen(state->client_final_message_without_proof)) < 0 ||
+ pg_hmac_final(ctx, ServerSignature) < 0)
{
elog(ERROR, "could not calculate server signature");
}
+ pg_hmac_free(ctx);
+
siglen = pg_b64_enc_len(SCRAM_KEY_LEN);
/* don't forget the zero-terminator */
server_signature_base64 = palloc(siglen + 1);
diff --git a/src/backend/utils/resowner/resowner.c b/src/backend/utils/resowner/resowner.c
index 546ad8d1c5..e66470bee0 100644
--- a/src/backend/utils/resowner/resowner.c
+++ b/src/backend/utils/resowner/resowner.c
@@ -22,6 +22,7 @@
#include "common/cryptohash.h"
#include "common/hashfn.h"
+#include "common/hmac.h"
#include "jit/jit.h"
#include "storage/bufmgr.h"
#include "storage/ipc.h"
@@ -130,6 +131,7 @@ typedef struct ResourceOwnerData
ResourceArray dsmarr; /* dynamic shmem segments */
ResourceArray jitarr; /* JIT contexts */
ResourceArray cryptohasharr; /* cryptohash contexts */
+ ResourceArray hmacarr; /* HMAC contexts */
/* We can remember up to MAX_RESOWNER_LOCKS references to local locks. */
int nlocks; /* number of owned locks */
@@ -178,6 +180,7 @@ static void PrintSnapshotLeakWarning(Snapshot snapshot);
static void PrintFileLeakWarning(File file);
static void PrintDSMLeakWarning(dsm_segment *seg);
static void PrintCryptoHashLeakWarning(Datum handle);
+static void PrintHMACLeakWarning(Datum handle);
/*****************************************************************************
@@ -448,6 +451,7 @@ ResourceOwnerCreate(ResourceOwner parent, const char *name)
ResourceArrayInit(&(owner->dsmarr), PointerGetDatum(NULL));
ResourceArrayInit(&(owner->jitarr), PointerGetDatum(NULL));
ResourceArrayInit(&(owner->cryptohasharr), PointerGetDatum(NULL));
+ ResourceArrayInit(&(owner->hmacarr), PointerGetDatum(NULL));
return owner;
}
@@ -568,6 +572,16 @@ ResourceOwnerReleaseInternal(ResourceOwner owner,
PrintCryptoHashLeakWarning(foundres);
pg_cryptohash_free(context);
}
+
+ /* Ditto for HMAC contexts */
+ while (ResourceArrayGetAny(&(owner->hmacarr), &foundres))
+ {
+ pg_hmac_ctx *context = (pg_hmac_ctx *) PointerGetDatum(foundres);
+
+ if (isCommit)
+ PrintHMACLeakWarning(foundres);
+ pg_hmac_free(context);
+ }
}
else if (phase == RESOURCE_RELEASE_LOCKS)
{
@@ -741,6 +755,7 @@ ResourceOwnerDelete(ResourceOwner owner)
Assert(owner->dsmarr.nitems == 0);
Assert(owner->jitarr.nitems == 0);
Assert(owner->cryptohasharr.nitems == 0);
+ Assert(owner->hmacarr.nitems == 0);
Assert(owner->nlocks == 0 || owner->nlocks == MAX_RESOWNER_LOCKS + 1);
/*
@@ -769,6 +784,7 @@ ResourceOwnerDelete(ResourceOwner owner)
ResourceArrayFree(&(owner->dsmarr));
ResourceArrayFree(&(owner->jitarr));
ResourceArrayFree(&(owner->cryptohasharr));
+ ResourceArrayFree(&(owner->hmacarr));
pfree(owner);
}
@@ -1432,3 +1448,48 @@ PrintCryptoHashLeakWarning(Datum handle)
elog(WARNING, "cryptohash context reference leak: context %p still referenced",
DatumGetPointer(handle));
}
+
+/*
+ * Make sure there is room for at least one more entry in a ResourceOwner's
+ * hmac context reference array.
+ *
+ * This is separate from actually inserting an entry because if we run out of
+ * memory, it's critical to do so *before* acquiring the resource.
+ */
+void
+ResourceOwnerEnlargeHMAC(ResourceOwner owner)
+{
+ ResourceArrayEnlarge(&(owner->hmacarr));
+}
+
+/*
+ * Remember that a HMAC context is owned by a ResourceOwner
+ *
+ * Caller must have previously done ResourceOwnerEnlargeHMAC()
+ */
+void
+ResourceOwnerRememberHMAC(ResourceOwner owner, Datum handle)
+{
+ ResourceArrayAdd(&(owner->hmacarr), handle);
+}
+
+/*
+ * Forget that a HMAC context is owned by a ResourceOwner
+ */
+void
+ResourceOwnerForgetHMAC(ResourceOwner owner, Datum handle)
+{
+ if (!ResourceArrayRemove(&(owner->hmacarr), handle))
+ elog(ERROR, "HMAC context %p is not owned by resource owner %s",
+ DatumGetPointer(handle), owner->name);
+}
+
+/*
+ * Debugging subroutine
+ */
+static void
+PrintHMACLeakWarning(Datum handle)
+{
+ elog(WARNING, "HMAC context reference leak: context %p still referenced",
+ DatumGetPointer(handle));
+}
diff --git a/src/common/Makefile b/src/common/Makefile
index af891cb0ce..ab895bc7f6 100644
--- a/src/common/Makefile
+++ b/src/common/Makefile
@@ -82,10 +82,12 @@ OBJS_COMMON = \
ifeq ($(with_openssl),yes)
OBJS_COMMON += \
protocol_openssl.o \
- cryptohash_openssl.o
+ cryptohash_openssl.o \
+ hmac_openssl.o
else
OBJS_COMMON += \
cryptohash.o \
+ hmac.o \
md5.o \
sha2.o
endif
diff --git a/src/common/hmac.c b/src/common/hmac.c
new file mode 100644
index 0000000000..04b3fdf5ce
--- /dev/null
+++ b/src/common/hmac.c
@@ -0,0 +1,309 @@
+/*-------------------------------------------------------------------------
+ *
+ * hmac.c
+ * Implements Keyed-Hashing for Message Authentication (HMAC)
+ *
+ * Fallback implementation of HMAC, as specified in RFC 2104.
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/common/hmac.c
+ *
+ *-------------------------------------------------------------------------
+ */
+
+#ifndef FRONTEND
+#include "postgres.h"
+#else
+#include "postgres_fe.h"
+#endif
+
+#include "common/cryptohash.h"
+#include "common/hmac.h"
+#include "common/md5.h"
+#include "common/sha2.h"
+
+/*
+ * In backend, use palloc/pfree to ease the error handling. In frontend,
+ * use malloc to be able to return a failure status back to the caller.
+ */
+#ifndef FRONTEND
+#define ALLOC(size) palloc(size)
+#define FREE(ptr) pfree(ptr)
+#else
+#define ALLOC(size) malloc(size)
+#define FREE(ptr) free(ptr)
+#endif
+
+/*
+ * Internal structure for pg_hmac_ctx->data with this implementation.
+ */
+typedef struct pg_hmac_state
+{
+ pg_cryptohash_ctx *hash;
+ uint8 *k_ipad;
+ uint8 *k_opad;
+ int block_size;
+ int digest_size;
+} pg_hmac_state;
+
+#define HMAC_IPAD 0x36
+#define HMAC_OPAD 0x5C
+
+/*
+ * pg_hmac_create
+ *
+ * Allocate a hash context. Returns NULL on failure for an OOM. The
+ * backend issues an error, without returning.
+ */
+pg_hmac_ctx *
+pg_hmac_create(pg_cryptohash_type type)
+{
+ pg_hmac_ctx *ctx;
+ pg_hmac_state *state;
+
+ ctx = ALLOC(sizeof(pg_hmac_ctx));
+ if (ctx == NULL)
+ return NULL;
+ memset(ctx, 0, sizeof(pg_hmac_ctx));
+
+ ctx->type = type;
+
+ state = ALLOC(sizeof(pg_hmac_state));
+ if (state == NULL)
+ {
+ explicit_bzero(ctx, sizeof(pg_hmac_ctx));
+ FREE(ctx);
+ return NULL;
+ }
+ memset(state, 0, sizeof(pg_hmac_state));
+ ctx->data = state;
+
+ /*
+ * Initialize the context data. This requires to know the digest and
+ * block lengths, that depend on the type of hash used.
+ */
+ switch (type)
+ {
+ case PG_MD5:
+ state->digest_size = MD5_DIGEST_LENGTH;
+ state->block_size = MD5_BLOCK_SIZE;
+ break;
+ case PG_SHA224:
+ state->digest_size = PG_SHA224_DIGEST_LENGTH;
+ state->block_size = PG_SHA224_BLOCK_LENGTH;
+ break;
+ case PG_SHA256:
+ state->digest_size = PG_SHA256_DIGEST_LENGTH;
+ state->block_size = PG_SHA256_BLOCK_LENGTH;
+ break;
+ case PG_SHA384:
+ state->digest_size = PG_SHA384_DIGEST_LENGTH;
+ state->block_size = PG_SHA384_BLOCK_LENGTH;
+ break;
+ case PG_SHA512:
+ state->digest_size = PG_SHA512_DIGEST_LENGTH;
+ state->block_size = PG_SHA512_BLOCK_LENGTH;
+ break;
+ }
+
+ state->k_opad = ALLOC(state->block_size);
+ if (state->k_opad == NULL)
+ goto err;
+
+ memset(state->k_opad, 0, state->block_size);
+
+ state->k_ipad = ALLOC(state->block_size);
+ if (state->k_ipad == NULL)
+ goto err;
+
+ memset(state->k_ipad, 0, state->block_size);
+
+ state->hash = pg_cryptohash_create(type);
+ if (state->hash == NULL)
+ goto err;
+
+ return ctx;
+
+err:
+ if (state->k_ipad)
+ {
+ explicit_bzero(state->k_ipad, state->block_size);
+ FREE(state->k_ipad);
+ }
+ if (state->k_opad)
+ {
+ explicit_bzero(state->k_opad, state->block_size);
+ FREE(state->k_opad);
+ }
+
+ explicit_bzero(state, sizeof(pg_hmac_state));
+ FREE(state);
+ explicit_bzero(ctx, sizeof(pg_hmac_ctx));
+ FREE(ctx);
+ return NULL;
+}
+
+/*
+ * pg_hmac_init
+ *
+ * Initialize a HMAC context. Returns 0 on success, -1 on failure.
+ */
+int
+pg_hmac_init(pg_hmac_ctx *ctx, const uint8 *key, size_t len)
+{
+ int i;
+ int digest_size;
+ int block_size;
+ uint8 *shrinkbuf = NULL;
+ pg_hmac_state *state;
+
+ if (ctx == NULL)
+ return 0;
+
+ state = (pg_hmac_state *) ctx->data;
+ digest_size = state->digest_size;
+ block_size = state->block_size;
+
+ memset(state->k_opad, HMAC_OPAD, state->block_size);
+ memset(state->k_ipad, HMAC_IPAD, state->block_size);
+
+ /*
+ * If the key is longer than the block size, pass it through the hash once
+ * to shrink it down.
+ */
+ if (len > block_size)
+ {
+ pg_cryptohash_ctx *hash_ctx;
+
+ /* temporary buffer for one-time shrink */
+ shrinkbuf = ALLOC(digest_size);
+ if (shrinkbuf == NULL)
+ return -1;
+ memset(shrinkbuf, 0, digest_size);
+
+ hash_ctx = pg_cryptohash_create(ctx->type);
+ if (hash_ctx == NULL)
+ {
+ FREE(shrinkbuf);
+ return -1;
+ }
+
+ if (pg_cryptohash_init(hash_ctx) < 0 ||
+ pg_cryptohash_update(hash_ctx, key, len) < 0 ||
+ pg_cryptohash_final(hash_ctx, shrinkbuf) < 0)
+ {
+ pg_cryptohash_free(hash_ctx);
+ FREE(shrinkbuf);
+ return -1;
+ }
+
+ key = shrinkbuf;
+ len = digest_size;
+ pg_cryptohash_free(hash_ctx);
+ }
+
+ for (i = 0; i < len; i++)
+ {
+ state->k_ipad[i] ^= key[i];
+ state->k_opad[i] ^= key[i];
+ }
+
+ /* tmp = H(K XOR ipad, text) */
+ if (pg_cryptohash_init(state->hash) < 0 ||
+ pg_cryptohash_update(state->hash, state->k_ipad, state->block_size) < 0)
+ {
+ if (shrinkbuf)
+ FREE(shrinkbuf);
+ return -1;
+ }
+
+ if (shrinkbuf)
+ FREE(shrinkbuf);
+ return 0;
+}
+
+/*
+ * pg_hmac_update
+ *
+ * Update a HMAC context. Returns 0 on success, -1 on failure.
+ */
+int
+pg_hmac_update(pg_hmac_ctx *ctx, const uint8 *data, size_t len)
+{
+ pg_hmac_state *state;
+
+ if (ctx == NULL)
+ return 0;
+
+ state = (pg_hmac_state *) ctx->data;
+
+ if (pg_cryptohash_update(state->hash, data, len) < 0)
+ return -1;
+
+ return 0;
+}
+
+/*
+ * pg_hmac_final
+ *
+ * Finalize a HMAC context. Returns 0 on success, -1 on failure.
+ */
+int
+pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest)
+{
+ uint8 *h;
+ pg_hmac_state *state;
+
+ if (ctx == NULL)
+ return 0;
+
+ state = (pg_hmac_state *) ctx->data;
+
+ h = ALLOC(state->digest_size);
+ if (h == NULL)
+ return -1;
+ memset(h, 0, state->digest_size);
+
+ if (pg_cryptohash_final(state->hash, h) < 0)
+ return -1;
+
+ /* H(K XOR opad, tmp) */
+ if (pg_cryptohash_init(state->hash) < 0 ||
+ pg_cryptohash_update(state->hash, state->k_opad, state->block_size) < 0 ||
+ pg_cryptohash_update(state->hash, h, state->digest_size) < 0 ||
+ pg_cryptohash_final(state->hash, dest) < 0)
+ {
+ return -1;
+ }
+
+ return 0;
+}
+
+/*
+ * pg_hmac_free
+ *
+ * Free a HMAC context.
+ */
+void
+pg_hmac_free(pg_hmac_ctx *ctx)
+{
+ pg_hmac_state *state;
+
+ if (ctx == NULL)
+ return;
+
+ state = (pg_hmac_state *) ctx->data;
+
+ pg_cryptohash_free(state->hash);
+ explicit_bzero(state->k_ipad, state->block_size);
+ FREE(state->k_ipad);
+ explicit_bzero(state->k_opad, state->block_size);
+ FREE(state->k_opad);
+ explicit_bzero(state, sizeof(pg_hmac_state));
+ FREE(state);
+ explicit_bzero(ctx, sizeof(pg_hmac_ctx));
+ FREE(ctx);
+}
diff --git a/src/common/hmac_openssl.c b/src/common/hmac_openssl.c
new file mode 100644
index 0000000000..ba48afb05e
--- /dev/null
+++ b/src/common/hmac_openssl.c
@@ -0,0 +1,241 @@
+/*-------------------------------------------------------------------------
+ *
+ * hmac_openssl.c
+ * Implementation of HMAC with OpenSSL.
+ *
+ * This should only be used if code is compiled with OpenSSL support.
+ *
+ * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ *
+ * IDENTIFICATION
+ * src/common/hmac_openssl.c
+ *
+ *-------------------------------------------------------------------------
+ */
+
+#ifndef FRONTEND
+#include "postgres.h"
+#else
+#include "postgres_fe.h"
+#endif
+
+#include <openssl/hmac.h>
+
+#include "common/hmac.h"
+#ifndef FRONTEND
+#include "utils/memutils.h"
+#include "utils/resowner.h"
+#include "utils/resowner_private.h"
+#endif
+
+/*
+ * In backend, use palloc/pfree to ease the error handling. In frontend,
+ * use malloc to be able to return a failure status back to the caller.
+ */
+#ifndef FRONTEND
+#define ALLOC(size) palloc(size)
+#define FREE(ptr) pfree(ptr)
+#else
+#define ALLOC(size) malloc(size)
+#define FREE(ptr) free(ptr)
+#endif
+
+/*
+ * Internal structure for pg_hmac_ctx->data with this implementation.
+ */
+typedef struct pg_hmac_state
+{
+ HMAC_CTX *hmacctx;
+
+#ifndef FRONTEND
+ ResourceOwner resowner;
+#endif
+} pg_hmac_state;
+
+/*
+ * pg_hmac_create
+ *
+ * Allocate a hash context. Returns NULL on failure for an OOM. The
+ * backend issues an error, without returning.
+ */
+pg_hmac_ctx *
+pg_hmac_create(pg_cryptohash_type type)
+{
+ pg_hmac_ctx *ctx;
+ pg_hmac_state *state;
+
+ ctx = ALLOC(sizeof(pg_hmac_ctx));
+ if (ctx == NULL)
+ return NULL;
+ memset(ctx, 0, sizeof(pg_hmac_ctx));
+
+ ctx->type = type;
+
+ state = ALLOC(sizeof(pg_hmac_state));
+ if (state == NULL)
+ {
+ explicit_bzero(ctx, sizeof(pg_hmac_ctx));
+ FREE(ctx);
+ return NULL;
+ }
+ memset(state, 0, sizeof(pg_hmac_state));
+ ctx->data = state;
+
+ /*
+ * Initialization takes care of assigning the correct type for OpenSSL.
+ */
+#ifdef HAVE_HMAC_CTX_NEW
+#ifndef FRONTEND
+ ResourceOwnerEnlargeHMAC(CurrentResourceOwner);
+#endif
+ state->hmacctx = HMAC_CTX_new();
+#else
+ state->hmacctx = ALLOC(sizeof(HMAC_CTX));
+#endif
+
+ if (state->hmacctx == NULL)
+ {
+ explicit_bzero(state, sizeof(pg_hmac_state));
+ explicit_bzero(ctx, sizeof(pg_hmac_ctx));
+#ifndef FRONTEND
+ ereport(ERROR,
+ (errcode(ERRCODE_OUT_OF_MEMORY),
+ errmsg("out of memory")));
+#endif
+ FREE(state);
+ FREE(ctx);
+ return NULL;
+ }
+
+#ifdef HAVE_HMAC_CTX_NEW
+#ifndef FRONTEND
+ state->resowner = CurrentResourceOwner;
+ ResourceOwnerRememberHMAC(CurrentResourceOwner, PointerGetDatum(ctx));
+#endif
+#else
+ memset(state->hmacctx, 0, sizeof(HMAC_CTX));
+#endif /* HAVE_HMAC_CTX_NEW */
+
+ return ctx;
+}
+
+/*
+ * pg_hmac_init
+ *
+ * Initialize a HMAC context. Returns 0 on success, -1 on failure.
+ */
+int
+pg_hmac_init(pg_hmac_ctx *ctx, const uint8 *key, size_t len)
+{
+ pg_hmac_state *state;
+ int status = 0;
+
+ if (ctx == NULL)
+ return 0;
+
+ state = (pg_hmac_state *) ctx->data;
+
+ switch (ctx->type)
+ {
+ case PG_MD5:
+ status = HMAC_Init_ex(state->hmacctx, key, len, EVP_md5(), NULL);
+ break;
+ case PG_SHA224:
+ status = HMAC_Init_ex(state->hmacctx, key, len, EVP_sha224(), NULL);
+ break;
+ case PG_SHA256:
+ status = HMAC_Init_ex(state->hmacctx, key, len, EVP_sha256(), NULL);
+ break;
+ case PG_SHA384:
+ status = HMAC_Init_ex(state->hmacctx, key, len, EVP_sha384(), NULL);
+ break;
+ case PG_SHA512:
+ status = HMAC_Init_ex(state->hmacctx, key, len, EVP_sha512(), NULL);
+ break;
+ }
+
+ /* OpenSSL internals return 1 on success, 0 on failure */
+ if (status <= 0)
+ return -1;
+
+ return 0;
+}
+
+/*
+ * pg_hmac_update
+ *
+ * Update a HMAC context. Returns 0 on success, -1 on failure.
+ */
+int
+pg_hmac_update(pg_hmac_ctx *ctx, const uint8 *data, size_t len)
+{
+ pg_hmac_state *state;
+ int status = 0;
+
+ if (ctx == NULL)
+ return 0;
+
+ state = (pg_hmac_state *) ctx->data;
+ status = HMAC_Update(state->hmacctx, data, len);
+
+ /* OpenSSL internals return 1 on success, 0 on failure */
+ if (status <= 0)
+ return -1;
+ return 0;
+}
+
+/*
+ * pg_hmac_final
+ *
+ * Finalize a HMAC context. Returns 0 on success, -1 on failure.
+ */
+int
+pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest)
+{
+ pg_hmac_state *state;
+ int status = 0;
+ uint32 len;
+
+ if (ctx == NULL)
+ return 0;
+
+ state = (pg_hmac_state *) ctx->data;
+ status = HMAC_Final(state->hmacctx, dest, &len);
+
+ /* OpenSSL internals return 1 on success, 0 on failure */
+ if (status <= 0)
+ return -1;
+ return 0;
+}
+
+/*
+ * pg_hmac_free
+ *
+ * Free a HMAC context.
+ */
+void
+pg_hmac_free(pg_hmac_ctx *ctx)
+{
+ pg_hmac_state *state;
+
+ if (ctx == NULL)
+ return;
+
+ state = (pg_hmac_state *) ctx->data;
+
+#ifdef HAVE_HMAC_CTX_FREE
+ HMAC_CTX_free(state->hmacctx);
+#ifndef FRONTEND
+ ResourceOwnerForgetHMAC(state->resowner, PointerGetDatum(ctx));
+#endif
+#else
+ explicit_bzero(state->hmacctx, sizeof(HMAC_CTX));
+ FREE(state->hmacctx);
+#endif
+
+ explicit_bzero(state, sizeof(pg_hmac_state));
+ FREE(state);
+ explicit_bzero(ctx, sizeof(pg_hmac_ctx));
+ FREE(ctx);
+}
diff --git a/src/common/scram-common.c b/src/common/scram-common.c
index caab68926d..922cabe24e 100644
--- a/src/common/scram-common.c
+++ b/src/common/scram-common.c
@@ -20,118 +20,10 @@
#endif
#include "common/base64.h"
+#include "common/hmac.h"
#include "common/scram-common.h"
#include "port/pg_bswap.h"
-#define HMAC_IPAD 0x36
-#define HMAC_OPAD 0x5C
-
-/*
- * Calculate HMAC per RFC2104.
- *
- * The hash function used is SHA-256. Returns 0 on success, -1 on failure.
- */
-int
-scram_HMAC_init(scram_HMAC_ctx *ctx, const uint8 *key, int keylen)
-{
- uint8 k_ipad[SHA256_HMAC_B];
- int i;
- uint8 keybuf[SCRAM_KEY_LEN];
-
- /*
- * If the key is longer than the block size (64 bytes for SHA-256), pass
- * it through SHA-256 once to shrink it down.
- */
- if (keylen > SHA256_HMAC_B)
- {
- pg_cryptohash_ctx *sha256_ctx;
-
- sha256_ctx = pg_cryptohash_create(PG_SHA256);
- if (sha256_ctx == NULL)
- return -1;
- if (pg_cryptohash_init(sha256_ctx) < 0 ||
- pg_cryptohash_update(sha256_ctx, key, keylen) < 0 ||
- pg_cryptohash_final(sha256_ctx, keybuf) < 0)
- {
- pg_cryptohash_free(sha256_ctx);
- return -1;
- }
- key = keybuf;
- keylen = SCRAM_KEY_LEN;
- pg_cryptohash_free(sha256_ctx);
- }
-
- memset(k_ipad, HMAC_IPAD, SHA256_HMAC_B);
- memset(ctx->k_opad, HMAC_OPAD, SHA256_HMAC_B);
-
- for (i = 0; i < keylen; i++)
- {
- k_ipad[i] ^= key[i];
- ctx->k_opad[i] ^= key[i];
- }
-
- ctx->sha256ctx = pg_cryptohash_create(PG_SHA256);
- if (ctx->sha256ctx == NULL)
- return -1;
-
- /* tmp = H(K XOR ipad, text) */
- if (pg_cryptohash_init(ctx->sha256ctx) < 0 ||
- pg_cryptohash_update(ctx->sha256ctx, k_ipad, SHA256_HMAC_B) < 0)
- {
- pg_cryptohash_free(ctx->sha256ctx);
- return -1;
- }
-
- return 0;
-}
-
-/*
- * Update HMAC calculation
- * The hash function used is SHA-256. Returns 0 on success, -1 on failure.
- */
-int
-scram_HMAC_update(scram_HMAC_ctx *ctx, const char *str, int slen)
-{
- Assert(ctx->sha256ctx != NULL);
- if (pg_cryptohash_update(ctx->sha256ctx, (const uint8 *) str, slen) < 0)
- {
- pg_cryptohash_free(ctx->sha256ctx);
- return -1;
- }
- return 0;
-}
-
-/*
- * Finalize HMAC calculation.
- * The hash function used is SHA-256. Returns 0 on success, -1 on failure.
- */
-int
-scram_HMAC_final(uint8 *result, scram_HMAC_ctx *ctx)
-{
- uint8 h[SCRAM_KEY_LEN];
-
- Assert(ctx->sha256ctx != NULL);
-
- if (pg_cryptohash_final(ctx->sha256ctx, h) < 0)
- {
- pg_cryptohash_free(ctx->sha256ctx);
- return -1;
- }
-
- /* H(K XOR opad, tmp) */
- if (pg_cryptohash_init(ctx->sha256ctx) < 0 ||
- pg_cryptohash_update(ctx->sha256ctx, ctx->k_opad, SHA256_HMAC_B) < 0 ||
- pg_cryptohash_update(ctx->sha256ctx, h, SCRAM_KEY_LEN) < 0 ||
- pg_cryptohash_final(ctx->sha256ctx, result) < 0)
- {
- pg_cryptohash_free(ctx->sha256ctx);
- return -1;
- }
-
- pg_cryptohash_free(ctx->sha256ctx);
- return 0;
-}
-
/*
* Calculate SaltedPassword.
*
@@ -149,7 +41,10 @@ scram_SaltedPassword(const char *password,
j;
uint8 Ui[SCRAM_KEY_LEN];
uint8 Ui_prev[SCRAM_KEY_LEN];
- scram_HMAC_ctx hmac_ctx;
+ pg_hmac_ctx *hmac_ctx = pg_hmac_create(PG_SHA256);
+
+ if (hmac_ctx == NULL)
+ return -1;
/*
* Iterate hash calculation of HMAC entry using given salt. This is
@@ -158,11 +53,12 @@ scram_SaltedPassword(const char *password,
*/
/* First iteration */
- if (scram_HMAC_init(&hmac_ctx, (uint8 *) password, password_len) < 0 ||
- scram_HMAC_update(&hmac_ctx, salt, saltlen) < 0 ||
- scram_HMAC_update(&hmac_ctx, (char *) &one, sizeof(uint32)) < 0 ||
- scram_HMAC_final(Ui_prev, &hmac_ctx) < 0)
+ if (pg_hmac_init(hmac_ctx, (uint8 *) password, password_len) < 0 ||
+ pg_hmac_update(hmac_ctx, (uint8 *) salt, saltlen) < 0 ||
+ pg_hmac_update(hmac_ctx, (uint8 *) &one, sizeof(uint32)) < 0 ||
+ pg_hmac_final(hmac_ctx, Ui_prev) < 0)
{
+ pg_hmac_free(hmac_ctx);
return -1;
}
@@ -171,10 +67,11 @@ scram_SaltedPassword(const char *password,
/* Subsequent iterations */
for (i = 2; i <= iterations; i++)
{
- if (scram_HMAC_init(&hmac_ctx, (uint8 *) password, password_len) < 0 ||
- scram_HMAC_update(&hmac_ctx, (const char *) Ui_prev, SCRAM_KEY_LEN) < 0 ||
- scram_HMAC_final(Ui, &hmac_ctx) < 0)
+ if (pg_hmac_init(hmac_ctx, (uint8 *) password, password_len) < 0 ||
+ pg_hmac_update(hmac_ctx, (uint8 *) Ui_prev, SCRAM_KEY_LEN) < 0 ||
+ pg_hmac_final(hmac_ctx, Ui) < 0)
{
+ pg_hmac_free(hmac_ctx);
return -1;
}
@@ -183,6 +80,7 @@ scram_SaltedPassword(const char *password,
memcpy(Ui_prev, Ui, SCRAM_KEY_LEN);
}
+ pg_hmac_free(hmac_ctx);
return 0;
}
@@ -218,15 +116,20 @@ scram_H(const uint8 *input, int len, uint8 *result)
int
scram_ClientKey(const uint8 *salted_password, uint8 *result)
{
- scram_HMAC_ctx ctx;
+ pg_hmac_ctx *ctx = pg_hmac_create(PG_SHA256);
- if (scram_HMAC_init(&ctx, salted_password, SCRAM_KEY_LEN) < 0 ||
- scram_HMAC_update(&ctx, "Client Key", strlen("Client Key")) < 0 ||
- scram_HMAC_final(result, &ctx) < 0)
+ if (ctx == NULL)
+ return -1;
+
+ if (pg_hmac_init(ctx, salted_password, SCRAM_KEY_LEN) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) "Client Key", strlen("Client Key")) < 0 ||
+ pg_hmac_final(ctx, result) < 0)
{
+ pg_hmac_free(ctx);
return -1;
}
+ pg_hmac_free(ctx);
return 0;
}
@@ -236,15 +139,20 @@ scram_ClientKey(const uint8 *salted_password, uint8 *result)
int
scram_ServerKey(const uint8 *salted_password, uint8 *result)
{
- scram_HMAC_ctx ctx;
+ pg_hmac_ctx *ctx = pg_hmac_create(PG_SHA256);
- if (scram_HMAC_init(&ctx, salted_password, SCRAM_KEY_LEN) < 0 ||
- scram_HMAC_update(&ctx, "Server Key", strlen("Server Key")) < 0 ||
- scram_HMAC_final(result, &ctx) < 0)
+ if (ctx == NULL)
+ return -1;
+
+ if (pg_hmac_init(ctx, salted_password, SCRAM_KEY_LEN) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) "Server Key", strlen("Server Key")) < 0 ||
+ pg_hmac_final(ctx, result) < 0)
{
+ pg_hmac_free(ctx);
return -1;
}
+ pg_hmac_free(ctx);
return 0;
}
diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c
index 6dcf574f62..cbf326c9ef 100644
--- a/src/interfaces/libpq/fe-auth-scram.c
+++ b/src/interfaces/libpq/fe-auth-scram.c
@@ -15,6 +15,7 @@
#include "postgres_fe.h"
#include "common/base64.h"
+#include "common/hmac.h"
#include "common/saslprep.h"
#include "common/scram-common.h"
#include "fe-auth.h"
@@ -766,7 +767,11 @@ calculate_client_proof(fe_scram_state *state,
uint8 ClientKey[SCRAM_KEY_LEN];
uint8 ClientSignature[SCRAM_KEY_LEN];
int i;
- scram_HMAC_ctx ctx;
+ pg_hmac_ctx *ctx;
+
+ ctx = pg_hmac_create(PG_SHA256);
+ if (ctx == NULL)
+ return false;
/*
* Calculate SaltedPassword, and store it in 'state' so that we can reuse
@@ -776,26 +781,28 @@ calculate_client_proof(fe_scram_state *state,
state->iterations, state->SaltedPassword) < 0 ||
scram_ClientKey(state->SaltedPassword, ClientKey) < 0 ||
scram_H(ClientKey, SCRAM_KEY_LEN, StoredKey) < 0 ||
- scram_HMAC_init(&ctx, StoredKey, SCRAM_KEY_LEN) < 0 ||
- scram_HMAC_update(&ctx,
- state->client_first_message_bare,
- strlen(state->client_first_message_bare)) < 0 ||
- scram_HMAC_update(&ctx, ",", 1) < 0 ||
- scram_HMAC_update(&ctx,
- state->server_first_message,
- strlen(state->server_first_message)) < 0 ||
- scram_HMAC_update(&ctx, ",", 1) < 0 ||
- scram_HMAC_update(&ctx,
- client_final_message_without_proof,
- strlen(client_final_message_without_proof)) < 0 ||
- scram_HMAC_final(ClientSignature, &ctx) < 0)
+ pg_hmac_init(ctx, StoredKey, SCRAM_KEY_LEN) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->client_first_message_bare,
+ strlen(state->client_first_message_bare)) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) ",", 1) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->server_first_message,
+ strlen(state->server_first_message)) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) ",", 1) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) client_final_message_without_proof,
+ strlen(client_final_message_without_proof)) < 0 ||
+ pg_hmac_final(ctx, ClientSignature) < 0)
{
+ pg_hmac_free(ctx);
return false;
}
for (i = 0; i < SCRAM_KEY_LEN; i++)
result[i] = ClientKey[i] ^ ClientSignature[i];
+ pg_hmac_free(ctx);
return true;
}
@@ -810,27 +817,34 @@ verify_server_signature(fe_scram_state *state, bool *match)
{
uint8 expected_ServerSignature[SCRAM_KEY_LEN];
uint8 ServerKey[SCRAM_KEY_LEN];
- scram_HMAC_ctx ctx;
+ pg_hmac_ctx *ctx;
+
+ ctx = pg_hmac_create(PG_SHA256);
+ if (ctx == NULL)
+ return false;
if (scram_ServerKey(state->SaltedPassword, ServerKey) < 0 ||
/* calculate ServerSignature */
- scram_HMAC_init(&ctx, ServerKey, SCRAM_KEY_LEN) < 0 ||
- scram_HMAC_update(&ctx,
- state->client_first_message_bare,
- strlen(state->client_first_message_bare)) < 0 ||
- scram_HMAC_update(&ctx, ",", 1) < 0 ||
- scram_HMAC_update(&ctx,
- state->server_first_message,
- strlen(state->server_first_message)) < 0 ||
- scram_HMAC_update(&ctx, ",", 1) < 0 ||
- scram_HMAC_update(&ctx,
- state->client_final_message_without_proof,
- strlen(state->client_final_message_without_proof)) < 0 ||
- scram_HMAC_final(expected_ServerSignature, &ctx) < 0)
+ pg_hmac_init(ctx, ServerKey, SCRAM_KEY_LEN) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->client_first_message_bare,
+ strlen(state->client_first_message_bare)) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) ",", 1) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->server_first_message,
+ strlen(state->server_first_message)) < 0 ||
+ pg_hmac_update(ctx, (uint8 *) ",", 1) < 0 ||
+ pg_hmac_update(ctx,
+ (uint8 *) state->client_final_message_without_proof,
+ strlen(state->client_final_message_without_proof)) < 0 ||
+ pg_hmac_final(ctx, expected_ServerSignature) < 0)
{
+ pg_hmac_free(ctx);
return false;
}
+ pg_hmac_free(ctx);
+
/* signature processed, so now check after it */
if (memcmp(expected_ServerSignature, state->ServerSignature, SCRAM_KEY_LEN) != 0)
*match = false;
diff --git a/configure b/configure
index 11a4284e5b..1570c769a6 100755
--- a/configure
+++ b/configure
@@ -12414,7 +12414,7 @@ done
# defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
# doesn't have these OpenSSL 1.1.0 functions. So check for individual
# functions.
- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data
+ for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
diff --git a/configure.ac b/configure.ac
index fc523c6aeb..cf28742160 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1228,7 +1228,7 @@ if test "$with_openssl" = yes ; then
# defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it
# doesn't have these OpenSSL 1.1.0 functions. So check for individual
# functions.
- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data])
+ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data HMAC_CTX_new HMAC_CTX_free])
# OpenSSL versions before 1.1.0 required setting callback functions, for
# thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock()
# function was removed.
diff --git a/src/tools/msvc/Mkvcbuild.pm b/src/tools/msvc/Mkvcbuild.pm
index f92c14030d..e37a7291af 100644
--- a/src/tools/msvc/Mkvcbuild.pm
+++ b/src/tools/msvc/Mkvcbuild.pm
@@ -130,11 +130,13 @@ sub mkvcbuild
if ($solution->{options}->{openssl})
{
push(@pgcommonallfiles, 'cryptohash_openssl.c');
+ push(@pgcommonallfiles, 'hmac_openssl.c');
push(@pgcommonallfiles, 'protocol_openssl.c');
}
else
{
push(@pgcommonallfiles, 'cryptohash.c');
+ push(@pgcommonallfiles, 'hmac.c');
push(@pgcommonallfiles, 'md5.c');
push(@pgcommonallfiles, 'sha2.c');
}
diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
index 22d6abd367..9bc3be9879 100644
--- a/src/tools/msvc/Solution.pm
+++ b/src/tools/msvc/Solution.pm
@@ -279,6 +279,8 @@ sub GenerateFiles
HAVE_GETTIMEOFDAY => undef,
HAVE_GSSAPI_GSSAPI_H => undef,
HAVE_GSSAPI_H => undef,
+ HAVE_HMAC_CTX_FREE => undef,
+ HAVE_HMAC_CTX_NEW => undef,
HAVE_HISTORY_H => undef,
HAVE_HISTORY_TRUNCATE_FILE => undef,
HAVE_IFADDRS_H => undef,
@@ -531,6 +533,8 @@ sub GenerateFiles
$define{HAVE_ASN1_STRING_GET0_DATA} = 1;
$define{HAVE_BIO_GET_DATA} = 1;
$define{HAVE_BIO_METH_NEW} = 1;
+ $define{HAVE_HMAC_CTX_FREE} = 1;
+ $define{HAVE_HMAC_CTX_NEW} = 1;
$define{HAVE_OPENSSL_INIT_SSL} = 1;
}
}
diff --git a/src/tools/pgindent/typedefs.list b/src/tools/pgindent/typedefs.list
index a9dca717a6..f3d9e0983a 100644
--- a/src/tools/pgindent/typedefs.list
+++ b/src/tools/pgindent/typedefs.list
@@ -3188,6 +3188,8 @@ pg_enc2gettext
pg_enc2name
pg_encname
pg_gssinfo
+pg_hmac_ctx
+pg_hmac_state
pg_int64
pg_local_to_utf_combined
pg_locale_t
@@ -3331,7 +3333,6 @@ role_auth_extra
row_security_policy_hook_type
rsv_callback
save_buffer
-scram_HMAC_ctx
scram_state
scram_state_enum
sem_t
--
2.29.2
hmacfuncs.tar.gz
Description: application/gzip
signature.asc
Description: PGP signature
