From 8f457c1027ec04dd30a7637ad4c3d5f3459c5a8e Mon Sep 17 00:00:00 2001 From: jiaqizho Date: Mon, 18 Mar 2024 18:48:53 +0800 Subject: [PATCH] Fix: redefine sm4 in crypto and pgcrypto (#394) After the pgcrypto module supported sm4, the sm4-128-ofb mode was added in backend/sm4.c This approach is very unclean. And the implementation of sm4 in pgcrypto is overwritten. --- contrib/pgcrypto/openssl_redirect.c | 2 +- src/backend/crypto/Makefile | 2 +- src/backend/crypto/bufenc.c | 6 +++--- src/backend/crypto/{sm4.c => sm4_ofb.c} | 6 +++--- src/include/crypto/{sm4.h => sm4_ofb.h} | 10 +++++----- 5 files changed, 13 insertions(+), 13 deletions(-) rename src/backend/crypto/{sm4.c => sm4_ofb.c} (99%) rename src/include/crypto/{sm4.h => sm4_ofb.h} (90%) diff --git a/contrib/pgcrypto/openssl_redirect.c b/contrib/pgcrypto/openssl_redirect.c index c2fca533b2a..02148ff7451 100644 --- a/contrib/pgcrypto/openssl_redirect.c +++ b/contrib/pgcrypto/openssl_redirect.c @@ -36,7 +36,7 @@ bool px_find_cipher_support_redirect(const char *name) { return true; } - if (strcmp("sm4-128-cbc", name) == 0) { + if (strcmp("sm4-128-ecb", name) == 0) { return true; } return false; diff --git a/src/backend/crypto/Makefile b/src/backend/crypto/Makefile index 4bb9ebe5c2a..fdc5cce44a3 100644 --- a/src/backend/crypto/Makefile +++ b/src/backend/crypto/Makefile @@ -14,7 +14,7 @@ include $(top_builddir)/src/Makefile.global OBJS = \ bufenc.o \ - sm4.o \ + sm4_ofb.o \ kmgr.o include $(top_srcdir)/src/backend/common.mk diff --git a/src/backend/crypto/bufenc.c b/src/backend/crypto/bufenc.c index 2a183cbc2e4..4e6f244c879 100644 --- a/src/backend/crypto/bufenc.c +++ b/src/backend/crypto/bufenc.c @@ -19,7 +19,7 @@ #include "access/gist.h" #include "access/xlog.h" #include "crypto/bufenc.h" -#include "crypto/sm4.h" +#include "crypto/sm4_ofb.h" #include "storage/bufpage.h" #include "storage/fd.h" #include "storage/shmem.h" @@ -57,8 +57,8 @@ InitializeBufferEncryption(void) BufDecCtx = ShmemInitStruct("sm4 encryption method decrypt ctx", sizeof(sm4_ctx), &found); - sm4_setkey_enc((sm4_ctx *)BufEncCtx, (unsigned char *)key->key); - sm4_setkey_dec((sm4_ctx *)BufDecCtx, (unsigned char *)key->key); + sm4_ofb_setkey_enc((sm4_ctx *)BufEncCtx, (unsigned char *)key->key); + sm4_ofb_setkey_dec((sm4_ctx *)BufDecCtx, (unsigned char *)key->key); } else { diff --git a/src/backend/crypto/sm4.c b/src/backend/crypto/sm4_ofb.c similarity index 99% rename from src/backend/crypto/sm4.c rename to src/backend/crypto/sm4_ofb.c index 68a9a129287..15b86140cbb 100644 --- a/src/backend/crypto/sm4.c +++ b/src/backend/crypto/sm4_ofb.c @@ -1,6 +1,6 @@ #include "postgres.h" #include -#include "crypto/sm4.h" +#include "crypto/sm4_ofb.h" static const uint8_t SM4_S[256] = { 0xD6, 0x90, 0xE9, 0xFE, 0xCC, 0xE1, 0x3D, 0xB7, 0x16, 0xB6, 0x14, 0xC2, @@ -368,13 +368,13 @@ void ossl_sm4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks) store_u32_be(B0, out + 12); } -void sm4_setkey_enc(sm4_ctx *ctx, uint8_t* key) +void sm4_ofb_setkey_enc(sm4_ctx *ctx, uint8_t* key) { ossl_sm4_set_key(key, &ctx->rkey); ctx->encrypt = SM4_ENCRYPT; } -void sm4_setkey_dec(sm4_ctx *ctx, uint8_t* key) +void sm4_ofb_setkey_dec(sm4_ctx *ctx, uint8_t* key) { ossl_sm4_set_key(key, &ctx->rkey); ctx->encrypt = SM4_DECRYPT; diff --git a/src/include/crypto/sm4.h b/src/include/crypto/sm4_ofb.h similarity index 90% rename from src/include/crypto/sm4.h rename to src/include/crypto/sm4_ofb.h index 3f18b13af9d..3bb2f26c55f 100644 --- a/src/include/crypto/sm4.h +++ b/src/include/crypto/sm4_ofb.h @@ -8,8 +8,8 @@ * *------------------------------------------------------------------------- */ -#ifndef _SM4_H_ -#define _SM4_H_ +#ifndef _SM4_OFB_H_ +#define _SM4_OFB_H_ #include "c.h" # define SM4_ENCRYPT 1 @@ -55,9 +55,9 @@ int ossl_sm4_set_key(const uint8_t *key, SM4_KEY *ks); void ossl_sm4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); void ossl_sm4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); -void sm4_setkey_enc(sm4_ctx *ctx, uint8_t* key); -void sm4_setkey_dec(sm4_ctx *ctx, uint8_t* key); +void sm4_ofb_setkey_enc(sm4_ctx *ctx, uint8_t* key); +void sm4_ofb_setkey_dec(sm4_ctx *ctx, uint8_t* key); int sm4_ofb_cipher(sm4_ctx *ctx, unsigned char *out, const unsigned char *in, size_t input_len, unsigned char ivec[16]); -#endif /* _SM4_H_ */ +#endif /* _SM4_OFB_H_ */