# Index of /code/PostgreSQL/y_crypto

Parent Directory  -
y_crypto.sql12-Jan-2010 10:00 7.6K
y_crypto.c27-Nov-2009 19:44 46K
test.sql27-Nov-2009 23:12 5.4K
bbs.png22-Oct-2009 21:00 672
agpl-3.0.txt22-Nov-2009 17:39 34K
Makefile23-Nov-2009 08:20 2.8K

Yellowbank PostgreSQL Cryptography Library

## Yellowbank PostgreSQL Cryptography Library

This library contains a number of PostgreSQL extension functions, primarily written in C. These include random number generation; generating hash digests; and RSA encryption, decryption, signing, and signature verification.

See y_crypto.sql for description of command arguments and return values. See test.sql for example usage.

#### Prerequisites

All of my development work to date has been done on Linux. I've attempted to avoid architecture specific idioms, but portability has not been my primary concern. You would certainly want to tweak the Makefile compilation parameters to conform to the requirements outlined in the PostgreSQL manual.

#### Random Number Generation

This library implements two different algorithms. Use the Blum Blum Shub algorithm for doing strong cryptography. There are strong mathematical proofs for the security of this algorithm, relating to the difficulty of integer factorization.

$x_{n+1} = x_n^2 \bmod M$

M is the product of two large random primes: p and q, which are both congruent to 3 (mod 4). On each iteration, the least significant bit of x is concatenated to the random data value being produced.

The random state (i.e. the values of x, p, and q) used by this algorithm is initialized to a set of default values when the module is first loaded. In other words, the random numbers it generates will be perfectly predictable until it is properly seeded. There are three functions to be aware of:

```y_bbs_random_seed( INTEGER, INTEGER )
y_bbs_random_octets( INTEGER )
y_bbs_random_range( TEXT )
```

y_bbs_random_seed takes two arguments: the size of the original value of x, in octets, and the size of the prime numbers p and q, also in octets. This function obtains the specified amount of data from /dev/random, and uses this data to seed the random state used to generate random numbers. The generator is initialized with default values of x, p, q (and by implication M). This means you can start generating random data right away, but the sequence of random data will always be the same every time you initialize the module. Note that on Linux, /dev/random will block until it collects enough entropy, meaning that this seed function may not return for quite some time. This function will return 'true' upon successful completion. Example:

`select y_bbs_random_seed( 64, 64 );`

y_bbs_random_octets takes an integer argument, and will return the indicated number of octets of random data as a bytea value. Example:

`select * from encode( y_bbs_random_octets( 32 ), 'hex' ) as rand;`

y_bbs_random_range takes a hexidecimal string as input, setting a maximum upper boundary on the value of the random number returned. The values returned will be in the range 0 to max-1, inclusive.

This code also implements the Mersenne Twister algorithm, as provided by the GMP library. The random state for this algorithm is seeded by /dev/urandom. It produces high quality random numbers, but don't use this algorithm for strong cryptography. Its advantage is speed.

`y_mt_random_range( TEXT )`

This fuction returns a random value as bytea output. The input argument is a hexidecimal string indicating the maximum upper bound on the on the random number produced. The output will be in the range 0 to max-1, inclusive. Example:

`select * from encode( y_mt_random_range( 'ffffffff' ), 'hex' );`

#### Mhash

```y_mhash( BYTEA, TEXT )
e.g.
SELECT ENCODE( y_mhash( 'hashme'::BYTEA, 'SHA256' ), 'hex' );
```

Links to Mhash library by Nikos Mavroyanopoulos and Sascha Schumann to provide PostgreSQL with an extended set of cryptographic hash primitives.

The repertoire of available algorithms currently includes:

```  WHIRLPOOL
TIGER, TIGER160, TIGER128
RIPEMD320, RIPEMD256, RIPEMD128
SHA512, SHA384, SHA256, SHA224, SHA1
HAVAL256, HAVAL224, HAVAL192, HAVAL160, HAVAL128
GOST
SNEFRU256, SNEFRU128
MD5, MD4
CRC32
```

#### RSA PKCS #1 v2.1

Functions here provide low level access to asymetric cryptography primatives. Most library implementations of RSA PKCS #1 v2.1 typically provide additional encoding over and above the raw integer arithmetic. However, my objective is to provide access to the primitive operations directly within PostgreSQL.

A couple of years ago (2007) I wrote my own implemenation of RSA PKCS #1 v2.1. That was educational, and it works, but putting prudence before pride, I have ripped that code out, and instead now link to the better written and better maintained Nettle low-level cryptography library by Niels Möller. It's from Sweden, so I know it's good. :)

This module extends PostgreSQL with the function for creating asymetric key pairs, encryption, decryption, signing, and signature verification. See y_crypto.sql for description of arguments, and test.sql for example usage.

• y_generate_rsa_keypair( INTEGER, INTEGER )
• y_rsa_encrypt( BYTEA, y_rsa_public_key )
• y_rsa_decrypt( TEXT, y_rsa_private_key )
• y_rsa_sign( BYTEA, y_rsa_private_key )
• y_rsa_sign_sha256( TEXT, y_rsa_private_key )
• y_rsa_verify( BYTEA, TEXT, y_rsa_public_key )
• y_rsa_verify_sha256( TEXT, TEXT, y_rsa_public_key )

Creating and storing both the public and private halves of a keypair on the server presumes, of course, that the server and its administrator(s) are completely trusted. This would not generally hold true. The better approach would be to generate the key client-side, and then save the public keypair to the server. I plan to add such client code to this project as time permits.

As with most cryptographic operations, the security of this implementation greatly depends on the quality of the random numbers available. The basic attack vector here is that if the seed length of a pseudo random generator is short enough or poor quality, or if the generator's cycle is too short, or is otherwise predictable, then an attacker may be able to recreate the random number sequence used in cryptographic operations, and thereby replay those operations.

This implementation uses the same underlying Blum Blum Shub code described above to create cryptographically strong random numbers. As discussed above, generating high quality randomness demands that you PROPERLY SEED THE GENERATOR.