mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2026-05-15 19:37:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

Import BDB 4.3.28

Browse source 
storage/bdb/LICENSE:
  Import db-4.3.28
storage/bdb/btree/bt_compare.c:
  Import db-4.3.28
storage/bdb/btree/bt_conv.c:
  Import db-4.3.28
storage/bdb/btree/bt_curadj.c:
  Import db-4.3.28
storage/bdb/btree/bt_cursor.c:
  Import db-4.3.28
storage/bdb/btree/bt_delete.c:
  Import db-4.3.28
storage/bdb/btree/bt_method.c:
  Import db-4.3.28
storage/bdb/btree/bt_open.c:
  Import db-4.3.28
storage/bdb/btree/bt_put.c:
  Import db-4.3.28
storage/bdb/btree/bt_rec.c:
  Import db-4.3.28
storage/bdb/btree/bt_reclaim.c:
  Import db-4.3.28
storage/bdb/btree/bt_recno.c:
  Import db-4.3.28
storage/bdb/btree/bt_rsearch.c:
  Import db-4.3.28
storage/bdb/btree/bt_search.c:
  Import db-4.3.28
storage/bdb/btree/bt_split.c:
  Import db-4.3.28
storage/bdb/btree/bt_stat.c:
  Import db-4.3.28
storage/bdb/btree/bt_upgrade.c:
  Import db-4.3.28
storage/bdb/btree/bt_verify.c:
  Import db-4.3.28
storage/bdb/btree/btree.src:
  Import db-4.3.28
storage/bdb/build_win32/Berkeley_DB.dsw:
  Import db-4.3.28
storage/bdb/build_win32/app_dsp.src:
  Import db-4.3.28
storage/bdb/build_win32/db_test.src:
  Import db-4.3.28
storage/bdb/build_win32/dbkill.cpp:
  Import db-4.3.28
storage/bdb/build_win32/dynamic_dsp.src:
  Import db-4.3.28
storage/bdb/build_win32/java_dsp.src:
  Import db-4.3.28
storage/bdb/build_win32/libdb_tcl.def:
  Import db-4.3.28
storage/bdb/build_win32/libdbrc.src:
  Import db-4.3.28
storage/bdb/build_win32/static_dsp.src:
  Import db-4.3.28
storage/bdb/build_win32/tcl_dsp.src:
  Import db-4.3.28
storage/bdb/clib/getcwd.c:
  Import db-4.3.28
storage/bdb/clib/getopt.c:
  Import db-4.3.28
storage/bdb/clib/memcmp.c:
  Import db-4.3.28
storage/bdb/clib/memmove.c:
  Import db-4.3.28
storage/bdb/clib/raise.c:
  Import db-4.3.28
storage/bdb/clib/snprintf.c:
  Import db-4.3.28
storage/bdb/clib/strcasecmp.c:
  Import db-4.3.28
storage/bdb/clib/strdup.c:
  Import db-4.3.28
storage/bdb/clib/strerror.c:
  Import db-4.3.28
storage/bdb/common/db_byteorder.c:
  Import db-4.3.28
storage/bdb/common/db_err.c:
  Import db-4.3.28
storage/bdb/common/db_getlong.c:
  Import db-4.3.28
storage/bdb/common/db_idspace.c:
  Import db-4.3.28
storage/bdb/common/db_log2.c:
  Import db-4.3.28
storage/bdb/common/util_arg.c:
  Import db-4.3.28
storage/bdb/common/util_cache.c:
  Import db-4.3.28
storage/bdb/common/util_log.c:
  Import db-4.3.28
storage/bdb/common/util_sig.c:
  Import db-4.3.28
storage/bdb/cxx/cxx_db.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_dbc.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_dbt.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_env.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_except.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_lock.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_logc.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_mpool.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_txn.cpp:
  Import db-4.3.28
storage/bdb/db/crdel.src:
  Import db-4.3.28
storage/bdb/db/crdel_rec.c:
  Import db-4.3.28
storage/bdb/db/db.c:
  Import db-4.3.28
storage/bdb/db/db.src:
  Import db-4.3.28
storage/bdb/db/db_am.c:
  Import db-4.3.28
storage/bdb/db/db_cam.c:
  Import db-4.3.28
storage/bdb/db/db_conv.c:
  Import db-4.3.28
storage/bdb/db/db_dispatch.c:
  Import db-4.3.28
storage/bdb/db/db_dup.c:
  Import db-4.3.28
storage/bdb/db/db_iface.c:
  Import db-4.3.28
storage/bdb/db/db_join.c:
  Import db-4.3.28
storage/bdb/db/db_meta.c:
  Import db-4.3.28
storage/bdb/db/db_method.c:
  Import db-4.3.28
storage/bdb/db/db_open.c:
  Import db-4.3.28
storage/bdb/db/db_overflow.c:
  Import db-4.3.28
storage/bdb/db/db_pr.c:
  Import db-4.3.28
storage/bdb/db/db_rec.c:
  Import db-4.3.28
storage/bdb/db/db_reclaim.c:
  Import db-4.3.28
storage/bdb/db/db_remove.c:
  Import db-4.3.28
storage/bdb/db/db_rename.c:
  Import db-4.3.28
storage/bdb/db/db_ret.c:
  Import db-4.3.28
storage/bdb/db/db_truncate.c:
  Import db-4.3.28
storage/bdb/db/db_upg.c:
  Import db-4.3.28
storage/bdb/db/db_upg_opd.c:
  Import db-4.3.28
storage/bdb/db/db_vrfy.c:
  Import db-4.3.28
storage/bdb/db/db_vrfyutil.c:
  Import db-4.3.28
storage/bdb/db185/db185.c:
  Import db-4.3.28
storage/bdb/db185/db185_int.in:
  Import db-4.3.28
storage/bdb/db_archive/db_archive.c:
  Import db-4.3.28
storage/bdb/db_checkpoint/db_checkpoint.c:
  Import db-4.3.28
storage/bdb/db_deadlock/db_deadlock.c:
  Import db-4.3.28
storage/bdb/db_dump/db_dump.c:
  Import db-4.3.28
storage/bdb/db_dump185/db_dump185.c:
  Import db-4.3.28
storage/bdb/db_load/db_load.c:
  Import db-4.3.28
storage/bdb/db_printlog/README:
  Import db-4.3.28
storage/bdb/db_printlog/db_printlog.c:
  Import db-4.3.28
storage/bdb/db_printlog/dbname.awk:
  Import db-4.3.28
storage/bdb/db_printlog/rectype.awk:
  Import db-4.3.28
storage/bdb/db_printlog/status.awk:
  Import db-4.3.28
storage/bdb/db_recover/db_recover.c:
  Import db-4.3.28
storage/bdb/db_stat/db_stat.c:
  Import db-4.3.28
storage/bdb/db_upgrade/db_upgrade.c:
  Import db-4.3.28
storage/bdb/db_verify/db_verify.c:
  Import db-4.3.28
storage/bdb/dbinc/btree.h:
  Import db-4.3.28
storage/bdb/dbinc/crypto.h:
  Import db-4.3.28
storage/bdb/dbinc/cxx_int.h:
  Import db-4.3.28
storage/bdb/dbinc/db.in:
  Import db-4.3.28
storage/bdb/dbinc/db_185.in:
  Import db-4.3.28
storage/bdb/dbinc/db_am.h:
  Import db-4.3.28
storage/bdb/dbinc/db_cxx.in:
  Import db-4.3.28
storage/bdb/dbinc/db_dispatch.h:
  Import db-4.3.28
storage/bdb/dbinc/db_int.in:
  Import db-4.3.28
storage/bdb/dbinc/db_join.h:
  Import db-4.3.28
storage/bdb/dbinc/db_page.h:
  Import db-4.3.28
storage/bdb/dbinc/db_server_int.h:
  Import db-4.3.28
storage/bdb/dbinc/db_shash.h:
  Import db-4.3.28
storage/bdb/dbinc/db_swap.h:
  Import db-4.3.28
storage/bdb/dbinc/db_upgrade.h:
  Import db-4.3.28
storage/bdb/dbinc/db_verify.h:
  Import db-4.3.28
storage/bdb/dbinc/debug.h:
  Import db-4.3.28
storage/bdb/dbinc/fop.h:
  Import db-4.3.28
storage/bdb/dbinc/globals.h:
  Import db-4.3.28
storage/bdb/dbinc/hash.h:
  Import db-4.3.28
storage/bdb/dbinc/hmac.h:
  Import db-4.3.28
storage/bdb/dbinc/lock.h:
  Import db-4.3.28
storage/bdb/dbinc/log.h:
  Import db-4.3.28
storage/bdb/dbinc/mp.h:
  Import db-4.3.28
storage/bdb/dbinc/mutex.h:
  Import db-4.3.28
storage/bdb/dbinc/os.h:
  Import db-4.3.28
storage/bdb/dbinc/qam.h:
  Import db-4.3.28
storage/bdb/dbinc/queue.h:
  Import db-4.3.28
storage/bdb/dbinc/region.h:
  Import db-4.3.28
storage/bdb/dbinc/rep.h:
  Import db-4.3.28
storage/bdb/dbinc/shqueue.h:
  Import db-4.3.28
storage/bdb/dbinc/tcl_db.h:
  Import db-4.3.28
storage/bdb/dbinc/txn.h:
  Import db-4.3.28
storage/bdb/dbinc/xa.h:
  Import db-4.3.28
storage/bdb/dbm/dbm.c:
  Import db-4.3.28
storage/bdb/dbreg/dbreg.c:
  Import db-4.3.28
storage/bdb/dbreg/dbreg.src:
  Import db-4.3.28
storage/bdb/dbreg/dbreg_rec.c:
  Import db-4.3.28
storage/bdb/dbreg/dbreg_util.c:
  Import db-4.3.28
storage/bdb/dist/Makefile.in:
  Import db-4.3.28
storage/bdb/dist/RELEASE:
  Import db-4.3.28
storage/bdb/dist/aclocal/config.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal/libtool.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal/mutex.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal/options.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal/programs.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal/sosuffix.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal/tcl.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal/types.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal_java/ac_jni_include_dirs.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal_java/ac_prog_java.ac:
  Import db-4.3.28
storage/bdb/dist/buildrel:
  Import db-4.3.28
storage/bdb/dist/configure.ac:
  Import db-4.3.28
storage/bdb/dist/gen_inc.awk:
  Import db-4.3.28
storage/bdb/dist/gen_rec.awk:
  Import db-4.3.28
storage/bdb/dist/gen_rpc.awk:
  Import db-4.3.28
storage/bdb/dist/ltmain.sh:
  Import db-4.3.28
storage/bdb/dist/pubdef.in:
  Import db-4.3.28
storage/bdb/dist/srcfiles.in:
  Import db-4.3.28
storage/bdb/dist/vx_2.0/BerkeleyDB.wpj:
  Import db-4.3.28
storage/bdb/dist/vx_2.0/wpj.in:
  Import db-4.3.28
storage/bdb/dist/vx_config.in:
  Import db-4.3.28
storage/bdb/dist/vx_setup/CONFIG.in:
  Import db-4.3.28
storage/bdb/dist/vx_setup/LICENSE.TXT:
  Import db-4.3.28
storage/bdb/dist/vx_setup/vx_allfile.in:
  Import db-4.3.28
storage/bdb/dist/vx_setup/vx_demofile.in:
  Import db-4.3.28
storage/bdb/dist/win_config.in:
  Import db-4.3.28
storage/bdb/dist/win_exports.in:
  Import db-4.3.28
storage/bdb/env/db_salloc.c:
  Import db-4.3.28
storage/bdb/env/db_shash.c:
  Import db-4.3.28
storage/bdb/env/env_file.c:
  Import db-4.3.28
storage/bdb/env/env_method.c:
  Import db-4.3.28
storage/bdb/env/env_open.c:
  Import db-4.3.28
storage/bdb/env/env_recover.c:
  Import db-4.3.28
storage/bdb/env/env_region.c:
  Import db-4.3.28
storage/bdb/fileops/fileops.src:
  Import db-4.3.28
storage/bdb/fileops/fop_basic.c:
  Import db-4.3.28
storage/bdb/fileops/fop_rec.c:
  Import db-4.3.28
storage/bdb/fileops/fop_util.c:
  Import db-4.3.28
storage/bdb/hash/hash.c:
  Import db-4.3.28
storage/bdb/hash/hash.src:
  Import db-4.3.28
storage/bdb/hash/hash_conv.c:
  Import db-4.3.28
storage/bdb/hash/hash_dup.c:
  Import db-4.3.28
storage/bdb/hash/hash_func.c:
  Import db-4.3.28
storage/bdb/hash/hash_meta.c:
  Import db-4.3.28
storage/bdb/hash/hash_method.c:
  Import db-4.3.28
storage/bdb/hash/hash_open.c:
  Import db-4.3.28
storage/bdb/hash/hash_page.c:
  Import db-4.3.28
storage/bdb/hash/hash_rec.c:
  Import db-4.3.28
storage/bdb/hash/hash_reclaim.c:
  Import db-4.3.28
storage/bdb/hash/hash_stat.c:
  Import db-4.3.28
storage/bdb/hash/hash_upgrade.c:
  Import db-4.3.28
storage/bdb/hash/hash_verify.c:
  Import db-4.3.28
storage/bdb/hmac/hmac.c:
  Import db-4.3.28
storage/bdb/hmac/sha1.c:
  Import db-4.3.28
storage/bdb/hsearch/hsearch.c:
  Import db-4.3.28
storage/bdb/lock/lock.c:
  Import db-4.3.28
storage/bdb/lock/lock_deadlock.c:
  Import db-4.3.28
storage/bdb/lock/lock_method.c:
  Import db-4.3.28
storage/bdb/lock/lock_region.c:
  Import db-4.3.28
storage/bdb/lock/lock_stat.c:
  Import db-4.3.28
storage/bdb/lock/lock_util.c:
  Import db-4.3.28
storage/bdb/log/log.c:
  Import db-4.3.28
storage/bdb/log/log_archive.c:
  Import db-4.3.28
storage/bdb/log/log_compare.c:
  Import db-4.3.28
storage/bdb/log/log_get.c:
  Import db-4.3.28
storage/bdb/log/log_method.c:
  Import db-4.3.28
storage/bdb/log/log_put.c:
  Import db-4.3.28
storage/bdb/mp/mp_alloc.c:
  Import db-4.3.28
storage/bdb/mp/mp_bh.c:
  Import db-4.3.28
storage/bdb/mp/mp_fget.c:
  Import db-4.3.28
storage/bdb/mp/mp_fopen.c:
  Import db-4.3.28
storage/bdb/mp/mp_fput.c:
  Import db-4.3.28
storage/bdb/mp/mp_fset.c:
  Import db-4.3.28
storage/bdb/mp/mp_method.c:
  Import db-4.3.28
storage/bdb/mp/mp_region.c:
  Import db-4.3.28
storage/bdb/mp/mp_register.c:
  Import db-4.3.28
storage/bdb/mp/mp_stat.c:
  Import db-4.3.28
storage/bdb/mp/mp_sync.c:
  Import db-4.3.28
storage/bdb/mp/mp_trickle.c:
  Import db-4.3.28
storage/bdb/mutex/mut_fcntl.c:
  Import db-4.3.28
storage/bdb/mutex/mut_pthread.c:
  Import db-4.3.28
storage/bdb/mutex/mut_tas.c:
  Import db-4.3.28
storage/bdb/mutex/mut_win32.c:
  Import db-4.3.28
storage/bdb/mutex/mutex.c:
  Import db-4.3.28
storage/bdb/mutex/tm.c:
  Import db-4.3.28
storage/bdb/mutex/uts4_cc.s:
  Import db-4.3.28
storage/bdb/os/os_abs.c:
  Import db-4.3.28
storage/bdb/os/os_alloc.c:
  Import db-4.3.28
storage/bdb/os/os_clock.c:
  Import db-4.3.28
storage/bdb/os/os_config.c:
  Import db-4.3.28
storage/bdb/os/os_dir.c:
  Import db-4.3.28
storage/bdb/os/os_errno.c:
  Import db-4.3.28
storage/bdb/os/os_fid.c:
  Import db-4.3.28
storage/bdb/os/os_fsync.c:
  Import db-4.3.28
storage/bdb/os/os_handle.c:
  Import db-4.3.28
storage/bdb/os/os_id.c:
  Import db-4.3.28
storage/bdb/os/os_map.c:
  Import db-4.3.28
storage/bdb/os/os_method.c:
  Import db-4.3.28
storage/bdb/os/os_oflags.c:
  Import db-4.3.28
storage/bdb/os/os_open.c:
  Import db-4.3.28
storage/bdb/os/os_region.c:
  Import db-4.3.28
storage/bdb/os/os_rename.c:
  Import db-4.3.28
storage/bdb/os/os_root.c:
  Import db-4.3.28
storage/bdb/os/os_rpath.c:
  Import db-4.3.28
storage/bdb/os/os_rw.c:
  Import db-4.3.28
storage/bdb/os/os_seek.c:
  Import db-4.3.28
storage/bdb/os/os_sleep.c:
  Import db-4.3.28
storage/bdb/os/os_spin.c:
  Import db-4.3.28
storage/bdb/os/os_stat.c:
  Import db-4.3.28
storage/bdb/os/os_tmpdir.c:
  Import db-4.3.28
storage/bdb/os/os_unlink.c:
  Import db-4.3.28
storage/bdb/os_vxworks/os_vx_abs.c:
  Import db-4.3.28
storage/bdb/os_vxworks/os_vx_config.c:
  Import db-4.3.28
storage/bdb/os_vxworks/os_vx_map.c:
  Import db-4.3.28
storage/bdb/os_win32/os_abs.c:
  Import db-4.3.28
storage/bdb/os_win32/os_clock.c:
  Import db-4.3.28
storage/bdb/os_win32/os_config.c:
  Import db-4.3.28
storage/bdb/os_win32/os_dir.c:
  Import db-4.3.28
storage/bdb/os_win32/os_errno.c:
  Import db-4.3.28
storage/bdb/os_win32/os_fid.c:
  Import db-4.3.28
storage/bdb/os_win32/os_fsync.c:
  Import db-4.3.28
storage/bdb/os_win32/os_handle.c:
  Import db-4.3.28
storage/bdb/os_win32/os_map.c:
  Import db-4.3.28
storage/bdb/os_win32/os_open.c:
  Import db-4.3.28
storage/bdb/os_win32/os_rename.c:
  Import db-4.3.28
storage/bdb/os_win32/os_rw.c:
  Import db-4.3.28
storage/bdb/os_win32/os_seek.c:
  Import db-4.3.28
storage/bdb/os_win32/os_sleep.c:
  Import db-4.3.28
storage/bdb/os_win32/os_spin.c:
  Import db-4.3.28
storage/bdb/os_win32/os_stat.c:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/BerkeleyDB.pm:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/BerkeleyDB.pod.P:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/BerkeleyDB.pod:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/BerkeleyDB.xs:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/Changes:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/MANIFEST:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/Makefile.PL:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/README:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/config.in:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/constants.h:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/mkconsts:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/patches/5.004:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/ppport.h:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/scan:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/btree.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/destroy.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/env.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/filter.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/hash.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/join.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/mldbm.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/queue.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/recno.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/strict.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/subdb.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/txn.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/util.pm:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/typemap:
  Import db-4.3.28
storage/bdb/perl/DB_File/Changes:
  Import db-4.3.28
storage/bdb/perl/DB_File/DB_File.pm:
  Import db-4.3.28
storage/bdb/perl/DB_File/DB_File.xs:
  Import db-4.3.28
storage/bdb/perl/DB_File/MANIFEST:
  Import db-4.3.28
storage/bdb/perl/DB_File/Makefile.PL:
  Import db-4.3.28
storage/bdb/perl/DB_File/README:
  Import db-4.3.28
storage/bdb/perl/DB_File/dbinfo:
  Import db-4.3.28
storage/bdb/perl/DB_File/patches/5.004:
  Import db-4.3.28
storage/bdb/perl/DB_File/ppport.h:
  Import db-4.3.28
storage/bdb/perl/DB_File/t/db-btree.t:
  Import db-4.3.28
storage/bdb/perl/DB_File/t/db-hash.t:
  Import db-4.3.28
storage/bdb/perl/DB_File/t/db-recno.t:
  Import db-4.3.28
storage/bdb/perl/DB_File/typemap:
  Import db-4.3.28
storage/bdb/qam/qam.c:
  Import db-4.3.28
storage/bdb/qam/qam.src:
  Import db-4.3.28
storage/bdb/qam/qam_conv.c:
  Import db-4.3.28
storage/bdb/qam/qam_files.c:
  Import db-4.3.28
storage/bdb/qam/qam_method.c:
  Import db-4.3.28
storage/bdb/qam/qam_open.c:
  Import db-4.3.28
storage/bdb/qam/qam_rec.c:
  Import db-4.3.28
storage/bdb/qam/qam_stat.c:
  Import db-4.3.28
storage/bdb/qam/qam_upgrade.c:
  Import db-4.3.28
storage/bdb/qam/qam_verify.c:
  Import db-4.3.28
storage/bdb/rep/rep_method.c:
  Import db-4.3.28
storage/bdb/rep/rep_record.c:
  Import db-4.3.28
storage/bdb/rep/rep_region.c:
  Import db-4.3.28
storage/bdb/rep/rep_util.c:
  Import db-4.3.28
storage/bdb/rpc_client/client.c:
  Import db-4.3.28
storage/bdb/rpc_client/gen_client_ret.c:
  Import db-4.3.28
storage/bdb/rpc_server/c/db_server_util.c:
  Import db-4.3.28
storage/bdb/rpc_server/cxx/db_server_cxxproc.cpp:
  Import db-4.3.28
storage/bdb/rpc_server/cxx/db_server_cxxutil.cpp:
  Import db-4.3.28
storage/bdb/rpc_server/java/FreeList.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/LocalIterator.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/README:
  Import db-4.3.28
storage/bdb/rpc_server/java/RpcDb.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/RpcDbEnv.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/RpcDbTxn.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/RpcDbc.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/Timer.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/gen/__db_open_reply.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/gen/__db_stat_msg.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/gen/db_server.java:
  Import db-4.3.28
storage/bdb/rpc_server/java/s_jrpcgen:
  Import db-4.3.28
storage/bdb/rpc_server/rpc.src:
  Import db-4.3.28
storage/bdb/tcl/docs/db.html:
  Import db-4.3.28
storage/bdb/tcl/docs/env.html:
  Import db-4.3.28
storage/bdb/tcl/docs/historic.html:
  Import db-4.3.28
storage/bdb/tcl/docs/index.html:
  Import db-4.3.28
storage/bdb/tcl/docs/library.html:
  Import db-4.3.28
storage/bdb/tcl/docs/lock.html:
  Import db-4.3.28
storage/bdb/tcl/docs/log.html:
  Import db-4.3.28
storage/bdb/tcl/docs/mpool.html:
  Import db-4.3.28
storage/bdb/tcl/docs/rep.html:
  Import db-4.3.28
storage/bdb/tcl/docs/test.html:
  Import db-4.3.28
storage/bdb/tcl/docs/txn.html:
  Import db-4.3.28
storage/bdb/tcl/tcl_compat.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_db.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_db_pkg.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_dbcursor.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_env.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_internal.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_lock.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_log.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_mp.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_rep.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_txn.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_util.c:
  Import db-4.3.28
storage/bdb/test/archive.tcl:
  Import db-4.3.28
storage/bdb/test/bigfile001.tcl:
  Import db-4.3.28
storage/bdb/test/bigfile002.tcl:
  Import db-4.3.28
storage/bdb/test/byteorder.tcl:
  Import db-4.3.28
storage/bdb/test/conscript.tcl:
  Import db-4.3.28
storage/bdb/test/dbm.tcl:
  Import db-4.3.28
storage/bdb/test/dbscript.tcl:
  Import db-4.3.28
storage/bdb/test/ddoyscript.tcl:
  Import db-4.3.28
storage/bdb/test/ddscript.tcl:
  Import db-4.3.28
storage/bdb/test/dead001.tcl:
  Import db-4.3.28
storage/bdb/test/dead002.tcl:
  Import db-4.3.28
storage/bdb/test/dead003.tcl:
  Import db-4.3.28
storage/bdb/test/dead004.tcl:
  Import db-4.3.28
storage/bdb/test/dead005.tcl:
  Import db-4.3.28
storage/bdb/test/dead006.tcl:
  Import db-4.3.28
storage/bdb/test/dead007.tcl:
  Import db-4.3.28
storage/bdb/test/env001.tcl:
  Import db-4.3.28
storage/bdb/test/env002.tcl:
  Import db-4.3.28
storage/bdb/test/env003.tcl:
  Import db-4.3.28
storage/bdb/test/env004.tcl:
  Import db-4.3.28
storage/bdb/test/env005.tcl:
  Import db-4.3.28
storage/bdb/test/env006.tcl:
  Import db-4.3.28
storage/bdb/test/env007.tcl:
  Import db-4.3.28
storage/bdb/test/env008.tcl:
  Import db-4.3.28
storage/bdb/test/env009.tcl:
  Import db-4.3.28
storage/bdb/test/env010.tcl:
  Import db-4.3.28
storage/bdb/test/env011.tcl:
  Import db-4.3.28
storage/bdb/test/hsearch.tcl:
  Import db-4.3.28
storage/bdb/test/join.tcl:
  Import db-4.3.28
storage/bdb/test/lock001.tcl:
  Import db-4.3.28
storage/bdb/test/lock002.tcl:
  Import db-4.3.28
storage/bdb/test/lock003.tcl:
  Import db-4.3.28
storage/bdb/test/lock004.tcl:
  Import db-4.3.28
storage/bdb/test/lock005.tcl:
  Import db-4.3.28
storage/bdb/test/lockscript.tcl:
  Import db-4.3.28
storage/bdb/test/log001.tcl:
  Import db-4.3.28
storage/bdb/test/log002.tcl:
  Import db-4.3.28
storage/bdb/test/log003.tcl:
  Import db-4.3.28
storage/bdb/test/log004.tcl:
  Import db-4.3.28
storage/bdb/test/log005.tcl:
  Import db-4.3.28
storage/bdb/test/logtrack.tcl:
  Import db-4.3.28
storage/bdb/test/mdbscript.tcl:
  Import db-4.3.28
storage/bdb/test/memp001.tcl:
  Import db-4.3.28
storage/bdb/test/memp002.tcl:
  Import db-4.3.28
storage/bdb/test/memp003.tcl:
  Import db-4.3.28
storage/bdb/test/mpoolscript.tcl:
  Import db-4.3.28
storage/bdb/test/mutex001.tcl:
  Import db-4.3.28
storage/bdb/test/mutex002.tcl:
  Import db-4.3.28
storage/bdb/test/mutex003.tcl:
  Import db-4.3.28
storage/bdb/test/mutexscript.tcl:
  Import db-4.3.28
storage/bdb/test/ndbm.tcl:
  Import db-4.3.28
storage/bdb/test/parallel.tcl:
  Import db-4.3.28
storage/bdb/test/recd001.tcl:
  Import db-4.3.28
storage/bdb/test/recd002.tcl:
  Import db-4.3.28
storage/bdb/test/recd003.tcl:
  Import db-4.3.28
storage/bdb/test/recd004.tcl:
  Import db-4.3.28
storage/bdb/test/recd005.tcl:
  Import db-4.3.28
storage/bdb/test/recd006.tcl:
  Import db-4.3.28
storage/bdb/test/recd007.tcl:
  Import db-4.3.28
storage/bdb/test/recd008.tcl:
  Import db-4.3.28
storage/bdb/test/recd009.tcl:
  Import db-4.3.28
storage/bdb/test/recd010.tcl:
  Import db-4.3.28
storage/bdb/test/recd011.tcl:
  Import db-4.3.28
storage/bdb/test/recd012.tcl:
  Import db-4.3.28
storage/bdb/test/recd013.tcl:
  Import db-4.3.28
storage/bdb/test/recd014.tcl:
  Import db-4.3.28
storage/bdb/test/recd015.tcl:
  Import db-4.3.28
storage/bdb/test/recd016.tcl:
  Import db-4.3.28
storage/bdb/test/recd017.tcl:
  Import db-4.3.28
storage/bdb/test/recd018.tcl:
  Import db-4.3.28
storage/bdb/test/recd019.tcl:
  Import db-4.3.28
storage/bdb/test/recd020.tcl:
  Import db-4.3.28
storage/bdb/test/recd15scr.tcl:
  Import db-4.3.28
storage/bdb/test/recdscript.tcl:
  Import db-4.3.28
storage/bdb/test/rep001.tcl:
  Import db-4.3.28
storage/bdb/test/rep002.tcl:
  Import db-4.3.28
storage/bdb/test/rep003.tcl:
  Import db-4.3.28
storage/bdb/test/rep005.tcl:
  Import db-4.3.28
storage/bdb/test/reputils.tcl:
  Import db-4.3.28
storage/bdb/test/rpc001.tcl:
  Import db-4.3.28
storage/bdb/test/rpc002.tcl:
  Import db-4.3.28
storage/bdb/test/rpc003.tcl:
  Import db-4.3.28
storage/bdb/test/rpc004.tcl:
  Import db-4.3.28
storage/bdb/test/rpc005.tcl:
  Import db-4.3.28
storage/bdb/test/rsrc001.tcl:
  Import db-4.3.28
storage/bdb/test/rsrc002.tcl:
  Import db-4.3.28
storage/bdb/test/rsrc003.tcl:
  Import db-4.3.28
storage/bdb/test/rsrc004.tcl:
  Import db-4.3.28
storage/bdb/test/scr001/chk.code:
  Import db-4.3.28
storage/bdb/test/scr003/chk.define:
  Import db-4.3.28
storage/bdb/test/scr004/chk.javafiles:
  Import db-4.3.28
storage/bdb/test/scr005/chk.nl:
  Import db-4.3.28
storage/bdb/test/scr006/chk.offt:
  Import db-4.3.28
storage/bdb/test/scr007/chk.proto:
  Import db-4.3.28
storage/bdb/test/scr008/chk.pubdef:
  Import db-4.3.28
storage/bdb/test/scr009/chk.srcfiles:
  Import db-4.3.28
storage/bdb/test/scr010/chk.str:
  Import db-4.3.28
storage/bdb/test/scr010/spell.ok:
  Import db-4.3.28
storage/bdb/test/scr011/chk.tags:
  Import db-4.3.28
storage/bdb/test/scr012/chk.vx_code:
  Import db-4.3.28
storage/bdb/test/scr013/chk.stats:
  Import db-4.3.28
storage/bdb/test/scr015/TestConstruct01.cpp:
  Import db-4.3.28
storage/bdb/test/scr015/TestConstruct01.testerr:
  Import db-4.3.28
storage/bdb/test/scr015/TestGetSetMethods.cpp:
  Import db-4.3.28
storage/bdb/test/scr015/TestKeyRange.cpp:
  Import db-4.3.28
storage/bdb/test/scr015/TestLogc.cpp:
  Import db-4.3.28
storage/bdb/test/scr015/TestSimpleAccess.cpp:
  Import db-4.3.28
storage/bdb/test/scr015/TestTruncate.cpp:
  Import db-4.3.28
storage/bdb/test/scr015/chk.cxxtests:
  Import db-4.3.28
storage/bdb/test/scr016/CallbackTest.java:
  Import db-4.3.28
storage/bdb/test/scr016/CallbackTest.testout:
  Import db-4.3.28
storage/bdb/test/scr016/TestAppendRecno.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestAssociate.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestClosedDb.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestClosedDb.testout:
  Import db-4.3.28
storage/bdb/test/scr016/TestConstruct01.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestConstruct01.testout:
  Import db-4.3.28
storage/bdb/test/scr016/TestConstruct02.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestDbtFlags.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestGetSetMethods.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestKeyRange.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestLockVec.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestLogc.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestOpenEmpty.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestOpenEmpty.testerr:
  Import db-4.3.28
storage/bdb/test/scr016/TestReplication.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestRpcServer.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestSameDbt.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestSimpleAccess.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestStat.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestStat.testout:
  Import db-4.3.28
storage/bdb/test/scr016/TestTruncate.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestTruncate.testout:
  Import db-4.3.28
storage/bdb/test/scr016/TestUtil.java:
  Import db-4.3.28
storage/bdb/test/scr016/TestXAServlet.java:
  Import db-4.3.28
storage/bdb/test/scr016/chk.javatests:
  Import db-4.3.28
storage/bdb/test/scr016/ignore:
  Import db-4.3.28
storage/bdb/test/scr016/testone:
  Import db-4.3.28
storage/bdb/test/scr017/chk.db185:
  Import db-4.3.28
storage/bdb/test/scr019/chk.include:
  Import db-4.3.28
storage/bdb/test/scr020/chk.inc:
  Import db-4.3.28
storage/bdb/test/scr021/chk.flags:
  Import db-4.3.28
storage/bdb/test/scr022/chk.rr:
  Import db-4.3.28
storage/bdb/test/sdb001.tcl:
  Import db-4.3.28
storage/bdb/test/sdb002.tcl:
  Import db-4.3.28
storage/bdb/test/sdb003.tcl:
  Import db-4.3.28
storage/bdb/test/sdb004.tcl:
  Import db-4.3.28
storage/bdb/test/sdb005.tcl:
  Import db-4.3.28
storage/bdb/test/sdb006.tcl:
  Import db-4.3.28
storage/bdb/test/sdb007.tcl:
  Import db-4.3.28
storage/bdb/test/sdb008.tcl:
  Import db-4.3.28
storage/bdb/test/sdb009.tcl:
  Import db-4.3.28
storage/bdb/test/sdb010.tcl:
  Import db-4.3.28
storage/bdb/test/sdb011.tcl:
  Import db-4.3.28
storage/bdb/test/sdb012.tcl:
  Import db-4.3.28
storage/bdb/test/sdbscript.tcl:
  Import db-4.3.28
storage/bdb/test/sdbtest001.tcl:
  Import db-4.3.28
storage/bdb/test/sdbtest002.tcl:
  Import db-4.3.28
storage/bdb/test/sdbutils.tcl:
  Import db-4.3.28
storage/bdb/test/sec001.tcl:
  Import db-4.3.28
storage/bdb/test/sec002.tcl:
  Import db-4.3.28
storage/bdb/test/shelltest.tcl:
  Import db-4.3.28
storage/bdb/test/si001.tcl:
  Import db-4.3.28
storage/bdb/test/si002.tcl:
  Import db-4.3.28
storage/bdb/test/si003.tcl:
  Import db-4.3.28
storage/bdb/test/si004.tcl:
  Import db-4.3.28
storage/bdb/test/si005.tcl:
  Import db-4.3.28
storage/bdb/test/sysscript.tcl:
  Import db-4.3.28
storage/bdb/test/test.tcl:
  Import db-4.3.28
storage/bdb/test/test001.tcl:
  Import db-4.3.28
storage/bdb/test/test002.tcl:
  Import db-4.3.28
storage/bdb/test/test003.tcl:
  Import db-4.3.28
storage/bdb/test/test004.tcl:
  Import db-4.3.28
storage/bdb/test/test005.tcl:
  Import db-4.3.28
storage/bdb/test/test006.tcl:
  Import db-4.3.28
storage/bdb/test/test007.tcl:
  Import db-4.3.28
storage/bdb/test/test008.tcl:
  Import db-4.3.28
storage/bdb/test/test009.tcl:
  Import db-4.3.28
storage/bdb/test/test010.tcl:
  Import db-4.3.28
storage/bdb/test/test011.tcl:
  Import db-4.3.28
storage/bdb/test/test012.tcl:
  Import db-4.3.28
storage/bdb/test/test013.tcl:
  Import db-4.3.28
storage/bdb/test/test014.tcl:
  Import db-4.3.28
storage/bdb/test/test015.tcl:
  Import db-4.3.28
storage/bdb/test/test016.tcl:
  Import db-4.3.28
storage/bdb/test/test017.tcl:
  Import db-4.3.28
storage/bdb/test/test018.tcl:
  Import db-4.3.28
storage/bdb/test/test019.tcl:
  Import db-4.3.28
storage/bdb/test/test020.tcl:
  Import db-4.3.28
storage/bdb/test/test021.tcl:
  Import db-4.3.28
storage/bdb/test/test022.tcl:
  Import db-4.3.28
storage/bdb/test/test023.tcl:
  Import db-4.3.28
storage/bdb/test/test024.tcl:
  Import db-4.3.28
storage/bdb/test/test025.tcl:
  Import db-4.3.28
storage/bdb/test/test026.tcl:
  Import db-4.3.28
storage/bdb/test/test027.tcl:
  Import db-4.3.28
storage/bdb/test/test028.tcl:
  Import db-4.3.28
storage/bdb/test/test029.tcl:
  Import db-4.3.28
storage/bdb/test/test030.tcl:
  Import db-4.3.28
storage/bdb/test/test031.tcl:
  Import db-4.3.28
storage/bdb/test/test032.tcl:
  Import db-4.3.28
storage/bdb/test/test033.tcl:
  Import db-4.3.28
storage/bdb/test/test034.tcl:
  Import db-4.3.28
storage/bdb/test/test035.tcl:
  Import db-4.3.28
storage/bdb/test/test036.tcl:
  Import db-4.3.28
storage/bdb/test/test037.tcl:
  Import db-4.3.28
storage/bdb/test/test038.tcl:
  Import db-4.3.28
storage/bdb/test/test039.tcl:
  Import db-4.3.28
storage/bdb/test/test040.tcl:
  Import db-4.3.28
storage/bdb/test/test041.tcl:
  Import db-4.3.28
storage/bdb/test/test042.tcl:
  Import db-4.3.28
storage/bdb/test/test043.tcl:
  Import db-4.3.28
storage/bdb/test/test044.tcl:
  Import db-4.3.28
storage/bdb/test/test045.tcl:
  Import db-4.3.28
storage/bdb/test/test046.tcl:
  Import db-4.3.28
storage/bdb/test/test047.tcl:
  Import db-4.3.28
storage/bdb/test/test048.tcl:
  Import db-4.3.28
storage/bdb/test/test049.tcl:
  Import db-4.3.28
storage/bdb/test/test050.tcl:
  Import db-4.3.28
storage/bdb/test/test051.tcl:
  Import db-4.3.28
storage/bdb/test/test052.tcl:
  Import db-4.3.28
storage/bdb/test/test053.tcl:
  Import db-4.3.28
storage/bdb/test/test054.tcl:
  Import db-4.3.28
storage/bdb/test/test055.tcl:
  Import db-4.3.28
storage/bdb/test/test056.tcl:
  Import db-4.3.28
storage/bdb/test/test057.tcl:
  Import db-4.3.28
storage/bdb/test/test058.tcl:
  Import db-4.3.28
storage/bdb/test/test059.tcl:
  Import db-4.3.28
storage/bdb/test/test060.tcl:
  Import db-4.3.28
storage/bdb/test/test061.tcl:
  Import db-4.3.28
storage/bdb/test/test062.tcl:
  Import db-4.3.28
storage/bdb/test/test063.tcl:
  Import db-4.3.28
storage/bdb/test/test064.tcl:
  Import db-4.3.28
storage/bdb/test/test065.tcl:
  Import db-4.3.28
storage/bdb/test/test066.tcl:
  Import db-4.3.28
storage/bdb/test/test067.tcl:
  Import db-4.3.28
storage/bdb/test/test068.tcl:
  Import db-4.3.28
storage/bdb/test/test069.tcl:
  Import db-4.3.28
storage/bdb/test/test070.tcl:
  Import db-4.3.28
storage/bdb/test/test071.tcl:
  Import db-4.3.28
storage/bdb/test/test072.tcl:
  Import db-4.3.28
storage/bdb/test/test073.tcl:
  Import db-4.3.28
storage/bdb/test/test074.tcl:
  Import db-4.3.28
storage/bdb/test/test076.tcl:
  Import db-4.3.28
storage/bdb/test/test077.tcl:
  Import db-4.3.28
storage/bdb/test/test078.tcl:
  Import db-4.3.28
storage/bdb/test/test079.tcl:
  Import db-4.3.28
storage/bdb/test/test081.tcl:
  Import db-4.3.28
storage/bdb/test/test082.tcl:
  Import db-4.3.28
storage/bdb/test/test083.tcl:
  Import db-4.3.28
storage/bdb/test/test084.tcl:
  Import db-4.3.28
storage/bdb/test/test085.tcl:
  Import db-4.3.28
storage/bdb/test/test086.tcl:
  Import db-4.3.28
storage/bdb/test/test087.tcl:
  Import db-4.3.28
storage/bdb/test/test088.tcl:
  Import db-4.3.28
storage/bdb/test/test089.tcl:
  Import db-4.3.28
storage/bdb/test/test090.tcl:
  Import db-4.3.28
storage/bdb/test/test091.tcl:
  Import db-4.3.28
storage/bdb/test/test092.tcl:
  Import db-4.3.28
storage/bdb/test/test093.tcl:
  Import db-4.3.28
storage/bdb/test/test094.tcl:
  Import db-4.3.28
storage/bdb/test/test095.tcl:
  Import db-4.3.28
storage/bdb/test/test096.tcl:
  Import db-4.3.28
storage/bdb/test/test097.tcl:
  Import db-4.3.28
storage/bdb/test/test098.tcl:
  Import db-4.3.28
storage/bdb/test/test099.tcl:
  Import db-4.3.28
storage/bdb/test/test100.tcl:
  Import db-4.3.28
storage/bdb/test/test101.tcl:
  Import db-4.3.28
storage/bdb/test/testparams.tcl:
  Import db-4.3.28
storage/bdb/test/testutils.tcl:
  Import db-4.3.28
storage/bdb/test/txn001.tcl:
  Import db-4.3.28
storage/bdb/test/txn002.tcl:
  Import db-4.3.28
storage/bdb/test/txn003.tcl:
  Import db-4.3.28
storage/bdb/test/txn004.tcl:
  Import db-4.3.28
storage/bdb/test/txn005.tcl:
  Import db-4.3.28
storage/bdb/test/txn006.tcl:
  Import db-4.3.28
storage/bdb/test/txn007.tcl:
  Import db-4.3.28
storage/bdb/test/txn008.tcl:
  Import db-4.3.28
storage/bdb/test/txn009.tcl:
  Import db-4.3.28
storage/bdb/test/txnscript.tcl:
  Import db-4.3.28
storage/bdb/test/update.tcl:
  Import db-4.3.28
storage/bdb/test/upgrade.tcl:
  Import db-4.3.28
storage/bdb/test/wrap.tcl:
  Import db-4.3.28
storage/bdb/txn/txn.c:
  Import db-4.3.28
storage/bdb/txn/txn.src:
  Import db-4.3.28
storage/bdb/txn/txn_method.c:
  Import db-4.3.28
storage/bdb/txn/txn_rec.c:
  Import db-4.3.28
storage/bdb/txn/txn_recover.c:
  Import db-4.3.28
storage/bdb/txn/txn_region.c:
  Import db-4.3.28
storage/bdb/txn/txn_stat.c:
  Import db-4.3.28
storage/bdb/txn/txn_util.c:
  Import db-4.3.28
storage/bdb/xa/xa.c:
  Import db-4.3.28
storage/bdb/xa/xa_db.c:
  Import db-4.3.28
storage/bdb/xa/xa_map.c:
  Import db-4.3.28
storage/bdb/clib/strtol.c:
  Import db-4.3.28
storage/bdb/clib/strtoul.c:
  Import db-4.3.28
storage/bdb/common/crypto_stub.c:
  Import db-4.3.28
storage/bdb/crypto/aes_method.c:
  Import db-4.3.28
storage/bdb/crypto/crypto.c:
  Import db-4.3.28
storage/bdb/crypto/crypto.html:
  Import db-4.3.28
storage/bdb/crypto/mersenne/mt19937db.c:
  Import db-4.3.28
storage/bdb/crypto/rijndael/rijndael-alg-fst.c:
  Import db-4.3.28
storage/bdb/crypto/rijndael/rijndael-alg-fst.h:
  Import db-4.3.28
storage/bdb/crypto/rijndael/rijndael-api-fst.c:
  Import db-4.3.28
storage/bdb/crypto/rijndael/rijndael-api-fst.h:
  Import db-4.3.28
storage/bdb/cxx/cxx_multi.cpp:
  Import db-4.3.28
storage/bdb/cxx/cxx_seq.cpp:
  Import db-4.3.28
storage/bdb/db/db_ovfl_vrfy.c:
  Import db-4.3.28
storage/bdb/db/db_setid.c:
  Import db-4.3.28
storage/bdb/db/db_setlsn.c:
  Import db-4.3.28
storage/bdb/db/db_stati.c:
  Import db-4.3.28
storage/bdb/db/db_vrfy_stub.c:
  Import db-4.3.28
storage/bdb/db_stat/dd.sh:
  Import db-4.3.28
storage/bdb/dbreg/dbreg_stat.c:
  Import db-4.3.28
storage/bdb/dist/aclocal/rpc.ac:
  Import db-4.3.28
storage/bdb/dist/aclocal/sequence.ac:
  Import db-4.3.28
storage/bdb/dist/config.hin:
  Import db-4.3.28
storage/bdb/dist/s_java_const:
  Import db-4.3.28
storage/bdb/dist/s_java_stat:
  Import db-4.3.28
storage/bdb/dist/s_java_swig:
  Import db-4.3.28
storage/bdb/dist/s_je2db:
  Import db-4.3.28
storage/bdb/dist/s_winmsi:
  Import db-4.3.28
storage/bdb/dist/template/db_server_proc:
  Import db-4.3.28
storage/bdb/dist/template/gen_client_ret:
  Import db-4.3.28
storage/bdb/dist/template/rec_btree:
  Import db-4.3.28
storage/bdb/dist/template/rec_crdel:
  Import db-4.3.28
storage/bdb/dist/template/rec_dbreg:
  Import db-4.3.28
storage/bdb/dist/template/rec_db:
  Import db-4.3.28
storage/bdb/dist/template/rec_fileops:
  Import db-4.3.28
storage/bdb/dist/template/rec_hash:
  Import db-4.3.28
storage/bdb/dist/template/rec_qam:
  Import db-4.3.28
storage/bdb/dist/template/rec_rep:
  Import db-4.3.28
storage/bdb/dist/template/rec_txn:
  Import db-4.3.28
storage/bdb/dist/vx_2.0/BerkeleyDBsmall.wpj:
  Import db-4.3.28
storage/bdb/dist/vx_2.2/BerkeleyDB.wpj:
  Import db-4.3.28
storage/bdb/dist/vx_2.2/BerkeleyDBsmall.wpj:
  Import db-4.3.28
storage/bdb/dist/vx_2.2/wpj.in:
  Import db-4.3.28
storage/bdb/dist/win_db.in:
  Import db-4.3.28
storage/bdb/dist/winmsi/dbcorewix.in:
  Import db-4.3.28
storage/bdb/dist/winmsi/dbvarsbat.in:
  Import db-4.3.28
storage/bdb/dist/winmsi/dbwix.m4:
  Import db-4.3.28
storage/bdb/dist/winmsi/environment.in:
  Import db-4.3.28
storage/bdb/dist/winmsi/features.in:
  Import db-4.3.28
storage/bdb/dist/winmsi/files.in:
  Import db-4.3.28
storage/bdb/dist/winmsi/images/caticon.ibd:
  Import db-4.3.28
storage/bdb/dist/winmsi/images/foldernew.ibd:
  Import db-4.3.28
storage/bdb/dist/winmsi/images/folderup.ibd:
  Import db-4.3.28
storage/bdb/dist/winmsi/images/sleepycat.jpg:
  Import db-4.3.28
storage/bdb/dist/winmsi/images/topstripe.ibd:
  Import db-4.3.28
storage/bdb/dist/winmsi/images/webicon.ico:
  Import db-4.3.28
storage/bdb/dist/winmsi/links.in:
  Import db-4.3.28
storage/bdb/dist/winmsi/s_winmsi.fcn:
  Import db-4.3.28
storage/bdb/dist/winmsi/winbuild.bat:
  Import db-4.3.28
storage/bdb/env/env_stat.c:
  Import db-4.3.28
storage/bdb/hash/hash_stub.c:
  Import db-4.3.28
storage/bdb/lock/lock_id.c:
  Import db-4.3.28
storage/bdb/lock/lock_list.c:
  Import db-4.3.28
storage/bdb/lock/lock_timer.c:
  Import db-4.3.28
storage/bdb/log/log_stat.c:
  Import db-4.3.28
storage/bdb/mp/mp_fmethod.c:
  Import db-4.3.28
storage/bdb/os/os_truncate.c:
  Import db-4.3.28
storage/bdb/os_win32/os_truncate.c:
  Import db-4.3.28
storage/bdb/os_win32/os_unlink.c:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/META.yml:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/cds.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/encrypt.t:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/t/pod.t:
  Import db-4.3.28
storage/bdb/perl/DB_File/META.yml:
  Import db-4.3.28
storage/bdb/qam/qam_stub.c:
  Import db-4.3.28
storage/bdb/rep/rep.src:
  Import db-4.3.28
storage/bdb/rep/rep_backup.c:
  Import db-4.3.28
storage/bdb/rep/rep_stat.c:
  Import db-4.3.28
storage/bdb/rep/rep_stub.c:
  Import db-4.3.28
storage/bdb/rpc_client/gen_client.c:
  Import db-4.3.28
storage/bdb/rpc_server/c/db_server_proc.c:
  Import db-4.3.28
storage/bdb/rpc_server/c/gen_db_server.c:
  Import db-4.3.28
storage/bdb/rpc_server/db_server.x:
  Import db-4.3.28
storage/bdb/sequence/seq_stat.c:
  Import db-4.3.28
storage/bdb/sequence/sequence.c:
  Import db-4.3.28
storage/bdb/tcl/tcl_seq.c:
  Import db-4.3.28
storage/bdb/dist/config.guess:
  Import db-4.3.28
storage/bdb/dist/config.sub:
  Import db-4.3.28
storage/bdb/dist/s_all:
  Import db-4.3.28
storage/bdb/dist/s_config:
  Import db-4.3.28
storage/bdb/dist/s_crypto:
  Import db-4.3.28
storage/bdb/dist/s_include:
  Import db-4.3.28
storage/bdb/dist/s_java:
  Import db-4.3.28
storage/bdb/dist/s_perm:
  Import db-4.3.28
storage/bdb/dist/s_readme:
  Import db-4.3.28
storage/bdb/dist/s_recover:
  Import db-4.3.28
storage/bdb/dist/s_rpc:
  Import db-4.3.28
storage/bdb/dist/s_symlink:
  Import db-4.3.28
storage/bdb/dist/s_tags:
  Import db-4.3.28
storage/bdb/dist/s_test:
  Import db-4.3.28
storage/bdb/dist/s_vxworks:
  Import db-4.3.28
storage/bdb/dist/s_win32_dsp:
  Import db-4.3.28
storage/bdb/dist/s_win32:
  Import db-4.3.28
storage/bdb/perl/BerkeleyDB/dbinfo:
  Import db-4.3.28
This commit is contained in:
unknown 2005-07-20 15:48:22 -07:00
commit 47d10d0eca
765 changed files with 97616 additions and 36391 deletions
Download patch file Download diff file Expand all files Collapse all files

273
storage/bdb/crypto/aes_method.c Normal file
View file

@ -0,0 +1,273 @@
/*-
* See the file LICENSE for redistribution information.
*
* Copyright (c) 2001-2004
* Sleepycat Software. All rights reserved.
*
* Some parts of this code originally written by Adam Stubblefield,
* -- astubble@rice.edu.
*
* $Id: aes_method.c,v 1.20 2004/09/17 22:00:25 mjc Exp $
*/
#include "db_config.h"
#ifndef NO_SYSTEM_INCLUDES
#include <string.h>
#endif
#include "db_int.h"
#include "dbinc/crypto.h"
#include "dbinc/hmac.h"
static void __aes_err __P((DB_ENV *, int));
static int __aes_derivekeys __P((DB_ENV *, DB_CIPHER *, u_int8_t *, size_t));
/*
* __aes_setup --
* Setup AES functions.
*
* PUBLIC: int __aes_setup __P((DB_ENV *, DB_CIPHER *));
*/
int
__aes_setup(dbenv, db_cipher)
DB_ENV *dbenv;
DB_CIPHER *db_cipher;
{
AES_CIPHER *aes_cipher;
int ret;
db_cipher->adj_size = __aes_adj_size;
db_cipher->close = __aes_close;
db_cipher->decrypt = __aes_decrypt;
db_cipher->encrypt = __aes_encrypt;
db_cipher->init = __aes_init;
if ((ret = __os_calloc(dbenv, 1, sizeof(AES_CIPHER), &aes_cipher)) != 0)
return (ret);
db_cipher->data = aes_cipher;
return (0);
}
/*
* __aes_adj_size --
* Given a size, return an addition amount needed to meet the
* "chunk" needs of the algorithm.
*
* PUBLIC: u_int __aes_adj_size __P((size_t));
*/
u_int
__aes_adj_size(len)
size_t len;
{
if (len % DB_AES_CHUNK == 0)
return (0);
return (DB_AES_CHUNK - (u_int)(len % DB_AES_CHUNK));
}
/*
* __aes_close --
* Destroy the AES encryption instantiation.
*
* PUBLIC: int __aes_close __P((DB_ENV *, void *));
*/
int
__aes_close(dbenv, data)
DB_ENV *dbenv;
void *data;
{
__os_free(dbenv, data);
return (0);
}
/*
* __aes_decrypt --
* Decrypt data with AES.
*
* PUBLIC: int __aes_decrypt __P((DB_ENV *, void *, void *,
* PUBLIC: u_int8_t *, size_t));
*/
int
__aes_decrypt(dbenv, aes_data, iv, cipher, cipher_len)
DB_ENV *dbenv;
void *aes_data;
void *iv;
u_int8_t *cipher;
size_t cipher_len;
{
AES_CIPHER *aes;
cipherInstance c;
int ret;
aes = (AES_CIPHER *)aes_data;
if (iv == NULL || cipher == NULL)
return (EINVAL);
if ((cipher_len % DB_AES_CHUNK) != 0)
return (EINVAL);
/*
* Initialize the cipher
*/
if ((ret = __db_cipherInit(&c, MODE_CBC, iv)) < 0) {
__aes_err(dbenv, ret);
return (EAGAIN);
}
/* Do the decryption */
if ((ret = __db_blockDecrypt(&c, &aes->decrypt_ki, cipher,
cipher_len * 8, cipher)) < 0) {
__aes_err(dbenv, ret);
return (EAGAIN);
}
return (0);
}
/*
* __aes_encrypt --
* Encrypt data with AES.
*
* PUBLIC: int __aes_encrypt __P((DB_ENV *, void *, void *,
* PUBLIC: u_int8_t *, size_t));
*/
int
__aes_encrypt(dbenv, aes_data, iv, data, data_len)
DB_ENV *dbenv;
void *aes_data;
void *iv;
u_int8_t *data;
size_t data_len;
{
AES_CIPHER *aes;
cipherInstance c;
u_int32_t tmp_iv[DB_IV_BYTES/4];
int ret;
aes = (AES_CIPHER *)aes_data;
if (aes == NULL || data == NULL)
return (EINVAL);
if ((data_len % DB_AES_CHUNK) != 0)
return (EINVAL);
/*
* Generate the IV here. We store it in a tmp IV because
* the IV might be stored within the data we are encrypting
* and so we will copy it over to the given location after
* encryption is done.
* We don't do this outside of there because some encryption
* algorithms someone might add may not use IV's and we always
* want on here.
*/
if ((ret = __db_generate_iv(dbenv, tmp_iv)) != 0)
return (ret);
/*
* Initialize the cipher
*/
if ((ret = __db_cipherInit(&c, MODE_CBC, (char *)tmp_iv)) < 0) {
__aes_err(dbenv, ret);
return (EAGAIN);
}
/* Do the encryption */
if ((ret = __db_blockEncrypt(&c, &aes->encrypt_ki, data, data_len * 8,
data)) < 0) {
__aes_err(dbenv, ret);
return (EAGAIN);
}
memcpy(iv, tmp_iv, DB_IV_BYTES);
return (0);
}
/*
* __aes_init --
* Initialize the AES encryption instantiation.
*
* PUBLIC: int __aes_init __P((DB_ENV *, DB_CIPHER *));
*/
int
__aes_init(dbenv, db_cipher)
DB_ENV *dbenv;
DB_CIPHER *db_cipher;
{
return (__aes_derivekeys(dbenv, db_cipher, (u_int8_t *)dbenv->passwd,
dbenv->passwd_len));
}
static int
__aes_derivekeys(dbenv, db_cipher, passwd, plen)
DB_ENV *dbenv;
DB_CIPHER *db_cipher;
u_int8_t *passwd;
size_t plen;
{
SHA1_CTX ctx;
AES_CIPHER *aes;
int ret;
u_int32_t temp[DB_MAC_KEY/4];
if (passwd == NULL)
return (EINVAL);
aes = (AES_CIPHER *)db_cipher->data;
/* Derive the crypto keys */
__db_SHA1Init(&ctx);
__db_SHA1Update(&ctx, passwd, plen);
__db_SHA1Update(&ctx, (u_int8_t *)DB_ENC_MAGIC, strlen(DB_ENC_MAGIC));
__db_SHA1Update(&ctx, passwd, plen);
__db_SHA1Final((u_int8_t *)temp, &ctx);
if ((ret = __db_makeKey(&aes->encrypt_ki, DIR_ENCRYPT,
DB_AES_KEYLEN, (char *)temp)) != TRUE) {
__aes_err(dbenv, ret);
return (EAGAIN);
}
if ((ret = __db_makeKey(&aes->decrypt_ki, DIR_DECRYPT,
DB_AES_KEYLEN, (char *)temp)) != TRUE) {
__aes_err(dbenv, ret);
return (EAGAIN);
}
return (0);
}
/*
* __aes_err --
* Handle AES-specific errors. Codes and messages derived from
* rijndael/rijndael-api-fst.h.
*/
static void
__aes_err(dbenv, err)
DB_ENV *dbenv;
int err;
{
char *errstr;
switch (err) {
case BAD_KEY_DIR:
errstr = "AES key direction is invalid";
break;
case BAD_KEY_MAT:
errstr = "AES key material not of correct length";
break;
case BAD_KEY_INSTANCE:
errstr = "AES key passwd not valid";
break;
case BAD_CIPHER_MODE:
errstr = "AES cipher in wrong state (not initialized)";
break;
case BAD_BLOCK_LENGTH:
errstr = "AES bad block length";
break;
case BAD_CIPHER_INSTANCE:
errstr = "AES cipher instance is invalid";
break;
case BAD_DATA:
errstr = "AES data contents are invalid";
break;
case BAD_OTHER:
errstr = "AES unknown error";
break;
default:
errstr = "AES error unrecognized";
break;
}
__db_err(dbenv, errstr);
return;
}

385
storage/bdb/crypto/crypto.c Normal file
View file

@ -0,0 +1,385 @@
/*-
* See the file LICENSE for redistribution information.
*
* Copyright (c) 1996-2004
* Sleepycat Software. All rights reserved.
*
* Some parts of this code originally written by Adam Stubblefield
* -- astubble@rice.edu
*
* $Id: crypto.c,v 1.31 2004/10/15 16:59:38 bostic Exp $
*/
#include "db_config.h"
#ifndef NO_SYSTEM_INCLUDES
#include <string.h>
#endif
#include "db_int.h"
#include "dbinc/db_page.h"
#include "dbinc/crypto.h"
/*
* __crypto_region_init --
* Initialize crypto.
*/
int
__crypto_region_init(dbenv)
DB_ENV *dbenv;
{
REGENV *renv;
REGINFO *infop;
CIPHER *cipher;
DB_CIPHER *db_cipher;
char *sh_passwd;
int ret;
db_cipher = dbenv->crypto_handle;
ret = 0;
infop = dbenv->reginfo;
renv = infop->primary;
MUTEX_LOCK(dbenv, &renv->mutex);
if (renv->cipher_off == INVALID_ROFF) {
if (!CRYPTO_ON(dbenv))
goto err;
if (!F_ISSET(infop, REGION_CREATE)) {
__db_err(dbenv,
"Joining non-encrypted environment with encryption key");
ret = EINVAL;
goto err;
}
if (F_ISSET(db_cipher, CIPHER_ANY)) {
__db_err(dbenv, "Encryption algorithm not supplied");
ret = EINVAL;
goto err;
}
/*
* Must create the shared information. We need:
* Shared cipher information that contains the passwd.
* After we copy the passwd, we smash and free the one in the
* dbenv.
*/
if ((ret = __db_shalloc(
infop, sizeof(CIPHER), MUTEX_ALIGN, &cipher)) != 0)
goto err;
memset(cipher, 0, sizeof(*cipher));
if ((ret = __db_shalloc(
infop, dbenv->passwd_len, 0, &sh_passwd)) != 0) {
__db_shalloc_free(infop, cipher);
goto err;
}
memset(sh_passwd, 0, dbenv->passwd_len);
cipher->passwd = R_OFFSET(infop, sh_passwd);
cipher->passwd_len = dbenv->passwd_len;
cipher->flags = db_cipher->alg;
memcpy(sh_passwd, dbenv->passwd, cipher->passwd_len);
renv->cipher_off = R_OFFSET(infop, cipher);
} else {
if (!CRYPTO_ON(dbenv)) {
__db_err(dbenv,
"Encrypted environment: no encryption key supplied");
ret = EINVAL;
goto err;
}
cipher = R_ADDR(infop, renv->cipher_off);
sh_passwd = R_ADDR(infop, cipher->passwd);
if ((cipher->passwd_len != dbenv->passwd_len) ||
memcmp(dbenv->passwd, sh_passwd, cipher->passwd_len) != 0) {
__db_err(dbenv, "Invalid password");
ret = EPERM;
goto err;
}
if (!F_ISSET(db_cipher, CIPHER_ANY) &&
db_cipher->alg != cipher->flags) {
__db_err(dbenv,
"Environment encrypted using a different algorithm");
ret = EINVAL;
goto err;
}
if (F_ISSET(db_cipher, CIPHER_ANY))
/*
* We have CIPHER_ANY and we are joining the
* existing env. Setup our cipher structure
* for whatever algorithm this env has.
*/
if ((ret = __crypto_algsetup(dbenv, db_cipher,
cipher->flags, 0)) != 0)
goto err;
}
MUTEX_UNLOCK(dbenv, &renv->mutex);
ret = db_cipher->init(dbenv, db_cipher);
/*
* On success, no matter if we allocated it or are using the
* already existing one, we are done with the passwd in the dbenv.
* We smash N-1 bytes so that we don't overwrite the nul.
*/
memset(dbenv->passwd, 0xff, dbenv->passwd_len-1);
__os_free(dbenv, dbenv->passwd);
dbenv->passwd = NULL;
dbenv->passwd_len = 0;
if (0) {
err: MUTEX_UNLOCK(dbenv, &renv->mutex);
}
return (ret);
}
/*
* __crypto_dbenv_close --
* Crypto-specific destruction of DB_ENV structure.
*
* PUBLIC: int __crypto_dbenv_close __P((DB_ENV *));
*/
int
__crypto_dbenv_close(dbenv)
DB_ENV *dbenv;
{
DB_CIPHER *db_cipher;
int ret;
ret = 0;
db_cipher = dbenv->crypto_handle;
if (dbenv->passwd != NULL) {
memset(dbenv->passwd, 0xff, dbenv->passwd_len-1);
__os_free(dbenv, dbenv->passwd);
dbenv->passwd = NULL;
}
if (!CRYPTO_ON(dbenv))
return (0);
if (!F_ISSET(db_cipher, CIPHER_ANY))
ret = db_cipher->close(dbenv, db_cipher->data);
__os_free(dbenv, db_cipher);
return (ret);
}
/*
* __crypto_region_destroy --
* Destroy any system resources allocated in the primary region.
*
* PUBLIC: int __crypto_region_destroy __P((DB_ENV *));
*/
int
__crypto_region_destroy(dbenv)
DB_ENV *dbenv;
{
CIPHER *cipher;
REGENV *renv;
REGINFO *infop;
infop = dbenv->reginfo;
renv = infop->primary;
if (renv->cipher_off != INVALID_ROFF) {
cipher = R_ADDR(infop, renv->cipher_off);
__db_shalloc_free(infop, R_ADDR(infop, cipher->passwd));
__db_shalloc_free(infop, cipher);
}
return (0);
}
/*
* __crypto_algsetup --
* Given a db_cipher structure and a valid algorithm flag, call
* the specific algorithm setup function.
*
* PUBLIC: int __crypto_algsetup __P((DB_ENV *, DB_CIPHER *, u_int32_t, int));
*/
int
__crypto_algsetup(dbenv, db_cipher, alg, do_init)
DB_ENV *dbenv;
DB_CIPHER *db_cipher;
u_int32_t alg;
int do_init;
{
int ret;
ret = 0;
if (!CRYPTO_ON(dbenv)) {
__db_err(dbenv, "No cipher structure given");
return (EINVAL);
}
F_CLR(db_cipher, CIPHER_ANY);
switch (alg) {
case CIPHER_AES:
db_cipher->alg = CIPHER_AES;
ret = __aes_setup(dbenv, db_cipher);
break;
default:
__db_panic(dbenv, EINVAL);
/* NOTREACHED */
}
if (do_init)
ret = db_cipher->init(dbenv, db_cipher);
return (ret);
}
/*
* __crypto_decrypt_meta --
* Perform decryption on a metapage if needed.
*
* PUBLIC: int __crypto_decrypt_meta __P((DB_ENV *, DB *, u_int8_t *, int));
*/
int
__crypto_decrypt_meta(dbenv, dbp, mbuf, do_metachk)
DB_ENV *dbenv;
DB *dbp;
u_int8_t *mbuf;
int do_metachk;
{
DB_CIPHER *db_cipher;
DB dummydb;
DBMETA *meta;
size_t pg_off;
int ret;
u_int8_t *iv;
/*
* If we weren't given a dbp, we just want to decrypt the page
* on behalf of some internal subsystem, not on behalf of a user
* with a dbp. Therefore, set up a dummy dbp so that the call
* to P_OVERHEAD below works.
*/
if (dbp == NULL) {
memset(&dummydb, 0, sizeof(DB));
dbp = &dummydb;
}
/*
* Meta-pages may be encrypted for DBMETASIZE bytes. If
* we have a non-zero IV (that is written after encryption)
* then we decrypt (or error if the user isn't set up for
* security). We guarantee that the IV space on non-encrypted
* pages will be zero and a zero-IV is illegal for encryption.
* Therefore any non-zero IV means an encrypted database.
* This basically checks the passwd on the file
* if we cannot find a good magic number.
* We walk through all the algorithms we know about attempting
* to decrypt (and possibly byteswap).
*
* !!!
* All method meta pages have the IV and checksum at the
* exact same location, but not in DBMETA, use BTMETA.
*/
ret = 0;
meta = (DBMETA *)mbuf;
if (meta->encrypt_alg != 0) {
db_cipher = (DB_CIPHER *)dbenv->crypto_handle;
if (!F_ISSET(dbp, DB_AM_ENCRYPT)) {
if (!CRYPTO_ON(dbenv)) {
__db_err(dbenv,
"Encrypted database: no encryption flag specified");
return (EINVAL);
}
/*
* User has a correct, secure env, but has
* encountered a database in that env that is
* secure, but user didn't dbp->set_flags. Since
* it is existing, use encryption if it is that
* way already.
*/
F_SET(dbp, DB_AM_ENCRYPT|DB_AM_CHKSUM);
}
/*
* This was checked in set_flags when DB_AM_ENCRYPT was set.
* So it better still be true here.
*/
DB_ASSERT(CRYPTO_ON(dbenv));
if (!F_ISSET(db_cipher, CIPHER_ANY) &&
meta->encrypt_alg != db_cipher->alg) {
__db_err(dbenv,
"Database encrypted using a different algorithm");
return (EINVAL);
}
DB_ASSERT(F_ISSET(dbp, DB_AM_CHKSUM));
iv = ((BTMETA *)mbuf)->iv;
/*
* For ALL pages, we do not encrypt the beginning
* of the page that contains overhead information.
* This is true of meta and all other pages.
*/
pg_off = P_OVERHEAD(dbp);
alg_retry:
/*
* If they asked for a specific algorithm, then
* use it. Otherwise walk through those we know.
*/
if (!F_ISSET(db_cipher, CIPHER_ANY)) {
if (do_metachk && (ret = db_cipher->decrypt(dbenv,
db_cipher->data, iv, mbuf + pg_off,
DBMETASIZE - pg_off)))
return (ret);
if (((BTMETA *)meta)->crypto_magic !=
meta->magic) {
__db_err(dbenv, "Invalid password");
return (EINVAL);
}
/*
* Success here. The algorithm asked for and the one
* on the file match. We've just decrypted the meta
* page and checked the magic numbers. They match,
* indicating the password is right. All is right
* with the world.
*/
return (0);
}
/*
* If we get here, CIPHER_ANY must be set.
*/
ret = __crypto_algsetup(dbenv, db_cipher, meta->encrypt_alg, 1);
goto alg_retry;
} else if (F_ISSET(dbp, DB_AM_ENCRYPT)) {
/*
* They gave us a passwd, but the database is not
* encrypted. This is an error. We do NOT want to
* silently allow them to write data in the clear when
* the user set up and expects encrypted data.
*
* This covers at least the following scenario.
* 1. User creates and sets up an encrypted database.
* 2. Attacker cannot read the actual data in the database
* because it is encrypted, but can remove/replace the file
* with an empty, unencrypted database file.
* 3. User sets encryption and we get to this code now.
* If we allowed the file to be used in the clear since
* it is that way on disk, the user would unsuspectingly
* write sensitive data in the clear.
* 4. Attacker reads data that user thought was encrypted.
*
* Therefore, asking for encryption with a database that
* was not encrypted is an error.
*/
__db_err(dbenv,
"Unencrypted database with a supplied encryption key");
return (EINVAL);
}
return (ret);
}
/*
* __crypto_set_passwd --
* Get the password from the shared region; and set it in a new
* environment handle. Use this to duplicate environment handles.
*
* PUBLIC: int __crypto_set_passwd __P((DB_ENV *, DB_ENV *));
*/
int
__crypto_set_passwd(dbenv_src, dbenv_dest)
DB_ENV *dbenv_src, *dbenv_dest;
{
CIPHER *cipher;
REGENV *renv;
REGINFO *infop;
char *sh_passwd;
int ret;
ret = 0;
infop = dbenv_src->reginfo;
renv = infop->primary;
DB_ASSERT(CRYPTO_ON(dbenv_src));
cipher = R_ADDR(infop, renv->cipher_off);
sh_passwd = R_ADDR(infop, cipher->passwd);
return (__dbenv_set_encrypt(dbenv_dest, sh_passwd, DB_ENCRYPT_AES));
}

639
storage/bdb/crypto/crypto.html Normal file
View file

@ -0,0 +1,639 @@
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="GENERATOR" content="Mozilla/4.76 [en] (X11; U; FreeBSD 4.3-RELEASE i386) [Netscape]">
</head>
<body>
<center>
<h1>
&nbsp;Security Interface for Berkeley DB</h1></center>
<center><i>Susan LoVerso</i>
<br><i>sue@sleepycat.com</i>
<br><i>Rev 1.6</i>
<br><i>2002 Feb 26</i></center>
<p>We provide an interface allowing secure access to Berkeley DB.&nbsp;&nbsp;
Our goal is to allow users to have encrypted secure databases.&nbsp; In
this document, the term <i>ciphering</i> means the act of encryption or
decryption.&nbsp; They are equal but opposite actions and the same issues
apply to both just in the opposite direction.
<h3>
Requirements</h3>
The overriding requirement is to provide a simple mechanism to allow users
to have a secure database.&nbsp; A secure database means that all of the
pages of a database will be encrypted, and all of the log files will be
encrypted.
<p>Falling out from this work will be a simple mechanism to allow users
to request that we checksum their data for additional error detection (without
encryption/decryption).
<p>We expect that data in process memory or stored in shared memory, potentially
backed by disk, is not encrypted or secure.
<h2>
<a NAME="DB Modifications"></a>DB Method Interface Modifications</h2>
With a logging environment, all database changes are recorded in the log
files.&nbsp; Therefore, users requiring secure databases in such environments
also require secure log files.
<p>A prior thought had been to allow different passwords on the environment
and the databases within.&nbsp; However, such a scheme, then requires that
the password be logged in order for recovery to be able to restore the
database.&nbsp; Therefore, any application having the password for the
log could get the password for any databases by reading the log.&nbsp;
So having a different password on a database does not gain any additional
security and it makes certain things harder and more complex.&nbsp; Some
of those more complex things include the need to handle database and env
passwords differently since they'd need to be stored and accessed from
different places.&nbsp; Also resolving the issue of how <i>db_checkpoint</i>
or <i>db_sync</i>, which flush database pages to disk, would find the passwords
of various databases without any dbps was unsolved.&nbsp; The feature didn't
gain anything and caused significant pain.&nbsp; Therefore the decision
is that there will be a single password protecting an environment and all
the logs and some databases within that environment.&nbsp; We do allow
users to have a secure environment and clear databases.&nbsp; Users that
want secure databases within a secure environment must set a flag.
<p>Users wishing to enable encryption on a database in a secure environment
or enable just checksumming on their database pages will use new flags
to <a href="../docs/api_c/db_set_flags.html">DB->set_flags()</a>.&nbsp;
Providing ciphering over an entire environment is accomplished by adding
a single environment method: <a href="../docs/api_c/env_set_encrypt.html">DBENV->set_encrypt()</a>.&nbsp;
Providing encryption for a database (not part of an environment) is accomplished
by adding a new database method: <a href="../docs/api_c/db_set_encrypt.html">DB->set_encrypt()</a>.
<p>Both of the <i>set_encrypt</i> methods must be called before their respective
<i>open</i> calls.&nbsp; The environment method must be before the environment
open because we must know about security before there is any possibility
of writing any log records out.&nbsp; The database method must be before
the database open in order to read the root page.&nbsp; The planned interfaces
for these methods are:
<pre>DBENV->set_encrypt(DBENV *dbenv,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* DB_ENV structure */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; char *passwd&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Password */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int32_t flags);&nbsp;&nbsp;&nbsp;&nbsp; /* Flags */</pre>
<pre>DB->set_encrypt(DB *dbp,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* DB structure */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; char *passwd&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Password */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int32_t flags);&nbsp;&nbsp;&nbsp;&nbsp; /* Flags */</pre>
The flags accepted by these functions are:
<pre>#define DB_ENCRYPT_AES&nbsp; 0x00000001&nbsp; /* Use the AES encryption algorithm */</pre>
Passwords are NULL-terminated strings.&nbsp; NULL or zero length strings
are illegal.&nbsp; These flags enable the checksumming and encryption using
the particular algorithms we have chosen for this implementation.&nbsp;
The flags are named such that there is a logical naming pattern if additional
checksum or encryption algorithms are used. If a user gives a flag of zero,
it will behave in a manner similar to DB_UNKNOWN. It will be illegal if
they are creating the environment or database, as an algorithm must be
specified. If they are joining an existing environment or opening an existing
database, they will use whatever algorithm is in force at the time.&nbsp;
Using DB_ENCRYPT_AES automatically implies SHA1 checksumming.
<p>These functions will perform several initialization steps.&nbsp; We
will allocate crypto_handle for our env handle and set up our function
pointers.&nbsp; We will allocate space and copy the password into our env
handle password area.&nbsp; Similar to <i>DB->set_cachesize</i>, calling
<i>DB->set_encrypt</i>
will actually reflect back into the local environment created by DB.
<p>Lastly, we will add a new flag, DB_OVERWRITE, to the <a href="../docs/api_c/env_remove.html">DBENV->remove</a>
method.&nbsp; The purpose of this flag is to force all of the memory used
by the shared regions to be overwritten before removal.&nbsp; We will use
<i>rm_overwrite</i>,
a function that overwrites and syncs a file 3 times with varying bit patterns
to really remove a file.&nbsp; Additionally, this flag will force a sync
of the overwritten regions to disk, if the regions are backed by the file
system.&nbsp; That way there is no residual information left in the clear
in memory or freed disk blocks.&nbsp; Although we expect that this flag
will be used by customers using security, primarily, its action is not
dependent on passwords or a secure setup, and so can be used by anyone.
<h4>
Initialization of the Environment</h4>
The setup of the security subsystem will be similar to replication initialization
since it is a sort of subsystem, but it does not have its own region.&nbsp;
When the environment handle is created via <i>db_env_create</i>, we initialize
our <i>set_encrypt</i> method to be the RPC or local version.&nbsp; Therefore
the <i>__dbenv</i> structure needs a new pointer:
<pre>&nbsp;&nbsp;&nbsp; void&nbsp;&nbsp;&nbsp; *crypto_handle;&nbsp;&nbsp; /* Security handle */</pre>
The crypto handle will really point to a new <i>__db_cipher</i> structure
that will contain a set of functions and a pointer to the in-memory information
needed by the specific encryption algorithm.&nbsp; It will look like:
<pre>typedef struct __db_cipher {
&nbsp;&nbsp;&nbsp; int&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (*init)__P((...));&nbsp;&nbsp;&nbsp; /* Alg-specific initialization function */
&nbsp;&nbsp;&nbsp; int&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (*encrypt)__P((...)); /* Alg-specific encryption algorithm */
&nbsp;&nbsp;&nbsp; int&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (*decrypt)__P((...)); /* Alg-specific decryption function */
&nbsp;&nbsp;&nbsp; void&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *data;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Pointer to alg-specific information (AES_CIPHER) */
&nbsp;&nbsp;&nbsp; u_int32_t flags;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Cipher flags */
} DB_CIPHER;</pre>
<pre>#define DB_MAC_KEY&nbsp;&nbsp;&nbsp; 20&nbsp;&nbsp;&nbsp; /* Size of the MAC key */
typedef struct __aes_cipher {
&nbsp;&nbsp;&nbsp; keyInstance&nbsp;&nbsp;&nbsp; encrypt_ki;&nbsp;&nbsp; /* Encrypt keyInstance temp. */
&nbsp;&nbsp;&nbsp; keyInstance&nbsp;&nbsp;&nbsp; decrypt_ki;&nbsp;&nbsp; /* Decrypt keyInstance temp. */
&nbsp;&nbsp;&nbsp; u_int8_t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; mac_key[DB_MAC_KEY]; /* MAC key */
&nbsp;&nbsp;&nbsp; u_int32_t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; flags;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* AES-specific flags */
} AES_CIPHER;</pre>
It should be noted that none of these structures have their own mutex.&nbsp;
We hold the environment region locked while we are creating this, but once
this is set up, it is read-only forever.
<p>During <a href="../docs/api_c/env_set_encrypt.html">dbenv->set_encrypt</a>,
we set the encryption, decryption and checksumming methods to the appropriate
functions based on the flags.&nbsp; This function will allocate us a crypto
handle that we store in the <i>__dbenv</i> structure just like all the
other subsystems.&nbsp; For now, only AES ciphering functions and SHA1
checksumming functions are supported.&nbsp; Also we will copy the password
into the <i>__dbenv</i> structure.&nbsp; We ultimately need to keep the
password in the environment's shared memory region or compare this one
against the one that is there, if we are joining an existing environment,
but we do not have it yet because open has not yet been called.&nbsp; We
will allocate a structure that will be used in initialization and set up
the function pointers to point to the algorithm-specific functions.
<p>In the&nbsp; <i>__dbenv_open</i> path, in <i>__db_e_attach</i>, if we
are creating the region and the <i>dbenv->passwd</i> field is set, we need
to use the length of the password in the initial computation of the environment's
size.&nbsp; This guarantees sufficient space for storing the password in
shared memory.&nbsp; Then we will call a new function to initialize the
security region, <i>__crypto_region_init</i> in <i>__dbenv_open</i>.&nbsp;
If we are the creator, we will allocate space in the shared region to store
the password and copy the password into that space.&nbsp; Or, if we are
not the creator we will compare the password stored in the dbenv with the
one in shared memory.&nbsp;&nbsp; Additionally, we will compare the ciphering
algorithm to the one stored in the shared region.We'll smash the dbenv
password and free it.&nbsp; If they do not match, we return an error.&nbsp;
If we are the creator we store the offset into the REGENV structure.&nbsp;
Then <i>__crypto_region_init&nbsp;</i> will call the initialization function
set up earlier based on the ciphering algorithm specified.&nbsp; For now
we will call <i>__aes_init</i>.&nbsp; Additionally this function will allocate
and set up the per-process state vector for this encryption's IVs.&nbsp;
See <a href="#Generating the Initialization Vector">Generating the Initialization
Vector</a> for a detailed description of the IV and state vector.
<p>In the AES-specific initialization function, <i>__aes_init</i>,&nbsp;
we will initialize it by calling
<i>__aes_derivekeys</i> in order to fill
in the keyInstance and mac_key fields in that structure.&nbsp; The REGENV
structure will have one additional item
<pre>&nbsp;&nbsp; roff_t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; passwd_off;&nbsp;&nbsp; /* Offset of passwd */</pre>
<h4>
Initializing a Database</h4>
During <a href="../docs/api_c/db_set_encrypt.html">db->set_encrypt</a>,
we set the encryption, decryption and checksumming methods to the appropriate
functions based on the flags.&nbsp; Basically, we test that we are not
in an existing environment and we haven't called open.&nbsp; Then we just
call through the environment handle to set the password.
<p>Also, we will need to add a flag in the database meta-data page that
indicates that the database is encrypted and what its algorithm is.&nbsp;
This will be used when the meta-page is read after reopening a file. We
need this information on the meta-page in order to detect a user opening
a secure database without a password.&nbsp; I propose using the first unused1
byte (renaming it too) in the meta page for this purpose.
<p>All pages will not be encrypted for the first 64 bytes of data.&nbsp;
Database meta-pages will be encrypted on the first 512 bytes only.&nbsp;
All meta-page types will have an IV and checksum added within the first
512 bytes as well as a crypto magic number.&nbsp; This will expand the
size of the meta-page from 256 bytes to 512 bytes. The page in/out routines,
<i>__db_pgin</i> and <i>__db_pgout</i> know the page type of the page and
will apply the 512 bytes ciphering to meta pages.&nbsp; In <i>__db_pgout</i>,
if we have a crypto handle in our (private) environment, we will apply
ciphering to either the entire page, or the first 512 bytes if it is a
meta-page.&nbsp; In <i>__db_pgin</i>, we will decrypt if the page we have
a crypto handle.
<p>When multiple processes share a database, all must use the same password
as the database creator. Using an existing database requires several conditions
to be true.&nbsp; First, if the creator of the database did not create
with security, then opening later with security is an error.&nbsp; Second,
if the creator did create it with security, then opening later without
security is an error.&nbsp; Third, we need to be able to test and check
that when another process opens a secure database that the password they
provided is the same as the one in use by the creator.
<p>When reading the meta-page, in <i>__db_file_setup</i>, we do not go
through the paging functions, but directly read via <i>__os_read</i>.&nbsp;
It is at this point that we will determine if the user is configured correctly.&nbsp;
If the meta-page we read has an IV and checksum, they better have a crypto
handle.&nbsp; If they have a crypto handle, then the meta-page must have
an IV and checksum.&nbsp; If both of those are true, we test the password.&nbsp;
We compare the unencrypted magic number to the newly-decrypted crypto magic
number and if they are not the same, then we report that the user gave
us a bad password.
<p>On a mostly unrelated topic, even when we go to very large pagesizes,
the meta information will still be within a disk sector.&nbsp; So, after
talking it over with Keith and Margo, we determined that unencrypted meta-pages
still will not need a checksum.
<h3>
Encryption and Checksum Routines</h3>
These routines are provided to us by Adam Stubblefield at Rice University
(astubble@rice.edu).&nbsp; The functional interfaces are:
<pre>__aes_derivekeys(DB_ENV *dbenv,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* dbenv */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int8_t *passwd,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Password */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; size_t passwd_len,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Length of passwd */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int8_t *mac_key,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* 20 byte array to store MAC key */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; keyInstance *encrypt_key,&nbsp;&nbsp; /* Encryption key of passwd */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; keyInstance *decrypt_key);&nbsp; /* Decryption key of passwd */</pre>
This is the only function requiring the textual user password.&nbsp; From
the password, this function generates a key used in the checksum function,
<i>__db_chksum</i>.&nbsp;
It also fills in <i>keyInstance</i> structures which are then used in the
encryption and decryption routines.&nbsp; The keyInstance structures must
already be allocated.&nbsp; These will be stored in the AES_CIPHER structure.
<pre>&nbsp;__db_chksum(u_int8_t *data,&nbsp;&nbsp;&nbsp; /* Data to checksum */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; size_t data_len,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Length of data */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int8_t *mac_key,&nbsp;&nbsp;&nbsp; /* 20 byte array from __db_derive_keys */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int8_t *checksum);&nbsp; /* 20 byte array to store checksum */</pre>
This function generates a checksum on the data given.&nbsp; This function
will do double-duty for users that simply want error detection on their
pages.&nbsp; When users are using encryption, the <i>mac_key </i>will contain
the 20-byte key set up in <i>__aes_derivekeys</i>.&nbsp; If they just want
checksumming, then <i>mac_key</i> will be NULL.&nbsp; According to Adam,
we can safely use the first N-bytes of the checksum.&nbsp; So for seeding
the generator for initialization vectors, we'll hash the time and then
send in the first 4 bytes for the seed.&nbsp; I believe we can probably
do the same thing for checksumming log records.&nbsp; We can only use 4
bytes for the checksum in the non-secure case.&nbsp; So when we want to
verify the log checksum we can compute the mac but just compare the first
4 bytes to the one we read.&nbsp; All locations where we generate or check
log record checksums that currently call <i>__ham_func4</i> will now call
<i>__db_chksum</i>.&nbsp;
I believe there are 5 such locations,
<i>__log_put, __log_putr, __log_newfile,
__log_rep_put
</i>and<i> __txn_force_abort.</i>
<pre>__aes_encrypt(DB_ENV *dbenv,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* dbenv */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; keyInstance *key,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Password key instance from __db_derive_keys */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int8_t *iv,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Initialization vector */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int8_t *data,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Data to encrypt */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; size_t data_len);&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Length of data to encrypt - 16 byte multiple */</pre>
This is the function to encrypt data.&nbsp; It will be called to encrypt
pages and log records.&nbsp; The <i>key</i> instance is initialized in
<i>__aes_derivekeys</i>.&nbsp;
The initialization vector, <i>iv</i>, is the 16 byte random value set up
by the Mersenne Twister pseudo-random generator.&nbsp; Lastly, we pass
in a pointer to the <i>data</i> to encrypt and its length in <i>data_len</i>.&nbsp;
The <i>data_len</i> must be a multiple of 16 bytes. The encryption is done
in-place so that when the encryption code returns our encrypted data is
in the same location as the original data.
<pre>__aes_decrypt(DB_ENV *dbenv,&nbsp;&nbsp;&nbsp; /* dbenv */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; keyInstance *key,&nbsp; /* Password key instance from __db_derive_keys */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int8_t *iv,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* Initialization vector */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; u_int8_t *data,&nbsp;&nbsp;&nbsp; /* Data to decrypt */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; size_t data_len);&nbsp; /* Length of data to decrypt - 16 byte multiple */</pre>
This is the function to decrypt the data.&nbsp; It is exactly the same
as the encryption function except for the action it performs.&nbsp; All
of the args and issues are the same.&nbsp; It also decrypts in place.
<h3>
<a NAME="Generating the Initialization Vector"></a>Generating the Initialization
Vector</h3>
Internally, we need to provide a unique initialization vector (IV) of 16
bytes every time we encrypt any data with the same password.&nbsp; For
the IV we are planning on using mt19937, the Mersenne Twister, a random
number generator that has a period of 2**19937-1. This package can be found
at <a href="http://www.math.keio.ac.jp/~matumoto/emt.html">http://www.math.keio.ac.jp/~matumoto/emt.html</a>.&nbsp;
Tests show that although it repeats a single integer every once in a while,
that after several million iterations, it doesn't repeat any 4 integers
that we'd be stuffing into our 16-byte IV.&nbsp; We plan on seeding this
generator with the time (tv_sec) hashed through SHA1 when we create the
environment.&nbsp; This package uses a global state vector that contains
624 unsigned long integers.&nbsp; We do not allow a 16-byte IV of zero.&nbsp;
It is simpler just to reject any 4-byte value of 0 and if we get one, just
call the generator again and get a different number.&nbsp; We need to detect
holes in files and if we read an IV of zero that is a simple indication
that we need to check for an entire page of zero.&nbsp; The IVs are stored
on the page after encryption and are not encrypted themselves so it is
not possible for an entire encrypted page to be read as all zeroes, unless
it was a hole in a file.&nbsp; See <a href="#Holes in Files">Holes in Files</a>
for more details.
<p>We will not be holding any locks when we need to generate our IV but
we need to protect access to the state vector and the index.&nbsp; Calls
to the MT code will come while encrypting some data in <i>__aes_encrypt.</i>&nbsp;&nbsp;
The MT code will assume that all necessary locks are held in the caller.&nbsp;
We will have per-process state vectors that are set up when a process begins.&nbsp;
That way we minimize the contention and only multi-threaded processes need
acquire locks for the IV.&nbsp; We will have the state vector in the environment
handle in heap memory, as well as the index and there will be a mutex protecting
it for threaded access.&nbsp; This will be added to the <i>__dbenv</i>
structure:
<pre>&nbsp;&nbsp;&nbsp; DB_MUTEX&nbsp;&nbsp;&nbsp; *mt_mutexp;&nbsp;&nbsp; /* Mersenne Twister mutex */
&nbsp;&nbsp;&nbsp; int&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *mti;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* MT index */
&nbsp;&nbsp;&nbsp; u_long&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *mt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* MT state vector */</pre>
This portion of the environment will be initialized at the end of _<i>_dbenv_open</i>,
right after we initialize the other mutex for the <i>dblist</i>. When we
allocate the space, we will generate our initial state vector. If we are
multi-threaded we'll allocate and initialize our mutex also.
<p>We need to make changes to the MT code to make it work in our namespace
and&nbsp; to take&nbsp; a pointer to the location of the state vector and
the index.&nbsp;&nbsp; There will be a wrapper function <i>__db_generate_iv</i>
that DB will call and it will call the appropriate MT function.&nbsp; I
am also going to change the default seed to use a hashed time instead of
a hard coded value.&nbsp; I have looked at other implementations of the
MT code available on the web site.&nbsp; The C++ version does a hash on
the current time.&nbsp; I will modify our MT code to seed with the hashed
time as well.&nbsp; That way the code to seed is contained within the MT
code and we can just write the wrapper to get an IV.&nbsp; We will not
be changing the core computational code of MT.
<h2>
DB Internal Issues</h2>
<h4>
When do we Cipher?</h4>
All of the page ciphering is done in the <i>__db_pgin/__db_pgout</i> functions.&nbsp;
We will encrypt after the method-specific function on page-out and decrypt
before the method-specfic function on page-in.&nbsp; We do not hold any
locks when entering these functions.&nbsp; We determine that we need to
cipher based on the existence of the encryption flag in the dbp.
<p>For ciphering log records, the encryption will be done as the first
thing (or a new wrapper) in <i>__log_put.&nbsp; </i>See <a href="#Log Record Encryption">Log
Record Encryption</a> for those details.
<br>&nbsp;
<h4>
Page Changes</h4>
The checksum and IV values will be stored prior to the first index of the
page.&nbsp; We have a new P_INP macro that replaces use of inp[X] in the
code. &nbsp;This macro takes a dbp as an argument and determines where
our first index is based on whether we have DB_AM_CHKSUM and DB_AM_ENCRYPT
set.&nbsp; If neither is set, then our first index is where it always was.
&nbsp;If just checksumming is set, then we reserve a 4-byte checksum.&nbsp;
If encryption is set, then we reserve 36 bytes for our checksum/IV as well
as some space to get proper alignment to encrypt on a 16-byte boundary.
<p>Since several paging macros use inp[X] in them, those macros must now
take a dbp.&nbsp; There are a lot of changes to make all the necessary
paging macros take a dbp, although these changes are trivial in nature.
<p>Also, there is a new function <i>__db_chk_meta</i> to perform checksumming
and decryption checking on meta pages specifically.&nbsp; This function
is where we check that the database algorithm matches what the user gave
(or if they set DB_CIPHER_ANY then we set it), and other encryption related
testing for bad combinations of what is in the file versus what is in the
user structures.
<h4>
Verification</h4>
The verification code will also need to be updated to deal with secure
pages.&nbsp; Basically when the verification code reads in the meta page
it will call <i>__db_chk_meta</i> to perform any checksumming and decryption.
<h4>
<a NAME="Holes in Files"></a>Holes in Files</h4>
Holes in files will be dealt with rather simply.&nbsp; We need to be able
to distinguish reading a hole in a file from an encrypted page that happened
to encrypt to all zero's.&nbsp; If we read a hole in a file, we do not
want to send that empty page through the decryption routine.&nbsp; This
can be determined simply without incurring the performance penalty of comparing
every byte on a page on every read until we get a non-zero byte.
<br>The __db_pgin function is only given an invalid page P_INVALID in this
case.&nbsp;&nbsp;So, if the page type, which is always unencrypted, is
P_INVALID, then we do not perform any checksum verification or decryption.
<h4>
Errors and Recovery</h4>
Dealing with a checksum error is tricky.&nbsp; Ultimately, if a checksum
error occurs it is extremely likely that the user must do catastrophic
recovery.&nbsp; There is no other failure return other than&nbsp; DB_RUNRECOVERY
for indicating that the user should run catastrophic recovery.&nbsp; We
do not want to add a new error return for applications to check because
a lot of applications already look for and deal with DB_RUNRECOVERY as
an error condition and we want to fit ourselves into that application model.&nbsp;
We already indicate to the user that when they get that error, then they
need to run recovery.&nbsp; If recovery fails, then they need to run catastrophic
recovery.&nbsp; We need to get ourselves to the point where users will
run catastrophic recovery.
<p>If we get a checksum error, then we need to log a message stating a
checksum error occurred on page N.&nbsp; In <i>__db_pgin</i>, we can check
if logging is on in the environment.&nbsp; If so, we want to log the message.
<p>When the application gets the DB_RUNRECOVERY error, they'll have to
shut down their application and run recovery.&nbsp; When the recovery encounters
the record indicating checksum failure, then normal recovery will fail
and the user will have to perform catastrophic recovery.&nbsp; When catastrophic
recovery encounters that record, it will simply ignore it.
<h4>
<a NAME="Log Record Encryption"></a>Log Record Encryption</h4>
Log records will be ciphered.&nbsp; It might make sense to wrap <i>__log_put</i>
to encrypt the DBT we send down.&nbsp; The <i>__log_put </i>function is
where the checksum is computed before acquiring the region lock.&nbsp;
But also this function is where we call <i>__rep_send_message</i> to send
the DBT to the replication clients.&nbsp; Therefore, we need the DBT to
be encrypted prior to there.&nbsp; We also need it encrypted before checksumming.
I think <i>__log_put </i>will become <i>__log_put_internal</i>, and the
new <i>__log_put</i> will encrypt if needed and then call <i>__log_put_internal
</i>(the
function formerly known as <i>__log_put</i>).&nbsp; Log records are kept
in a shared memory region buffer prior to going out to disk.&nbsp; Records
in the buffer will be encrypted.&nbsp; No locks are held at the time we
will need to encrypt.
<p>On reading the log, via log cursors, the log code stores log records
in the log buffer.&nbsp; Records in that buffer will be encrypted, so decryption
will occur no matter whether we are returning records from the buffer or
if we are returning log records directly from the disk. Current checksum
checking is done in
<i>__log_get_c_int.</i>&nbsp; Decryption will be done
after the checksum is checked.
<p>There are currently two nasty issues with encrypted log records.&nbsp;
The first is that <i>__txn_force_abort</i> overwrites a commit record in
the log buffer with an abort record.&nbsp; Well, our log buffer will be
encrypted.&nbsp; Therefore, <i>__txn_force_abort</i> is going to need to
do encryption of its new record.&nbsp; This can be accomplished by sending
in the dbenv handle to the function.&nbsp; It is available to us in <i>__log_flush_commit</i>
and we can just pass it in.&nbsp; I don't like putting log encryption in
the txn code, but the layering violation is already there.
<p>The second issue is that the encryption code requires data that is a
multiple of 16 bytes and log record lengths are variable.&nbsp; We will
need to pad log records to meet the requirement.&nbsp; Since the callers
of <i>__log_put</i> set up the given DBT it is a logical place to pad if
necessary. We will modify the gen_rec.awk script to have all of the generated
logging functions pad for us if we have a crypto handle. This padding will
also expand the size of log files. Anyone calling <i>log_put</i> and using
security from the application will have to pad on their own or it will
return an error.
<p>When ciphering the log file, we will need a different header than the
current one.&nbsp; The current header only has space for a 4 byte checksum.&nbsp;
Our secure header will need space for the 16 byte IV and 20 byte checksum.&nbsp;
This will blow up our log files when running securely since every single
log record header will now consume 32 additional bytes.&nbsp; I believe
that the log header does not need to be encrypted.&nbsp; It contains an
offset, a length and our IV and checksum.&nbsp; Our IV and checksum are
never encrypted.&nbsp; I don't believe there to be any risk in having the
offset and length in the clear.
<p>I would prefer not to have two types of log headers that are incompatible
with each other.&nbsp; It is not acceptable to increase the log headers
of all users from 12 bytes to 44 bytes.&nbsp; Such a change would also
make log files incompatible with earlier releases.&nbsp; Worse even, is
that the <i>cksum</i> field of the header is in between the offset and
len.&nbsp; It would be really convenient if we could have just made a bigger
cksum portion without affecting the location of the other fields.&nbsp;
Oh well.&nbsp; Most customers will not be using encryption and we won't
make them pay the price of the expanded header.&nbsp; Keith indicates that
the log file format is changing with the next release so I will move the
cksum field so it can at least be overlaid.
<p>One method around this would be to have a single internal header that
contains all the information both mechanisms need, but when we write out
the header we choose which pieces to write.&nbsp; By appending the security
information to the end of the existing structure, and adding a size field,
we can modify a few places to use the size field to write out only the
current first 12 bytes, or the entire security header needed.
<h4>
Replication</h4>
Replication clients are going to need to start all of their individual
environment handles with the same password.&nbsp; The log records are going
to be sent to the clients decrypted and the clients will have to encrypt
them on their way to the client log files.&nbsp; We cannot send encrypted
log records to clients. &nbsp;The reason is that the checksum and IV&nbsp;are
stored in the log header and the master only sends the log record itself
to the client. &nbsp;Therefore, the client has no way to decrypt a log
record from the master. &nbsp;Therefore, anyone wanting to use truly secure
replication is going to have to have a secure transport mechanism.&nbsp;
By not encrypting records, clients can theoretically have different passwords
and DB won't care.
<p>On the master side we must copy the DBT sent in.&nbsp; We encrypt the
original and send to clients the clear record.&nbsp; On the client side,
support for encryption is added into <i>__log_rep_put</i>.
<h4>
Sharing the Environment</h4>
When multiple processes join the environment, all must use the same password
as the creator.
<p>Joining an existing environment requires several conditions to be true.&nbsp;
First, if the creator of the environment did not create with security,
then joining later with security is an error.&nbsp; Second, if the creator
did create it with security, then joining later without security is an
error.&nbsp; Third, we need to be able to test and check that when another
process joins a secure environment that the password they provided is the
same as the one in use by the creator.
<p>The first two scenarios should be fairly trivial to determine, if we
aren't creating the environment, we can compare what is there with what
we have.&nbsp; In the third case, the <i>__crypto_region_init</i> function
will see that the environment region has a valid passwd_off and we'll then
compare that password to the one we have in our dbenv handle.&nbsp; In
any case we'll smash the dbenv handle's passwd and free that memory before
returning whether we have a password match or not.
<p>We need to store the passwords themselves in the region because multiple
calls to the <i>__aes_derivekeys </i>function with the same password yields
different keyInstance contents.&nbsp; Therefore we don't have any way to
check passwords other than retaining and comparing the actual passwords.
<h4>
Other APIs</h4>
All of the other APIs will need interface enhancements to support the new
security methods.&nbsp; The Java and C++ interfaces will likely be done
by Michael Cahill and Sue will implement the Tcl and RPC changes.&nbsp;
Tcl will need the changes for testing purposes but the interface should
be public, not test-only.&nbsp; RPC should fully support security.&nbsp;
The biggest risk that I can see is that the client will send the password
to the server in the clear.&nbsp; Anyone sniffing the wires or running
tcpdump or other packet grabbing code could grab that.&nbsp; Someone really
interested in using security over RPC probably ought to add authentication
and other measures to the RPC server as well.
<h4>
<a NAME="Utilities"></a>Utilities</h4>
All should take a -P flag to specify a password for the environment or
password.&nbsp; Those that take an env and a database might need something
more to distinguish between env passwds and db passwds. Here is what we
do for each utility:
<ul>
<li>
berkeley_db_svc - Needs -P after each -h specified.</li>
<li>
db_archive - Needs -P if the env is encrypted.</li>
<li>
db_checkpoint - Needs -P if the env is encrypted.</li>
<li>
db_deadlock - No changes</li>
<li>
db_dump - Needs -P if the env or database is encrypted.</li>
<li>
db_load - Needs -P if the env or database is encrypted.</li>
<li>
db_printlog - Needs -P if the env is encrypted.</li>
<li>
db_recover - Needs -P if the env is encrypted.</li>
<li>
db_stat - Needs -P if the env or database is encrypted.</li>
<li>
db_upgrade - Needs -P if the env or database is encrypted.</li>
<li>
db_verify - Needs -P if the env or database is encrypted.</li>
</ul>
<h2>
Testing</h2>
All testing should be able to be accomplished via Tcl.&nbsp; The following
tests (and probably others I haven't thought of yet) should be performed:
<ul>
<li>
Basic functionality - basically a test001 but encrypted without an env</li>
<li>
Basic functionality, w/ env - like the previous test but with an env.</li>
<li>
Basic functionality, multiple processes - like first test, but make sure
others can correctly join.</li>
<li>
Basic functionality, mult. processes - like above test, but initialize/close
environment/database first so that the next test processes are all joiners
of an existing env, but creator no longer exists and the shared region
must be opened.</li>
<li>
Recovery test - Run recovery over an encrypted environment.</li>
<li>
Subdb test - Run with subdbs that are encrypted.</li>
<li>
Utility test - Verify the new options to all the utilities.</li>
<li>
Error handling - Test the basic setup errors for both env's and databases
with multiple processes.&nbsp; They are:</li>
<ol>
<li>
Attempt to set a NULL or zero-length passwd.</li>
<li>
Create Env w/ security and attempt to create database w/ its own password.</li>
<li>
Env/DB creates with security.&nbsp; Proc2 joins without - should get an
error.</li>
<li>
Env/DB creates without security.&nbsp; Proc2 joins with - should get an
error.</li>
<li>
Env/DB creates with security.&nbsp; Proc2 joins with different password
- should get an error.</li>
<li>
Env/DB creates with security.&nbsp; Closes.&nbsp; Proc2 reopens with different
password - should get an error.</li>
<li>
Env/DB creates with security.&nbsp; Closes.&nbsp; Tcl overwrites a page
of the database with garbage.&nbsp; Proc2 reopens with the correct password.&nbsp;
Code should detect checksum error.</li>
<li>
Env/DB creates with security.&nbsp; Open a 2nd identical DB with a different
password.&nbsp; Put the exact same data into both databases.&nbsp; Close.&nbsp;
Overwrite the identical page of DB1 with the one from DB2.&nbsp; Reopen
the database with correct DB1 password.&nbsp; Code should detect an encryption
error on that page.</li>
</ol>
</ul>
<h2>
Risks</h2>
There are several holes in this design.&nbsp; It is important to document
them clearly.
<p>The first is that all of the pages are stored in memory and possibly
the file system in the clear.&nbsp; The password is stored in the shared
data regions in the clear.&nbsp; Therefore if an attacker can read the
process memory, they can do whatever they want.&nbsp; If the attacker can
read system memory or swap they can access the data as well.&nbsp; Since
everything in the shared data regions (with the exception of the buffered
log) will be in the clear, it is important to realize that file backed
regions will be written in the clear, including the portion of the regions
containing passwords.&nbsp; We recommend to users that they use system
memory instead of file backed shared memory.
</body>
</html>

187
storage/bdb/crypto/mersenne/mt19937db.c Normal file
View file

@ -0,0 +1,187 @@
/*
* $Id: mt19937db.c,v 1.12 2004/06/14 16:54:27 mjc Exp $
*/
#include "db_config.h"
#include "db_int.h"
#include "dbinc/crypto.h"
#include "dbinc/hmac.h"
/* A C-program for MT19937: Integer version (1999/10/28) */
/* genrand() generates one pseudorandom unsigned integer (32bit) */
/* which is uniformly distributed among 0 to 2^32-1 for each */
/* call. sgenrand(seed) sets initial values to the working area */
/* of 624 words. Before genrand(), sgenrand(seed) must be */
/* called once. (seed is any 32-bit integer.) */
/* Coded by Takuji Nishimura, considering the suggestions by */
/* Topher Cooper and Marc Rieffel in July-Aug. 1997. */
/* This library is free software under the Artistic license: */
/* see the file COPYING distributed together with this code. */
/* For the verification of the code, its output sequence file */
/* mt19937int.out is attached (2001/4/2) */
/* Copyright (C) 1997, 1999 Makoto Matsumoto and Takuji Nishimura. */
/* Any feedback is very welcome. For any question, comments, */
/* see http://www.math.keio.ac.jp/matumoto/emt.html or email */
/* matumoto@math.keio.ac.jp */
/* REFERENCE */
/* M. Matsumoto and T. Nishimura, */
/* "Mersenne Twister: A 623-Dimensionally Equidistributed Uniform */
/* Pseudo-Random Number Generator", */
/* ACM Transactions on Modeling and Computer Simulation, */
/* Vol. 8, No. 1, January 1998, pp 3--30. */
/* Period parameters */
#define N 624
#define M 397
#define MATRIX_A 0x9908b0df /* constant vector a */
#define UPPER_MASK 0x80000000 /* most significant w-r bits */
#define LOWER_MASK 0x7fffffff /* least significant r bits */
/* Tempering parameters */
#define TEMPERING_MASK_B 0x9d2c5680
#define TEMPERING_MASK_C 0xefc60000
#define TEMPERING_SHIFT_U(y) (y >> 11)
#define TEMPERING_SHIFT_S(y) (y << 7)
#define TEMPERING_SHIFT_T(y) (y << 15)
#define TEMPERING_SHIFT_L(y) (y >> 18)
static void __db_sgenrand __P((unsigned long, unsigned long *, int *));
#ifdef NOT_USED
static void __db_lsgenrand __P((unsigned long *, unsigned long *, int *));
#endif
static unsigned long __db_genrand __P((DB_ENV *));
/*
* __db_generate_iv --
* Generate an initialization vector (IV)
*
* PUBLIC: int __db_generate_iv __P((DB_ENV *, u_int32_t *));
*/
int
__db_generate_iv(dbenv, iv)
DB_ENV *dbenv;
u_int32_t *iv;
{
int i, n, ret;
ret = 0;
n = DB_IV_BYTES / sizeof(u_int32_t);
MUTEX_THREAD_LOCK(dbenv, dbenv->mt_mutexp);
if (dbenv->mt == NULL) {
if ((ret = __os_calloc(dbenv, 1, N*sizeof(unsigned long),
&dbenv->mt)) != 0)
return (ret);
/* mti==N+1 means mt[N] is not initialized */
dbenv->mti = N + 1;
}
for (i = 0; i < n; i++)
{
/*
* We do not allow 0. If we get one just try again.
*/
do {
iv[i] = (u_int32_t)__db_genrand(dbenv);
} while (iv[i] == 0);
}
MUTEX_THREAD_UNLOCK(dbenv, dbenv->mt_mutexp);
return (0);
}
/* Initializing the array with a seed */
static void
__db_sgenrand(seed, mt, mtip)
unsigned long seed;
unsigned long mt[];
int *mtip;
{
int i;
DB_ASSERT(seed != 0);
for (i=0;i<N;i++) {
mt[i] = seed & 0xffff0000;
seed = 69069 * seed + 1;
mt[i] |= (seed & 0xffff0000) >> 16;
seed = 69069 * seed + 1;
}
*mtip = N;
}
#ifdef NOT_USED
/* Initialization by "sgenrand()" is an example. Theoretically, */
/* there are 2^19937-1 possible states as an intial state. */
/* This function allows to choose any of 2^19937-1 ones. */
/* Essential bits in "seed_array[]" is following 19937 bits: */
/* (seed_array[0]&UPPER_MASK), seed_array[1], ..., seed_array[N-1]. */
/* (seed_array[0]&LOWER_MASK) is discarded. */
/* Theoretically, */
/* (seed_array[0]&UPPER_MASK), seed_array[1], ..., seed_array[N-1] */
/* can take any values except all zeros. */
static void
__db_lsgenrand(seed_array, mt, mtip)
unsigned long seed_array[];
unsigned long mt[];
int *mtip;
/* the length of seed_array[] must be at least N */
{
int i;
for (i=0;i<N;i++)
mt[i] = seed_array[i];
*mtip=N;
}
#endif
static unsigned long
__db_genrand(dbenv)
DB_ENV *dbenv;
{
unsigned long y;
static unsigned long mag01[2]={0x0, MATRIX_A};
/* mag01[x] = x * MATRIX_A for x=0,1 */
u_int32_t secs, seed, usecs;
/*
* We are called with the mt_mutexp locked
*/
if (dbenv->mti >= N) { /* generate N words at one time */
int kk;
if (dbenv->mti == N+1) { /* if sgenrand() has not been called, */
/*
* Seed the generator with the hashed time. The __db_mac
* function will return 4 bytes if we don't send in a key.
*/
do {
__os_clock(dbenv, &secs, &usecs);
__db_chksum((u_int8_t *)&secs, sizeof(secs), NULL,
(u_int8_t *)&seed);
} while (seed == 0);
__db_sgenrand((long)seed, dbenv->mt, &dbenv->mti);
}
for (kk=0;kk<N-M;kk++) {
y = (dbenv->mt[kk]&UPPER_MASK)|(dbenv->mt[kk+1]&LOWER_MASK);
dbenv->mt[kk] = dbenv->mt[kk+M] ^ (y >> 1) ^ mag01[y & 0x1];
}
for (;kk<N-1;kk++) {
y = (dbenv->mt[kk]&UPPER_MASK)|(dbenv->mt[kk+1]&LOWER_MASK);
dbenv->mt[kk] = dbenv->mt[kk+(M-N)] ^ (y >> 1) ^ mag01[y & 0x1];
}
y = (dbenv->mt[N-1]&UPPER_MASK)|(dbenv->mt[0]&LOWER_MASK);
dbenv->mt[N-1] = dbenv->mt[M-1] ^ (y >> 1) ^ mag01[y & 0x1];
dbenv->mti = 0;
}
y = dbenv->mt[dbenv->mti++];
y ^= TEMPERING_SHIFT_U(y);
y ^= TEMPERING_SHIFT_S(y) & TEMPERING_MASK_B;
y ^= TEMPERING_SHIFT_T(y) & TEMPERING_MASK_C;
y ^= TEMPERING_SHIFT_L(y);
return y;
}

1466
storage/bdb/crypto/rijndael/rijndael-alg-fst.c Normal file
View file

File diff suppressed because it is too large Load diff

40
storage/bdb/crypto/rijndael/rijndael-alg-fst.h Normal file
View file

@ -0,0 +1,40 @@
/*
* $Id: rijndael-alg-fst.h,v 1.2 2002/01/08 18:53:37 sue Exp $
*/
/**
* rijndael-alg-fst.h
*
* @version 3.0 (December 2000)
*
* Optimised ANSI C code for the Rijndael cipher (now AES)
*
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
* @author Paulo Barreto <paulo.barreto@terra.com.br>
*
* This code is hereby placed in the public domain.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef __RIJNDAEL_ALG_FST_H
#define __RIJNDAEL_ALG_FST_H
#define MAXKC (256/32)
#define MAXKB (256/8)
#define MAXNR 14
typedef u_int8_t u8;
typedef u_int16_t u16;
typedef u_int32_t u32;
#endif /* __RIJNDAEL_ALG_FST_H */

496
storage/bdb/crypto/rijndael/rijndael-api-fst.c Normal file
View file

@ -0,0 +1,496 @@
/**
* rijndael-api-fst.c
*
* @version 2.9 (December 2000)
*
* Optimised ANSI C code for the Rijndael cipher (now AES)
*
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
* @author Paulo Barreto <paulo.barreto@terra.com.br>
*
* This code is hereby placed in the public domain.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* Acknowledgements:
*
* We are deeply indebted to the following people for their bug reports,
* fixes, and improvement suggestions to this implementation. Though we
* tried to list all contributions, we apologise in advance for any
* missing reference.
*
* Andrew Bales <Andrew.Bales@Honeywell.com>
* Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
* John Skodon <skodonj@webquill.com>
*/
#include "db_config.h"
#ifndef NO_SYSTEM_INCLUDES
#include <string.h>
#endif
#include "db_int.h"
#include "dbinc/crypto.h"
#include "crypto/rijndael/rijndael-alg-fst.h"
#include "crypto/rijndael/rijndael-api-fst.h"
/*
* __db_makeKey --
*
* PUBLIC: int __db_makeKey __P((keyInstance *, int, int, char *));
*/
int
__db_makeKey(key, direction, keyLen, keyMaterial)
keyInstance *key;
int direction;
int keyLen;
char *keyMaterial;
{
u8 cipherKey[MAXKB];
if (key == NULL) {
return BAD_KEY_INSTANCE;
}
if ((direction == DIR_ENCRYPT) || (direction == DIR_DECRYPT)) {
key->direction = direction;
} else {
return BAD_KEY_DIR;
}
if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) {
key->keyLen = keyLen;
} else {
return BAD_KEY_MAT;
}
if (keyMaterial != NULL) {
memcpy(cipherKey, keyMaterial, key->keyLen/8);
}
if (direction == DIR_ENCRYPT) {
key->Nr = __db_rijndaelKeySetupEnc(key->rk, cipherKey, keyLen);
} else {
key->Nr = __db_rijndaelKeySetupDec(key->rk, cipherKey, keyLen);
}
__db_rijndaelKeySetupEnc(key->ek, cipherKey, keyLen);
return TRUE;
}
/*
* __db_cipherInit --
*
* PUBLIC: int __db_cipherInit __P((cipherInstance *, int, char *));
*/
int
__db_cipherInit(cipher, mode, IV)
cipherInstance *cipher;
int mode;
char *IV;
{
if ((mode == MODE_ECB) || (mode == MODE_CBC) || (mode == MODE_CFB1)) {
cipher->mode = mode;
} else {
return BAD_CIPHER_MODE;
}
if (IV != NULL) {
memcpy(cipher->IV, IV, MAX_IV_SIZE);
}
return TRUE;
}
/*
* __db_blockEncrypt --
*
* PUBLIC: int __db_blockEncrypt __P((cipherInstance *, keyInstance *, u_int8_t *,
* PUBLIC: size_t, u_int8_t *));
*/
int
__db_blockEncrypt(cipher, key, input, inputLen, outBuffer)
cipherInstance *cipher;
keyInstance *key;
u_int8_t *input;
size_t inputLen;
u_int8_t *outBuffer;
{
int i, k, t, numBlocks;
u8 block[16], *iv;
u32 tmpiv[4];
if (cipher == NULL ||
key == NULL ||
key->direction == DIR_DECRYPT) {
return BAD_CIPHER_STATE;
}
if (input == NULL || inputLen <= 0) {
return 0; /* nothing to do */
}
numBlocks = (int)(inputLen/128);
switch (cipher->mode) {
case MODE_ECB:
for (i = numBlocks; i > 0; i--) {
__db_rijndaelEncrypt(key->rk, key->Nr, input, outBuffer);
input += 16;
outBuffer += 16;
}
break;
case MODE_CBC:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--) {
memcpy(tmpiv, iv, MAX_IV_SIZE);
((u32*)block)[0] = ((u32*)input)[0] ^ tmpiv[0];
((u32*)block)[1] = ((u32*)input)[1] ^ tmpiv[1];
((u32*)block)[2] = ((u32*)input)[2] ^ tmpiv[2];
((u32*)block)[3] = ((u32*)input)[3] ^ tmpiv[3];
__db_rijndaelEncrypt(key->rk, key->Nr, block, outBuffer);
iv = outBuffer;
input += 16;
outBuffer += 16;
}
break;
case MODE_CFB1:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--) {
memcpy(outBuffer, input, 16);
for (k = 0; k < 128; k++) {
__db_rijndaelEncrypt(key->ek, key->Nr, iv, block);
outBuffer[k >> 3] ^= (block[0] & (u_int)0x80) >> (k & 7);
for (t = 0; t < 15; t++) {
iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
}
iv[15] = (iv[15] << 1) | ((outBuffer[k >> 3] >> (7 - (k & 7))) & 1);
}
outBuffer += 16;
input += 16;
}
break;
default:
return BAD_CIPHER_STATE;
}
return 128*numBlocks;
}
/**
* Encrypt data partitioned in octets, using RFC 2040-like padding.
*
* @param input data to be encrypted (octet sequence)
* @param inputOctets input length in octets (not bits)
* @param outBuffer encrypted output data
*
* @return length in octets (not bits) of the encrypted output buffer.
*/
/*
* __db_padEncrypt --
*
* PUBLIC: int __db_padEncrypt __P((cipherInstance *, keyInstance *, u_int8_t *,
* PUBLIC: int, u_int8_t *));
*/
int
__db_padEncrypt(cipher, key, input, inputOctets, outBuffer)
cipherInstance *cipher;
keyInstance *key;
u_int8_t *input;
int inputOctets;
u_int8_t *outBuffer;
{
int i, numBlocks, padLen;
u8 block[16], *iv;
u32 tmpiv[4];
if (cipher == NULL ||
key == NULL ||
key->direction == DIR_DECRYPT) {
return BAD_CIPHER_STATE;
}
if (input == NULL || inputOctets <= 0) {
return 0; /* nothing to do */
}
numBlocks = inputOctets/16;
switch (cipher->mode) {
case MODE_ECB:
for (i = numBlocks; i > 0; i--) {
__db_rijndaelEncrypt(key->rk, key->Nr, input, outBuffer);
input += 16;
outBuffer += 16;
}
padLen = 16 - (inputOctets - 16*numBlocks);
DB_ASSERT(padLen > 0 && padLen <= 16);
memcpy(block, input, 16 - padLen);
memset(block + 16 - padLen, padLen, padLen);
__db_rijndaelEncrypt(key->rk, key->Nr, block, outBuffer);
break;
case MODE_CBC:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--) {
memcpy(tmpiv, iv, MAX_IV_SIZE);
((u32*)block)[0] = ((u32*)input)[0] ^ tmpiv[0];
((u32*)block)[1] = ((u32*)input)[1] ^ tmpiv[1];
((u32*)block)[2] = ((u32*)input)[2] ^ tmpiv[2];
((u32*)block)[3] = ((u32*)input)[3] ^ tmpiv[3];
__db_rijndaelEncrypt(key->rk, key->Nr, block, outBuffer);
iv = outBuffer;
input += 16;
outBuffer += 16;
}
padLen = 16 - (inputOctets - 16*numBlocks);
DB_ASSERT(padLen > 0 && padLen <= 16);
for (i = 0; i < 16 - padLen; i++) {
block[i] = input[i] ^ iv[i];
}
for (i = 16 - padLen; i < 16; i++) {
block[i] = (u_int8_t)padLen ^ iv[i];
}
__db_rijndaelEncrypt(key->rk, key->Nr, block, outBuffer);
break;
default:
return BAD_CIPHER_STATE;
}
return 16*(numBlocks + 1);
}
/*
* __db_blockDecrypt --
*
* PUBLIC: int __db_blockDecrypt __P((cipherInstance *, keyInstance *, u_int8_t *,
* PUBLIC: size_t, u_int8_t *));
*/
int
__db_blockDecrypt(cipher, key, input, inputLen, outBuffer)
cipherInstance *cipher;
keyInstance *key;
u_int8_t *input;
size_t inputLen;
u_int8_t *outBuffer;
{
int i, k, t, numBlocks;
u8 block[16], *iv;
u32 tmpiv[4];
if (cipher == NULL ||
key == NULL ||
(cipher->mode != MODE_CFB1 && key->direction == DIR_ENCRYPT)) {
return BAD_CIPHER_STATE;
}
if (input == NULL || inputLen <= 0) {
return 0; /* nothing to do */
}
numBlocks = (int)(inputLen/128);
switch (cipher->mode) {
case MODE_ECB:
for (i = numBlocks; i > 0; i--) {
__db_rijndaelDecrypt(key->rk, key->Nr, input, outBuffer);
input += 16;
outBuffer += 16;
}
break;
case MODE_CBC:
memcpy(tmpiv, cipher->IV, MAX_IV_SIZE);
for (i = numBlocks; i > 0; i--) {
__db_rijndaelDecrypt(key->rk, key->Nr, input, block);
((u32*)block)[0] ^= tmpiv[0];
((u32*)block)[1] ^= tmpiv[1];
((u32*)block)[2] ^= tmpiv[2];
((u32*)block)[3] ^= tmpiv[3];
memcpy(tmpiv, input, 16);
memcpy(outBuffer, block, 16);
input += 16;
outBuffer += 16;
}
break;
case MODE_CFB1:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--) {
memcpy(outBuffer, input, 16);
for (k = 0; k < 128; k++) {
__db_rijndaelEncrypt(key->ek, key->Nr, iv, block);
for (t = 0; t < 15; t++) {
iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
}
iv[15] = (iv[15] << 1) | ((input[k >> 3] >> (7 - (k & 7))) & 1);
outBuffer[k >> 3] ^= (block[0] & (u_int)0x80) >> (k & 7);
}
outBuffer += 16;
input += 16;
}
break;
default:
return BAD_CIPHER_STATE;
}
return 128*numBlocks;
}
/*
* __db_padDecrypt --
*
* PUBLIC: int __db_padDecrypt __P((cipherInstance *, keyInstance *, u_int8_t *,
* PUBLIC: int, u_int8_t *));
*/
int
__db_padDecrypt(cipher, key, input, inputOctets, outBuffer)
cipherInstance *cipher;
keyInstance *key;
u_int8_t *input;
int inputOctets;
u_int8_t *outBuffer;
{
int i, numBlocks, padLen;
u8 block[16];
u32 tmpiv[4];
if (cipher == NULL ||
key == NULL ||
key->direction == DIR_ENCRYPT) {
return BAD_CIPHER_STATE;
}
if (input == NULL || inputOctets <= 0) {
return 0; /* nothing to do */
}
if (inputOctets % 16 != 0) {
return BAD_DATA;
}
numBlocks = inputOctets/16;
switch (cipher->mode) {
case MODE_ECB:
/* all blocks but last */
for (i = numBlocks - 1; i > 0; i--) {
__db_rijndaelDecrypt(key->rk, key->Nr, input, outBuffer);
input += 16;
outBuffer += 16;
}
/* last block */
__db_rijndaelDecrypt(key->rk, key->Nr, input, block);
padLen = block[15];
if (padLen >= 16) {
return BAD_DATA;
}
for (i = 16 - padLen; i < 16; i++) {
if (block[i] != padLen) {
return BAD_DATA;
}
}
memcpy(outBuffer, block, 16 - padLen);
break;
case MODE_CBC:
/* all blocks but last */
memcpy(tmpiv, cipher->IV, MAX_IV_SIZE);
for (i = numBlocks - 1; i > 0; i--) {
__db_rijndaelDecrypt(key->rk, key->Nr, input, block);
((u32*)block)[0] ^= tmpiv[0];
((u32*)block)[1] ^= tmpiv[1];
((u32*)block)[2] ^= tmpiv[2];
((u32*)block)[3] ^= tmpiv[3];
memcpy(tmpiv, input, 16);
memcpy(outBuffer, block, 16);
input += 16;
outBuffer += 16;
}
/* last block */
__db_rijndaelDecrypt(key->rk, key->Nr, input, block);
((u32*)block)[0] ^= tmpiv[0];
((u32*)block)[1] ^= tmpiv[1];
((u32*)block)[2] ^= tmpiv[2];
((u32*)block)[3] ^= tmpiv[3];
padLen = block[15];
if (padLen <= 0 || padLen > 16) {
return BAD_DATA;
}
for (i = 16 - padLen; i < 16; i++) {
if (block[i] != padLen) {
return BAD_DATA;
}
}
memcpy(outBuffer, block, 16 - padLen);
break;
default:
return BAD_CIPHER_STATE;
}
return 16*numBlocks - padLen;
}
#ifdef INTERMEDIATE_VALUE_KAT
/**
* cipherUpdateRounds:
*
* Encrypts/Decrypts exactly one full block a specified number of rounds.
* Only used in the Intermediate Value Known Answer Test.
*
* Returns:
* TRUE - on success
* BAD_CIPHER_STATE - cipher in bad state (e.g., not initialized)
*/
/*
* __db_cipherUpdateRounds --
*
* PUBLIC: int __db_cipherUpdateRounds __P((cipherInstance *, keyInstance *,
* PUBLIC: u_int8_t *, int, u_int8_t *, int));
*/
int
__db_cipherUpdateRounds(cipher, key, input, inputLen, outBuffer, rounds)
cipherInstance *cipher;
keyInstance *key;
u_int8_t *input;
size_t inputLen;
u_int8_t *outBuffer;
int rounds;
{
u8 block[16];
if (cipher == NULL || key == NULL) {
return BAD_CIPHER_STATE;
}
memcpy(block, input, 16);
switch (key->direction) {
case DIR_ENCRYPT:
__db_rijndaelEncryptRound(key->rk, key->Nr, block, rounds);
break;
case DIR_DECRYPT:
__db_rijndaelDecryptRound(key->rk, key->Nr, block, rounds);
break;
default:
return BAD_KEY_DIR;
}
memcpy(outBuffer, block, 16);
return TRUE;
}
#endif /* INTERMEDIATE_VALUE_KAT */

91
storage/bdb/crypto/rijndael/rijndael-api-fst.h Normal file
View file

@ -0,0 +1,91 @@
/*
* $Id: rijndael-api-fst.h,v 1.5 2003/03/17 19:42:18 bostic Exp $
*/
/**
* rijndael-api-fst.h
*
* @version 2.9 (December 2000)
*
* Optimised ANSI C code for the Rijndael cipher (now AES)
*
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
* @author Paulo Barreto <paulo.barreto@terra.com.br>
*
* This code is hereby placed in the public domain.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* Acknowledgements:
*
* We are deeply indebted to the following people for their bug reports,
* fixes, and improvement suggestions to this implementation. Though we
* tried to list all contributions, we apologise in advance for any
* missing reference.
*
* Andrew Bales <Andrew.Bales@Honeywell.com>
* Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
* John Skodon <skodonj@webquill.com>
*/
#ifndef __RIJNDAEL_API_FST_H
#define __RIJNDAEL_API_FST_H
#include "crypto/rijndael/rijndael-alg-fst.h"
/* Generic Defines */
#define DIR_ENCRYPT 0 /* Are we encrpyting? */
#define DIR_DECRYPT 1 /* Are we decrpyting? */
#define MODE_ECB 1 /* Are we ciphering in ECB mode? */
#define MODE_CBC 2 /* Are we ciphering in CBC mode? */
#define MODE_CFB1 3 /* Are we ciphering in 1-bit CFB mode? */
#undef TRUE
#define TRUE 1
#undef FALSE
#define FALSE 0
#define BITSPERBLOCK 128 /* Default number of bits in a cipher block */
/* Error Codes */
#define BAD_KEY_DIR -1 /* Key direction is invalid, e.g., unknown value */
#define BAD_KEY_MAT -2 /* Key material not of correct length */
#define BAD_KEY_INSTANCE -3 /* Key passed is not valid */
#define BAD_CIPHER_MODE -4 /* Params struct passed to cipherInit invalid */
#define BAD_CIPHER_STATE -5 /* Cipher in wrong state (e.g., not initialized) */
#define BAD_BLOCK_LENGTH -6
#define BAD_CIPHER_INSTANCE -7
#define BAD_DATA -8 /* Data contents are invalid, e.g., invalid padding */
#define BAD_OTHER -9 /* Unknown error */
/* Algorithm-specific Defines */
#define MAX_KEY_SIZE 64 /* # of ASCII char's needed to represent a key */
#define MAX_IV_SIZE 16 /* # bytes needed to represent an IV */
/* Typedefs */
/* The structure for key information */
typedef struct {
u_int8_t direction; /* Key used for encrypting or decrypting? */
int keyLen; /* Length of the key */
char keyMaterial[MAX_KEY_SIZE+1]; /* Raw key data in ASCII, e.g., user input or KAT values */
int Nr; /* key-length-dependent number of rounds */
u32 rk[4*(MAXNR + 1)]; /* key schedule */
u32 ek[4*(MAXNR + 1)]; /* CFB1 key schedule (encryption only) */
} keyInstance;
/* The structure for cipher information */
typedef struct { /* changed order of the components */
u_int8_t mode; /* MODE_ECB, MODE_CBC, or MODE_CFB1 */
u_int8_t IV[MAX_IV_SIZE]; /* A possible Initialization Vector for ciphering */
} cipherInstance;
#endif /* __RIJNDAEL_API_FST_H */