1/*-------------------------------------------------------------------------
2 *
3 * crypt.h
4 * Interface to libpq/crypt.c
5 *
6 * Portions Copyright (c) 1996-2019, PostgreSQL Global Development Group
7 * Portions Copyright (c) 1994, Regents of the University of California
8 *
9 * src/include/libpq/crypt.h
10 *
11 *-------------------------------------------------------------------------
12 */
13#ifndef PG_CRYPT_H
14#define PG_CRYPT_H
15
16#include "datatype/timestamp.h"
17
18/*
19 * Types of password hashes or verifiers.
20 *
21 * Plaintext passwords can be passed in by the user, in a CREATE/ALTER USER
22 * command. They will be encrypted to MD5 or SCRAM-SHA-256 format, before
23 * storing on-disk, so only MD5 and SCRAM-SHA-256 passwords should appear
24 * in pg_authid.rolpassword. They are also the allowed values for the
25 * password_encryption GUC.
26 */
27typedef enum PasswordType
28{
29 PASSWORD_TYPE_PLAINTEXT = 0,
30 PASSWORD_TYPE_MD5,
31 PASSWORD_TYPE_SCRAM_SHA_256
32} PasswordType;
33
34extern PasswordType get_password_type(const char *shadow_pass);
35extern char *encrypt_password(PasswordType target_type, const char *role,
36 const char *password);
37
38extern char *get_role_password(const char *role, char **logdetail);
39
40extern int md5_crypt_verify(const char *role, const char *shadow_pass,
41 const char *client_pass, const char *md5_salt,
42 int md5_salt_len, char **logdetail);
43extern int plain_crypt_verify(const char *role, const char *shadow_pass,
44 const char *client_pass, char **logdetail);
45
46#endif
47