Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
Peter Eisentraut <peter@eisentraut.org>
From: Peter Eisentraut <peter@eisentraut.org>
To: Daniel Gustafsson <daniel@yesql.se>,
"Koshi Shibagaki (Fujitsu)" <shibagaki.koshi@fujitsu.com>
Cc: "pgsql-hackers@lists.postgresql.org" <pgsql-hackers@lists.postgresql.org>
Date: 2024-02-20T11:18:57Z
Lists: pgsql-hackers
On 20.02.24 11:09, Daniel Gustafsson wrote: >> On 20 Feb 2024, at 10:56, Koshi Shibagaki (Fujitsu) <shibagaki.koshi@fujitsu.com> wrote: > >> Let me confirm the discussion in threads. I think there are two topics. >> 1. prohibit the use of ciphers disallowed in FIPS mode at the level of block >> cipher (crypt-bf, etc...) in crypt() and gen_salt() > > That level might be overkill given that any cipher not in the FIPS certfied > module mustn't be used, but it's also not the wrong place to put it IMHO. I think we are going about this the wrong way. It doesn't make sense to ask OpenSSL what a piece of code that doesn't use OpenSSL should do. (And would that even give a sensible answer? Like, you can configure OpenSSL to load the fips module, but you can also load the legacy module alongside it(??).) And as you say, even if this code supported modern block ciphers, it wouldn't be FIPS compliant. I think there are several less weird ways to address this: * Just document it. * Make a pgcrypto-level GUC setting. * Split out these functions into a separate extension. * Deprecate these functions. Or some combination of these.
Commits
-
pgcrypto: Make it possible to disable built-in crypto
- 035f99cbebe5 18.0 landed
-
pgcrypto: Add function to check FIPS mode
- 924d89a35475 18.0 landed
-
citext: Allow tests to pass in OpenSSL FIPS mode
- 3c551ebede46 17.0 cited
-
pgcrypto: Remove non-OpenSSL support
- db7d1a7b0530 15.0 cited