Re: scram-sha-256 authentication broken in FIPS mode

Alessandro Gherardi <alessandro.gherardi@yahoo.com>

From: Alessandro Gherardi <alessandro.gherardi@yahoo.com>
To: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, Michael Paquier <michael@paquier.xyz>
Cc: "pgsql-general@lists.postgresql.org" <pgsql-general@lists.postgresql.org>
Date: 2018-09-17T14:55:55Z
Lists: pgsql-general

Attachments

 Here's a patch for enabling FIPS in OpenSSL - by calling FIPS_mode_set(1) - on Windows if the FIPS registry entry HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled is set to 1. That's the entry that the .NET crypto libraries look at to decide whether or not to operate in FIPS mode.
I thought of submitting a pull request for adding this logic to OpenSSL, however (1) https://www.openssl.org/source/ says they are working on a new FIPS module, so I doubt they would take a pull request for OpenSSL 1.0.X and (2) For Linux, this logic doesn't exist on the standard OpenSSL distribution but only on the RHEL-specific OpenSSL patch (See method init_fips_mode() in https://git.centos.org/raw/rpms/openssl.git/c7/SOURCES!openssl-1.0.2i-fips.patch ).
Therefore, I believe the best option, at least for now, is calling FIPS_mode_set(1) in the application.


Commits

  1. Change SHA2 implementation based on OpenSSL to use EVP digest routines