Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Heikki Linnakangas <hlinnaka@iki.fi>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Daniel Gustafsson <daniel@yesql.se>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-10-14T08:18:51Z
Lists: pgsql-hackers
On Wed, Oct 14, 2020 at 10:40:12AM +0300, Heikki Linnakangas wrote: > Since this is going to be core backend code (and also frontend), we don't > need to use the generic reource owner callback mechanism, we could add a > built-in ResourceOwnerData field and functions in resowner.c. The callback > mechanism is a bit clunky. Sure, thanks. I wanted to keep things isolated in sha2_openssl.c as that's something specific to the implementation. Thinking more about it, your suggestion makes a lot of sense in the long-term by including MD5 and HMAC in the picture. These also go through EVP in OpenSSL, and we are kind of incorrect currently to not use the OpenSSL flavor if available (MD5 is not authorized in FIPS, but we still allow it to be used with the in-core implementation). -- Michael
Commits
-
Change SHA2 implementation based on OpenSSL to use EVP digest routines
- 4f48a6fbe2b2 14.0 landed
- e21cbb4b893b 14.0 landed
-
Move SHA2 routines to a new generic API layer for crypto hashes
- 87ae9691d253 14.0 landed
-
Use OpenSSL EVP API for symmetric encryption in pgcrypto.
- 5ff4a67f63fd 10.0 cited