Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Heikki Linnakangas <hlinnaka@iki.fi>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Daniel Gustafsson <daniel@yesql.se>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-10-15T06:56:21Z
Lists: pgsql-hackers
Attachments
- v2-0001-Rework-SHA2-APIs.patch (text/x-diff) patch v2-0001
- v2-0002-Switch-sha2_openssl.c-to-use-EVP.patch (text/x-diff) patch v2-0002
- v2-0003-Move-pgcrypto-to-use-in-core-resowner-facility-fo.patch (text/x-diff) patch v2-0003
On Wed, Oct 14, 2020 at 05:18:51PM +0900, Michael Paquier wrote: > Sure, thanks. I wanted to keep things isolated in sha2_openssl.c as > that's something specific to the implementation. Thinking more about > it, your suggestion makes a lot of sense in the long-term by including > MD5 and HMAC in the picture. These also go through EVP in OpenSSL, > and we are kind of incorrect currently to not use the OpenSSL flavor > if available (MD5 is not authorized in FIPS, but we still allow it to > be used with the in-core implementation). I got my hands on that, and this proves to simplify a lot things. In bonus, attached is a 0003 that cleans up some code in pgcrypto so as it uses the in-core resowner facility to handle EVP contexts. -- Michael
Commits
-
Change SHA2 implementation based on OpenSSL to use EVP digest routines
- 4f48a6fbe2b2 14.0 landed
- e21cbb4b893b 14.0 landed
-
Move SHA2 routines to a new generic API layer for crypto hashes
- 87ae9691d253 14.0 landed
-
Use OpenSSL EVP API for symmetric encryption in pgcrypto.
- 5ff4a67f63fd 10.0 cited