Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod

Joe Conway <mail@joeconway.com>

From: Joe Conway <mail@joeconway.com>
To: Tom Lane <tgl@sss.pgh.pa.us>, Daniel Gustafsson <daniel@yesql.se>
Cc: Michael Paquier <michael@paquier.xyz>, ansh01072001@gmail.com, pgsql-bugs@lists.postgresql.org
Date: 2026-04-24T15:18:28Z
Lists: pgsql-bugs
On 4/24/26 10:38, Tom Lane wrote:
> Daniel Gustafsson <daniel@yesql.se> writes:
>>> On 24 Apr 2026, at 06:20, Michael Paquier <michael@paquier.xyz> wrote:
>>> I am interesting in getting that fixed for the next point release, so
>>> I have given it a try, finishing with the attached.  This would cause
>>> pgp_sym_encrypt() and pgp_sym_decrypt() to complain when the builtin
>>> mode is disabled, making things more consistent with the surroundings.
> 
>> I'm not convinced this is material for a minor release, the feature works as
>> documented and it was never documented to cover PGP.  Re-reading the thread PGP
>> was never discussed, and while that admittedly seem like an oversight doing
>> this in a minor release will alter documented behaviour which is generally not
>> what we want to do.
> 
> I sympathize with that argument, but ... people who are running in
> FIPS mode are probably doing so because they have contractual or legal
> obligations to meet that standard.  A person who could be in hot water
> if they are accidentally running disallowed crypto would see this as a
> dangerous bug.  A person who does not care should not be using FIPS
> mode.


+1 I think we should consider this as a backpatchable bug.

-- 
Joe Conway
PostgreSQL Contributors Team
Amazon Web Services: https://aws.amazon.com



Commits

  1. pgcrypto: Make it possible to disable built-in crypto

  2. pgcrypto: Add function to check FIPS mode