Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
Peter Eisentraut <peter@eisentraut.org>
From: Peter Eisentraut <peter@eisentraut.org>
To: "Koshi Shibagaki (Fujitsu)" <shibagaki.koshi@fujitsu.com>,
"'pgsql-hackers@lists.postgresql.org'" <pgsql-hackers@lists.postgresql.org>
Date: 2024-02-15T15:49:45Z
Lists: pgsql-hackers
On 15.02.24 13:42, Koshi Shibagaki (Fujitsu) wrote: > However, crypt() and gen_salt() do not use OpenSSL as mentioned in [2]. > Therefore, if we run crypt() and gen_salt() on a machine with FIPS mode enabled, > they are not affected by FIPS mode. This means we can use encryption algorithms > disallowed in FIPS. > > I would like to change the proprietary implementations of crypt() and gen_salt() > to use OpenSSL API. > If it's not a problem, I am going to create a patch, but if you have a better > approach, please let me know. The problems are: 1. All the block ciphers currently supported by crypt() and gen_salt() are not FIPS-compliant. 2. The crypt() and gen_salt() methods built on top of them (modes of operation, kind of) are not FIPS-compliant. 3. The implementations (crypt-blowfish.c, crypt-des.c, etc.) are not structured in a way that OpenSSL calls can easily be patched in. So if you want FIPS-compliant cryptography, these interfaces look like a dead end. I don't know if there are any modern equivalents of these functions that we should be supplying instead.
Commits
-
pgcrypto: Make it possible to disable built-in crypto
- 035f99cbebe5 18.0 landed
-
pgcrypto: Add function to check FIPS mode
- 924d89a35475 18.0 landed
-
citext: Allow tests to pass in OpenSSL FIPS mode
- 3c551ebede46 17.0 cited
-
pgcrypto: Remove non-OpenSSL support
- db7d1a7b0530 15.0 cited