Re: Modern SHA2- based password hashes for pgcrypto
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Bernd Helmle <mailings@oopsware.de>
Cc: PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2025-01-02T14:57:49Z
Lists: pgsql-hackers
> On 31 Dec 2024, at 17:06, Bernd Helmle <mailings@oopsware.de> wrote: > I adapted the code from the publicly available reference implementation > at [1]. It's based on our existing OpenSSL infrastructure in pgcrypto > and produces compatible password hashes with crypt() and "openssl > passwd" with "-5" and "-6" switches. Potentially daft question, but since we require OpenSSL to build pgcrypto, why do we need to include sha2 code instead of using the sha2 implementation in libcrypto? How complicated would it be to use the OpenSSL API instead? -- Daniel Gustafsson
Commits
-
Follow-up fixes for SHA-2 patch (commit 749a9e20c).
- 969ab9d4f5d1 18.0 landed
-
Add modern SHA-2 based password hashes to pgcrypto.
- 749a9e20c979 18.0 landed