Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
To: Heikki Linnakangas <hlinnaka@iki.fi>, Daniel Gustafsson
<daniel@yesql.se>, Michael Paquier <michael@paquier.xyz>
Cc: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-09-24T17:56:43Z
Lists: pgsql-hackers
On 2020-09-24 18:21, Heikki Linnakangas wrote: > That would technically work, but wouldn't it make the product as whole > not FIPS compliant? I'm not a FIPS lawyer, but as I understand it the > point of FIPS is that all the crypto code is encapsulated in a certified > module. Having your own SHA-256 implementation would defeat that. Depends on what one considers to be covered by FIPS. The entire rest of SCRAM is custom code, so running it on top of the world's greatest SHA-256 implementation isn't going to make the end product any more trustworthy. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
Commits
-
Change SHA2 implementation based on OpenSSL to use EVP digest routines
- 4f48a6fbe2b2 14.0 landed
- e21cbb4b893b 14.0 landed
-
Move SHA2 routines to a new generic API layer for crypto hashes
- 87ae9691d253 14.0 landed
-
Use OpenSSL EVP API for symmetric encryption in pgcrypto.
- 5ff4a67f63fd 10.0 cited