Quick Links

Re: Replace current implementations in crypt() and gen_salt() to OpenSSL

From:	Daniel Gustafsson <daniel(at)yesql(dot)se>
To:	Peter Eisentraut <peter(at)eisentraut(dot)org>
Cc:	"Koshi Shibagaki (Fujitsu)" <shibagaki(dot)koshi(at)fujitsu(dot)com>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject:	Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
Date:	2024-02-16 15:09:59
Message-ID:	A564626F-FB08-45AF-BA75-BE5F434AE222@yesql.se
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

> On 16 Feb 2024, at 15:49, Peter Eisentraut <peter(at)eisentraut(dot)org> wrote:

> Like, if we did a "crypt-aes", would that be FIPS-compliant? I don't know.

If I remember my FIPS correct: Only if it used a FIPS certified implementation,
like the one in OpenSSL when the fips provider has been loaded. The cipher
must be allowed *and* the implementation must be certified.

--
Daniel Gustafsson

In response to

Re: Replace current implementations in crypt() and gen_salt() to OpenSSL at 2024-02-16 14:49:01 from Peter Eisentraut

Responses

RE: Replace current implementations in crypt() and gen_salt() to OpenSSL at 2024-02-20 09:56:27 from Koshi Shibagaki (Fujitsu)

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Aleksander Alekseev	2024-02-16 15:15:57	Re: psql: Add command to use extended query protocol
Previous Message	Tom Lane	2024-02-16 14:58:01	Re: table inheritance versus column compression and storage settings