Re: Replace current implementations in crypt() and gen_salt() to OpenSSL

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Joe Conway <mail(at)joeconway(dot)com>, Peter Eisentraut <peter(at)eisentraut(dot)org>, "Koshi Shibagaki (Fujitsu)" <shibagaki(dot)koshi(at)fujitsu(dot)com>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
Date: 2024-12-04 14:33:46
Message-ID: BC993860-A57A-4EEA-9D2E-D953E3776800@yesql.se
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

> On 4 Dec 2024, at 15:28, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
>
> On Wed, Dec 4, 2024 at 8:54 AM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>> Looking over this again I realized it's a bit silly to fall back on FIPS_mode()
>> when EVP_default_properties_is_fips_enabled isn't available since that would
>> only be OpenSSL versions before 3.0 (and since we don't support 1.0.2 then no
>> such version can have FIPS). Sharing back a v3 which is what I think we should
>> go with.
>
> The comment suggests to me that if the user happened to be using
> OpenSSL 1.1.1 and CheckLegacyCryptoMode() was called, the expected
> outcome would be an error, but it will just return.

I think I know what you mean, but just to be clear so I know what to reword,
the comment in the code or the above quoted email?

If the GUC is set to fips it will mimic the OpenSSL setting (disallow when
OpenSSL is in FIPS mode and allow when OpenSSL isn't in FIPS mode), and thus
allow internal crypto since OpenSSL 1.1.1 cannot operate in FIPS mode. If the
GUC is set to on or off it will allow or disallow built-in crypto without
considering the OpenSSL state.

--
Daniel Gustafsson

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Robert Haas 2024-12-04 14:38:30 Re: Eager aggregation, take 3
Previous Message Robert Haas 2024-12-04 14:29:50 Re: checksum verification code breaks backups in v16-