Re: Replace current implementations in crypt() and gen_salt() to OpenSSL

On 1/21/25 17:57, Daniel Gustafsson wrote:
>> On 21 Jan 2025, at 22:13, Joe Conway <mail(at)joeconway(dot)com> wrote:
>
>> I think this is a non-issue. Every implementation I have seen, the OS-level enabling of FIPS mode is just a way to ensure openssl is automatically put into FIPS mode when the library is loaded, just as if (and not depending on) the application had invoked FIPS mode manually. All matters here is that the loaded openssl thinks it is in FIPS mode.
>
> Good point. The attached v9 adds a 0001 which expose a SQL function (along
> with version bump and docs) for returning the FIPS mode, and 0002 is the
> previous patch except it use the function from 0001.

I found it necessary to add:
#include <openssl/crypto.h>
in
contrib/pgcrypto/openssl.c
to avoid a symbol not defined warning.

Otherwise looks good here:
8<---------------
SET pgcrypto.builtin_crypto_enabled = on;
select crypt('secret data', gen_salt('des'));
crypt
---------------
OCAkiP03AAbPA
(1 row)

SET pgcrypto.builtin_crypto_enabled = off;
select crypt('secret data', gen_salt('des'));
ERROR: use of built-in crypto functions is disabled

SET pgcrypto.builtin_crypto_enabled = fips;
select crypt('secret data', gen_salt('des'));
ERROR: use of non-FIPS certified crypto not allowed when OpenSSL is in
FIPS mode

select fips_mode();
fips_mode
-----------
t
(1 row)
8<---------------

Although come to think of it, probably:
"use of non-FIPS certified crypto"
^^^^^^^^^
should rather say:
"use of non-FIPS validated crypto"
^^^^^^^^^

FWIW, I tested with non-FIPS (OpenSSL 3.0.13 30 Jan 2024) on Linux Mint
22.1 and FIPS (aws-lc [1][2]) on Amazon Linux 2023.

[1] https://github.com/aws/aws-lc/tree/fips-2022-11-02
[2]
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4759.pdf

--
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com