Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Heikki Linnakangas <hlinnaka(at)iki(dot)fi>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2
Date: 2020-10-15 06:56:21
Message-ID: 20201015065621.GB2305@paquier.xyz
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Wed, Oct 14, 2020 at 05:18:51PM +0900, Michael Paquier wrote:
> Sure, thanks. I wanted to keep things isolated in sha2_openssl.c as
> that's something specific to the implementation. Thinking more about
> it, your suggestion makes a lot of sense in the long-term by including
> MD5 and HMAC in the picture. These also go through EVP in OpenSSL,
> and we are kind of incorrect currently to not use the OpenSSL flavor
> if available (MD5 is not authorized in FIPS, but we still allow it to
> be used with the in-core implementation).

I got my hands on that, and this proves to simplify a lot things. In
bonus, attached is a 0003 that cleans up some code in pgcrypto so as
it uses the in-core resowner facility to handle EVP contexts.
--
Michael

Attachment Content-Type Size
v2-0001-Rework-SHA2-APIs.patch text/x-diff 61.9 KB
v2-0002-Switch-sha2_openssl.c-to-use-EVP.patch text/x-diff 8.5 KB
v2-0003-Move-pgcrypto-to-use-in-core-resowner-facility-fo.patch text/x-diff 3.7 KB

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Amit Kapila 2020-10-15 07:07:04 Re: pgsql: Restore replication protocol's duplicate command tags
Previous Message tsunakawa.takay@fujitsu.com 2020-10-15 06:55:22 RE: [Patch] Optimize dropping of relation buffers using dlist