Home > mailing lists

Re: Replace current implementations in crypt() and gen_salt() to OpenSSL - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
Date	February 16, 2024 15:09:59
Msg-id	A564626F-FB08-45AF-BA75-BE5F434AE222@yesql.se Whole thread Raw
In response to	Re: Replace current implementations in crypt() and gen_salt() to OpenSSL (Peter Eisentraut <peter@eisentraut.org>)
Responses	RE: Replace current implementations in crypt() and gen_salt() to OpenSSL
List	pgsql-hackers

Tree view

> On 16 Feb 2024, at 15:49, Peter Eisentraut <peter@eisentraut.org> wrote:

> Like, if we did a "crypt-aes", would that be FIPS-compliant?  I don't know.

If I remember my FIPS correct: Only if it used a FIPS certified implementation,
like the one in OpenSSL when the fips provider has been loaded.  The cipher
must be allowed *and* the implementation must be certified.

--
Daniel Gustafsson

pgsql-hackers by date:

From: Tom Lane
Date: 16 February 2024, 14:58:01
Subject: Re: table inheritance versus column compression and storage settings

From: Aleksander Alekseev
Date: 16 February 2024, 15:15:57
Subject: Re: psql: Add command to use extended query protocol

Re: Replace current implementations in crypt() and gen_salt() to OpenSSL - Mailing list pgsql-hackers

Previous

Next