Home > mailing lists

Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod - Mailing list pgsql-bugs

From	Daniel Gustafsson
Subject	Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod
Date	April 21 17:04:40
Msg-id	3A2299BC-1684-4CEB-BD65-1DEBFB446F24@yesql.se Whole thread
In response to	BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod (PG Bug reporting form <noreply@postgresql.org>)
List	pgsql-bugs

Tree view

> On 17 Apr 2026, at 06:21, PG Bug reporting form <noreply@postgresql.org> wrote:

> I am happy to work on this.

Please do, that would be great.  I'd be happy to review this so keep me CC'd.

> Add a FIPS cipher check in pgp_load_cipher() in contrib/pgcrypto/pgp.c.
> This function is the single chokepoint for all PGP cipher operations
> (encrypt, decrypt, session key encryption/decryption). A whitelist of
> FIPS 140-2/140-3 approved ciphers for PGP use would be:
>
>   PGP_SYM_AES_128, PGP_SYM_AES_192, PGP_SYM_AES_256

Maybe an extra flag in the cipher_info struct?

> All other ciphers (PGP_SYM_BLOWFISH, PGP_SYM_CAST5, PGP_SYM_DES3,
> PGP_SYM_TWOFISH, etc.) should raise an error when CheckFIPSMode()
> returns true.

Not just FIPS, it should check CheckBuiltinCryptoMode() to be consistent with
the other builtin checks.

--
Daniel Gustafsson

pgsql-bugs by date:

From: "飞鱼"
Date: 21 April, 16:11:22
Subject: 回复：RE: 回复：RE: BUG #19464: Server crash (SIGABRT) with UPDATE containing multiple multi-column assignments

From: Andrew Dunstan
Date: 21 April, 18:19:36
Subject: Re: Bug in CREATE TABLE .. LIKE .. INCLUDING STATISTICS?

Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod - Mailing list pgsql-bugs

Previous

Next