Home > mailing lists

Re: Replace current implementations in crypt() and gen_salt() to OpenSSL - Mailing list pgsql-hackers

From	Joe Conway
Subject	Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
Date	December 4 20:40:20
Msg-id	7c2b71ae-766c-4412-99bb-00bd165b8338@joeconway.com Whole thread Raw
In response to	Re: Replace current implementations in crypt() and gen_salt() to OpenSSL (Daniel Gustafsson <daniel@yesql.se>)
Responses	Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
List	pgsql-hackers

Tree view

On 12/4/24 09:33, Daniel Gustafsson wrote:
> since OpenSSL 1.1.1 cannot operate in FIPS mode.

I don't think that is correct. The RHEL 8 openssl which was FIPS 140-2 
validated is 1.1.1k. See:


https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4642.pdf

-- 
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com

pgsql-hackers by date:

From: Robert Haas
Date: 04 December, 20:39:41
Subject: Re: Replace current implementations in crypt() and gen_salt() to OpenSSL

From: Daniel Gustafsson
Date: 04 December, 20:45:51
Subject: Re: Replace current implementations in crypt() and gen_salt() to OpenSSL

Re: Replace current implementations in crypt() and gen_salt() to OpenSSL - Mailing list pgsql-hackers

Previous

Next