Thread: SHA-1 FIPS - compliance

SHA-1 FIPS - compliance

From

Filip Janus

Date:

08 July 2021, 15:33:33

Hi all,

I am a new maintainer of PostgreSQL in Fedora and RHEL. Currently, I am solving usage SHA-1 for key-derivation in pgcrypto (the s2k-digest-algo). In the documentation, I have found that there are options SHA-1 or MD5. Unfortunately, none of these algorithms are FIPS compliant. So I would like to ask if exists a possibility to add or enable support for some type of stronger hash algorithm?

Thanks

-Filip-

Re: SHA-1 FIPS - compliance

From

Bruce Momjian

Date:

08 July 2021, 16:58:35

On Thu, Jul  8, 2021 at 02:33:33PM +0200, Filip Janus wrote:
> Hi all,
> I am a new maintainer of PostgreSQL in Fedora and RHEL. Currently, I am solving
> usage SHA-1  for key-derivation in pgcrypto (the s2k-digest-algo).  In the
> documentation, I have found that there are options SHA-1 or MD5. Unfortunately,
> none of these algorithms are FIPS compliant. So I would like to ask if exists a
> possibility to add or enable support for some type of stronger hash algorithm?

I don't know of any official way to disable them, but I do know that PG
14 will use a different set of algorithms that are more FIPS-compliant
because we rely more on the OpenSSL for its implementation (or
blockage).

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  If only the physical world exists, free will is an illusion.

Re: SHA-1 FIPS - compliance

From

Michael Paquier

Date:

20 August 2021, 04:02:14

On Thu, Jul 08, 2021 at 09:58:35AM -0400, Bruce Momjian wrote:
> On Thu, Jul  8, 2021 at 02:33:33PM +0200, Filip Janus wrote:
>> I am a new maintainer of PostgreSQL in Fedora and RHEL. Currently, I am solving
>> usage SHA-1  for key-derivation in pgcrypto (the s2k-digest-algo).  In the
>> documentation, I have found that there are options SHA-1 or MD5. Unfortunately,
>> none of these algorithms are FIPS compliant. So I would like to ask if exists a
>> possibility to add or enable support for some type of stronger hash algorithm?

Patches and improvements are always welcome.

> I don't know of any official way to disable them, but I do know that PG
> 14 will use a different set of algorithms that are more FIPS-compliant
> because we rely more on the OpenSSL for its implementation (or
> blockage).

The set of algorithms supported for pgcrypto does not change.  The
only thing that does change is that, by going through the EVP layer
instead of the low-level cryptohash APIs, OpenSSL will not do a blind
exit() when using algos that are not FIPS compliant (MD5 and SHA-1)
when linking to OpenSSL 1.0.2 if FIPS is enabled at system or process
level.
--
Michael

Attachment

signature.asc