SHA-1 FIPS - compliance

On Thu, Jul 8, 2021 at 02:33:33PM +0200, Filip Janus wrote:

Hi all,
I am a new maintainer of PostgreSQL in Fedora and RHEL. Currently, I am solving
usage SHA-1  for key-derivation in pgcrypto (the s2k-digest-algo).  In the
documentation, I have found that there are options SHA-1 or MD5. Unfortunately,
none of these algorithms are FIPS compliant. So I would like to ask if exists a
possibility to add or enable support for some type of stronger hash algorithm?

I don't know of any official way to disable them, but I do know that PG
14 will use a different set of algorithms that are more FIPS-compliant
because we rely more on the OpenSSL for its implementation (or
blockage).

--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EDB https://enterprisedb.com

If only the physical world exists, free will is an illusion.

On Thu, Jul 08, 2021 at 09:58:35AM -0400, Bruce Momjian wrote:

On Thu, Jul 8, 2021 at 02:33:33PM +0200, Filip Janus wrote:

I am a new maintainer of PostgreSQL in Fedora and RHEL. Currently, I am solving
usage SHA-1  for key-derivation in pgcrypto (the s2k-digest-algo).  In the
documentation, I have found that there are options SHA-1 or MD5. Unfortunately,
none of these algorithms are FIPS compliant. So I would like to ask if exists a
possibility to add or enable support for some type of stronger hash algorithm?

Patches and improvements are always welcome.

I don't know of any official way to disable them, but I do know that PG
14 will use a different set of algorithms that are more FIPS-compliant
because we rely more on the OpenSSL for its implementation (or
blockage).

The set of algorithms supported for pgcrypto does not change. The
only thing that does change is that, by going through the EVP layer
instead of the low-level cryptohash APIs, OpenSSL will not do a blind
exit() when using algos that are not FIPS compliant (MD5 and SHA-1)
when linking to OpenSSL 1.0.2 if FIPS is enabled at system or process
level.
--
Michael