public inbox for [email protected]
help / color / mirror / Atom feedBUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod
3+ messages / 3 participants
[nested] [flat]
* BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod
@ 2026-04-17 04:21 PG Bug reporting form <[email protected]>
2026-04-21 14:04 ` Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod Daniel Gustafsson <[email protected]>
0 siblings, 1 reply; 3+ messages in thread
From: PG Bug reporting form @ 2026-04-17 04:21 UTC (permalink / raw)
To: [email protected]; +Cc: [email protected]
The following bug has been logged on the website:
Bug reference: 19457
Logged by: Shishir Sharma
Email address: [email protected]
PostgreSQL version: 18.3
Operating system: AlmaLinux 8.10, x86_64
Description:
When PostgreSQL 18.3 is built against OpenSSL operating in FIPS mode, the
pgp_sym_encrypt() (and pgp_pub_encrypt()) functions in the pgcrypto
extension silently succeed when called with non-FIPS-approved cipher
algorithms: bf (Blowfish), cast5 (CAST5), and 3des (Triple-DES).
This is a FIPS compliance gap. Every other non-FIPS algorithm in
pgcrypto is either blocked by OpenSSL (e.g. encrypt(..., 'bf'),
digest(..., 'md5')) or, as of PostgreSQL 18, controlled by the new
pgcrypto.builtin_crypto_enabled GUC (gen_salt(), crypt()). The PGP
code path is the only one left completely unguarded.
The result is that a deployment that has gone to the trouble of
enabling OpenSSL FIPS mode expecting that prohibited algorithms
cannot be used can still encrypt production data with Blowfish,
CAST5, or 3DES via pgp_sym_encrypt(), with no error, no warning, and
no indication that a FIPS violation has occurred.
=== Root Cause ===
The pgp_sym_encrypt() call chain is:
pgp_sym_encrypt()
→ encrypt_internal() [pgp-pgsql.c]
→ pgp_set_cipher_algo() [pgp.c] -- maps 'cast5' →
PGP_SYM_CAST5
→ pgp_encrypt() [pgp-encrypt.c]
→ pgp_cfb_create() [pgp-cfb.c]
→ pgp_load_cipher() [pgp.c] -- maps PGP_SYM_CAST5 →
"cast5-ecb"
→ px_find_cipher() [openssl.c] -- calls
EVP_get_cipherbyname()
The pgcrypto.builtin_crypto_enabled GUC introduced in PostgreSQL 18
(commits 924d89a and 035f99c) protects only px_crypt() and
px_gen_salt() in px-crypt.c. The PGP encryption path never passes
through px-crypt.c and is therefore not covered by the GUC, regardless
of whether it is set to 'on', 'off', or 'fips'.
=== Steps to Reproduce ===
Prerequisites:
- PostgreSQL 18 built with OpenSSL
- OpenSSL configured in FIPS mode (fips_mode() returns true)
- pgcrypto extension installed
- FIPS enabled system
-- Step 1: Verify FIPS mode is active
SELECT fips_mode();
-- Expected: t
-- Step 2: Confirm the GUC is set to 'fips' (the recommended FIPS setting)
SET pgcrypto.builtin_crypto_enabled = 'fips';
SHOW pgcrypto.builtin_crypto_enabled;
-- Expected: fips
-- Step 3: Verify the GUC correctly blocks gen_salt/crypt (it does work
there)
SELECT gen_salt('bf');
-- Expected: ERROR: use of non-FIPS validated crypto not allowed...
-- Actual: ERROR: use of non-FIPS validated crypto not allowed... ✓
-- Step 4: Verify encrypt() correctly blocks non-FIPS ciphers (OpenSSL
blocks these)
SELECT encrypt('secret'::bytea, 'key12345'::bytea, 'bf');
-- Expected: ERROR
-- Actual: ERROR: encrypt error: Cipher cannot be initialized ✓
-- Step 5: THE BUG — pgp_sym_encrypt silently succeeds with non-FIPS ciphers
SELECT pgp_sym_encrypt('secret', 'key', 'cipher-algo=cast5,
compress-algo=0');
-- Expected: ERROR (non-FIPS algorithm should be rejected)
-- Actual: \xc30d0403... (ciphertext returned silently — FIPS VIOLATION)
SELECT pgp_sym_encrypt('secret', 'key', 'cipher-algo=bf, compress-algo=0');
-- Expected: ERROR
-- Actual: \xc30d0404... (ciphertext returned silently — FIPS VIOLATION)
SELECT pgp_sym_encrypt('secret', 'key', 'cipher-algo=3des,
compress-algo=0');
-- Expected: ERROR
-- Actual: \xc30d0402... (ciphertext returned silently — FIPS VIOLATION)
-- Step 6: Confirm FIPS-approved ciphers still work correctly
SELECT pgp_sym_encrypt('secret', 'key', 'cipher-algo=aes256,
compress-algo=0');
-- Actual: \xc30d0409... (correct — AES-256 is FIPS approved) ✓
=== Proposed Fix ===
I am happy to work on this.
Add a FIPS cipher check in pgp_load_cipher() in contrib/pgcrypto/pgp.c.
This function is the single chokepoint for all PGP cipher operations
(encrypt, decrypt, session key encryption/decryption). A whitelist of
FIPS 140-2/140-3 approved ciphers for PGP use would be:
PGP_SYM_AES_128, PGP_SYM_AES_192, PGP_SYM_AES_256
All other ciphers (PGP_SYM_BLOWFISH, PGP_SYM_CAST5, PGP_SYM_DES3,
PGP_SYM_TWOFISH, etc.) should raise an error when CheckFIPSMode()
returns true.
The error message should be consistent with the one used for gen_salt/crypt:
ERROR: use of non-FIPS validated crypto not allowed when OpenSSL is in
FIPS mode
Additionally, the pgcrypto documentation (doc/src/sgml/pgcrypto.sgml)
should be updated to note which cipher-algo values for pgp_sym_encrypt
are not FIPS 140-2/140-3 approved (bf, cast5, 3des) and that they will
fail when OpenSSL FIPS mode is active with the fix applied.
Related upstream work for reference:
- Commit 924d89a: Add fips_mode() SQL function
- Commit 035f99c: Add pgcrypto.builtin_crypto_enabled GUC
Thank you for your time reviewing this.
^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod
2026-04-17 04:21 BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod PG Bug reporting form <[email protected]>
@ 2026-04-21 14:04 ` Daniel Gustafsson <[email protected]>
2026-04-24 04:20 ` Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod Michael Paquier <[email protected]>
0 siblings, 1 reply; 3+ messages in thread
From: Daniel Gustafsson @ 2026-04-21 14:04 UTC (permalink / raw)
To: [email protected]; [email protected]
> On 17 Apr 2026, at 06:21, PG Bug reporting form <[email protected]> wrote:
> I am happy to work on this.
Please do, that would be great. I'd be happy to review this so keep me CC'd.
> Add a FIPS cipher check in pgp_load_cipher() in contrib/pgcrypto/pgp.c.
> This function is the single chokepoint for all PGP cipher operations
> (encrypt, decrypt, session key encryption/decryption). A whitelist of
> FIPS 140-2/140-3 approved ciphers for PGP use would be:
>
> PGP_SYM_AES_128, PGP_SYM_AES_192, PGP_SYM_AES_256
Maybe an extra flag in the cipher_info struct?
> All other ciphers (PGP_SYM_BLOWFISH, PGP_SYM_CAST5, PGP_SYM_DES3,
> PGP_SYM_TWOFISH, etc.) should raise an error when CheckFIPSMode()
> returns true.
Not just FIPS, it should check CheckBuiltinCryptoMode() to be consistent with
the other builtin checks.
--
Daniel Gustafsson
^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod
2026-04-17 04:21 BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod PG Bug reporting form <[email protected]>
2026-04-21 14:04 ` Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod Daniel Gustafsson <[email protected]>
@ 2026-04-24 04:20 ` Michael Paquier <[email protected]>
0 siblings, 0 replies; 3+ messages in thread
From: Michael Paquier @ 2026-04-24 04:20 UTC (permalink / raw)
To: Daniel Gustafsson <[email protected]>; +Cc: [email protected]; [email protected]
On Tue, Apr 21, 2026 at 04:04:40PM +0200, Daniel Gustafsson wrote:
> Not just FIPS, it should check CheckBuiltinCryptoMode() to be consistent with
> the other builtin checks.
I am interesting in getting that fixed for the next point release, so
I have given it a try, finishing with the attached. This would cause
pgp_sym_encrypt() and pgp_sym_decrypt() to complain when the builtin
mode is disabled, making things more consistent with the surroundings.
I agree that this could break environments where builtin_crypto is
off, as the functions would now be blocked, but I am not sure that
this is worth worrying about as builtin_crypto=on is the default.
Daniel, what do you think?
--
Michael
From f336e4e09f3d8dda9dd55b855f3eb2cd0913436a Mon Sep 17 00:00:00 2001
From: Michael Paquier <[email protected]>
Date: Fri, 24 Apr 2026 13:12:06 +0900
Subject: [PATCH] pgcrypto: Respect builtin_crypto_enabled for PGP ciphers
pgp_sym_encrypt() and pgp_pub_encrypt() silently accepted
non-FIPS-approved cipher algorithms even if OpenSSL was in FIPS mode and
pgcrypto.builtin_crypto_enabled was set to its 'fips' mode. This causes
pgcrypto to be non-compliant.
A new flag is added to the information list of ciphers, upon which a
filtering is done should FIPS be enabled, depending on the builtin
crypto mode.
Reported-by: Shishir Sharma <[email protected]>
Suggested-by: Daniel Gustafsson <[email protected]>
Discussion: https://postgr.es/m/[email protected]
Backpatch-through: 18
---
doc/src/sgml/pgcrypto.sgml | 9 +-
contrib/pgcrypto/Makefile | 2 +-
contrib/pgcrypto/expected/pgp-fips-cipher.out | 77 +++++++++++++++
.../pgcrypto/expected/pgp-fips-cipher_1.out | 95 +++++++++++++++++++
contrib/pgcrypto/meson.build | 3 +-
contrib/pgcrypto/pgp.c | 32 +++++--
contrib/pgcrypto/sql/pgp-fips-cipher.sql | 46 +++++++++
7 files changed, 250 insertions(+), 14 deletions(-)
create mode 100644 contrib/pgcrypto/expected/pgp-fips-cipher.out
create mode 100644 contrib/pgcrypto/expected/pgp-fips-cipher_1.out
create mode 100644 contrib/pgcrypto/sql/pgp-fips-cipher.sql
diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml
index 6fc2069ad3ec..96b043097eaa 100644
--- a/doc/src/sgml/pgcrypto.sgml
+++ b/doc/src/sgml/pgcrypto.sgml
@@ -1236,12 +1236,17 @@ fips_mode() returns boolean
<listitem>
<para>
<varname>pgcrypto.builtin_crypto_enabled</varname> determines if the
- built in crypto functions <function>gen_salt()</function>, and
- <function>crypt()</function> are available for use. Setting this to
+ built in crypto functions <function>gen_salt()</function>,
+ <function>crypt()</function>, <function>pgp_sym_encrypt()</function>
+ and <function>pgp_pub_encrypt()</function> are available for use.
+ Setting this to
<literal>off</literal> disables these functions. <literal>on</literal>
(the default) enables these functions to work normally.
<literal>fips</literal> disables these functions if
<productname>OpenSSL</productname> is detected to operate in FIPS mode.
+ <function>pgp_sym_encrypt()</function> and
+ <function>pgp_pub_encrypt()</function> are disabled for ciphers that
+ are not FIPS-approved.
</para>
</listitem>
</varlistentry>
diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
index 17d2b0c5ed17..dde8933f706d 100644
--- a/contrib/pgcrypto/Makefile
+++ b/contrib/pgcrypto/Makefile
@@ -45,7 +45,7 @@ REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \
crypt-des crypt-md5 crypt-blowfish crypt-xdes \
pgp-armor pgp-decrypt pgp-encrypt pgp-encrypt-md5 $(CF_PGP_TESTS) \
pgp-pubkey-decrypt pgp-pubkey-encrypt pgp-pubkey-session \
- pgp-info crypt-shacrypt
+ pgp-info crypt-shacrypt pgp-fips-cipher
ifdef USE_PGXS
PG_CONFIG = pg_config
diff --git a/contrib/pgcrypto/expected/pgp-fips-cipher.out b/contrib/pgcrypto/expected/pgp-fips-cipher.out
new file mode 100644
index 000000000000..eed6db0a6490
--- /dev/null
+++ b/contrib/pgcrypto/expected/pgp-fips-cipher.out
@@ -0,0 +1,77 @@
+--
+-- PGP FIPS cipher restrictions
+--
+-- crypto functions disabled. All PGP encryption are blocked.
+SET pgcrypto.builtin_crypto_enabled = off;
+SELECT pgp_sym_encrypt('data', 'key');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=aes256');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+ERROR: use of built-in crypto functions is disabled
+RESET pgcrypto.builtin_crypto_enabled;
+-- crypto functions enabled. All work.
+SET pgcrypto.builtin_crypto_enabled = on;
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes192'),
+ 'key', 'expect-cipher-algo=aes192');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=bf'),
+ 'key', 'expect-cipher-algo=bf');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=3des'),
+ 'key', 'expect-cipher-algo=3des');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=cast5'),
+ 'key', 'expect-cipher-algo=cast5');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+RESET pgcrypto.builtin_crypto_enabled;
+-- crypto functions with FIPS mode.
+SELECT fips_mode() AS is_fips \gset
+\if :is_fips
+SET pgcrypto.builtin_crypto_enabled = fips;
+-- non-AES ciphers must error
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=cast5');
+-- AES ciphers work
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+-- AES round trip under FIPS
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('FIPS round trip test', 'key',
+ 'cipher-algo=aes256'), 'key');
+RESET pgcrypto.builtin_crypto_enabled;
+\endif
diff --git a/contrib/pgcrypto/expected/pgp-fips-cipher_1.out b/contrib/pgcrypto/expected/pgp-fips-cipher_1.out
new file mode 100644
index 000000000000..8ba974cb4c7a
--- /dev/null
+++ b/contrib/pgcrypto/expected/pgp-fips-cipher_1.out
@@ -0,0 +1,95 @@
+--
+-- PGP FIPS cipher restrictions
+--
+-- crypto functions disabled. All PGP encryption are blocked.
+SET pgcrypto.builtin_crypto_enabled = off;
+SELECT pgp_sym_encrypt('data', 'key');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=aes256');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+ERROR: use of built-in crypto functions is disabled
+RESET pgcrypto.builtin_crypto_enabled;
+-- crypto functions enabled. All work.
+SET pgcrypto.builtin_crypto_enabled = on;
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes192'),
+ 'key', 'expect-cipher-algo=aes192');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=bf'),
+ 'key', 'expect-cipher-algo=bf');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=3des'),
+ 'key', 'expect-cipher-algo=3des');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=cast5'),
+ 'key', 'expect-cipher-algo=cast5');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+RESET pgcrypto.builtin_crypto_enabled;
+-- crypto functions with FIPS mode.
+SELECT fips_mode() AS is_fips \gset
+\if :is_fips
+SET pgcrypto.builtin_crypto_enabled = fips;
+-- non-AES ciphers must error
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+ERROR: cipher bf is not FIPS approved
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+ERROR: cipher 3des is not FIPS approved
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=cast5');
+ERROR: cipher cast5 is not FIPS approved
+-- AES ciphers work
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+-- AES round trip under FIPS
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('FIPS round trip test', 'key',
+ 'cipher-algo=aes256'), 'key');
+ pgp_sym_decrypt
+----------------------
+ FIPS round trip test
+(1 row)
+
+RESET pgcrypto.builtin_crypto_enabled;
+\endif
diff --git a/contrib/pgcrypto/meson.build b/contrib/pgcrypto/meson.build
index 4f255c8cb05d..f922c1fb8bdd 100644
--- a/contrib/pgcrypto/meson.build
+++ b/contrib/pgcrypto/meson.build
@@ -54,7 +54,8 @@ pgcrypto_regress = [
'pgp-pubkey-encrypt',
'pgp-pubkey-session',
'pgp-info',
- 'crypt-shacrypt'
+ 'crypt-shacrypt',
+ 'pgp-fips-cipher',
]
pgcrypto_openssl_sources = files(
diff --git a/contrib/pgcrypto/pgp.c b/contrib/pgcrypto/pgp.c
index 8a6a6c2adf1f..2d5375910a9c 100644
--- a/contrib/pgcrypto/pgp.c
+++ b/contrib/pgcrypto/pgp.c
@@ -63,6 +63,7 @@ struct cipher_info
const char *int_name;
int key_len;
int block_len;
+ bool fips_allowed;
};
static const struct digest_info digest_list[] = {
@@ -77,16 +78,16 @@ static const struct digest_info digest_list[] = {
};
static const struct cipher_info cipher_list[] = {
- {"3des", PGP_SYM_DES3, "3des-ecb", 192 / 8, 64 / 8},
- {"cast5", PGP_SYM_CAST5, "cast5-ecb", 128 / 8, 64 / 8},
- {"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
- {"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
- {"aes", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
- {"aes128", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
- {"aes192", PGP_SYM_AES_192, "aes-ecb", 192 / 8, 128 / 8},
- {"aes256", PGP_SYM_AES_256, "aes-ecb", 256 / 8, 128 / 8},
- {"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256 / 8, 128 / 8},
- {NULL, 0, NULL}
+ {"3des", PGP_SYM_DES3, "3des-ecb", 192 / 8, 64 / 8, false},
+ {"cast5", PGP_SYM_CAST5, "cast5-ecb", 128 / 8, 64 / 8, false},
+ {"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8, false},
+ {"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8, false},
+ {"aes", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8, true},
+ {"aes128", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8, true},
+ {"aes192", PGP_SYM_AES_192, "aes-ecb", 192 / 8, 128 / 8, true},
+ {"aes256", PGP_SYM_AES_256, "aes-ecb", 256 / 8, 128 / 8, true},
+ {"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256 / 8, 128 / 8, false},
+ {NULL, 0, NULL, 0, 0, false}
};
static const struct cipher_info *
@@ -162,6 +163,17 @@ pgp_load_cipher(int code, PX_Cipher **res)
if (i == NULL)
return PXE_PGP_CORRUPT_DATA;
+ CheckBuiltinCryptoMode();
+
+ /*
+ * In FIPS mode, only allow ciphers that are FIPS approved.
+ */
+ if (builtin_crypto_enabled == BC_FIPS &&
+ CheckFIPSMode() &&
+ !i->fips_allowed)
+ ereport(ERROR,
+ errmsg("cipher %s is not FIPS approved", i->name));
+
err = px_find_cipher(i->int_name, res);
if (err == 0)
return 0;
diff --git a/contrib/pgcrypto/sql/pgp-fips-cipher.sql b/contrib/pgcrypto/sql/pgp-fips-cipher.sql
new file mode 100644
index 000000000000..cb425a9ccdf9
--- /dev/null
+++ b/contrib/pgcrypto/sql/pgp-fips-cipher.sql
@@ -0,0 +1,46 @@
+--
+-- PGP FIPS cipher restrictions
+--
+
+-- crypto functions disabled. All PGP encryption are blocked.
+SET pgcrypto.builtin_crypto_enabled = off;
+SELECT pgp_sym_encrypt('data', 'key');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=aes256');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+RESET pgcrypto.builtin_crypto_enabled;
+
+-- crypto functions enabled. All work.
+SET pgcrypto.builtin_crypto_enabled = on;
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes192'),
+ 'key', 'expect-cipher-algo=aes192');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=bf'),
+ 'key', 'expect-cipher-algo=bf');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=3des'),
+ 'key', 'expect-cipher-algo=3des');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=cast5'),
+ 'key', 'expect-cipher-algo=cast5');
+RESET pgcrypto.builtin_crypto_enabled;
+
+-- crypto functions with FIPS mode.
+SELECT fips_mode() AS is_fips \gset
+\if :is_fips
+SET pgcrypto.builtin_crypto_enabled = fips;
+-- non-AES ciphers must error
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=cast5');
+-- AES ciphers work
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+-- AES round trip under FIPS
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('FIPS round trip test', 'key',
+ 'cipher-algo=aes256'), 'key');
+RESET pgcrypto.builtin_crypto_enabled;
+\endif
--
2.53.0
Attachments:
[text/plain] 0001-pgcrypto-Respect-builtin_crypto_enabled-for-PGP-ciph.patch (13.7K, 2-0001-pgcrypto-Respect-builtin_crypto_enabled-for-PGP-ciph.patch)
download | inline diff:
From f336e4e09f3d8dda9dd55b855f3eb2cd0913436a Mon Sep 17 00:00:00 2001
From: Michael Paquier <[email protected]>
Date: Fri, 24 Apr 2026 13:12:06 +0900
Subject: [PATCH] pgcrypto: Respect builtin_crypto_enabled for PGP ciphers
pgp_sym_encrypt() and pgp_pub_encrypt() silently accepted
non-FIPS-approved cipher algorithms even if OpenSSL was in FIPS mode and
pgcrypto.builtin_crypto_enabled was set to its 'fips' mode. This causes
pgcrypto to be non-compliant.
A new flag is added to the information list of ciphers, upon which a
filtering is done should FIPS be enabled, depending on the builtin
crypto mode.
Reported-by: Shishir Sharma <[email protected]>
Suggested-by: Daniel Gustafsson <[email protected]>
Discussion: https://postgr.es/m/[email protected]
Backpatch-through: 18
---
doc/src/sgml/pgcrypto.sgml | 9 +-
contrib/pgcrypto/Makefile | 2 +-
contrib/pgcrypto/expected/pgp-fips-cipher.out | 77 +++++++++++++++
.../pgcrypto/expected/pgp-fips-cipher_1.out | 95 +++++++++++++++++++
contrib/pgcrypto/meson.build | 3 +-
contrib/pgcrypto/pgp.c | 32 +++++--
contrib/pgcrypto/sql/pgp-fips-cipher.sql | 46 +++++++++
7 files changed, 250 insertions(+), 14 deletions(-)
create mode 100644 contrib/pgcrypto/expected/pgp-fips-cipher.out
create mode 100644 contrib/pgcrypto/expected/pgp-fips-cipher_1.out
create mode 100644 contrib/pgcrypto/sql/pgp-fips-cipher.sql
diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml
index 6fc2069ad3ec..96b043097eaa 100644
--- a/doc/src/sgml/pgcrypto.sgml
+++ b/doc/src/sgml/pgcrypto.sgml
@@ -1236,12 +1236,17 @@ fips_mode() returns boolean
<listitem>
<para>
<varname>pgcrypto.builtin_crypto_enabled</varname> determines if the
- built in crypto functions <function>gen_salt()</function>, and
- <function>crypt()</function> are available for use. Setting this to
+ built in crypto functions <function>gen_salt()</function>,
+ <function>crypt()</function>, <function>pgp_sym_encrypt()</function>
+ and <function>pgp_pub_encrypt()</function> are available for use.
+ Setting this to
<literal>off</literal> disables these functions. <literal>on</literal>
(the default) enables these functions to work normally.
<literal>fips</literal> disables these functions if
<productname>OpenSSL</productname> is detected to operate in FIPS mode.
+ <function>pgp_sym_encrypt()</function> and
+ <function>pgp_pub_encrypt()</function> are disabled for ciphers that
+ are not FIPS-approved.
</para>
</listitem>
</varlistentry>
diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
index 17d2b0c5ed17..dde8933f706d 100644
--- a/contrib/pgcrypto/Makefile
+++ b/contrib/pgcrypto/Makefile
@@ -45,7 +45,7 @@ REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \
crypt-des crypt-md5 crypt-blowfish crypt-xdes \
pgp-armor pgp-decrypt pgp-encrypt pgp-encrypt-md5 $(CF_PGP_TESTS) \
pgp-pubkey-decrypt pgp-pubkey-encrypt pgp-pubkey-session \
- pgp-info crypt-shacrypt
+ pgp-info crypt-shacrypt pgp-fips-cipher
ifdef USE_PGXS
PG_CONFIG = pg_config
diff --git a/contrib/pgcrypto/expected/pgp-fips-cipher.out b/contrib/pgcrypto/expected/pgp-fips-cipher.out
new file mode 100644
index 000000000000..eed6db0a6490
--- /dev/null
+++ b/contrib/pgcrypto/expected/pgp-fips-cipher.out
@@ -0,0 +1,77 @@
+--
+-- PGP FIPS cipher restrictions
+--
+-- crypto functions disabled. All PGP encryption are blocked.
+SET pgcrypto.builtin_crypto_enabled = off;
+SELECT pgp_sym_encrypt('data', 'key');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=aes256');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+ERROR: use of built-in crypto functions is disabled
+RESET pgcrypto.builtin_crypto_enabled;
+-- crypto functions enabled. All work.
+SET pgcrypto.builtin_crypto_enabled = on;
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes192'),
+ 'key', 'expect-cipher-algo=aes192');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=bf'),
+ 'key', 'expect-cipher-algo=bf');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=3des'),
+ 'key', 'expect-cipher-algo=3des');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=cast5'),
+ 'key', 'expect-cipher-algo=cast5');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+RESET pgcrypto.builtin_crypto_enabled;
+-- crypto functions with FIPS mode.
+SELECT fips_mode() AS is_fips \gset
+\if :is_fips
+SET pgcrypto.builtin_crypto_enabled = fips;
+-- non-AES ciphers must error
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=cast5');
+-- AES ciphers work
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+-- AES round trip under FIPS
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('FIPS round trip test', 'key',
+ 'cipher-algo=aes256'), 'key');
+RESET pgcrypto.builtin_crypto_enabled;
+\endif
diff --git a/contrib/pgcrypto/expected/pgp-fips-cipher_1.out b/contrib/pgcrypto/expected/pgp-fips-cipher_1.out
new file mode 100644
index 000000000000..8ba974cb4c7a
--- /dev/null
+++ b/contrib/pgcrypto/expected/pgp-fips-cipher_1.out
@@ -0,0 +1,95 @@
+--
+-- PGP FIPS cipher restrictions
+--
+-- crypto functions disabled. All PGP encryption are blocked.
+SET pgcrypto.builtin_crypto_enabled = off;
+SELECT pgp_sym_encrypt('data', 'key');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=aes256');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+ERROR: use of built-in crypto functions is disabled
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+ERROR: use of built-in crypto functions is disabled
+RESET pgcrypto.builtin_crypto_enabled;
+-- crypto functions enabled. All work.
+SET pgcrypto.builtin_crypto_enabled = on;
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes192'),
+ 'key', 'expect-cipher-algo=aes192');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=bf'),
+ 'key', 'expect-cipher-algo=bf');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=3des'),
+ 'key', 'expect-cipher-algo=3des');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=cast5'),
+ 'key', 'expect-cipher-algo=cast5');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+RESET pgcrypto.builtin_crypto_enabled;
+-- crypto functions with FIPS mode.
+SELECT fips_mode() AS is_fips \gset
+\if :is_fips
+SET pgcrypto.builtin_crypto_enabled = fips;
+-- non-AES ciphers must error
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+ERROR: cipher bf is not FIPS approved
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+ERROR: cipher 3des is not FIPS approved
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=cast5');
+ERROR: cipher cast5 is not FIPS approved
+-- AES ciphers work
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+ pgp_sym_decrypt
+-----------------
+ Secret.
+(1 row)
+
+-- AES round trip under FIPS
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('FIPS round trip test', 'key',
+ 'cipher-algo=aes256'), 'key');
+ pgp_sym_decrypt
+----------------------
+ FIPS round trip test
+(1 row)
+
+RESET pgcrypto.builtin_crypto_enabled;
+\endif
diff --git a/contrib/pgcrypto/meson.build b/contrib/pgcrypto/meson.build
index 4f255c8cb05d..f922c1fb8bdd 100644
--- a/contrib/pgcrypto/meson.build
+++ b/contrib/pgcrypto/meson.build
@@ -54,7 +54,8 @@ pgcrypto_regress = [
'pgp-pubkey-encrypt',
'pgp-pubkey-session',
'pgp-info',
- 'crypt-shacrypt'
+ 'crypt-shacrypt',
+ 'pgp-fips-cipher',
]
pgcrypto_openssl_sources = files(
diff --git a/contrib/pgcrypto/pgp.c b/contrib/pgcrypto/pgp.c
index 8a6a6c2adf1f..2d5375910a9c 100644
--- a/contrib/pgcrypto/pgp.c
+++ b/contrib/pgcrypto/pgp.c
@@ -63,6 +63,7 @@ struct cipher_info
const char *int_name;
int key_len;
int block_len;
+ bool fips_allowed;
};
static const struct digest_info digest_list[] = {
@@ -77,16 +78,16 @@ static const struct digest_info digest_list[] = {
};
static const struct cipher_info cipher_list[] = {
- {"3des", PGP_SYM_DES3, "3des-ecb", 192 / 8, 64 / 8},
- {"cast5", PGP_SYM_CAST5, "cast5-ecb", 128 / 8, 64 / 8},
- {"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
- {"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8},
- {"aes", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
- {"aes128", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8},
- {"aes192", PGP_SYM_AES_192, "aes-ecb", 192 / 8, 128 / 8},
- {"aes256", PGP_SYM_AES_256, "aes-ecb", 256 / 8, 128 / 8},
- {"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256 / 8, 128 / 8},
- {NULL, 0, NULL}
+ {"3des", PGP_SYM_DES3, "3des-ecb", 192 / 8, 64 / 8, false},
+ {"cast5", PGP_SYM_CAST5, "cast5-ecb", 128 / 8, 64 / 8, false},
+ {"bf", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8, false},
+ {"blowfish", PGP_SYM_BLOWFISH, "bf-ecb", 128 / 8, 64 / 8, false},
+ {"aes", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8, true},
+ {"aes128", PGP_SYM_AES_128, "aes-ecb", 128 / 8, 128 / 8, true},
+ {"aes192", PGP_SYM_AES_192, "aes-ecb", 192 / 8, 128 / 8, true},
+ {"aes256", PGP_SYM_AES_256, "aes-ecb", 256 / 8, 128 / 8, true},
+ {"twofish", PGP_SYM_TWOFISH, "twofish-ecb", 256 / 8, 128 / 8, false},
+ {NULL, 0, NULL, 0, 0, false}
};
static const struct cipher_info *
@@ -162,6 +163,17 @@ pgp_load_cipher(int code, PX_Cipher **res)
if (i == NULL)
return PXE_PGP_CORRUPT_DATA;
+ CheckBuiltinCryptoMode();
+
+ /*
+ * In FIPS mode, only allow ciphers that are FIPS approved.
+ */
+ if (builtin_crypto_enabled == BC_FIPS &&
+ CheckFIPSMode() &&
+ !i->fips_allowed)
+ ereport(ERROR,
+ errmsg("cipher %s is not FIPS approved", i->name));
+
err = px_find_cipher(i->int_name, res);
if (err == 0)
return 0;
diff --git a/contrib/pgcrypto/sql/pgp-fips-cipher.sql b/contrib/pgcrypto/sql/pgp-fips-cipher.sql
new file mode 100644
index 000000000000..cb425a9ccdf9
--- /dev/null
+++ b/contrib/pgcrypto/sql/pgp-fips-cipher.sql
@@ -0,0 +1,46 @@
+--
+-- PGP FIPS cipher restrictions
+--
+
+-- crypto functions disabled. All PGP encryption are blocked.
+SET pgcrypto.builtin_crypto_enabled = off;
+SELECT pgp_sym_encrypt('data', 'key');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=aes256');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+RESET pgcrypto.builtin_crypto_enabled;
+
+-- crypto functions enabled. All work.
+SET pgcrypto.builtin_crypto_enabled = on;
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes192'),
+ 'key', 'expect-cipher-algo=aes192');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=bf'),
+ 'key', 'expect-cipher-algo=bf');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=3des'),
+ 'key', 'expect-cipher-algo=3des');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=cast5'),
+ 'key', 'expect-cipher-algo=cast5');
+RESET pgcrypto.builtin_crypto_enabled;
+
+-- crypto functions with FIPS mode.
+SELECT fips_mode() AS is_fips \gset
+\if :is_fips
+SET pgcrypto.builtin_crypto_enabled = fips;
+-- non-AES ciphers must error
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=bf');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=3des');
+SELECT pgp_sym_encrypt('data', 'key', 'cipher-algo=cast5');
+-- AES ciphers work
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes128'),
+ 'key', 'expect-cipher-algo=aes128');
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes256'),
+ 'key', 'expect-cipher-algo=aes256');
+-- AES round trip under FIPS
+SELECT pgp_sym_decrypt(pgp_sym_encrypt('FIPS round trip test', 'key',
+ 'cipher-algo=aes256'), 'key');
+RESET pgcrypto.builtin_crypto_enabled;
+\endif
--
2.53.0
[application/pgp-signature] signature.asc (833B, 3-signature.asc)
download
^ permalink raw reply [nested|flat] 3+ messages in thread
end of thread, other threads:[~2026-04-24 04:20 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2026-04-17 04:21 BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod PG Bug reporting form <[email protected]>
2026-04-21 14:04 ` Daniel Gustafsson <[email protected]>
2026-04-24 04:20 ` Michael Paquier <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox