public inbox for [email protected]
help / color / mirror / Atom feedFrom: Daniel Gustafsson <[email protected]>
To: PostgreSQL Hackers <[email protected]>
Subject: Cryptohash OpenSSL error queue in FIPS enabled builds
Date: Fri, 22 Apr 2022 16:56:38 +0200
Message-ID: <[email protected]> (raw)
In trying out an OpenSSL 3.1 build with FIPS enabled I realized that our
cryptohash code had a small issue. Calling a banned cipher generated two
different error messages interleaved:
postgres=# select md5('foo');
ERROR: could not compute MD5 hash: unsupported
postgres=# select md5('foo');
ERROR: could not compute MD5 hash: initialization error
It turns out that OpenSSL places two errors in the queue for this operation,
and we only consume one without clearing the queue in between, so we grab an
error from the previous run.
Consuming all (both) errors and creating a concatenated string seems overkill
as it would alter the API from a const error string to something that needs
freeing etc (also, very few OpenSSL consumers actually drain the queue, OpenSSL
themselves don't). Skimming the OpenSSL code I was unable to find another
example of two errors generated. The attached calls ERR_clear_error() as how
we do in libpq in order to avoid consuming earlier errors.
--
Daniel Gustafsson https://vmware.com/
Attachments:
[application/octet-stream] v1-0001-Clear-the-OpenSSL-error-queue-before-cryptohash-o.patch (1.7K, ../[email protected]/2-v1-0001-Clear-the-OpenSSL-error-queue-before-cryptohash-o.patch)
download | inline diff:
From 85c7ca37b20202c2e7e143a25489e51719de7f5e Mon Sep 17 00:00:00 2001
From: Daniel Gustafsson <[email protected]>
Date: Fri, 22 Apr 2022 14:56:33 +0200
Subject: [PATCH v1] Clear the OpenSSL error queue before cryptohash operations
Setting up an EVP context for ciphers banned under FIPS generate
two OpenSSL errors in the queue, and as we only consume one from
the queue the other is at the head for the next invocation:
postgres=# select md5('foo');
ERROR: could not compute MD5 hash: unsupported
postgres=# select md5('foo');
ERROR: could not compute MD5 hash: initialization error
Clearing the error queue when creating the context ensures that
we don't pull in an error from an earlier operation.
---
src/common/cryptohash_openssl.c | 2 ++
src/common/hmac_openssl.c | 2 ++
2 files changed, 4 insertions(+)
diff --git a/src/common/cryptohash_openssl.c b/src/common/cryptohash_openssl.c
index 6c98f1cf95..aef3ef0476 100644
--- a/src/common/cryptohash_openssl.c
+++ b/src/common/cryptohash_openssl.c
@@ -115,6 +115,8 @@ pg_cryptohash_create(pg_cryptohash_type type)
ctx->error = PG_CRYPTOHASH_ERROR_NONE;
ctx->errreason = NULL;
+ ERR_clear_error();
+
/*
* Initialization takes care of assigning the correct type for OpenSSL.
*/
diff --git a/src/common/hmac_openssl.c b/src/common/hmac_openssl.c
index 44f36d51dc..5eda902024 100644
--- a/src/common/hmac_openssl.c
+++ b/src/common/hmac_openssl.c
@@ -106,6 +106,8 @@ pg_hmac_create(pg_cryptohash_type type)
ctx->error = PG_HMAC_ERROR_NONE;
ctx->errreason = NULL;
+ ERR_clear_error();
+
/*
* Initialization takes care of assigning the correct type for OpenSSL.
*/
--
2.32.0 (Apple Git-132)
view thread (2+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Cryptohash OpenSSL error queue in FIPS enabled builds
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox