From 035f99cbebe5ffcaf52f8370394446cd59621ab7 Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Fri, 24 Jan 2025 14:25:08 +0100 Subject: pgcrypto: Make it possible to disable built-in crypto When using OpenSSL and/or the underlying operating system in FIPS mode no non-FIPS certified crypto implementations should be used. While that is already possible by just not invoking the built-in crypto in pgcrypto, this adds a GUC which prohibit the code from being called. This doesn't change the FIPS status of PostgreSQL but can make it easier for sites which target FIPS compliance to ensure that violations cannot occur. Author: Daniel Gustafsson Author: Joe Conway Reviewed-by: Joe Conway Reviewed-by: Peter Eisentraut Reviewed-by: Hayato Kuroda Discussion: https://postgr.es/m/16b4a157-9ea1-44d0-b7b3-4c85df5de97b@joeconway.com --- doc/src/sgml/pgcrypto.sgml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'doc/src') diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml index 838d7532a52..a4d035eabdd 100644 --- a/doc/src/sgml/pgcrypto.sgml +++ b/doc/src/sgml/pgcrypto.sgml @@ -1165,6 +1165,44 @@ fips_mode() returns boolean + + Configuration Parameters + + + There is one configuration parameter that controls the behavior of + pgcrypto. + + + + + + pgcrypto.builtin_crypto_enabled (enum) + + pgcrypto.builtin_crypto_enabled configuration + parameter + + + + + pgcrypto.builtin_crypto_enabled determines if the + built in crypto functions gen_salt(), and + crypt() are available for use. Setting this to + off disables these functions. on + (the default) enables these functions to work normally. + fips disables these functions if + OpenSSL is detected to operate in FIPS mode. + + + + + + + In ordinary usage, this parameter is set + in postgresql.conf, although superusers can alter it + on-the-fly within their own sessions. + + + Notes -- cgit v1.2.3