On 08.03.23 10:21, Daniel Gustafsson wrote:
On 8 Mar 2023, at 09:49, Peter Eisentraut <peter.eisentr...@enterprisedb.com>
wrote:
It occurred to me that it would be easier to maintain this in the long run if we could
enable a "fake FIPS" mode that would have the same effect but didn't require
fiddling with the OpenSSL configuration or installation.
The attached patch shows how this could work. Thoughts?
- * Initialize a hash context. Note that this implementation is designed
- * to never fail, so this always returns 0.
+ * Initialize a hash context.
Regardless of which, we wan't this hunk since the code clearly can return -1.
I was a bit puzzled by these comments in that file. While the existing
implementations (mostly) never fail, they are clearly not *designed* to
never fail, since the parallel OpenSSL implementations can fail (which
is the point of this thread). So I would remove these comments
altogether, really.
+#ifdef FAKE_FIPS_MODE
I'm not enthusiastic about this. If we use this rather than OpenSSL with FIPS
enabled we might end up missing bugs or weird behavior due to changes in
OpenSSL that we didn't test.
Valid point. In any case, the patch is available for ad hoc testing.
