diff options
| author | Daniel Gustafsson <dgustafsson@postgresql.org> | 2025-01-24 14:25:08 +0100 |
|---|---|---|
| committer | Daniel Gustafsson <dgustafsson@postgresql.org> | 2025-01-24 14:25:08 +0100 |
| commit | 035f99cbebe5ffcaf52f8370394446cd59621ab7 (patch) | |
| tree | 1d9396c1e7ad2ea07daee1b32ccba55e2b24a461 /doc/src | |
| parent | 924d89a354750976cdd271d1dfc6c1e97cbb8851 (diff) | |
| download | postgresql-035f99cbebe5ffcaf52f8370394446cd59621ab7.tar.gz postgresql-035f99cbebe5ffcaf52f8370394446cd59621ab7.zip | |
pgcrypto: Make it possible to disable built-in crypto
When using OpenSSL and/or the underlying operating system in FIPS
mode no non-FIPS certified crypto implementations should be used.
While that is already possible by just not invoking the built-in
crypto in pgcrypto, this adds a GUC which prohibit the code from
being called. This doesn't change the FIPS status of PostgreSQL
but can make it easier for sites which target FIPS compliance to
ensure that violations cannot occur.
Author: Daniel Gustafsson <daniel@yesql.se>
Author: Joe Conway <mail@joeconway.com>
Reviewed-by: Joe Conway <mail@joeconway.com>
Reviewed-by: Peter Eisentraut <peter@eisentraut.org>
Reviewed-by: Hayato Kuroda <kuroda.hayato@fujitsu.com>
Discussion: https://postgr.es/m/16b4a157-9ea1-44d0-b7b3-4c85df5de97b@joeconway.com
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/pgcrypto.sgml | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml index 838d7532a52..a4d035eabdd 100644 --- a/doc/src/sgml/pgcrypto.sgml +++ b/doc/src/sgml/pgcrypto.sgml @@ -1165,6 +1165,44 @@ fips_mode() returns boolean </para> </sect2> + <sect2 id="pgcrypto-configuration-parameters"> + <title>Configuration Parameters</title> + + <para> + There is one configuration parameter that controls the behavior of + <filename>pgcrypto</filename>. + </para> + + <variablelist> + <varlistentry id="pgcrypto-configuration-parameters-builtin_crypto_enabled"> + <term> + <varname>pgcrypto.builtin_crypto_enabled</varname> (<type>enum</type>) + <indexterm> + <primary><varname>pgcrypto.builtin_crypto_enabled</varname> configuration + parameter</primary> + </indexterm> + </term> + <listitem> + <para> + <varname>pgcrypto.builtin_crypto_enabled</varname> determines if the + built in crypto functions <function>gen_salt()</function>, and + <function>crypt()</function> are available for use. Setting this to + <literal>off</literal> disables these functions. <literal>on</literal> + (the default) enables these functions to work normally. + <literal>fips</literal> disables these functions if + <productname>OpenSSL</productname> is detected to operate in FIPS mode. + </para> + </listitem> + </varlistentry> + </variablelist> + + <para> + In ordinary usage, this parameter is set + in <filename>postgresql.conf</filename>, although superusers can alter it + on-the-fly within their own sessions. + </para> + </sect2> + <sect2 id="pgcrypto-notes"> <title>Notes</title> |