On 10/05/2015 06:02 AM, Heikki Linnakangas wrote:
> There was prior discussion on the EVP API in this old thread from 2007:
> http://www.postgresql.org/message-id/flat/46A5E284.7030402@sun.com#46A5E284.7030402@sun.com
>
>
> In short, pgcrypto actually used to use the EVP functions, but was
> changed to *not* use them, because in older versions of OpenSSL, some
> key lengths and/or padding options that pgcrypto supports were not
> supported by the EVP API. That was fixed in OpenSSL 0.9.7, however. The
> consensus in 2007 was that we could drop support for OpenSSL 0.9.6 and
> below, so that should definitely be OK by now, if we haven't already
> done that elsewhere in the code.
>
> Any objections to the attached two patches?
I haven't studied that patches themselves yet, but +1 for the concept.
Joe
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development