Re: Use EVP API pgcrypto encryption, dropping support for OpenSSL 0.9.6 and older

Поиск
Список
Период
Сортировка
От Joe Conway
Тема Re: Use EVP API pgcrypto encryption, dropping support for OpenSSL 0.9.6 and older
Дата
Msg-id 5612890E.3000505@joeconway.com
обсуждение исходный текст
Ответ на Use EVP API pgcrypto encryption, dropping support for OpenSSL 0.9.6 and older  (Heikki Linnakangas <hlinnaka@iki.fi>)
Список pgsql-hackers
Дерево обсуждения 
On 10/05/2015 06:02 AM, Heikki Linnakangas wrote:
> There was prior discussion on the EVP API in this old thread from 2007:
> http://www.postgresql.org/message-id/flat/46A5E284.7030402@sun.com#46A5E284.7030402@sun.com
>
>
> In short, pgcrypto actually used to use the EVP functions, but was
> changed to *not* use them, because in older versions of OpenSSL, some
> key lengths and/or padding options that pgcrypto supports were not
> supported by the EVP API. That was fixed in OpenSSL 0.9.7, however. The
> consensus in 2007 was that we could drop support for OpenSSL 0.9.6 and
> below, so that should definitely be OK by now, if we haven't already
> done that elsewhere in the code.
>
> Any objections to the attached two patches?

I haven't studied that patches themselves yet, but +1 for the concept.

Joe

--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Simon Riggs
Дата:
Сообщение: Re: Freeze avoidance of very large table.
Следующее
От: Merlin Moncure
Дата:
Сообщение: Re: No Issue Tracker - Say it Ain't So!]