postgresql/contrib/pgcrypto/expected/crypt-md5_1.out
Peter Eisentraut 795592865c pgcrypto: Allow tests to pass in OpenSSL FIPS mode
This adds several alternative expected files for when MD5 and 3DES are
not available.  This is similar to the alternative expected files for
when the legacy provider is disabled.  In fact, running the pgcrypto
tests in FIPS mode makes use of some of these existing alternative
expected files as well (e.g., for blowfish).

These new expected files currently cover the FIPS mode provided by
OpenSSL 3.x as well as the modified OpenSSL 3.x from Red Hat (e.g.,
Fedora 38), but not the modified OpenSSL 1.x from Red Hat (e.g.,
Fedora 35).  (The latter will have some error message wording
differences.)

Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Discussion: https://www.postgresql.org/message-id/flat/dbbd927f-ef1f-c9a1-4ec6-c759778ac852%40enterprisedb.com
2023-11-17 14:55:51 +01:00

17 lines
476 B
Plaintext

--
-- crypt() and gen_salt(): md5
--
SELECT crypt('', '$1$Szzz0yzz');
ERROR: crypt(3) returned NULL
SELECT crypt('foox', '$1$Szzz0yzz');
ERROR: crypt(3) returned NULL
CREATE TABLE ctest (data text, res text, salt text);
INSERT INTO ctest VALUES ('password', '', '');
UPDATE ctest SET salt = gen_salt('md5');
UPDATE ctest SET res = crypt(data, salt);
ERROR: crypt(3) returned NULL
SELECT res = crypt(data, res) AS "worked"
FROM ctest;
ERROR: invalid salt
DROP TABLE ctest;