[Issue 10215] New: [QUESTION] FIPS Validated password hashing

7 May 2024


      https://bugs.openldap.org/show_bug.cgi?id=10215
Issue ID: 10215
           Summary: [QUESTION] FIPS Validated password hashing
           Product: OpenLDAP
           Version: 2.4.54
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: libraries
          Assignee: bugs@openldap.org
          Reporter: 11tete11@gmail.com
  Target Milestone: ---
Hi! we are in process of a certification, and we are using openldap of ubuntu
pro fips 20.04, that its the 2.4.54
At some point the auditor ask us, how the passwords are stored into ldap, and
we found this:
https://github.com/openldap/openldap/tree/master/contrib/slapd-modules/passw...
seems that that module do not use a FIPS validated library like "openssl" that
comes with ubuntu fips. and make it's own implementation of the sha512.
Is there any ldap module that uses the openssl library of the SO that in this
case its the openssl 1.1.1f to hash its passwords?, could be this
https://github.com/openldap/openldap/tree/master/contrib/slapd-modules/passw...
maybe if i'm understanding right?
thx!
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 10215] New: [QUESTION] FIPS Validated password hashing