Encryption features
If you use a cryptographic module provided by Fujitsu Enterprise Postgres Advanced Edition with Cryptographic Module, you cannot use algorithms and parameters not approved for FIPS 140 , so the following cryptographic functionality differences exist:
Saving Passwords in md5 format on the server
Use the default scram-sha-256.
Some algorithms and parameters used to connect and authenticate using SSL
Not only are they not available as encryption algorithms for communication paths, but they are also not available as signature algorithms for certificates, encryption algorithms for encrypting and storing private keys, and so on. Additionally, X25519 cannot be used as the elliptic curve for ECDH key exchange (key establishment).
Fujitsu Enterprise Postgres 18 adds X25519 as the default elliptic curve for ECDH key exchange. Therefore, when using SSL with Fujitsu Enterprise Postgres Advanced Edition with Cryptographic Module 18, specify a value for the "ssl_groups" parameter (which defines the elliptic curves used for ECDH key exchange) that does not include X25519.
The following are not available
md5 in SQL functions
Some algorithms of the extension module pgcrypto
Some functions of the extension module uuid-ossp
Classification | Details |
|---|---|
Algorithms | BF, CAST, DES, DESX, IDEA, RC2, RC4, RC5, SEED, ARIA, CAMELLIA, SM4 |
Digest | MD2, MD4, MDC2, DES, RIPEMD-160, WHIRLPOOL,BLAKE2, SM3, MD5, MD5-SHA1 |
MAC | BLAKE2, CMAC, KMAC, POLY1305, SIPHASH |
KDF | KBKDF, KRB5KDF, SCRYPT, X942KDF, X963KDF |
Asymmetric keys | RSA-PSS, RSA-OAEP, SM2 |
Asymmetric encryption | RSAES-OAEP |
Application development
Prepare the Java or .NET runtime required for your application to work with the JDBC driver and the .NET Data Provider. The implementation of the encryption algorithms used to connect these applications to the database server is provided by the respective runtimes.
Features not provided
Windows client(32bit)
