> On 20 Feb 2024, at 13:24, Robert Haas <robertmhaas@gmail.com> wrote:
>
> On Tue, Feb 20, 2024 at 5:09 PM Daniel Gustafsson <daniel@yesql.se> wrote:
>> A fifth option is to throw away our in-tree implementations and use the OpenSSL
>> API's for everything, which is where this thread started. If the effort to
>> payoff ratio is palatable to anyone then patches are for sure welcome.
>
> That generally seems fine, although I'm fuzzy on what our policy
> actually is. We have fallback implementations for some things and not
> others, IIRC.
I'm not sure there is a well-formed policy, but IIRC the idea with cryptohash
was to provide in-core functionality iff OpenSSL isn't used, and only use the
OpenSSL implementations if it is. Since pgcrypto cannot be built without
OpenSSL (since db7d1a7b0530e8cbd045744e1c75b0e63fb6916f) I don't think it's a
problem to continue the work from that commit and replace more with OpenSSL
implementations.
--
Daniel Gustafsson