Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

misc: add fips test #459

Merged
merged 1 commit into from
Oct 10, 2023
Merged

misc: add fips test #459

merged 1 commit into from
Oct 10, 2023

Conversation

tormath1
Copy link
Contributor

@tormath1 tormath1 commented Oct 4, 2023

This is documented for now but not tested: https://www.flatcar.org/docs/latest/setup/security/fips/

Out of the box config is available since OpenSSL 3.0.8 for Flatcar, so the incoming Stable will work - we only exclude LTS. It does not mean that FIPS does not work on LTS, it's just that it takes extra steps to activate it.

@tormath1 tormath1 self-assigned this Oct 4, 2023
@tormath1 tormath1 marked this pull request as ready for review October 4, 2023 15:04
@tormath1 tormath1 requested a review from a team October 4, 2023 15:04
// It works because SHA is FIPS compliant.
c.MustSSH(m, "echo Flatcar | openssl sha512 -")

// Should exits with 0.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Should exits with 0.
// Should exit with 0.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
@tormath1 tormath1 merged commit a465876 into flatcar-master Oct 10, 2023
2 checks passed
@tormath1 tormath1 deleted the tormath1/fips branch October 10, 2023 08:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants