Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added digest_class configuration option #724

Merged
merged 1 commit into from May 27, 2019
Merged

Added digest_class configuration option #724

merged 1 commit into from May 27, 2019

Conversation

saghaulor
Copy link
Contributor

@petergoldstein petergoldstein mentioned this pull request May 23, 2019
Closed
@petergoldstein
Copy link
Owner

@saghaulor So a couple of pieces of feedback:

  1. This change needs one or more corresponding specs
  2. We should not just allow the passing in of a random class, especially since it may or may not implement the hexdigest method. At a minimum there should be duck type checking. Alternatively, we can specify a list of acceptable digest classes and make that configurable with a string value.

Happy to see either option on #2.

@saghaulor
Copy link
Contributor Author

@petergoldstein thanks for the great feedback. I'll add some more stringent checks on the digest_class option, and add some accompanying tests.

@saghaulor
Added digest_class configuration option
d17c901 
- MD5 is not permitted in FIPS mode, nor is the Digest class. When operating
  with FIPS mode, only OpenSSL::Digest::SHAxxx is permitted.
-Closes petergoldstein#723
@saghaulor
Copy link
Contributor Author

@petergoldstein I believe this PR is ready to merge if you agree with the changes. Please let me know if there is anything else you would like me to do regarding this PR.

@petergoldstein
Copy link
Owner

@saghaulor This looks good, thanks. Will merge. Not likely to get to a release immediately, but I'll try to do it within the next week or so.

@petergoldstein petergoldstein merged commit 96da6ef into petergoldstein:master May 27, 2019
@saghaulor saghaulor deleted the add_FIPS_support branch May 28, 2019 17:51
@mdehoog mdehoog mentioned this pull request May 19, 2020
Merged
@akostadinov akostadinov mentioned this pull request Apr 28, 2022
Merged
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Dalli uses MD5 which is not permitted in FIPS mode
2 participants
@saghaulor @petergoldstein