Bug 1741229 - FIPS Compatibility for OSP [NEEDINFO]
Summary: FIPS Compatibility for OSP
Keywords:
Status: ON_DEV
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: Security
Version: 17.0 (Wallaby)
Hardware: All
OS: All
high
high
Target Milestone: beta
: 17.0
Assignee: Ade Lee
QA Contact: Jeremy Agee
URL:
Whiteboard:
: 1670164 1742933 (view as bug list)
Depends On:
Blocks: OSP_FIPS_TRACKER 2125346 1741261
TreeView+ depends on / blocked
 
Reported: 2019-08-14 14:22 UTC by Ash Westbrook
Modified: 2023-03-16 14:42 UTC (History)
22 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: OSP_FIPS_TRACKER 2125346 (view as bug list)
Environment:
Last Closed:
Target Upstream Version:
Embargoed:
lhh: needinfo? (alee)

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker OSP-191 0 None None None 2021-11-29 21:55:10 UTC

Description Ash Westbrook 2019-08-14 14:22:37 UTC 
NAPS feature tracker.
Comment 6 Harry Rybacki 2019-08-28 17:51:13 UTC 
*** Bug 1670164 has been marked as a duplicate of this bug. ***
Comment 7 Harry Rybacki 2019-09-18 13:43:58 UTC 
*** Bug 1742933 has been marked as a duplicate of this bug. ***
Comment 9 Simo Sorce 2019-10-03 18:51:04 UTC 
Lon,
it is very unlikely we'll certify any of those python libraries, I suggest working upstream to transition all uses to python-cryptography or other decent wrapper around one of our supported security libraries.
For golang you should talk to the toolset people, the official golang crypto package has been patched on Red Hat builds to link to openssl, if there are other crypto libraries pulled in I strongly suggest you work upstream to eliminate or reduce their usage so that it can be disabled in FIPS mode.
Comment 14 spower 2021-11-30 10:02:08 UTC 
This has been given an exception + and has an extension until Jan 31st to get to POST/MODIFIED.
Note You need to log in before you can comment on or make changes to this bug.