Project

Profile

Help

Story #6985

closed

Story #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environment

As a user, pulpcore itself is FIPS compatible

Added by bmbouter over 4 years ago. Updated about 4 years ago.

Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Background

Currently pulp3 uses insecure checksums for data integrity purposes, for example when syncing EL5 content which only has md5 checksums available on EL5 systems so the repodata only has MD5. When Pulp is downloading it uses those md5 values to ensure the downloaded data is unmodified.

Solution

Mark the usage of insecure checksums in Pulp to not be used for security purposes using the Red Hat provided "usedforsecurity" flag.


Related issues

Is duplicate of Pulp - Story #5216: As a user, I can configure which checksum types I want to use in PulpCLOSED - CURRENTRELEASEggainey

Actions

Also available in: Atom PDF