Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.x](backport #6380) test: increase passwd length in crypto io tests #6407

Merged
merged 2 commits into from
Dec 19, 2024
Merged

[8.x](backport #6380) test: increase passwd length in crypto io tests #6407

merged 2 commits into from
Dec 19, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Dec 19, 2024

What does this PR do?

the password is used to derive a key using pbkdf2 and hmac.

Update the test to use longer passwords.

Why is it important?

In fips only mode use of keys shorter than 112 bits is not allowed for hmac.

The program will panic with the following error:

panic: crypto/hmac: use of keys shorter than 112 bits is not allowed in FIPS 140-only mode

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in ./changelog/fragments using the changelog tool
  • I have added an integration test or an E2E test

Disruptive User Impact

How to test this PR locally

Related issues

Questions to ask yourself

  • How are we going to support this in production?
  • How are we going to measure its adoption?
  • How are we going to debug this?
  • What are the metrics I should take care of?
  • ...
This is an automatic backport of pull request #6380 done by [Mergify](https://mergify.com).

@kruskall @mergify
test: increase passwd length in crypto io tests (#6380)
1ec4249 
the password is used to derive a key using pbkdf2 and hmac.

In fips only mode use of keys shorter than 112 bits is not
allowed for hmac.

Update the test to use longer passwords.

(cherry picked from commit 3c4861c)
@mergify mergify bot requested a review from a team as a code owner December 19, 2024 14:17
@mergify mergify bot added the backport label Dec 19, 2024
@mergify mergify bot requested review from michalpristas and pchila and removed request for a team December 19, 2024 14:17
@kruskall kruskall enabled auto-merge (squash) December 19, 2024 14:28
@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

@kruskall kruskall merged commit 7766efd into 8.x Dec 19, 2024
13 checks passed
@kruskall kruskall deleted the mergify/bp/8.x/pr-6380 branch December 19, 2024 19:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kruskall kruskall kruskall approved these changes

@michalpristas michalpristas Awaiting requested review from michalpristas michalpristas is a code owner automatically assigned from elastic/elastic-agent-control-plane

@pchila pchila Awaiting requested review from pchila pchila is a code owner automatically assigned from elastic/elastic-agent-control-plane

Assignees

@kruskall kruskall

Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kruskall