Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-1795

[Dev] verify new encryption library is FIPS-certified

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Major Major
    • None
    • None
    • None

      The issue:

      Encryption functions are being added to os-brick for use by the upstream in-flight image encryption effort [0].  The crypto library selected is python-gnupg.

      This is the first project to use python-gnupg in OpenStack.  The library was accepted into OpenStack global-requirements [1], but FIPS-certification is not an acceptance criterion.

      [0] https://review.opendev.org/c/openstack/os-brick/+/709432/

      [1] https://review.opendev.org/c/openstack/requirements/+/760109

       

      Work to be completed:

      Verify that python-gnupg is FIPS-certified or satisfies the OSP 18 goal of FIPS-compliance in some other appropriate way.

       

      Definition of Done:

      Documentation that the Security DFG has determined that python-gnupg is an acceptable crypto library for OSP 18.

              brosmait@redhat.com Brian Rosmaita
              brosmait@redhat.com Brian Rosmaita
              rhos-storage-cinder
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: