mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2025-12-23 06:15:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

remove fips_strict insecure ciphers which do not seem to be in Go 1.24

Browse Source
This commit is contained in:
Ryan Richard
2025-02-18 13:50:26 -08:00
parent 39a86e7d52
commit 4e04f5b606
3 changed files with 11 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test/integration/limited_ciphers_fips_test.go
View File

@@ -21,7 +21,6 @@ func TestLimitedCiphersFIPS_Disruptive(t *testing.T) {
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_GCM_SHA384", // this is an insecure cipher but allowed for FIPS
},
// Expected server configuration for the Supervisor's OIDC endpoints.
&tls.Config{
@@ -41,7 +40,6 @@ func TestLimitedCiphersFIPS_Disruptive(t *testing.T) {
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
},
},
)

2
test/integration/ptls_fips_test.go
View File

@@ -65,8 +65,6 @@ var expectedFIPSCipherSuites = []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
}
func TestDefault_Parallel(t *testing.T) {