Skip to content

Add FIPS support for API keys endpoint

What does this MR do and why?

Contributes to #355877 (closed)

  • When FIPS enabled, return InvalidFingerprint error for MD5 fingerprints

Screenshots or screen recordings

Before After
Screenshot_2022-03-15_at_15.29.13 Screenshot_2022-03-15_at_15.29.55

How to set up and validate locally

  1. Start GDK app in FIPS mode (FIPS_MODE=true gdk thin)
  2. Fetch MD5 fingerprint from Rails console (pry> Key.first.fingerprint)
  3. Open http://127.0.0.1:3000/api/v4/keys?fingerprint=<MD5-fingerprint-from-2-step>
  4. You should see an error that key is missing

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Vasilii Iakliushin

Merge request reports

Loading