Verify Python requests use FIPS policy (!763) · Merge requests · GitLab.org / security-products / dast

Michael Eddington requested to merge 396433-fips-py-crypto-policy into main Apr 25, 2023

What does this MR do?

Prior to running a DAST scan, DAST python makes a series of HTTP requests to check that the target website has loaded before starting the scan. Some of the requests are performed by the Python wrapper.

To be FIPS compliant, DAST Python must always use a FIPS compatible TLS stack.

This MR adds an e2e test that verifies the Python requests library uses the FIPS cryptographic policy. The test only runs when FIPS_MODE=1 is set.

What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab/-/issues/396433+

GitLab Docs MR

Edited Apr 25, 2023 by Michael Eddington

Verify Python requests use FIPS policy

What does this MR do?

What are the relevant issue numbers?

GitLab Docs MR

Merge request reports