Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 4.9.0
Affects Version/s: None
Component/s: Shell
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Steps To Reproduce:

Hide

Start resmoke with one of the GCM test suites and check what parameters are passed to mongod instances.

Show
Start resmoke with one of the GCM test suites and check what parameters are passed to mongod instances.
Sprint:
Security 2020-10-05, Security 2020-10-19, Security 2020-11-02
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

There are several test suites for testing encrypted storage with GCM cipher mode:

sharding_ese_gcm.yml
replica_sets_ese_gcm.yml
aggregation_ese_gcm.yml
core_ese_gcm.yml

Those suites assign 'AES256-GCM' value to the TestData.encryptionCipherMode , but the mongo shell ignores it and starts mongod without --encryptionCipherMode parameter.

Thus mongod uses default CBC cipher so it wouldn't be testing GCM at all.

Assignee:: Adam Cooper (Inactive)
Reporter:: Igor Solodovnikov
Participants:: Adam Cooper, Eric Sedor, Githook User, Igor Solodovnikov
Votes:: 0 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: Aug 17 2020 03:17:32 PM UTC
Updated:: Oct 29 2023 10:04:23 PM UTC
Resolved:: Oct 22 2020 01:52:59 PM UTC
Confidence Status Last Update:: 23/Sep/20 5:36 PM

Details

Description

Attachments

Activity

People

Dates