From fc841e8cc00ff18f8eccd2f35cc8a9ce0c5e47db Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Thu, 27 Jun 2024 09:01:19 +0200 Subject: [PATCH] use sha256 thumbprint in tests --- docs/getting_started.md | 2 +- .../vcsim/controllers/vcsim_controller.go | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 4ffa63b1e8..fee7d925bb 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -115,7 +115,7 @@ VSPHERE_FOLDER: "vm" # The VM folder fo VSPHERE_TEMPLATE: "ubuntu-1804-kube-v1.17.3" # The VM template to use for your management cluster. CONTROL_PLANE_ENDPOINT_IP: "192.168.9.230" # the IP that kube-vip is going to use as a control plane endpoint VIP_NETWORK_INTERFACE: "ens192" # The interface that kube-vip should apply the IP to. Omit to tell kube-vip to autodetect the interface. -VSPHERE_TLS_THUMBPRINT: "..." # sha1 thumbprint of the vcenter certificate: openssl x509 -sha1 -fingerprint -in ca.crt -noout +VSPHERE_TLS_THUMBPRINT: "..." # sha256 thumbprint of the vcenter certificate: openssl x509 -sha256 -fingerprint -in ca.crt -noout EXP_CLUSTER_RESOURCE_SET: "true" # This enables the ClusterResourceSet feature that we are using to deploy CSI VSPHERE_SSH_AUTHORIZED_KEY: "ssh-rsa AAAAB3N..." # The public ssh authorized key on all machines in this cluster. # Set to "" if you don't want to enable SSH, or are using another solution. diff --git a/test/infrastructure/vcsim/controllers/vcsim_controller.go b/test/infrastructure/vcsim/controllers/vcsim_controller.go index 9acd8ebf18..fcf83e93a1 100644 --- a/test/infrastructure/vcsim/controllers/vcsim_controller.go +++ b/test/infrastructure/vcsim/controllers/vcsim_controller.go @@ -18,7 +18,7 @@ package controllers import ( "context" - "crypto/sha1" //nolint: gosec + "crypto/sha256" "crypto/tls" "crypto/x509" "fmt" @@ -206,7 +206,7 @@ func (r *VCenterSimulatorReconciler) reconcileNormal(ctx context.Context, vCente defer conn.Close() cert := conn.ConnectionState().PeerCertificates[0] - vCenterSimulator.Status.Thumbprint = ThumbprintSHA1(cert) + vCenterSimulator.Status.Thumbprint = ThumbprintSHA256(cert) } if r.SupervisorMode { @@ -293,9 +293,9 @@ func (r *VCenterSimulatorReconciler) SetupWithManager(ctx context.Context, mgr c return nil } -// ThumbprintSHA1 returns the thumbprint of the given cert in the same format used by the SDK and Client.SetThumbprint. -func ThumbprintSHA1(cert *x509.Certificate) string { - sum := sha1.Sum(cert.Raw) //nolint: gosec +// ThumbprintSHA256 returns the thumbprint of the given cert in the same format used by the SDK and Client.SetThumbprint. +func ThumbprintSHA256(cert *x509.Certificate) string { + sum := sha256.Sum256(cert.Raw) hex := make([]string, len(sum)) for i, b := range sum { hex[i] = fmt.Sprintf("%02X", b)