search

test-kitchen / winrm-transport

WinRM transport logic for re-using remote shells and uploading files
Other
8 stars 9 forks source link

Kitchen winrm transport driver not working with Hardened windows OS #23

Open frezbo opened 7 years ago

frezbo commented 7 years ago

I am using a hardened windows AMI and kitchen seems to have problem copying over files probably due to some old crypto algorithm being used. But kitchen verify seems to work.

>>>>>> ------Exception-------
>>>>>> Class: Kitchen::ActionFailed
>>>>>> Message: 1 actions failed.
>>>>>>     Failed to complete #converge action: [[WinRM::FS::Core::FileTransporter] Upload failed (exitcode: 0), but stderr present
Exception calling "Create" with "0" argument(s): "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."
At line:51 char:5
+     $c = [System.Security.Cryptography.MD5]::Create()
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : InvalidOperationException
Exception calling "Create" with "0" argument(s): "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."
At line:51 char:5
+     $c = [System.Security.Cryptography.MD5]::Create()
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : InvalidOperationException
Exception calling "Create" with "0" argument(s): "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."
At line:51 char:5
+     $c = [System.Security.Cryptography.MD5]::Create()
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : InvalidOperationException
] on server
>>>>>> ----------------------
>>>>>> Please see .kitchen/logs/kitchen.log for more details
>>>>>> Also try running `kitchen diagnose --all` for configuration

I think this is probably caused due to: https://github.com/test-kitchen/winrm-transport/blob/6cfbf11316f3ac01878cc0dea32ec126494703b8/support/decode_files.ps1#L29

mwrock commented 7 years ago

This repo is long dead and test-kitchen now uses the winrm and winrm-fs gems got transferring files. We do have an open issue to comply with FIPS algorithms which is likely what your are hitting here.