]> git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 14dfe05) | patch
cephx: sign messages using hmac_sha256
authorYehuda Sadeh <ysadehwe@ibm.com>
Wed, 28 May 2025 19:51:19 +0000 (15:51 -0400)
committerPatrick Donnelly <pdonnell@ibm.com>
Wed, 1 Oct 2025 18:46:47 +0000 (14:46 -0400)
commit39f2fe00b0c3d2bbbdb8579b69d4f6ed913c8298
tree6c3aac9825dc8fdef0ff8df362517a478184a9b1tree | snapshot
parent14dfe059fd5b1bc0aeacdfeab0aee9b6bd82ae20commit | diff
cephx: sign messages using hmac_sha256

if key type is newer than the original AES, calculate message
hash by using HMAC-SHA256.
We cannot use plain aes256k like we do with the aes key because
of the confounder. The other option would be to inject a
confounder, but that would weaken the cipher.

Signed-off-by: Yehuda Sadeh <ysadehwe@ibm.com>
src/auth/cephx/CephxSessionHandler.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.