]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c80143e) | patch
cephx: sign messages using hmac_sha256
authorYehuda Sadeh <ysadehwe@ibm.com>
Wed, 28 May 2025 19:51:19 +0000 (15:51 -0400)
committerPatrick Donnelly <pdonnell@ibm.com>
Mon, 26 Jan 2026 15:26:35 +0000 (10:26 -0500)
commit707dcf586e4fea0f9bf9f3e10ca89c5bb1286f64
treea2ed0a1cf144bdbc32965e8c78b9634ada77bd63tree | snapshot
parentc80143ecf87de09ab59748804d093a8981ad2e89commit | diff
cephx: sign messages using hmac_sha256

if key type is newer than the original AES, calculate message
hash by using HMAC-SHA256.
We cannot use plain aes256k like we do with the aes key because
of the confounder. The other option would be to inject a
confounder, but that would weaken the cipher.

Signed-off-by: Yehuda Sadeh <ysadehwe@ibm.com>
src/auth/cephx/CephxSessionHandler.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.