]> git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 871cd3b) | patch
cephx: sign messages using hmac_sha256
authorYehuda Sadeh <ysadehwe@ibm.com>
Wed, 28 May 2025 19:51:19 +0000 (15:51 -0400)
committerPatrick Donnelly <pdonnell@ibm.com>
Mon, 22 Sep 2025 16:32:56 +0000 (12:32 -0400)
commit7fd646f5340aa26714b31f5823cc2f90d58401f2
treed0d60493a0fb96c15bd223441933aaeb0d6c149atree | snapshot
parent871cd3bae4b5399a26155e67a693cd0d437d8c38commit | diff
cephx: sign messages using hmac_sha256

if key type is newer than the original AES, calculate message
hash by using HMAC-SHA256.
We cannot use plain aes256k like we do with the aes key because
of the confounder. The other option would be to inject a
confounder, but that would weaken the cipher.

Signed-off-by: Yehuda Sadeh <ysadehwe@ibm.com>
(cherry picked from commit ba6bb55c7c977e9858e242e74d848273617c221b)
src/auth/cephx/CephxSessionHandler.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.