git-server-git.apps.pok.os.sepia.ceph.com Git

author	Ilya Dryomov <idryomov@gmail.com>
	Sat, 12 Jul 2025 15:11:55 +0000 (17:11 +0200)
committer	Ilya Dryomov <idryomov@gmail.com>
	Mon, 9 Feb 2026 11:29:22 +0000 (12:29 +0100)
commit	8356b4b1103b8c970648c94bab724aa30e42d869
tree	317cf39cee9bfb5505f48ec325b8776a30e19030	tree \| snapshot
parent	b7cc142dbafeaf6c053284ca9121b9f70b6d6d06	commit \| diff

libceph: adapt ceph_x_challenge_blob hashing and msgr1 message signing

The existing approach where ceph_x_challenge_blob is encrypted with the
client's secret key and then the digest derived from the ciphertext is
used for the test doesn't work with CEPH_CRYPTO_AES256KRB5 because the
confounder randomizes the ciphertext: the client and the server get two
different ciphertexts and therefore two different digests.

msgr1 signatures are affected the same way: a digest derived from the
ciphertext for the message's "sigblock" is what becomes a signature and
the two sides disagree on the expected value.

For CEPH_CRYPTO_AES256KRB5 (and potential future encryption schemes),
switch to HMAC-SHA256 function keyed in the same way as the existing
encryption. For CEPH_CRYPTO_AES, everything is preserved as is.

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>

net/ceph/auth_x.c		diff \| blob \| history
net/ceph/crypto.c		diff \| blob \| history
net/ceph/crypto.h		diff \| blob \| history
net/ceph/messenger_v2.c		diff \| blob \| history