]> git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 808c9dc) | patch
cephx: sign messages using hmac_sha256
authorYehuda Sadeh <ysadehwe@ibm.com>
Wed, 28 May 2025 19:51:19 +0000 (15:51 -0400)
committerPatrick Donnelly <pdonnell@ibm.com>
Mon, 13 Oct 2025 23:59:17 +0000 (19:59 -0400)
commitbea6b6f2a8e1a14c41a8b453113d014f2918792b
tree7febf41209fdbda1ba016b5a75f2a32722658524tree | snapshot
parent808c9dc13d9ad388739c75ef3c64886c22816274commit | diff
cephx: sign messages using hmac_sha256

if key type is newer than the original AES, calculate message
hash by using HMAC-SHA256.
We cannot use plain aes256k like we do with the aes key because
of the confounder. The other option would be to inject a
confounder, but that would weaken the cipher.

Signed-off-by: Yehuda Sadeh <ysadehwe@ibm.com>
(cherry picked from commit ba6bb55c7c977e9858e242e74d848273617c221b)
src/auth/cephx/CephxSessionHandler.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.