From 34be3a59a55d044b3eae3a3572cb90134c68c8cb Mon Sep 17 00:00:00 2001 From: Marcus Watts Date: Wed, 19 Nov 2025 03:11:26 -0500 Subject: [PATCH] auth: CryptoKey, use dynamic usage keys for sts too Implement non-zero usage constants for sts too. 14 sts token Signed-off-by: Marcus Watts --- src/rgw/rgw_rest_s3.cc | 2 +- src/rgw/rgw_sts.cc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc index 1432b3d7795..61c3d56a39e 100644 --- a/src/rgw/rgw_rest_s3.cc +++ b/src/rgw/rgw_rest_s3.cc @@ -7178,7 +7178,7 @@ rgw::auth::s3::STSEngine::get_session_token(const DoutPrefixProvider* dpp, const buffer::list en_input, dec_output; en_input = buffer::list::static_from_string(decodedSessionToken); - ret = keyhandler->decrypt(cct, en_input, dec_output, &error); + ret = keyhandler->decrypt_ext(cct, 14, en_input, dec_output, &error); if (ret < 0) { ldpp_dout(dpp, 0) << "ERROR: Decryption failed: " << error << dendl; return -EPERM; diff --git a/src/rgw/rgw_sts.cc b/src/rgw/rgw_sts.cc index a4621f3368a..ed75bdb1e01 100644 --- a/src/rgw/rgw_sts.cc +++ b/src/rgw/rgw_sts.cc @@ -146,7 +146,7 @@ int Credentials::generateCredentials(const DoutPrefixProvider *dpp, buffer::list input, enc_output; encode(token, input); - if (ret = keyhandler->encrypt(cct, input, enc_output, &error); ret < 0) { + if (ret = keyhandler->encrypt_ext(cct, 14, input, enc_output, &error); ret < 0) { ldpp_dout(dpp, 0) << "ERROR: Encrypting session token returned an error !" << dendl; return ret; } -- 2.47.3