9ecd30081a
Previous code was considering length as bytes, but the API contract considers the length param to be bits so that the considering `km` as a VaultKeyManager, the call `km.create_key(ctx, 'AES', 256)` should generate a 256 bit AES key and not a 2048 bit AES key instead. Closes-Bug: #1817248 Change-Id: I5815cb74394e18b6058f4c5cf69b656d7cc2c43b Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
11 lines
532 B
YAML
11 lines
532 B
YAML
---
|
|
fixes:
|
|
- |
|
|
Fixed VaultKeyManager.create_key() to consider the `length` param as bits
|
|
instead of bytes for the key length. This was causing a discrepancy between
|
|
keys generated by the HashiCorp Vault backend and the OpenStack Barbican
|
|
backend. Considering `km` as an instance of a key manager, the following
|
|
code `km.create_key(ctx, "AES", 256)` was generating a 256 bit AES key when
|
|
Barbican is configured as the backend, but generating a 2048 bit AES key
|
|
when Vault was configured as the backend.
|