OpenBmc Redfish support etag property error - sha512
Joseph Reynolds
jrey at linux.ibm.com
Wed Sep 1 09:14:05 AEST 2021
On 8/31/21 12:17 PM, Ed Tanous wrote:
> On Tue, Aug 31, 2021 at 1:11 AM Zhang, ShuoX <shuox.zhang at intel.com> wrote:
>> hi,
>>
>> Etag is to check whether the json string returned by the server has changed , I plan to use MD5 encryption to generate etag , can’t find etag in http request header.
> That's because we don't currently implement etag. If you're looking
> at adding it, keep in mind, implementation of etag is more than simply
> including the header, and likely has some changes that would need to
> be made to the internals of the system.
>
> PS, MD5 hasn't really been acceptable for hashing algorithms for a
> while now. Please research what the current guidance is on what hash
> to use for this; I suspect the guidance is still sha256.
>
>
...snip...
FWIW, OpenBMC Linux-PAM modules (pam_unix.so) use the SHA-512 secure
hash algorithm. OpenBMC gets this setting by default from
Yocto/OpenEmbedded configuration.
For background reading, see
https://en.wikipedia.org/wiki/Secure_Hash_Algorithms
- Joseph
More information about the openbmc
mailing list