From 0a2dc8aa1d267da3c1c2925b3f292bd96aa50edb Mon Sep 17 00:00:00 2001
From: Michal Nasiadka <michal.nasiadka@nokia.com>
Date: Thu, 25 Apr 2019 09:06:28 +0200
Subject: [PATCH] Add sha256 in ceph fetch keys

fetch_ceph_keys.py is using insecure sha1 function, this patch adds
sha256 beside sha1 - in order to remove sha1 safely in U release.

Change-Id: I32ba1abd204c9dba4bbe3132b5650b0e391616af
Closes-Bug: #1826327
---
 docker/ceph/ceph-mon/fetch_ceph_keys.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docker/ceph/ceph-mon/fetch_ceph_keys.py b/docker/ceph/ceph-mon/fetch_ceph_keys.py
index 3303bdf5c0..f0f4a71540 100644
--- a/docker/ceph/ceph-mon/fetch_ceph_keys.py
+++ b/docker/ceph/ceph-mon/fetch_ceph_keys.py
@@ -49,8 +49,10 @@ def read_file(filename):
     with open(filename_path, 'rb') as f:
         raw_data = f.read()
 
+    # TODO(mnasiadka): Remove sha1 in U
     return {'content': base64.b64encode(zlib.compress(raw_data)),
             'sha1': hashlib.sha1(raw_data).hexdigest(),
+            'sha256': hashlib.sha256(raw_data).hexdigest(),
             'filename': filename}