Secure Hash Algorithm Support (Multihash)¶
The Secure Hash Algorithm feature supplements the current ‘checksum’ image property with a self-describing secure hash.
The self-description consists of two new image properties:
Contains the name of the secure hash algorithm used to generate the value on the image
The hexdigest computed by applying the secure hash algorithm named in the
os_hash_algoproperty to the image data
Hash Algorithm Configuration¶
os_hash_algo will be populated by the value of the configuration option
hashing_algorithm in the
glance.conf file. The
will be populated by the hexdigest computed when the algorithm is applied to
the uploaded or imported image data.
These are read-only image properties and are not user-modifiable.
The default secure hash algorithm is SHA-512. It should be suitable for most applications.
The multihash is computed only for new images. There is no provision for computing the multihash for existing images.