[openstack-dev] [glance] Unable to set metadata_encryption_key
Djimeli Konrad
djkonro35 at gmail.com
Thu May 19 23:29:33 UTC 2016
Hello Nikhil,
On 19 May 2016 at 04:11, Nikhil Komawar <nik.komawar at gmail.com> wrote:
>
> Here's something to get started:
>
> * Change your tests here glance/tests/functional/__init__.py to
> metadata_encryption_key to the value you want to set.
>
> * See if they pass or fail.
>
I made the change to the test as you suggested and the test still passes.
I have just found out that "ValueError: Input strings must be a multiple of
16 in length" and "TypeError: Incorrect padding" are caused by calling
crypt.urlsafe_decrypt(...) on a data that was not previously encrypted. For
example when the metadata_encryption_key is set, and there is existing data
which had not been encrypted, "glance image-list" would invoke the decrypt
function on the data which was not previously encrypted leading to errors.
A solution to this may be to encrypt existing data when
metadata_encryption_key is set and decrypt the data if it is reset. I would
like get some more ideas/opinions in this issue.
Thanks
Konrad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160520/ff8c16e4/attachment.html>
More information about the OpenStack-dev
mailing list