[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1712027] [NEW] qemu: Cryptography adding encrypted dis
From: |
Huang Yong |
Subject: |
[Qemu-devel] [Bug 1712027] [NEW] qemu: Cryptography adding encrypted disk with luks format failed |
Date: |
Mon, 21 Aug 2017 09:12:02 -0000 |
Public bug reported:
I'm using libvirt to attach luks encrypted disk to a running VM. The
qemu-monitor-command like the
following:
{"execute":"object-add","arguments":{"qom-type":"secret","id":"virtio-
disk11-luks-
secret0","props":{"data":"El7jOYLCZwrij2Mue0q2tA==","keyid":"masterKey0","iv":"J2je0WJjCa89L3iKc1lceg==","format":"base64"}}
the masterKey0 specify the secret which has been created before.
command above return with error message "Incorrect number of padding
bytes XXX found on decrypted
data". This is triggered by the following code snippets in qemu/crypto/secret.c:
if (plaintext[ciphertextlen - 1] > 16 ||
plaintext[ciphertextlen - 1] > ciphertextlen) {
error_setg(errp, "Incorrect number of padding bytes (%d) "
"found on decrypted data",
(int)plaintext[ciphertextlen - 1]);
…
}
The bug is: There is on padding in plaintext if the actual length of the
plaintext decrypted is
equal to ciphertext.
In this case, the last element in plaintext array may be one of the
character in base64 code table
or other.
I would like to know why length of padding bytes cannot exceed 16 and
whether i can remove
judement: “plaintext[ciphertextlen - 1] > 16” so that I can eliminate
the error above.
Much appreciate it if doubts above is cleared up.
libvirt/qemu version:
# virsh version
Compiled against library: libvirt 3.0.0
Using library: libvirt 3.0.0
Using API: QEMU 3.0.0
Running hypervisor: QEMU 2.7.1
OS: Ubuntu 12.04 LTS
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1712027
Title:
qemu: Cryptography adding encrypted disk with luks format failed
Status in QEMU:
New
Bug description:
I'm using libvirt to attach luks encrypted disk to a running VM. The
qemu-monitor-command like the
following:
{"execute":"object-add","arguments":{"qom-type":"secret","id":"virtio-
disk11-luks-
secret0","props":{"data":"El7jOYLCZwrij2Mue0q2tA==","keyid":"masterKey0","iv":"J2je0WJjCa89L3iKc1lceg==","format":"base64"}}
the masterKey0 specify the secret which has been created before.
command above return with error message "Incorrect number of padding
bytes XXX found on decrypted
data". This is triggered by the following code snippets in
qemu/crypto/secret.c:
if (plaintext[ciphertextlen - 1] > 16 ||
plaintext[ciphertextlen - 1] > ciphertextlen) {
error_setg(errp, "Incorrect number of padding bytes (%d) "
"found on decrypted data",
(int)plaintext[ciphertextlen - 1]);
…
}
The bug is: There is on padding in plaintext if the actual length of
the plaintext decrypted is
equal to ciphertext.
In this case, the last element in plaintext array may be one of the
character in base64 code table
or other.
I would like to know why length of padding bytes cannot exceed 16 and
whether i can remove
judement: “plaintext[ciphertextlen - 1] > 16” so that I can eliminate
the error above.
Much appreciate it if doubts above is cleared up.
libvirt/qemu version:
# virsh version
Compiled against library: libvirt 3.0.0
Using library: libvirt 3.0.0
Using API: QEMU 3.0.0
Running hypervisor: QEMU 2.7.1
OS: Ubuntu 12.04 LTS
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1712027/+subscriptions
- [Qemu-devel] [Bug 1712027] [NEW] qemu: Cryptography adding encrypted disk with luks format failed,
Huang Yong <=