)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"1908d996183eb1db418a31ef8457a30e063d25ba","unresolved":true,"context_lines":[{"line_number":18,"context_line":"Before this change, such invalid cipher fields in encryption"},{"line_number":19,"context_line":"specs would be accepted by the API, but volume creation would"},{"line_number":20,"context_line":"fail later with various errors."},{"line_number":21,"context_line":""},{"line_number":22,"context_line":"This introduces a new API microversion, validation does not"},{"line_number":23,"context_line":"occur on previous microversions.  This change introduces a"},{"line_number":24,"context_line":"minimum key size of 128 bits for encrypted volume types."},{"line_number":25,"context_line":""},{"line_number":26,"context_line":"Closes-Bug: #1926630 (2/2)"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":10,"id":"e4cdb88e_2a0048f2","line":23,"range":{"start_line":21,"start_character":0,"end_line":23,"end_character":32},"updated":"2021-07-07 20:07:06.000000000","message":"This sentence is left over from an earlier patch set.","commit_id":"912dc2306f55ccaa88a6b8e643713a342c967d87"},{"author":{"_account_id":4523,"name":"Eric Harney","email":"eharney@redhat.com","username":"eharney"},"change_message_id":"abefffc4066925bdd3ceb069026044add4d13753","unresolved":false,"context_lines":[{"line_number":18,"context_line":"Before this change, such invalid cipher fields in encryption"},{"line_number":19,"context_line":"specs would be accepted by the API, but volume creation would"},{"line_number":20,"context_line":"fail later with various errors."},{"line_number":21,"context_line":""},{"line_number":22,"context_line":"This introduces a new API microversion, validation does not"},{"line_number":23,"context_line":"occur on previous microversions.  This change introduces a"},{"line_number":24,"context_line":"minimum key size of 128 bits for encrypted volume types."},{"line_number":25,"context_line":""},{"line_number":26,"context_line":"Closes-Bug: #1926630 (2/2)"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":10,"id":"55485089_4eb608ad","line":23,"range":{"start_line":21,"start_character":0,"end_line":23,"end_character":32},"in_reply_to":"e4cdb88e_2a0048f2","updated":"2021-07-08 12:13:04.000000000","message":"Done","commit_id":"912dc2306f55ccaa88a6b8e643713a342c967d87"}],"cinder/api/contrib/volume_type_encryption.py":[{"author":{"_account_id":20813,"name":"Sofia Enriquez","email":"lsofia.enriquez@gmail.com","username":"enriquetaso"},"change_message_id":"8dc8b347968ab6f2516ff59be865b8964a4e3e0e","unresolved":true,"context_lines":[{"line_number":78,"context_line":""},{"line_number":79,"context_line":"        expl \u003d _(\u0027Encryption cipher is invalid.\u0027)"},{"line_number":80,"context_line":"        if cipher \u003d\u003d \"\" or len(cipher.split(\u0027-\u0027)) !\u003d 3:"},{"line_number":81,"context_line":"            # cipher must take the form of \"aes-xts-plain64\" or similar"},{"line_number":82,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dexpl)"},{"line_number":83,"context_line":""},{"line_number":84,"context_line":"    @staticmethod"}],"source_content_type":"text/x-python","patch_set":10,"id":"fcc2021b_4a913795","line":81,"updated":"2021-06-16 21:51:53.000000000","message":":nit: what about \u0027aes-ecb\u0027 ? I\u0027m not sure it\u0027s a valid concern and I think nobody is using this cipher and hash specification. \n```cryptsetup -c aes-ecb luksFormat /dev/sda1```","commit_id":"912dc2306f55ccaa88a6b8e643713a342c967d87"},{"author":{"_account_id":4523,"name":"Eric Harney","email":"eharney@redhat.com","username":"eharney"},"change_message_id":"58853d222b64c4978203dae08d71b74471da64a1","unresolved":true,"context_lines":[{"line_number":78,"context_line":""},{"line_number":79,"context_line":"        expl \u003d _(\u0027Encryption cipher is invalid.\u0027)"},{"line_number":80,"context_line":"        if cipher \u003d\u003d \"\" or len(cipher.split(\u0027-\u0027)) !\u003d 3:"},{"line_number":81,"context_line":"            # cipher must take the form of \"aes-xts-plain64\" or similar"},{"line_number":82,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dexpl)"},{"line_number":83,"context_line":""},{"line_number":84,"context_line":"    @staticmethod"}],"source_content_type":"text/x-python","patch_set":10,"id":"02d0576c_f962fd04","line":81,"in_reply_to":"fcc2021b_4a913795","updated":"2021-06-23 17:12:06.000000000","message":"ECB mode should not be used because it is cryptographically weak compared to XTS mode.","commit_id":"912dc2306f55ccaa88a6b8e643713a342c967d87"},{"author":{"_account_id":5997,"name":"Walt","display_name":"Hemna","email":"waboring@hemna.com","username":"walter-boring","status":"SAP"},"change_message_id":"165839c813c5897bca4c0c6891f2fa40d1c71fa8","unresolved":true,"context_lines":[{"line_number":91,"context_line":"            return"},{"line_number":92,"context_line":""},{"line_number":93,"context_line":"        if key_size \u003c 128:"},{"line_number":94,"context_line":"            expl \u003d _(\u0027Key size is invalid.\u0027)"},{"line_number":95,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dexpl)"},{"line_number":96,"context_line":""},{"line_number":97,"context_line":"    @staticmethod"}],"source_content_type":"text/x-python","patch_set":11,"id":"b3326d57_1311ab0a","line":94,"updated":"2021-07-09 12:00:30.000000000","message":"should add \"minimum key size is 128\"","commit_id":"990ab3e3dad8ad82cd4aa113654335a56dc7f62a"},{"author":{"_account_id":4523,"name":"Eric Harney","email":"eharney@redhat.com","username":"eharney"},"change_message_id":"79821233b7cab639ce27b875c9234facfe045da4","unresolved":false,"context_lines":[{"line_number":91,"context_line":"            return"},{"line_number":92,"context_line":""},{"line_number":93,"context_line":"        if key_size \u003c 128:"},{"line_number":94,"context_line":"            expl \u003d _(\u0027Key size is invalid.\u0027)"},{"line_number":95,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dexpl)"},{"line_number":96,"context_line":""},{"line_number":97,"context_line":"    @staticmethod"}],"source_content_type":"text/x-python","patch_set":11,"id":"b1cd10cc_0b9bf771","line":94,"in_reply_to":"b3326d57_1311ab0a","updated":"2021-07-15 15:02:21.000000000","message":"Done","commit_id":"990ab3e3dad8ad82cd4aa113654335a56dc7f62a"}],"cinder/api/schemas/volume_type_encryption.py":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"3be2e63425fbb647abdfcc58fb5d78596f493404","unresolved":true,"context_lines":[{"line_number":29,"context_line":"                \u0027provider\u0027: {\u0027type\u0027: \u0027string\u0027, \u0027minLength\u0027: 0,"},{"line_number":30,"context_line":"                             \u0027maxLength\u0027: 255},"},{"line_number":31,"context_line":"                \u0027control_location\u0027: {\u0027enum\u0027: [\u0027front-end\u0027, \u0027back-end\u0027]},"},{"line_number":32,"context_line":"                \u0027cipher\u0027: {\u0027type\u0027: [\u0027string\u0027, \u0027null\u0027],"},{"line_number":33,"context_line":"                           \u0027minLength\u0027: 0, \u0027maxLength\u0027: 255},"},{"line_number":34,"context_line":"            },"},{"line_number":35,"context_line":"            \u0027required\u0027: [\u0027provider\u0027, \u0027control_location\u0027],"},{"line_number":36,"context_line":"            \u0027additionalProperties\u0027: True,"}],"source_content_type":"text/x-python","patch_set":12,"id":"47772931_fa2cad5f","line":33,"range":{"start_line":32,"start_character":26,"end_line":33,"end_character":60},"updated":"2021-07-15 20:38:54.000000000","message":"Maybe you can add something to parameter_types to handle the format for the cipher?","commit_id":"5d7142711b2301e3aecba3205610062dc124d311"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"3be2e63425fbb647abdfcc58fb5d78596f493404","unresolved":true,"context_lines":[{"line_number":32,"context_line":"                \u0027cipher\u0027: {\u0027type\u0027: [\u0027string\u0027, \u0027null\u0027],"},{"line_number":33,"context_line":"                           \u0027minLength\u0027: 0, \u0027maxLength\u0027: 255},"},{"line_number":34,"context_line":"            },"},{"line_number":35,"context_line":"            \u0027required\u0027: [\u0027provider\u0027, \u0027control_location\u0027],"},{"line_number":36,"context_line":"            \u0027additionalProperties\u0027: True,"},{"line_number":37,"context_line":"        },"},{"line_number":38,"context_line":"    },"}],"source_content_type":"text/x-python","patch_set":12,"id":"7a6dfb7d_6045c476","line":35,"range":{"start_line":35,"start_character":25,"end_line":35,"end_character":55},"updated":"2021-07-15 20:38:54.000000000","message":"I think add \u0027key_size\u0027 and \u0027cipher\u0027 to this list.","commit_id":"5d7142711b2301e3aecba3205610062dc124d311"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"3be2e63425fbb647abdfcc58fb5d78596f493404","unresolved":true,"context_lines":[{"line_number":33,"context_line":"                           \u0027minLength\u0027: 0, \u0027maxLength\u0027: 255},"},{"line_number":34,"context_line":"            },"},{"line_number":35,"context_line":"            \u0027required\u0027: [\u0027provider\u0027, \u0027control_location\u0027],"},{"line_number":36,"context_line":"            \u0027additionalProperties\u0027: True,"},{"line_number":37,"context_line":"        },"},{"line_number":38,"context_line":"    },"},{"line_number":39,"context_line":"    \u0027required\u0027: [\u0027encryption\u0027],"}],"source_content_type":"text/x-python","patch_set":12,"id":"bc91d691_41198661","line":36,"range":{"start_line":36,"start_character":36,"end_line":36,"end_character":40},"updated":"2021-07-15 20:38:54.000000000","message":"Not sure why this is True, but that\u0027s a different issue.","commit_id":"5d7142711b2301e3aecba3205610062dc124d311"}],"cinder/api/validation/parameter_types.py":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"3be2e63425fbb647abdfcc58fb5d78596f493404","unresolved":true,"context_lines":[{"line_number":277,"context_line":""},{"line_number":278,"context_line":""},{"line_number":279,"context_line":"key_size \u003d {\u0027type\u0027: [\u0027string\u0027, \u0027integer\u0027, \u0027null\u0027],"},{"line_number":280,"context_line":"            \u0027minimum\u0027: 0,"},{"line_number":281,"context_line":"            \u0027maximum\u0027: constants.DB_MAX_INT,"},{"line_number":282,"context_line":"            \u0027format\u0027: \u0027key_size\u0027}"},{"line_number":283,"context_line":""}],"source_content_type":"text/x-python","patch_set":12,"id":"b26311c0_c20c1adf","line":280,"range":{"start_line":280,"start_character":23,"end_line":280,"end_character":24},"updated":"2021-07-15 20:38:54.000000000","message":"If you change this to 128, you won\u0027t need to check in the controller.","commit_id":"5d7142711b2301e3aecba3205610062dc124d311"}],"releasenotes/notes/validate-encryption-spec-fields-fe6f61bc74aa8139.yaml":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"b91b198458c1cc7ec21616acfc943d06afee3d3e","unresolved":true,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"fixes:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    Cinder previously expected that an encryption spec would always contain"},{"line_number":5,"context_line":"    \u0027key_size\u0027, \u0027cipher\u0027, and \u0027provider\u0027 fields.  This expectation is now"},{"line_number":6,"context_line":"    enforced when an encrypted spec is created or updated."}],"source_content_type":"text/x-yaml","patch_set":12,"id":"032c77c4_2a023b09","line":5,"range":{"start_line":4,"start_character":55,"end_line":5,"end_character":47},"updated":"2021-07-15 20:41:20.000000000","message":"also \u0027control_location\u0027 is currently enforced as required in the create schema","commit_id":"5d7142711b2301e3aecba3205610062dc124d311"}]}