2b42257eff
This function outsources Cinder's encryption passphrase handling based on Key Manager secrets. It extends Cinder's existing implementation to handle secret objects of type 'passphrase' additionally, for which the binascii.hexlify conversion is now skipped similar to Nova's implementation of handling qcow2+LUKS images. Original Cinder behavior for 'symmetric' secret objects is retained. Provides the basis for image encryption standardization as per https://specs.openstack.org/openstack/cinder-specs/specs/2024.2/LUKS-image-encryption.html Co-Authored-By: Josephine Seifert <josephine.seifert@cloudandheat.com> Change-Id: I8836fe3c2af5b61ba33a7fe3c8eb5a7f4961c515
7.2 KiB
7.2 KiB