Hide Forgot
Description of problem: when create a luks format image with cipher alg=twofish and size=192, ambiguous error message produced. Version-Release number of selected component (if applicable): qemu-kvm-rhev-2.6.0-21.el7.x86_64 How reproducible: 100% Steps to Reproduce: qemu-img create -f luks --object secret,id=sec0,data=`printf %s "redhat" | base64`,format=base64 -o key-secret=sec0,cipher-alg=twofish-192,cipher-mode=ecb,hash-alg=sha1,ivgen-alg=plain,ivgen-hash-alg=md5 1.img 1G Formatting '1.img', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=twofish-192 cipher-mode=ecb ivgen-alg=plain ivgen-hash-alg=md5 hash-alg=sha1 qemu-img: 1.img: Unsupported cipher algorithm 9 Actual results: error msg is "Unsupported cipher algorithm 9" which is not clear. Expected results: is twofish-192 not supported? what is algorithm 9
FWIW, we only get this error because we're mistakenly linking to gcrypt instead of nettle. I've already posted patches to fix QEMU to use nettle in RHEL-7.3 which will avoid this particular error. None the less we can improve the error message upstream
This issue was actually fixed in qemu-kvm-rhev-2.6.0-24.el7, shipped in 7.3 by this patch which switched us over to use nettle instead of gcrypt, thus avoiding the error scenario: kvm-redhat-switch-from-gcrypt-to-nettle-for-crypto.patch [bz#1301019]