[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-block] [Qemu-devel] [PATCH WIP 01/30] crypto: add QCryptoSecre
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-block] [Qemu-devel] [PATCH WIP 01/30] crypto: add QCryptoSecret object class for password/key handling |
Date: |
Mon, 23 Nov 2015 14:43:59 +0000 |
User-agent: |
Mutt/1.5.23 (2015-06-09) |
On Mon, Nov 23, 2015 at 02:39:27PM +0100, Markus Armbruster wrote:
> "Daniel P. Berrange" <address@hidden> writes:
>
> > On Fri, Nov 20, 2015 at 03:09:25PM -0700, Eric Blake wrote:
> >> On 11/20/2015 11:04 AM, Daniel P. Berrange wrote:
> >> > +
> >> > +static const char *base64_valid_chars =
> >> > + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
> >> > +
> >> > +static int
> >> > +qcrypto_secret_validate_base64(const uint8_t *input,
> >> > + size_t inputlen,
> >> > + Error **errp)
> >>
> >> Don't we already have base64 utility methods available?
> >
> > We normally use glib, g_base64_encode/decode. Unfortunately the
> > decode method doesn't provide any usefull error reporting facility.
> > It just silently skips any characters that are outside the valid
> > set. So the only way I could get any kind of sensible error report
> > was to do this validation myself against the set of permitted base64
> > characters.
>
> Yes. Same problem elsewhere, e.g. ringbuf-write. qapi-schema.json:
>
> # - base64: data must be base64 encoded text. Its binary
> # decoding gets written.
> # Bug: invalid base64 is currently not rejected.
> # Whitespace *is* invalid.
>
> This suggests that we shouldn't bury this in crypto/, but instead add it
> to util/.
>
> A replacement for g_base64_decode() could be easier to use than a
> checker function to use in addition to g_base64_decode(),
Yeah, that's a good idea. I'll look at that.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
[Qemu-block] [PATCH WIP 03/30] qcow: add a 'keyid' parameter to qcow options, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 05/30] qom: add user_creatable_add & user_creatable_del methods, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 07/30] qemu-nbd: add support for --object command line arg, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 06/30] qemu-img: add support for --object command line arg, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 08/30] qemu-io: add support for --object command line arg, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 09/30] qemu-io: allow specifying image as a set of options args, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 16/30] crypto: add ability to query the cipher key, block & IV lens, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 15/30] qcow2: make qcow2_encrypt_sectors encrypt in place, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 17/30] crypto: add method for querying hash digest size, Daniel P. Berrange, 2015/11/20
[Qemu-block] [PATCH WIP 13/30] block: remove all encryption handling APIs, Daniel P. Berrange, 2015/11/20