[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH WIP 01/30] crypto: add QCryptoSecret object clas

From: Markus Armbruster
Subject: Re: [Qemu-devel] [PATCH WIP 01/30] crypto: add QCryptoSecret object class for password/key handling
Date: Mon, 23 Nov 2015 14:39:27 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

"Daniel P. Berrange" <address@hidden> writes:

> On Fri, Nov 20, 2015 at 03:09:25PM -0700, Eric Blake wrote:
>> On 11/20/2015 11:04 AM, Daniel P. Berrange wrote:
>> > +
>> > +static const char *base64_valid_chars =
>> > +    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
>> > +
>> > +static int
>> > +qcrypto_secret_validate_base64(const uint8_t *input,
>> > +                               size_t inputlen,
>> > +                               Error **errp)
>> Don't we already have base64 utility methods available?
> We normally use glib,  g_base64_encode/decode. Unfortunately the
> decode method doesn't provide any usefull error reporting facility.
> It just silently skips any characters that are outside the valid
> set.  So the only way I could get any kind of sensible error report
> was to do this validation myself against the set of permitted base64
> characters.

Yes.  Same problem elsewhere, e.g. ringbuf-write.  qapi-schema.json:

#          - base64: data must be base64 encoded text.  Its binary
#            decoding gets written.
#            Bug: invalid base64 is currently not rejected.
#            Whitespace *is* invalid.

This suggests that we shouldn't bury this in crypto/, but instead add it
to util/.

A replacement for g_base64_decode() could be easier to use than a
checker function to use in addition to g_base64_decode(),


reply via email to

[Prev in Thread] Current Thread [Next in Thread]