Re: [Qemu-devel] [PATCH WIP 01/30] crypto: add QCryptoSecret object class for password/key handling

[Daniel P. Berrange]

On Mon, Nov 23, 2015 at 02:39:27PM +0100, Markus Armbruster wrote:
> "Daniel P. Berrange" <address@hidden> writes:
> 
> > On Fri, Nov 20, 2015 at 03:09:25PM -0700, Eric Blake wrote:
> >> On 11/20/2015 11:04 AM, Daniel P. Berrange wrote:
> >> > +
> >> > +static const char *base64_valid_chars =
> >> > +    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
> >> > +
> >> > +static int
> >> > +qcrypto_secret_validate_base64(const uint8_t *input,
> >> > +                               size_t inputlen,
> >> > +                               Error **errp)
> >> 
> >> Don't we already have base64 utility methods available?
> >
> > We normally use glib,  g_base64_encode/decode. Unfortunately the
> > decode method doesn't provide any usefull error reporting facility.
> > It just silently skips any characters that are outside the valid
> > set.  So the only way I could get any kind of sensible error report
> > was to do this validation myself against the set of permitted base64
> > characters.
> 
> Yes.  Same problem elsewhere, e.g. ringbuf-write.  qapi-schema.json:
> 
> #          - base64: data must be base64 encoded text.  Its binary
> #            decoding gets written.
> #            Bug: invalid base64 is currently not rejected.
> #            Whitespace *is* invalid.
> 
> This suggests that we shouldn't bury this in crypto/, but instead add it
> to util/.
> 
> A replacement for g_base64_decode() could be easier to use than a
> checker function to use in addition to g_base64_decode(),

Yeah, that's a good idea. I'll look at that.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|