aboutsummaryrefslogtreecommitdiff
path: root/tests/.gitignore
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2015-10-14 09:58:38 +0100
committerDaniel P. Berrange <berrange@redhat.com>2015-12-18 16:25:08 +0000
commitac1d88784907c9603b3849b2c3043259f75ed2a5 (patch)
tree913660c70807418ddbd6ac883e8dbb46c9cd0edf /tests/.gitignore
parent920639cab0fe28d003c90b53bd8b66e8fb333bdd (diff)
downloadqemu-ac1d88784907c9603b3849b2c3043259f75ed2a5.zip
qemu-ac1d88784907c9603b3849b2c3043259f75ed2a5.tar.gz
qemu-ac1d88784907c9603b3849b2c3043259f75ed2a5.tar.bz2
crypto: add QCryptoSecret object class for password/key handling
Introduce a new QCryptoSecret object class which will be used for providing passwords and keys to other objects which need sensitive credentials. The new object can provide secret values directly as properties, or indirectly via a file. The latter includes support for file descriptor passing syntax on UNIX platforms. Ordinarily passing secret values directly as properties is insecure, since they are visible in process listings, or in log files showing the CLI args / QMP commands. It is possible to use AES-256-CBC to encrypt the secret values though, in which case all that is visible is the ciphertext. For ad hoc developer testing though, it is fine to provide the secrets directly without encryption so this is not explicitly forbidden. The anticipated scenario is that libvirtd will create a random master key per QEMU instance (eg /var/run/libvirt/qemu/$VMNAME.key) and will use that key to encrypt all passwords it provides to QEMU via '-object secret,....'. This avoids the need for libvirt (or other mgmt apps) to worry about file descriptor passing. It also makes life easier for people who are scripting the management of QEMU, for whom FD passing is significantly more complex. Providing data inline (insecure, only for ad hoc dev testing) $QEMU -object secret,id=sec0,data=letmein Providing data indirectly in raw format printf "letmein" > mypasswd.txt $QEMU -object secret,id=sec0,file=mypasswd.txt Providing data indirectly in base64 format $QEMU -object secret,id=sec0,file=mykey.b64,format=base64 Providing data with encryption $QEMU -object secret,id=master0,file=mykey.b64,format=base64 \ -object secret,id=sec0,data=[base64 ciphertext],\ keyid=master0,iv=[base64 IV],format=base64 Note that 'format' here refers to the format of the ciphertext data. The decrypted data must always be in raw byte format. More examples are shown in the updated docs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'tests/.gitignore')
-rw-r--r--tests/.gitignore1
1 files changed, 1 insertions, 0 deletions
diff --git a/tests/.gitignore b/tests/.gitignore
index 596fef3..787c95c 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -14,6 +14,7 @@ test-blockjob-txn
test-coroutine
test-crypto-cipher
test-crypto-hash
+test-crypto-secret
test-crypto-tlscredsx509
test-crypto-tlscredsx509-work/
test-crypto-tlscredsx509-certs/