[vlc-devel] [RFC] Memory keystore
remi at remlab.net
Tue Feb 9 13:12:56 CET 2016
Le 2016-02-08 12:58, typx a écrit :
> On 2016-02-05 20:56, Jean-Baptiste Kempf wrote:
>> On 05 Feb, Rémi Denis-Courmont wrote :
>>> I would remove the file I/O support altogether.
>> Why? How do you do on OS that do not have a Wallet API?
>> With my kindest regards,
> Well in any case clearkeys shouldn't be an option.
Obviously, writing credentials to persistent storage without protection
is not acceptable. The simplest solution would be to not install
(noinst_LTLIBRARIES) the cleartext plugin.
However, for testing purpose, I think the in-memory plugin would
actually be better than the existing clear text plugin. So then the
cleartext plugin is useless and can be removed completely.
> Without Wallet API you can still cipher the data but
> then how would you store the keys to decipher it.
Ahem, the wallet back-ends have the same problem (unless some sort of
secure hardware is involved). Typically the storage is encrypted and the
master key is derived from a passphrase that is not stored. The user
must supply the pass phrase at least once per session.
> The main issue being that the code is readable so it's
> not like we can obfuscate anything.
> Honestly, to me, you shouldn't allow to store secrets when there are
> no wallet-like APIs.
Wallet is a high level service. It might be possible to work with
somewhat lower level services, so long as VLC does not have to deal with
the cryptography and the arbitration.
More information about the vlc-devel