[vlc-devel] [RFC] Memory keystore
Rémi Denis-Courmont
remi at remlab.net
Tue Feb 9 13:12:56 CET 2016
Le 2016-02-08 12:58, typx a écrit :
> On 2016-02-05 20:56, Jean-Baptiste Kempf wrote:
>> On 05 Feb, Rémi Denis-Courmont wrote :
>>> I would remove the file I/O support altogether.
>> Why? How do you do on OS that do not have a Wallet API?
>> With my kindest regards,
>
> Well in any case clearkeys shouldn't be an option.
Obviously, writing credentials to persistent storage without protection
is not acceptable. The simplest solution would be to not install
(noinst_LTLIBRARIES) the cleartext plugin.
However, for testing purpose, I think the in-memory plugin would
actually be better than the existing clear text plugin. So then the
cleartext plugin is useless and can be removed completely.
> Without Wallet API you can still cipher the data but
> then how would you store the keys to decipher it.
Ahem, the wallet back-ends have the same problem (unless some sort of
secure hardware is involved). Typically the storage is encrypted and the
master key is derived from a passphrase that is not stored. The user
must supply the pass phrase at least once per session.
> The main issue being that the code is readable so it's
> not like we can obfuscate anything.
> Honestly, to me, you shouldn't allow to store secrets when there are
> no wallet-like APIs.
Wallet is a high level service. It might be possible to work with
somewhat lower level services, so long as VLC does not have to deal with
the cryptography and the arbitration.
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list