[vlc-devel] [RFC] Memory keystore

Rémi Denis-Courmont remi at remlab.net
Tue Feb 9 13:12:56 CET 2016

Le 2016-02-08 12:58, typx a écrit :
> On 2016-02-05 20:56, Jean-Baptiste Kempf wrote:
>> On 05 Feb, Rémi Denis-Courmont wrote :
>>> I would remove the file I/O support altogether.
>> Why? How do you do on OS that do not have a Wallet API?
>> With my kindest regards,
> Well in any case clearkeys shouldn't be an option.

Obviously, writing credentials to persistent storage without protection 
is not acceptable. The simplest solution would be to not install 
(noinst_LTLIBRARIES) the cleartext plugin.

However, for testing purpose, I think the in-memory plugin would 
actually be better than the existing clear text plugin. So then the 
cleartext plugin is useless and can be removed completely.

> Without Wallet API you can still cipher the data but
> then how would you store the keys to decipher it.

Ahem, the wallet back-ends have the same problem (unless some sort of 
secure hardware is involved). Typically the storage is encrypted and the 
master key is derived from a passphrase that is not stored. The user 
must supply the pass phrase at least once per session.

> The main issue being that the code is readable so it's
> not like we can obfuscate anything.

> Honestly, to me, you shouldn't allow to store secrets when there are
> no wallet-like APIs.

Wallet is a high level service. It might be possible to work with 
somewhat lower level services, so long as VLC does not have to deal with 
the cryptography and the arbitration.

Rémi Denis-Courmont

More information about the vlc-devel mailing list