[libvirt] [PATCH 14/19] conf: Add new secret type "key"
John Ferlan
jferlan at redhat.com
Thu Jun 23 13:06:58 UTC 2016
On 06/21/2016 08:08 AM, Peter Krempa wrote:
> On Mon, Jun 13, 2016 at 20:27:53 -0400, John Ferlan wrote:
>> Add a new secret type known as "key" - it will handle adding the secret
>> objects that need a key (or passphrase), such as will soon be the case
>
> This may be misleading a "key" is not equal to a "passprhase" in usual
> encryption terminology. Key usually refers to the actual encryption key
> used to encrypt the data whereas passprhase is usually a human readable
> secret string (which may not be random at all) used to access the key
> later.
>
> The cryptsetup man page tends to treat them interchangably to some
> extent (eg a key slot equals to passprhase, but the master key refers to
> the actual encryption key used for the data).
>
> To avoid confusion I'd rather stick with "passphrase".
>
>> for a luks volume for both storage driver create and libvirt domain usage.
>>
>> Signed-off-by: John Ferlan <jferlan at redhat.com>
>> ---
Perhaps a rephrasing...
Instead of:
<secret ...>
...
<usage type='key'>
<key>Text</key>
</usage>
...
</secret>
The preference is:
<secret ...>
...
<usage type='passphrase'>
<XXX>Text</XXX>
</usage>
...
</secret>
Where, I'm struggling what to call "XXX". It's not a <passphrase>...
<usage type='volume'> uses <volume>
<usage type='ceph'> uses <name>
<usage type='iscsi'> uses <target>
So given that, does the following work?
<usage type='passphrase'>
<id>Text</id>
</usage>
In the long run "Text" is what's used by the <domain...> in order to
match/find the secret.
Currently the domain secrets have:
<domain>
...
<encryption format='qcow'>
<secret type='passphrase' uuid='xxxx'/}
</encryption>
...
<disk>
...
<auth ...>
<secret type='{iscsi|ceph}' {usage|uuid}='string'/>
</auth>
</domain>
where "usage='string'" essentially the contents of <secret....>
<usage...> "Text"
NB: There are patches to allow usage for <encryption ... <secret...>
So, for LUKS we would then have
<domain>
...
<encryption format='luks'>
<secret type='YYY' {uuid|usage}='string'/>
</encryption>
The YYY could be 'passphrase', right?
Furthermore "the future" would "reuse" this <secret> type - so I'm
trying to make it generic as possible.
John
More information about the libvir-list
mailing list