Re: [PATCH 4/4] xkcd: generate secure rememberable qcow2 passwords

Nikolay Shirokovskiy <nshirokovskiy@xxxxxxxxxxxxx> · Fri, 1 Apr 2016 17:56:22 +0300

On 01.04.2016 14:30, Daniel P. Berrange wrote:
> Currently the QCow2 encryption password generator just uses
> a set of random bytes. This is not very easy for users to
> remember, which encourages them to write down their passwords.
> Instead of this, allow for using 4 random words which gives
> a rememberable password, while still having high entropy.
> Enable this feature using
> 
>    LIBVIRT_XKCD=936 /usr/sbin/libvirtd
> 
> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
> ---
>  src/util/virstorageencryption.c | 47 +++++++++++++++++++++++------------------
>  1 file changed, 26 insertions(+), 21 deletions(-)
> 
> diff --git a/src/util/virstorageencryption.c b/src/util/virstorageencryption.c
> index ec4a8cb..2a36e8e 100644
> --- a/src/util/virstorageencryption.c
> +++ b/src/util/virstorageencryption.c
> @@ -34,6 +34,7 @@
>  #include "virerror.h"
>  #include "viruuid.h"
>  #include "virfile.h"
> +#include "virxkcd.h"
>  
>  #define VIR_FROM_THIS VIR_FROM_STORAGE
>  
> @@ -294,30 +295,34 @@ virStorageGenerateQcowPassphrase(unsigned char *dest)
>      int fd;
>      size_t i;
>  
> -    /* A qcow passphrase is up to 16 bytes, with any data following a NUL
> -       ignored.  Prohibit control and non-ASCII characters to avoid possible
> -       unpleasant surprises with the qemu monitor input mechanism. */
> -    fd = open("/dev/urandom", O_RDONLY);
> -    if (fd < 0) {
> -        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> -                       _("Cannot open /dev/urandom"));
> -        return -1;
> -    }
> -    i = 0;
> -    while (i < VIR_STORAGE_QCOW_PASSPHRASE_SIZE) {
> -        ssize_t r;
> -
> -        while ((r = read(fd, dest + i, 1)) == -1 && errno == EINTR)
> -            ;
> -        if (r <= 0) {
> +    if (virXKCDIsEnabled(936)) {

Hmm, i wonder if virXKCDIsEnabled(936) && virXKCDIsEnabled(221) is more appropriate.

> +        memcpy(dest, "correct horse battery staple", VIR_STORAGE_QCOW_PASSPHRASE_SIZE);
> +    } else {
> +        /* A qcow passphrase is up to 16 bytes, with any data following a NUL
> +           ignored.  Prohibit control and non-ASCII characters to avoid possible
> +           unpleasant surprises with the qemu monitor input mechanism. */
> +        fd = open("/dev/urandom", O_RDONLY);
> +        if (fd < 0) {
>              virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> -                           _("Cannot read from /dev/urandom"));
> -            VIR_FORCE_CLOSE(fd);
> +                           _("Cannot open /dev/urandom"));
>              return -1;
>          }
> -        if (dest[i] >= 0x20 && dest[i] <= 0x7E)
> -            i++; /* Got an acceptable character */
> +        i = 0;
> +        while (i < VIR_STORAGE_QCOW_PASSPHRASE_SIZE) {
> +            ssize_t r;
> +
> +            while ((r = read(fd, dest + i, 1)) == -1 && errno == EINTR)
> +                ;
> +            if (r <= 0) {
> +                virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> +                               _("Cannot read from /dev/urandom"));
> +                VIR_FORCE_CLOSE(fd);
> +                return -1;
> +            }
> +            if (dest[i] >= 0x20 && dest[i] <= 0x7E)
> +                i++; /* Got an acceptable character */
> +        }
> +        VIR_FORCE_CLOSE(fd);
>      }
> -    VIR_FORCE_CLOSE(fd);
>      return 0;
>  }
> 

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list