The new attribute will store the available cipher modes with which secrets
can be encrypted. At the moment only aes256cbc encryption method is used.
This can be extended in future with other modes of cipher.

Rename the file-name structure attribute from base64File to secretValueFile.

Signed-off-by: Arun Menon <armenon@redhat.com>
---
 src/conf/secret_conf.c  |  6 ++++++
 src/conf/secret_conf.h  |  9 +++++++++
 src/conf/virsecretobj.c | 22 +++++++++++-----------
 3 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/src/conf/secret_conf.c b/src/conf/secret_conf.c
index 966536599e..dd808aa21a 100644
--- a/src/conf/secret_conf.c
+++ b/src/conf/secret_conf.c
@@ -32,6 +32,12 @@
 
 #define VIR_FROM_THIS VIR_FROM_SECRET
 
+VIR_ENUM_IMPL(virSecretEncryptionScheme,
+              VIR_SECRET_ENCRYPTION_SCHEME_LAST,
+              "none",
+              "aes256cbc",
+);
+
 VIR_LOG_INIT("conf.secret_conf");
 
 void
diff --git a/src/conf/secret_conf.h b/src/conf/secret_conf.h
index 8f8f47933a..c11558357e 100644
--- a/src/conf/secret_conf.h
+++ b/src/conf/secret_conf.h
@@ -21,6 +21,7 @@
 #pragma once
 
 #include "internal.h"
+#include "virenum.h"
 
 typedef struct _virSecretDef virSecretDef;
 struct _virSecretDef {
@@ -32,6 +33,12 @@ struct _virSecretDef {
     char *usage_id; /* May be NULL */
 };
 
+typedef enum {
+    VIR_SECRET_ENCRYPTION_SCHEME_NONE = 0,
+    VIR_SECRET_ENCRYPTION_SCHEME_AES256CBC = 1,
+    VIR_SECRET_ENCRYPTION_SCHEME_LAST
+} virSecretEncryptionScheme;
+
 void virSecretDefFree(virSecretDef *def);
 G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSecretDef, virSecretDefFree);
 
@@ -53,3 +60,5 @@ char *virSecretDefFormat(const virSecretDef *def);
 #define VIR_CONNECT_LIST_SECRETS_FILTERS_ALL \
                 (VIR_CONNECT_LIST_SECRETS_FILTERS_EPHEMERAL  | \
                  VIR_CONNECT_LIST_SECRETS_FILTERS_PRIVATE)
+
+VIR_ENUM_DECL(virSecretEncryptionScheme);
diff --git a/src/conf/virsecretobj.c b/src/conf/virsecretobj.c
index 66270e2751..a3dd7983bb 100644
--- a/src/conf/virsecretobj.c
+++ b/src/conf/virsecretobj.c
@@ -39,7 +39,7 @@ VIR_LOG_INIT("conf.virsecretobj");
 struct _virSecretObj {
     virObjectLockable parent;
     char *configFile;
-    char *base64File;
+    char *secretValueFile;
     virSecretDef *def;
     unsigned char *value;       /* May be NULL */
     size_t value_size;
@@ -139,7 +139,7 @@ virSecretObjDispose(void *opaque)
         g_free(obj->value);
     }
     g_free(obj->configFile);
-    g_free(obj->base64File);
+    g_free(obj->secretValueFile);
 }
 
 
@@ -378,11 +378,11 @@ virSecretObjListAdd(virSecretObjList *secrets,
         if (!(obj = virSecretObjNew()))
             goto cleanup;
 
-        /* Generate the possible configFile and base64File strings
+        /* Generate the possible configFile and secretValueFile strings
          * using the configDir, uuidstr, and appropriate suffix
          */
         if (!(obj->configFile = virFileBuildPath(configDir, uuidstr, ".xml")) ||
-            !(obj->base64File = virFileBuildPath(configDir, uuidstr, ".base64")))
+            !(obj->secretValueFile = virFileBuildPath(configDir, uuidstr, ".base64")))
             goto cleanup;
 
         if (virHashAddEntry(secrets->objs, uuidstr, obj) < 0)
@@ -656,7 +656,7 @@ virSecretObjDeleteData(virSecretObj *obj)
 {
     /* The configFile will already be removed, so secret won't be
      * loaded again if this fails */
-    unlink(obj->base64File);
+    unlink(obj->secretValueFile);
 }
 
 
@@ -691,7 +691,7 @@ virSecretObjSaveData(virSecretObj *obj)
 
     base64 = g_base64_encode(obj->value, obj->value_size);
 
-    if (virFileRewriteStr(obj->base64File, S_IRUSR | S_IWUSR, base64) < 0)
+    if (virFileRewriteStr(obj->secretValueFile, S_IRUSR | S_IWUSR, base64) < 0)
         return -1;
 
     return 0;
@@ -813,26 +813,26 @@ virSecretLoadValue(virSecretObj *obj)
     struct stat st;
     g_autofree char *contents = NULL;
 
-    if ((fd = open(obj->base64File, O_RDONLY)) == -1) {
+    if ((fd = open(obj->secretValueFile, O_RDONLY)) == -1) {
         if (errno == ENOENT) {
             ret = 0;
             goto cleanup;
         }
         virReportSystemError(errno, _("cannot open '%1$s'"),
-                             obj->base64File);
+                             obj->secretValueFile);
         goto cleanup;
     }
 
     if (fstat(fd, &st) < 0) {
         virReportSystemError(errno, _("cannot stat '%1$s'"),
-                             obj->base64File);
+                             obj->secretValueFile);
         goto cleanup;
     }
 
     if ((size_t)st.st_size != st.st_size) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
                        _("'%1$s' file does not fit in memory"),
-                       obj->base64File);
+                       obj->secretValueFile);
         goto cleanup;
     }
 
@@ -845,7 +845,7 @@ virSecretLoadValue(virSecretObj *obj)
 
     if (saferead(fd, contents, st.st_size) != st.st_size) {
         virReportSystemError(errno, _("cannot read '%1$s'"),
-                             obj->base64File);
+                             obj->secretValueFile);
         goto cleanup;
     }
     contents[st.st_size] = '\0';
-- 
2.51.1

On Tue, Dec 09, 2025 at 01:22:30 +0530, Arun Menon via Devel wrote:
> The new attribute will store the available cipher modes with which secrets
> can be encrypted. At the moment only aes256cbc encryption method is used.
> This can be extended in future with other modes of cipher.
> 
> Rename the file-name structure attribute from base64File to secretValueFile.
> 
> Signed-off-by: Arun Menon <armenon@redhat.com>
> ---
>  src/conf/secret_conf.c  |  6 ++++++
>  src/conf/secret_conf.h  |  9 +++++++++
>  src/conf/virsecretobj.c | 22 +++++++++++-----------
>  3 files changed, 26 insertions(+), 11 deletions(-)
> 
> diff --git a/src/conf/secret_conf.c b/src/conf/secret_conf.c
> index 966536599e..dd808aa21a 100644
> --- a/src/conf/secret_conf.c
> +++ b/src/conf/secret_conf.c
> @@ -32,6 +32,12 @@
>  
>  #define VIR_FROM_THIS VIR_FROM_SECRET
>  
> +VIR_ENUM_IMPL(virSecretEncryptionScheme,
> +              VIR_SECRET_ENCRYPTION_SCHEME_LAST,
> +              "none",
> +              "aes256cbc",
> +);
> +
>  VIR_LOG_INIT("conf.secret_conf");

Any reason for this to be in conf/secret_conf ?

It's not used in the XML, but rather an impl detail of the secret
driver.




>  
>  void
> diff --git a/src/conf/secret_conf.h b/src/conf/secret_conf.h
> index 8f8f47933a..c11558357e 100644
> --- a/src/conf/secret_conf.h
> +++ b/src/conf/secret_conf.h
> @@ -21,6 +21,7 @@
>  #pragma once
>  
>  #include "internal.h"
> +#include "virenum.h"
>  
>  typedef struct _virSecretDef virSecretDef;
>  struct _virSecretDef {
> @@ -32,6 +33,12 @@ struct _virSecretDef {
>      char *usage_id; /* May be NULL */
>  };
>  
> +typedef enum {
> +    VIR_SECRET_ENCRYPTION_SCHEME_NONE = 0,
> +    VIR_SECRET_ENCRYPTION_SCHEME_AES256CBC = 1,
> +    VIR_SECRET_ENCRYPTION_SCHEME_LAST
> +} virSecretEncryptionScheme;
> +
>  void virSecretDefFree(virSecretDef *def);
>  G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSecretDef, virSecretDefFree);
>  
> @@ -53,3 +60,5 @@ char *virSecretDefFormat(const virSecretDef *def);
>  #define VIR_CONNECT_LIST_SECRETS_FILTERS_ALL \
>                  (VIR_CONNECT_LIST_SECRETS_FILTERS_EPHEMERAL  | \
>                   VIR_CONNECT_LIST_SECRETS_FILTERS_PRIVATE)
> +
> +VIR_ENUM_DECL(virSecretEncryptionScheme);
> diff --git a/src/conf/virsecretobj.c b/src/conf/virsecretobj.c
> index 66270e2751..a3dd7983bb 100644
> --- a/src/conf/virsecretobj.c
> +++ b/src/conf/virsecretobj.c
> @@ -39,7 +39,7 @@ VIR_LOG_INIT("conf.virsecretobj");
>  struct _virSecretObj {
>      virObjectLockable parent;
>      char *configFile;
> -    char *base64File;
> +    char *secretValueFile;

Rename of this field is okay to stay as a separate patch.