From nobody Mon Feb 2 09:26:05 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1767982681; cv=none; d=zohomail.com; s=zohoarc; b=dCKkPGAnvKz+7a8pm9D1KLHgY/eQcjWLCBbhhVoDUXcoOrZt+a+oQwXCH13IYAHFDHq0Xm4RAmO4XOOvcMqpfFanYupco6AIqxbCYxVKLzY1jb8nD7LJYFS3hupzHPCJSqNBY8UjcLlhq6kIqY0Bm/UdNcov53wamKbmGJ75IA8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1767982681; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id; bh=WNB6OLtVPivx6R4QtSq9av4SuhjrOvAoVFJ77w5MYT4=; b=MDff9IpXVZgvr8cN08OJk+oEcqpjRD99qGppPbxekrIu8XZHjqO2B2UVmAgvy9jqHvjeg9+/c/7WOGkeua5FnVPPMXAMTkYwdFYVPYzCKyfffyw/1XK+rrC2kFVmz0eTOojfpRK6U9R6ukuAgx71zVTPp3VskEBytM5DRGIhx2s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 17679826810091015.8712643267716; Fri, 9 Jan 2026 10:18:01 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 882CA43F0F; Fri, 9 Jan 2026 13:18:00 -0500 (EST) Received: from [172.19.199.83] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 7417344204; Fri, 9 Jan 2026 13:10:30 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 9110B43FC2; Fri, 9 Jan 2026 13:10:05 -0500 (EST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id B09DA43E35 for ; Fri, 9 Jan 2026 13:09:53 -0500 (EST) Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com [209.85.214.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-119-mzmUJe8uNmen9bCK7GNVMA-1; Fri, 09 Jan 2026 13:09:51 -0500 Received: by mail-pl1-f197.google.com with SMTP id d9443c01a7336-2a0a0bad5dfso80688365ad.0 for ; Fri, 09 Jan 2026 10:09:51 -0800 (PST) Received: from armenon-kvm.armenon-thinkpadp16vgen1.bengluru.csb ([49.36.108.228]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2a3e3cc8803sm111020495ad.71.2026.01.09.10.09.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 09 Jan 2026 10:09:49 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1767982193; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WNB6OLtVPivx6R4QtSq9av4SuhjrOvAoVFJ77w5MYT4=; b=IBLejPE2LerRqL5DPA0zTXO96EJm5cBXNXMOj79ynh2qdk3ey7JG1Ofa8AoWmYUPY9qbcY 2zDS2jeDAmd0uPng0QQ35rtOBozhrX8Yh1OuWvX+XxKPsB0opfq51tL/s3WPIvjNFuVITo CMJuAFHtvf+II0o1TIDtOtBnC8pg904= X-MC-Unique: mzmUJe8uNmen9bCK7GNVMA-1 X-Mimecast-MFC-AGG-ID: mzmUJe8uNmen9bCK7GNVMA_1767982191 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1767982190; x=1768586990; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=WNB6OLtVPivx6R4QtSq9av4SuhjrOvAoVFJ77w5MYT4=; b=hPPudut5RUfiowtDrPr/VI6QdXxpKTe9P6rAv+cuQ6a9jNy0Fjy6lZ2R3C/CYQ764W dwFwSbBI2YeubIW0aH818fhgl0QVfb/4B5a5A17vYpUUBlRPjz5hTtDonV2aTqJqhdZb S0DP7cAIwedZtHX+F251nmu/LEkklg7VmDTMW/hiafK9r0df4P6014JOJIWDz8cwKONT 8jQX7YhvjoXgVrPHGIfkwYmopcIWL4268IuzaGCKrVbpbLRyq4GMxUBF4Z6hQRgpoE1I 0/A1oQZa3NOnhmc+kJGUSdO5xlOr4GXZj0ZAfTmGmmZe07LajslcdU0hOp6Gk3pmEv5a an1A== X-Gm-Message-State: AOJu0Yx2X79pYDJ6hCIzNP7c/68eisGXKzFgUZCv0kDufvcfHwGZxXAA 17J0eshCYLE7uwCKutyZEOBB44O5z/qCZmeYNHyqKlH1lU4Qu2JG6W+pgNs/rcLT4X/NZ3wlYmw 2Haqs1Nx53SsIMv3YSlzmd4KLJBhjWN/maprV6Z9zOYfvCt8iSRidYqUAPKi/dQIHfLnKCGriR6 zN72No0g+DtROSay2E8YYOE7Tq84hPfeqNdz0749f9zQ== X-Gm-Gg: AY/fxX5lEFKqpVvOJLiZ0j5V7fsnimlVX6KuoismDhZcc6SowJJpEZhk8FYx8Oe2YnC aZ6h5nOSknJHBxxhYuZnOFsYUrvQ0Mb9MWkppcbH+WwDEXLPRxliNJJICGcG+dNPVHhvNJUbpJO OEXw5Brwa1h0cpJFox3yDq+789BEVr+Q4NjBtHRjqs+VyajfHQtHiYLZxZ0juWCL+Ddv8etvipR 5/VxQgIjo4FiAyBGAcnJvPWiRbqs0kn4e+5xwe0IOOWDoPLwGsWtsQ3D8XOy/ija/J57PLiArWg JppldK9JQGZ+TUsuz3trsFHYzOA1mTSSvZmQdEg8skPD5uT3nFb9u3IxIJ+gV6r6az3fl+0o3qy OFW1v4/dXVsfGnQ9cNRBCawqC4Vf0I9dMJM2GR0fLoMUbOP8j+VYldbWvnQ== X-Received: by 2002:a17:903:234a:b0:2a0:b066:3f55 with SMTP id d9443c01a7336-2a3ee4151fbmr97422745ad.10.1767982190380; Fri, 09 Jan 2026 10:09:50 -0800 (PST) X-Google-Smtp-Source: AGHT+IHEIq7Y13NlaJN/K4TgZAXvAqMXF2p/yqsNps62EySeBN8BFx2AsevIoSGh8VqphINmRJyokw== X-Received: by 2002:a17:903:234a:b0:2a0:b066:3f55 with SMTP id d9443c01a7336-2a3ee4151fbmr97422505ad.10.1767982189770; Fri, 09 Jan 2026 10:09:49 -0800 (PST) To: devel@lists.libvirt.org Subject: [PATCH v4 5/6] secret: Add functionality to load and save secrets in encrypted format Date: Fri, 9 Jan 2026 23:39:35 +0530 Message-ID: <20260109180936.127454-6-armenon@redhat.com> X-Mailer: git-send-email 2.51.1 In-Reply-To: <20260109180936.127454-1-armenon@redhat.com> References: <20260109180936.127454-1-armenon@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: REIXmKTRc2dGDbB8ocgBGVoxhqHFWSvAam3gYJyYxM8_1767982191 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: KZZMO6P226T3N7YKDH76SA6QYJQGWW3L X-Message-ID-Hash: KZZMO6P226T3N7YKDH76SA6QYJQGWW3L X-MailFrom: armenon@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Arun Menon X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Arun Menon via Devel Reply-To: Arun Menon X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1767982707690158500 Content-Type: text/plain; charset="utf-8"; x-default="true" Now that we have the functionality to provide the secrets driver with an encryption key through a configuration file or using system credentials, and the newly introduced array to iterate over the encryption schemes, we can use the key to save and load secrets. Encrypt all secrets that are going to be saved on the disk if the 'secrets_encryption_key' path is set in the secret.conf file OR if a valid systemd generated credential exists. While loading secrets, identify the decryption method by matching the file extension of the stored secret against the known array values. If no matching scheme is found, the secret is skipped. If the encryption key is changed across restarts, then also the secret driver will fail to lo= ad the secrets from the disk that were encrypted with the former key. Signed-off-by: Arun Menon --- src/conf/virsecretobj.c | 175 ++++++++++++++++++++++++++++++------- src/conf/virsecretobj.h | 18 +++- src/secret/secret_driver.c | 23 +++-- 3 files changed, 176 insertions(+), 40 deletions(-) diff --git a/src/conf/virsecretobj.c b/src/conf/virsecretobj.c index a3dd7983bb..4dcb32f69a 100644 --- a/src/conf/virsecretobj.c +++ b/src/conf/virsecretobj.c @@ -31,6 +31,10 @@ #include "virhash.h" #include "virlog.h" #include "virstring.h" +#include "virsecret.h" +#include "virrandom.h" +#include "vircrypto.h" +#include "virsecureerase.h" =20 #define VIR_FROM_THIS VIR_FROM_SECRET =20 @@ -45,6 +49,16 @@ struct _virSecretObj { size_t value_size; }; =20 +typedef struct _virSecretSchemeInfo { + const char *suffix; + virCryptoCipher cipher; +} virSecretSchemeInfo; + +virSecretSchemeInfo schemeInfo[] =3D { + { ".aes256cbc", VIR_CRYPTO_CIPHER_AES256CBC }, + { ".base64", -1 }, +}; + static virClass *virSecretObjClass; static virClass *virSecretObjListClass; static void virSecretObjDispose(void *obj); @@ -323,7 +337,8 @@ virSecretObj * virSecretObjListAdd(virSecretObjList *secrets, virSecretDef **newdef, const char *configDir, - virSecretDef **oldDef) + virSecretDef **oldDef, + bool encryptData) { virSecretObj *obj; virSecretDef *objdef; @@ -363,6 +378,11 @@ virSecretObjListAdd(virSecretObjList *secrets, } else { /* No existing secret with same UUID, * try look for matching usage instead */ + const char *secretSuffix =3D ".base64"; + g_autofree char *encryptionSchemeSuffix =3D NULL; + g_autofree char *oldSecretValueFile =3D virFileBuildPath(configDir, + uuidstr, + secretSuffi= x); if ((obj =3D virSecretObjListFindByUsageLocked(secrets, (*newdef)->usage_type, (*newdef)->usage_id))= ) { @@ -379,10 +399,24 @@ virSecretObjListAdd(virSecretObjList *secrets, goto cleanup; =20 /* Generate the possible configFile and secretValueFile strings - * using the configDir, uuidstr, and appropriate suffix + * using the configDir, uuidstr, and appropriate suffix. + * By default, the latest encryption cipher will be used to encryp= t secrets. */ + if (encryptData) { + /* The virSecretObjListAdd() function is called during both + * loading a secret and creating a new one. Check if there is = an unencrypted + * .base64 secret present on the disk. + */ + if (virFileExists(oldSecretValueFile)) { + encryptionSchemeSuffix =3D g_strdup(secretSuffix); + } else { + encryptionSchemeSuffix =3D g_strdup(schemeInfo[0].suffix); + } + } else { + encryptionSchemeSuffix =3D g_strdup(secretSuffix); + } if (!(obj->configFile =3D virFileBuildPath(configDir, uuidstr, ".x= ml")) || - !(obj->secretValueFile =3D virFileBuildPath(configDir, uuidstr= , ".base64"))) + !(obj->secretValueFile =3D virFileBuildPath(configDir, uuidstr= , encryptionSchemeSuffix))) goto cleanup; =20 if (virHashAddEntry(secrets->objs, uuidstr, obj) < 0) @@ -682,15 +716,40 @@ virSecretObjSaveConfig(virSecretObj *obj) =20 =20 int -virSecretObjSaveData(virSecretObj *obj) +virSecretObjSaveData(virSecretObj *obj, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { g_autofree char *base64 =3D NULL; + g_autofree uint8_t *secret =3D NULL; + g_autofree uint8_t *encryptedValue =3D NULL; + size_t encryptedValueLen =3D 0; + size_t secretLen =3D 0; + uint8_t iv[16] =3D { 0 }; =20 if (!obj->value) return 0; =20 - base64 =3D g_base64_encode(obj->value, obj->value_size); - + if (encryptData && secretsEncryptionKey) { + if (virRandomBytes(iv, sizeof(iv)) < 0) { + return -1; + } + if (virCryptoEncryptData(schemeInfo[0].cipher, + secretsEncryptionKey, secretsKeyLen, + iv, sizeof(iv), + (uint8_t *)obj->value, obj->value_size, + &encryptedValue, &encryptedValueLen) < 0)= { + return -1; + } + secretLen =3D sizeof(iv) + encryptedValueLen; + secret =3D g_new0(uint8_t, secretLen); + memcpy(secret, iv, sizeof(iv)); + memcpy(secret + sizeof(iv), encryptedValue, encryptedValueLen); + base64 =3D g_base64_encode(secret, secretLen); + } else { + base64 =3D g_base64_encode(obj->value, obj->value_size); + } if (virFileRewriteStr(obj->secretValueFile, S_IRUSR | S_IWUSR, base64)= < 0) return -1; =20 @@ -737,7 +796,10 @@ virSecretObjGetValue(virSecretObj *obj) int virSecretObjSetValue(virSecretObj *obj, const unsigned char *value, - size_t value_size) + size_t value_size, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { virSecretDef *def =3D obj->def; g_autofree unsigned char *old_value =3D NULL; @@ -753,7 +815,10 @@ virSecretObjSetValue(virSecretObj *obj, obj->value =3D g_steal_pointer(&new_value); obj->value_size =3D value_size; =20 - if (!def->isephemeral && virSecretObjSaveData(obj) < 0) + if (!def->isephemeral && virSecretObjSaveData(obj, + encryptData, + secretsEncryptionKey, + secretsKeyLen) < 0) goto error; =20 /* Saved successfully - drop old value */ @@ -807,11 +872,23 @@ virSecretLoadValidateUUID(virSecretDef *def, =20 =20 static int -virSecretLoadValue(virSecretObj *obj) +virSecretLoadValue(virSecretObj *obj, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { - int ret =3D -1, fd =3D -1; + int ret =3D -1; + VIR_AUTOCLOSE fd =3D -1; struct stat st; + size_t i; + g_autofree char *contents =3D NULL; + g_autofree uint8_t *contentsEncrypted =3D NULL; + g_autofree uint8_t *decryptedValue =3D NULL; + + size_t decryptedValueLen =3D 0; + uint8_t iv[16] =3D { 0 }; + uint8_t *ciphertext =3D NULL; + size_t ciphertextLen =3D 0; =20 if ((fd =3D open(obj->secretValueFile, O_RDONLY)) =3D=3D -1) { if (errno =3D=3D ENOENT) { @@ -841,25 +918,52 @@ virSecretLoadValue(virSecretObj *obj) goto cleanup; } =20 - contents =3D g_new0(char, st.st_size + 1); - - if (saferead(fd, contents, st.st_size) !=3D st.st_size) { - virReportSystemError(errno, _("cannot read '%1$s'"), - obj->secretValueFile); - goto cleanup; + /* Iterate over the encryption schemes and decrypt the contents + * of the file on the disk, by matching the file extension with the en= cryption + * scheme. + * If there is no scheme matching the file extension, then that secret= is not loaded. */ + + for (i =3D 0; i < G_N_ELEMENTS(schemeInfo); i++) { + if (virStringHasSuffix(obj->secretValueFile, schemeInfo[i].suffix)= ) { + contents =3D g_new0(char, st.st_size + 1); + if (saferead(fd, contents, st.st_size) !=3D st.st_size) { + virReportSystemError(errno, _("cannot read '%1$s'"), + obj->secretValueFile); + goto cleanup; + } + contents[st.st_size] =3D '\0'; + if (schemeInfo[i].cipher !=3D -1) { + contentsEncrypted =3D g_base64_decode(contents, &obj->valu= e_size); + if (sizeof(iv) > obj->value_size) { + virReportError(VIR_ERR_INVALID_SECRET, + _("Encrypted secret size '%1$zu' is inv= alid"), + obj->value_size); + goto cleanup; + } + memcpy(iv, contentsEncrypted, sizeof(iv)); + ciphertext =3D contentsEncrypted + sizeof(iv); + ciphertextLen =3D obj->value_size - sizeof(iv); + if (virCryptoDecryptData(schemeInfo[i].cipher, + secretsEncryptionKey, secretsKeyL= en, + iv, sizeof(iv), + ciphertext, ciphertextLen, + &decryptedValue, &decryptedValueL= en) < 0) { + goto cleanup; + } + g_free(obj->value); + obj->value =3D g_steal_pointer(&decryptedValue); + obj->value_size =3D decryptedValueLen; + } else { + obj->value =3D g_base64_decode(contents, &obj->value_size); + } + break; + } } - contents[st.st_size] =3D '\0'; - - VIR_FORCE_CLOSE(fd); - - obj->value =3D g_base64_decode(contents, &obj->value_size); - ret =3D 0; - cleanup: - if (contents !=3D NULL) - memset(contents, 0, st.st_size); - VIR_FORCE_CLOSE(fd); + virSecureErase(contentsEncrypted, obj->value_size); + virSecureErase(contents, st.st_size); + virSecureErase(iv, sizeof(iv)); return ret; } =20 @@ -868,7 +972,10 @@ static virSecretObj * virSecretLoad(virSecretObjList *secrets, const char *file, const char *path, - const char *configDir) + const char *configDir, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { g_autoptr(virSecretDef) def =3D NULL; virSecretObj *obj =3D NULL; @@ -879,10 +986,10 @@ virSecretLoad(virSecretObjList *secrets, if (virSecretLoadValidateUUID(def, file) < 0) return NULL; =20 - if (!(obj =3D virSecretObjListAdd(secrets, &def, configDir, NULL))) + if (!(obj =3D virSecretObjListAdd(secrets, &def, configDir, NULL, encr= yptData))) return NULL; =20 - if (virSecretLoadValue(obj) < 0) { + if (virSecretLoadValue(obj, secretsEncryptionKey, secretsKeyLen) < 0) { virSecretObjListRemove(secrets, obj); g_clear_pointer(&obj, virObjectUnref); return NULL; @@ -894,7 +1001,10 @@ virSecretLoad(virSecretObjList *secrets, =20 int virSecretLoadAllConfigs(virSecretObjList *secrets, - const char *configDir) + const char *configDir, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { g_autoptr(DIR) dir =3D NULL; struct dirent *de; @@ -915,7 +1025,10 @@ virSecretLoadAllConfigs(virSecretObjList *secrets, if (!(path =3D virFileBuildPath(configDir, de->d_name, NULL))) continue; =20 - if (!(obj =3D virSecretLoad(secrets, de->d_name, path, configDir))= ) { + if (!(obj =3D virSecretLoad(secrets, de->d_name, path, configDir, + encryptData, + secretsEncryptionKey, + secretsKeyLen))) { VIR_ERROR(_("Error reading secret: %1$s"), virGetLastErrorMessage()); continue; diff --git a/src/conf/virsecretobj.h b/src/conf/virsecretobj.h index 17897c5513..2e4d980988 100644 --- a/src/conf/virsecretobj.h +++ b/src/conf/virsecretobj.h @@ -51,7 +51,8 @@ virSecretObj * virSecretObjListAdd(virSecretObjList *secrets, virSecretDef **newdef, const char *configDir, - virSecretDef **oldDef); + virSecretDef **oldDef, + bool encryptData); =20 typedef bool (*virSecretObjListACLFilter)(virConnectPtr conn, @@ -86,7 +87,10 @@ int virSecretObjSaveConfig(virSecretObj *obj); =20 int -virSecretObjSaveData(virSecretObj *obj); +virSecretObjSaveData(virSecretObj *obj, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen); =20 virSecretDef * virSecretObjGetDef(virSecretObj *obj); @@ -101,7 +105,10 @@ virSecretObjGetValue(virSecretObj *obj); int virSecretObjSetValue(virSecretObj *obj, const unsigned char *value, - size_t value_size); + size_t value_size, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen); =20 size_t virSecretObjGetValueSize(virSecretObj *obj); @@ -112,4 +119,7 @@ virSecretObjSetValueSize(virSecretObj *obj, =20 int virSecretLoadAllConfigs(virSecretObjList *secrets, - const char *configDir); + const char *configDir, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen); diff --git a/src/secret/secret_driver.c b/src/secret/secret_driver.c index 9b13772ad3..f25b9ba73f 100644 --- a/src/secret/secret_driver.c +++ b/src/secret/secret_driver.c @@ -223,13 +223,17 @@ secretDefineXML(virConnectPtr conn, goto cleanup; =20 if (!(obj =3D virSecretObjListAdd(driver->secrets, &def, - driver->configDir, &backup))) + driver->configDir, &backup, + driver->config->encryptData))) goto cleanup; objDef =3D virSecretObjGetDef(obj); =20 if (!objDef->isephemeral) { if (backup && backup->isephemeral) { - if (virSecretObjSaveData(obj) < 0) + if (virSecretObjSaveData(obj, + driver->config->encryptData, + driver->config->secretsEncryptionKey, + driver->config->secretsKeyLen) < 0) goto restore_backup; } =20 @@ -333,7 +337,10 @@ secretSetValue(virSecretPtr secret, if (virSecretSetValueEnsureACL(secret->conn, def) < 0) goto cleanup; =20 - if (virSecretObjSetValue(obj, value, value_size) < 0) + if (virSecretObjSetValue(obj, value, value_size, + driver->config->encryptData, + driver->config->secretsEncryptionKey, + driver->config->secretsKeyLen) < 0) goto cleanup; =20 event =3D virSecretEventValueChangedNew(def->uuid, @@ -542,7 +549,10 @@ secretStateInitialize(bool privileged, if (!(driver->secrets =3D virSecretObjListNew())) goto error; =20 - if (virSecretLoadAllConfigs(driver->secrets, driver->configDir) < 0) + if (virSecretLoadAllConfigs(driver->secrets, driver->configDir, + driver->config->encryptData, + driver->config->secretsEncryptionKey, + driver->config->secretsKeyLen) < 0) goto error; =20 return VIR_DRV_STATE_INIT_COMPLETE; @@ -564,7 +574,10 @@ secretStateReload(void) if (!(driver->config =3D virSecretDaemonConfigNew(driver->privileged))) return -1; =20 - ignore_value(virSecretLoadAllConfigs(driver->secrets, driver->configDi= r)); + ignore_value(virSecretLoadAllConfigs(driver->secrets, driver->configDi= r, + driver->config->encryptData, + driver->config->secretsEncryption= Key, + driver->config->secretsKeyLen)); =20 return 0; } --=20 2.51.1