[Interest] QML and sensitive data
Alexander Ivash
elderorb at gmail.com
Mon Sep 9 23:35:24 CEST 2019
Just in case if someone will be looking for solution - I've managed to
eliminate all the sensitive data from memory on closing particular QML
screen without sacrificing existing architecture. The secret is pretty
simple: just avoid situations when QString-s gets copied into JS
strings:
1. Do not use QJsonArray as the model for QML, use QVariantList as the
replacement instead. At least because QVariantList of QVariants of
QStrings allows an access to QString if required.
2. Use Quick Controls 2 because they are implemented in C++ and thus
doesn't result in creation of JS strings
3. On destruction of Quick Controls pass properties like 'text',
'displayText' etc to C++ where const_cast and nullify
implicitly-shared buffer.
Bonus: QJsonDocument provides nice 'rawData' function allowing to
cleanup its internals if required.
чт, 5 сент. 2019 г. в 19:07, Konstantin Tokarev <annulen at yandex.ru>:
>
>
>
> 05.09.2019, 19:02, "Jason H" <jhihn at gmx.com>:
> >> On Wednesday, 4 September 2019 16:20:44 PDT Alexander Ivash wrote:
> >> > Thank you for fast response, but my question is purely about QML. On
> >> > C++ side I have a lot of ways for nullifying / erasing sensitive
> >> > information *after* it is not needed (let say after particular QML
> >> > screen gets' closed). But on QML / JS side I have no any control at
> >> > all. Would be great if one of QML guys could step in and comment too.
> >>
> >> As I said, the moment you want to display a string, it's no longer considered
> >> secure. This has nothing to do with QML.
> >>
> >> The string will be used for text shaping, the pixels will be drawn in a
> >> pixmap, said pixmap will be shared with the compositor, which then by some
> >> means uploads it to the GPU.
> >
> > If you have an array of non-contiguous 1-char strings, which are converted to images, then displayed sequentially (increasing x position) then you never have the string in memory.
> >
>
> If you can sacrifice proper shaping, this might actually work.
>
> --
> Regards,
> Konstantin
>
> _______________________________________________
> Interest mailing list
> Interest at qt-project.org
> https://lists.qt-project.org/listinfo/interest
More information about the Interest
mailing list