2012-02-01 12:34:08 +00:00
|
|
|
/* libsecret - GLib wrapper for Secret Service
|
2011-09-25 06:22:36 +00:00
|
|
|
*
|
|
|
|
* Copyright 2011 Collabora Ltd.
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Lesser General Public License as published
|
2012-03-31 13:32:43 +00:00
|
|
|
* by the Free Software Foundation; either version 2.1 of the licence or (at
|
2011-09-25 06:22:36 +00:00
|
|
|
* your option) any later version.
|
|
|
|
*
|
|
|
|
* See the included COPYING file for more information.
|
2012-03-31 13:32:43 +00:00
|
|
|
*
|
|
|
|
* Author: Stef Walter <stefw@gnome.org>
|
2011-09-25 06:22:36 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "config.h"
|
|
|
|
|
2012-02-01 12:34:08 +00:00
|
|
|
#include "secret-private.h"
|
|
|
|
#include "secret-value.h"
|
2011-09-25 06:22:36 +00:00
|
|
|
|
|
|
|
#include "egg/egg-secure-memory.h"
|
|
|
|
|
|
|
|
#include <string.h>
|
|
|
|
|
2012-02-02 13:59:59 +00:00
|
|
|
/**
|
|
|
|
* SECTION:secret-value
|
|
|
|
* @title: SecretValue
|
|
|
|
* @short_description: a value containing a secret
|
|
|
|
*
|
|
|
|
* A #SecretValue contains a password or other secret value.
|
|
|
|
*
|
|
|
|
* Use secret_value_get() to get the actual secret data, such as a password.
|
|
|
|
* The secret data is not necessarily null-terminated, unless the content type
|
|
|
|
* is "text/plain".
|
|
|
|
*
|
|
|
|
* Each #SecretValue has a content type. For passwords, this is "text/plain".
|
|
|
|
* Use secret_value_get_content_type() to look at the content type.
|
|
|
|
*
|
|
|
|
* #SecretValue is reference counted and immutable. The secret data is only
|
|
|
|
* freed when all references have been released via secret_value_unref().
|
2012-03-24 06:52:12 +00:00
|
|
|
*
|
2012-04-27 14:57:36 +00:00
|
|
|
* Stability: Unstable
|
2012-02-02 13:59:59 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* SecretValue:
|
|
|
|
*
|
|
|
|
* A secret value, like a password or other binary secret.
|
|
|
|
*/
|
|
|
|
|
2012-02-01 12:34:08 +00:00
|
|
|
EGG_SECURE_DECLARE (secret_value);
|
2011-09-25 06:22:36 +00:00
|
|
|
|
2012-02-01 12:34:08 +00:00
|
|
|
struct _SecretValue {
|
2011-09-25 06:22:36 +00:00
|
|
|
gint refs;
|
|
|
|
gpointer secret;
|
|
|
|
gsize length;
|
|
|
|
GDestroyNotify destroy;
|
|
|
|
gchar *content_type;
|
|
|
|
};
|
|
|
|
|
|
|
|
GType
|
2012-02-01 12:34:08 +00:00
|
|
|
secret_value_get_type (void)
|
2011-09-25 06:22:36 +00:00
|
|
|
{
|
|
|
|
static gsize initialized = 0;
|
|
|
|
static GType type = 0;
|
|
|
|
|
|
|
|
if (g_once_init_enter (&initialized)) {
|
2012-02-01 12:34:08 +00:00
|
|
|
type = g_boxed_type_register_static ("SecretValue",
|
|
|
|
(GBoxedCopyFunc)secret_value_ref,
|
|
|
|
(GBoxedFreeFunc)secret_value_unref);
|
2011-09-25 06:22:36 +00:00
|
|
|
g_once_init_leave (&initialized, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
return type;
|
|
|
|
}
|
|
|
|
|
2012-02-02 12:40:47 +00:00
|
|
|
/**
|
2012-04-27 14:57:36 +00:00
|
|
|
* secret_value_new:
|
2012-02-02 12:40:47 +00:00
|
|
|
* @secret: the secret data
|
|
|
|
* @length: the length of the data
|
|
|
|
* @content_type: the content type of the data
|
|
|
|
*
|
|
|
|
* Create a #SecretValue for the secret data passed in. The secret data is
|
|
|
|
* copied into non-pageable 'secure' memory.
|
|
|
|
*
|
|
|
|
* If the length is less than zero, then @secret is assumed to be
|
|
|
|
* null-terminated.
|
|
|
|
*
|
|
|
|
* Returns: (transfer full): the new #SecretValue
|
|
|
|
*/
|
|
|
|
SecretValue *
|
|
|
|
secret_value_new (const gchar *secret,
|
|
|
|
gssize length,
|
|
|
|
const gchar *content_type)
|
2011-09-25 06:22:36 +00:00
|
|
|
{
|
|
|
|
gchar *copy;
|
|
|
|
|
2011-11-12 07:08:12 +00:00
|
|
|
g_return_val_if_fail (secret == NULL || length != 0, NULL);
|
2011-09-25 06:22:36 +00:00
|
|
|
g_return_val_if_fail (content_type, NULL);
|
|
|
|
|
|
|
|
if (length < 0)
|
|
|
|
length = strlen (secret);
|
|
|
|
|
|
|
|
copy = egg_secure_alloc (length + 1);
|
|
|
|
memcpy (copy, secret, length);
|
|
|
|
copy[length] = 0;
|
2012-02-01 12:34:08 +00:00
|
|
|
return secret_value_new_full (copy, length, content_type, egg_secure_free);
|
2011-09-25 06:22:36 +00:00
|
|
|
}
|
|
|
|
|
2012-02-02 12:40:47 +00:00
|
|
|
/**
|
|
|
|
* secret_value_new_full:
|
|
|
|
* @secret: the secret data
|
|
|
|
* @length: the length of the data
|
|
|
|
* @content_type: the content type of the data
|
|
|
|
* @destroy: function to call to free the secret data
|
|
|
|
*
|
|
|
|
* Create a #SecretValue for the secret data passed in. The secret data is
|
|
|
|
* not copied, and will later be freed with the @destroy function.
|
|
|
|
*
|
|
|
|
* If the length is less than zero, then @secret is assumed to be
|
|
|
|
* null-terminated.
|
|
|
|
*
|
|
|
|
* Returns: (transfer full): the new #SecretValue
|
|
|
|
*/
|
|
|
|
SecretValue *
|
|
|
|
secret_value_new_full (gchar *secret,
|
|
|
|
gssize length,
|
|
|
|
const gchar *content_type,
|
|
|
|
GDestroyNotify destroy)
|
2011-09-25 06:22:36 +00:00
|
|
|
{
|
2012-02-01 12:34:08 +00:00
|
|
|
SecretValue *value;
|
2011-09-25 06:22:36 +00:00
|
|
|
|
2011-11-12 07:08:12 +00:00
|
|
|
g_return_val_if_fail (secret == NULL || length != 0, NULL);
|
2011-09-25 06:22:36 +00:00
|
|
|
g_return_val_if_fail (content_type, NULL);
|
|
|
|
|
|
|
|
if (length < 0)
|
|
|
|
length = strlen (secret);
|
|
|
|
|
2012-02-01 12:34:08 +00:00
|
|
|
value = g_slice_new0 (SecretValue);
|
2011-11-12 07:08:12 +00:00
|
|
|
value->refs = 1;
|
|
|
|
value->content_type = g_strdup (content_type);
|
2011-09-25 06:22:36 +00:00
|
|
|
value->destroy = destroy;
|
|
|
|
value->length = length;
|
|
|
|
value->secret = secret;
|
|
|
|
|
|
|
|
return value;
|
|
|
|
}
|
|
|
|
|
2012-02-02 12:40:47 +00:00
|
|
|
/**
|
|
|
|
* secret_value_get:
|
|
|
|
* @value: the value
|
|
|
|
* @length: (out): the length of the secret
|
|
|
|
*
|
|
|
|
* Get the secret data in the #SecretValue. The value is not necessarily
|
|
|
|
* null-terminated unless it was created with secret_value_new() or a
|
|
|
|
* null-terminated string was passed to secret_value_new_full().
|
|
|
|
*
|
|
|
|
* Returns: (array length=length): the secret data
|
|
|
|
*/
|
|
|
|
const gchar *
|
|
|
|
secret_value_get (SecretValue *value,
|
|
|
|
gsize *length)
|
2011-09-25 06:22:36 +00:00
|
|
|
{
|
|
|
|
g_return_val_if_fail (value, NULL);
|
|
|
|
if (length)
|
|
|
|
*length = value->length;
|
|
|
|
return value->secret;
|
|
|
|
}
|
|
|
|
|
2012-02-02 12:40:47 +00:00
|
|
|
/**
|
|
|
|
* secret_value_get_content_type:
|
|
|
|
* @value: the value
|
|
|
|
*
|
|
|
|
* Get the content type of the secret value, such as
|
|
|
|
* <literal>text/plain</literal>.
|
|
|
|
*
|
|
|
|
* Returns: the content type
|
|
|
|
*/
|
|
|
|
const gchar *
|
2012-02-01 12:34:08 +00:00
|
|
|
secret_value_get_content_type (SecretValue *value)
|
2011-09-25 06:22:36 +00:00
|
|
|
{
|
|
|
|
g_return_val_if_fail (value, NULL);
|
|
|
|
return value->content_type;
|
|
|
|
}
|
|
|
|
|
2012-02-02 12:40:47 +00:00
|
|
|
/**
|
2012-04-27 14:57:36 +00:00
|
|
|
* secret_value_ref:
|
2012-02-02 12:40:47 +00:00
|
|
|
* @value: value to reference
|
|
|
|
*
|
|
|
|
* Add another reference to the #SecretValue. For each reference
|
|
|
|
* secret_value_unref() should be called to unreference the value.
|
|
|
|
*
|
|
|
|
* Returns: (transfer full): the value
|
|
|
|
*/
|
|
|
|
SecretValue *
|
2012-02-01 12:34:08 +00:00
|
|
|
secret_value_ref (SecretValue *value)
|
2011-09-25 06:22:36 +00:00
|
|
|
{
|
|
|
|
g_return_val_if_fail (value, NULL);
|
|
|
|
g_atomic_int_inc (&value->refs);
|
|
|
|
return value;
|
|
|
|
}
|
|
|
|
|
2012-02-02 12:40:47 +00:00
|
|
|
/**
|
|
|
|
* secret_value_unref:
|
2012-07-13 07:04:55 +00:00
|
|
|
* @value: (type SecretUnstable.Value) (allow-none): value to unreference
|
2012-02-02 12:40:47 +00:00
|
|
|
*
|
|
|
|
* Unreference a #SecretValue. When the last reference is gone, then
|
|
|
|
* the value will be freed.
|
|
|
|
*/
|
2011-09-25 06:22:36 +00:00
|
|
|
void
|
2012-02-01 12:34:08 +00:00
|
|
|
secret_value_unref (gpointer value)
|
2011-09-25 06:22:36 +00:00
|
|
|
{
|
2012-02-01 12:34:08 +00:00
|
|
|
SecretValue *val = value;
|
2011-09-25 06:22:36 +00:00
|
|
|
|
2012-01-16 14:08:29 +00:00
|
|
|
g_return_if_fail (value != NULL);
|
2011-09-25 06:22:36 +00:00
|
|
|
|
|
|
|
if (g_atomic_int_dec_and_test (&val->refs)) {
|
|
|
|
g_free (val->content_type);
|
|
|
|
if (val->destroy)
|
|
|
|
(val->destroy) (val->secret);
|
2012-02-01 12:34:08 +00:00
|
|
|
g_slice_free (SecretValue, val);
|
2011-09-25 06:22:36 +00:00
|
|
|
}
|
|
|
|
}
|
2012-01-16 14:08:29 +00:00
|
|
|
|
2012-03-25 10:23:29 +00:00
|
|
|
static gboolean
|
|
|
|
is_password_value (SecretValue *value)
|
|
|
|
{
|
|
|
|
if (value->content_type && g_str_equal (value->content_type, "text/plain"))
|
|
|
|
return TRUE;
|
|
|
|
|
|
|
|
/* gnome-keyring-daemon used to return passwords like this, so support this, but validate */
|
|
|
|
if (!value->content_type || g_str_equal (value->content_type, "application/octet-stream"))
|
|
|
|
return g_utf8_validate (value->secret, value->length, NULL);
|
|
|
|
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2012-01-16 14:08:29 +00:00
|
|
|
gchar *
|
2012-02-01 12:34:08 +00:00
|
|
|
_secret_value_unref_to_password (SecretValue *value)
|
2012-01-16 14:08:29 +00:00
|
|
|
{
|
2012-02-01 12:34:08 +00:00
|
|
|
SecretValue *val = value;
|
2012-01-16 14:08:29 +00:00
|
|
|
gchar *result;
|
|
|
|
|
|
|
|
g_return_val_if_fail (value != NULL, NULL);
|
|
|
|
|
2012-03-25 10:23:29 +00:00
|
|
|
if (!is_password_value (value)) {
|
2012-02-01 12:34:08 +00:00
|
|
|
secret_value_unref (value);
|
2012-01-16 14:08:29 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (g_atomic_int_dec_and_test (&val->refs)) {
|
|
|
|
if (val->destroy == egg_secure_free) {
|
|
|
|
result = val->secret;
|
|
|
|
|
|
|
|
} else {
|
2012-03-25 10:17:03 +00:00
|
|
|
result = egg_secure_strndup (val->secret, val->length);
|
2012-01-16 14:08:29 +00:00
|
|
|
if (val->destroy)
|
|
|
|
(val->destroy) (val->secret);
|
|
|
|
}
|
|
|
|
g_free (val->content_type);
|
2012-02-01 12:34:08 +00:00
|
|
|
g_slice_free (SecretValue, val);
|
2012-01-16 14:08:29 +00:00
|
|
|
|
|
|
|
} else {
|
2012-03-25 10:17:03 +00:00
|
|
|
result = egg_secure_strndup (val->secret, val->length);
|
2012-01-16 14:08:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return result;
|
|
|
|
}
|
2012-03-11 08:06:40 +00:00
|
|
|
|
|
|
|
gchar *
|
|
|
|
_secret_value_unref_to_string (SecretValue *value)
|
|
|
|
{
|
|
|
|
SecretValue *val = value;
|
|
|
|
gchar *result;
|
|
|
|
|
|
|
|
g_return_val_if_fail (value != NULL, NULL);
|
|
|
|
|
2012-03-25 10:23:29 +00:00
|
|
|
if (!is_password_value (value)) {
|
2012-03-11 08:06:40 +00:00
|
|
|
secret_value_unref (value);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (g_atomic_int_dec_and_test (&val->refs)) {
|
|
|
|
if (val->destroy == g_free) {
|
|
|
|
result = val->secret;
|
|
|
|
|
|
|
|
} else {
|
2012-03-25 10:17:03 +00:00
|
|
|
result = g_strndup (val->secret, val->length);
|
2012-03-11 08:06:40 +00:00
|
|
|
if (val->destroy)
|
|
|
|
(val->destroy) (val->secret);
|
|
|
|
}
|
|
|
|
g_free (val->content_type);
|
|
|
|
g_slice_free (SecretValue, val);
|
|
|
|
|
|
|
|
} else {
|
2012-03-25 10:17:03 +00:00
|
|
|
result = g_strndup (val->secret, val->length);
|
2012-03-11 08:06:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return result;
|
|
|
|
}
|