Commit Graph

48 Commits

Author SHA1 Message Date
Daiki Ueno
ac1367056d session: Tolerate non-approved DH parameter usage in FIPS mode
The SecretSession protocol uses a weak Diffie-Hellman parameters which
are not approved by FIPS. While this is not ideal, the protocol is not
designed as a general protection mechanism of data in transit, but
just as a safety net against when the dbus-daemon (or dbus-broker)
crashes and dumps a core, and thus bumping the protocol to use a
larger DH group would be overkill.

This patch temporarily disables the FIPS check around the GnuTLS DH
API calls to avoid errors.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2024-07-23 06:00:10 +09:00
Daiki Ueno
7f31c83230 tests: Remove unnecessary inclusion of <gcrypt.h>
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-12-11 08:39:58 +09:00
Dhanuka Warusadura
9cfa77f967 pam: port PAM module egg helper functions from gnome-keyring
This change is a part of the port PAM module from gnome-keyring
patch set.
These changes port gnome-keyring/egg/egg-unix-credentials.c to
libsecret/egg
Furthermore ports gnome-keyring/egg/egg-buffer.c to libsecret/egg

Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
2023-12-10 22:35:55 +05:30
Daiki Ueno
28486191b2 Support GnuTLS as an alternative crypto backend
This turns the `-Dgcrypt` build time option into a more generic
`-Dcrypto` option, which enables user to choose which cryptographic
library to link with.  It currently supports libgcrypt (`libgcrypt`)
and GnuTLS (`gnutls`); for the latter, GnuTLS 3.8.2 is the minimum
required version.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-12-04 16:50:49 +09:00
Daiki Ueno
564874beb0 file-collection: Move low-level crypto functions to egg
This moves low-level cryptographic functions into egg/egg-keyring1.c,
to make it easy to support multiple crypto backend libraries.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-12-04 16:50:10 +09:00
Daiki Ueno
47f524e2df egg-dh: Hide gcry_mpi_t from the internal API
This wraps gcry_mpi_t usage in the API with opaque strucs, so it would
be easier to port egg-dh to other crypto libraries.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-11-28 14:51:23 +09:00
Dhanuka Warusadura
bf0ddf7ff3 TPM2: fix g_memdup deprecated warning 2023-08-24 13:31:15 +00:00
Dhanuka Warusadura
ebb18f7885 TPM2: Fix primary key generation in decrypting
These changes fix TPM2 primary key generation in decrypting
when there is no primary key is present.

Also, fixes a memory issue.
2021-08-12 20:24:40 +05:30
Dhanuka Warusadura
63907d907e Add TPM2 API and its implementations to egg
These changes define the TPM2 API and add its implementations
to the incubation area (egg/).

Summary of the public API:
`egg_tpm2_initialize`: Start a TPM context.
`egg_tpm2_finalize`: End a TPM context.
`egg_tpm2_generate_master_password`: Generate and returns an
encrypted master password in `GBytes` format. TSS Marshaling,
GVariant serialization is used.
`egg_tpm2_decrypt_master_password`: Decrypts a master password
generated from `egg_tpm2_generate_master_password`. TSS
Unmarshaling, GVariant deserialization is used.

TPM2 API: TSS Enhanced System API (ESAPI)

Proposal: [extend file backend to use TPM2 derived encryption keys](https://gitlab.gnome.org/Teams/Engagement/gsoc-2021/-/issues/13)

Related MRs: [#86](https://gitlab.gnome.org/GNOME/libsecret/-/merge_requests/86)

Related Issues: [#63](https://gitlab.gnome.org/GNOME/libsecret/-/issues/63)
2021-08-04 14:42:55 +05:30
Dhanuka Warusadura
19ba24ddf9 Remove autotools config file
These changes remove egg/Makefile.am
Since, libsecret dropped autotools support this file should be
removed.
2021-07-05 10:29:10 +05:30
Daiki Ueno
7407a261b7 meson: Run tests for libegg 2021-07-03 18:54:04 +02:00
Niels De Graef
2c2b0abef7 Drop "volatile" for g_once_init_enter locations
This fixes a few (fatal in gcc 11) warnings, breaking the CI.

For the original discussion on why this change is needed, see
https://gitlab.gnome.org/GNOME/glib/-/issues/600
2021-06-12 13:23:00 +02:00
Niels De Graef
9959be81fd meson: Clean up unused variables 2020-06-01 09:08:04 +02:00
Daiki Ueno
9cfad7c621 egg-testing: Sync with gnome-keyring 2019-10-13 06:21:37 +00:00
Xi Ruoyao
c4fb5f033f build: Fix FTBFS using meson without valgrind
Now with meson build system libsecret FTBFS without valgrind installed.
Two issues: (1) egg-testing.c depends on valgrind/valgrind.h unnecessarily;
(2) we forgot to add "build" directory as a header directory for meson.

This commit resolves both of them.
2019-09-20 23:32:14 +08:00
Daiki Ueno
d17e93e696 tests: undef G_DISABLE_ASSERT
Since GLib 2.58, g_test_init started to be no-op if a test is compiled
with G_DISABLE_ASSERT defined.
2019-06-29 06:54:37 +02:00
Matthew Garrett
fb813abe5c egg: Request that secure memory not be dumped to disk
Linux 3.4 added support for the MADV_DONTDUMP option to madvise(), which
requests that the covered memory not be included in coredumps. It makes
sense to use this to prevent cases where application crashes could
result in secrets being persisted to disk or included in dumps that are
uploaded to remote servers for analysis. I've avoided making this fatal
since there's a chance this code could be built on systems that have
MADV_DONTDUMP but run on systems that don't.
2019-06-02 14:46:54 +02:00
Niels De Graef
f5a1f47f37 Fix the meson build on -Dgcrypt=false
Fixes https://gitlab.gnome.org/GNOME/libsecret/issues/20
2019-05-13 20:17:15 +00:00
Niels De Graef
929e5c2a3f Stop using g_assert() in unit tests
Apart from having more developer-friendly messages if the assertions go
wrong, it also prevents the assertions not being run if
`G_DISABLE_ASSERT` is defined (e.g. for performance reasons).
2019-05-12 16:31:37 +02:00
Niels De Graef
b19c309096 Add build support for Meson
To build with meson, use the following commands:

```
$ meson build
$ ninja -C build
 # in case you want to install
$ ninja -C build install
```
2019-01-19 21:03:56 +00:00
Daiki Ueno
ea62c2dcda egg: Fix null termination behavior of egg_secure_strndup()
Even if the given string is shorter than n, the result should be null
terminated.  This matches the behavior of strndup().
2018-03-29 11:31:31 +02:00
Tomasz Miąsko
998065599c DH: Ensure that generated secret occupies the same number of bytes as prime.
https://bugzilla.gnome.org/show_bug.cgi?id=778357
2017-02-28 12:40:30 +01:00
Antonio Murdaca
43cac02864 Fix typos
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Signed-off-by: Stef Walter <stefw@redhat.com>
 * Fix one spelling of 'succeeded'

https://bugzilla.gnome.org/show_bug.cgi?id=763143
2016-03-08 13:32:07 +01:00
Christophe Fergeau
20f35bfd92 build-sys: Update valgrind headers
libsecret ships headers from valgrind, but they seem to come from an old
version. Update to the headers from valgrind-3.11.0-1.fc23.x86_64
in order to get VG_DO_ADDED_LEAK_CHECK definition.

https://bugzilla.gnome.org/show_bug.cgi?id=756766
2015-10-19 12:11:19 +02:00
Stef Walter
5e2fe4afaa egg: Accomodate thread-safe libgcrypt 1.6+
libcrypt no longer supports setting our own threading callbacks,
and is thread-safe if we call gcry_check_version() before creating
threads.

Unfortunately we can't guarantee that we call gcry_check_version()
early enough, we try our best. Most of the callers of libsecret either
don't use libgcrypt, or also initialize it appropriately themselves.

Bump libgcrypt dependency to 1.4.5+, and have earlier versions use
the native pthread implementation of locking.
2014-09-09 15:18:33 +02:00
Stef Walter
b72048c920 Makefile.am: Use a single Makefile.am and parallel tests
Allow parallel building and testing by using a single Makefile.am

Implement parallel testing using TAP, with various drivers and
compilers living in the build/ directory.

Fix all sorts of issues that this caused, including builddir != srcdir,
leaks in tests and so on.

It would have been nice to break out all the above into separate
commits ... blush.
2014-03-04 12:57:19 +01:00
Daniel Mustieles
ec89646b1a Updated FSF's address 2014-01-23 13:00:05 +01:00
Stef Walter
9dc2f2c112 More reliable means of checking if object was finalized
Don't try to use G_IS_OBJECT() to see if an object was finalized
as this segfaults in corner cases, even with our crafty check
for a pointer within our memory space.

https://bugzilla.gnome.org/show_bug.cgi?id=705202
2013-08-15 10:04:30 +02:00
Stef Walter
46fa081063 Use AM_CPPFLAGS instead of INCLUDES
automake 1.13 deprecates the latter
2013-06-21 15:11:15 +02:00
Stef Walter
2e8ee7cdb6 egg: Don't use deprecated g_thread_supported() function
Nowadays glib always supports threading.
2013-02-13 17:18:17 +01:00
Stef Walter
3fcb3979d1 Fix for GStaticMutex deprecations in glib 2013-01-25 19:07:10 +01:00
Stef Walter
446648da52 egg-hex: Bring over changes from gnome-keyring and gcr 2012-11-07 23:15:44 +01:00
Stef Walter
e666db528e Remove some unused test code 2012-11-06 13:37:01 +01:00
Stef Walter
7cea18071b Bring over a new version of the secure memory code from gcr
* This allows libraries to share the pool if they have the same
   version of the secure memory code.
2012-10-27 12:23:39 +02:00
Xi Wang
275d314d57 Fix incorrect loop condition in egg_hkdf_perform()
This does not cause a change in behavior (as evidenced by tests,
at least on linux when built with gcc) but is more correct code,
and less likely to be miscompiled.

The condition (i < 256) in the following loop is always false since i
is of type guchar, which is at most 255.

	guchar i;
	...
	for (i = 1; i < 256; ++i) { ... }

This patch changes i to a larger type gint.

Also in the loop we have:

	gcry_md_write (md2, &i, 1);

change it to use gcry_md_putc().
2012-10-23 21:41:38 +02:00
Stef Walter
125289ae45 Fix license header issues
* Update to LGPL 2.1
 * Fix typos in license comments
 * Update FSF address

https://bugzilla.gnome.org/show_bug.cgi?id=673194
2012-03-31 15:33:25 +02:00
Stef Walter
dd83ac0db3 Only copy the correct amount of bytes from SecretValue
* When transferring to a null-terminated password
2012-03-25 12:17:03 +02:00
Stef Walter
d797ef2ba3 Testing item stuff, and fixing bugs 2012-02-03 20:44:45 +01:00
Stef Walter
dea9a3a043 Test creating items and collections 2012-02-03 20:44:45 +01:00
Stef Walter
f2e275f25e Prompting and item deletion 2012-01-13 14:45:55 +01:00
Stef Walter
a075105bf4 Fix problem when compiling without valgrind 2011-11-19 08:04:28 +01:00
Stef Walter
17fade3173 Implement gsecret_service_get_secrets_for_paths() and friends
* Lots of testing, fine tuning and other bits too.
2011-11-12 08:08:12 +01:00
Stef Walter
4893c73c5b Valgrind integration, refactor build process
* Cleanup secure memory allocator for valgrind.
 * Bring valgrind headers in.
 * Add lots of suppressions for glib, gdbus, gcrypt
 * Fix up a bunch of bugs where things weren't getting freed
 * Add new 'make check-memory' target
2011-11-06 13:41:21 +01:00
Stef Walter
e670fe5645 Fix for deprecations in glib 2.31.0 2011-11-06 13:38:51 +01:00
Stef Walter
51896081f0 Add --enable-debug and --enable-coverage, egg tests etc 2011-09-25 21:20:21 +02:00
Stef Walter
ef85c4ff45 Add dependency on libgcrypt
* This can be disabled using --disable-libgcrypt, which then disables
   encryption of secrets in transit to the secret service
2011-09-25 10:03:48 +02:00
Stef Walter
b1b54f525d More Implementation of GSecretService session related code. 2011-09-25 08:22:36 +02:00
Stef Walter
3dfd7aa70f Initial module setup. Implement GSecretData 2011-08-08 17:43:47 +02:00