VPN-6300: Refactor CryptoSettings and implement for Flatpaks (#9596)

* Initial attempt at cryptosettings for flatpaks * Revert test binaries back to using dummycryptosettings.cpp * Drop libsecret dependency for flatpaks and test binaries * Refactor CryptoSettings to make it instantiable * Move common XDG portal helpers into XdgPortal class * Refactor CryptoSettings::getKey() to return a QByteArray * Add a helper method to generate keys * Implement a mock crypto settings provider for unit testing * Check for secrets portal support in constructor * Add unit tests for CryptoSettings * Extend cryptosettings API to include key metadata * Add EncryptionChachaPolyV2 format to encode metadata * Add tests for encrypted v2 files. * Add CryptoSettings::create() method and fix a shutdown leak
mozilla-mobile · Jun 15, 2024 · f211fd2 · f211fd2
1 parent 188360a
commit f211fd2
Show file tree

Hide file tree

Showing 39 changed files with 1,162 additions and 486 deletions.
diff --git a/linux/flatpak-libsecret.yaml b/linux/flatpak-libsecret.yaml
diff --git a/linux/org.mozilla.vpn.yml b/linux/org.mozilla.vpn.yml
@@ -19,7 +19,6 @@ build-options:
 modules:
   - flatpak-pydeps.yaml
   - flatpak-libnm.yaml
-  - flatpak-libsecret.yaml
   - flatpak-qt5compat.yaml
 
   - name: mozillavpn

diff --git a/src/cmake/ios.cmake b/src/cmake/ios.cmake
@@ -143,6 +143,8 @@ target_sources(mozillavpn PRIVATE
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ioslogger.mm
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iostunnelmessage.swift
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iostunnelmanager.swift
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/macoscryptosettings.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/macoscryptosettings.mm
 )
 
 target_sources(mozillavpn PRIVATE

diff --git a/src/cmake/linux.cmake b/src/cmake/linux.cmake
@@ -7,17 +7,6 @@ option(BUILD_FLATPAK "Build for Flatpak distribution" OFF)
 find_package(Qt6 REQUIRED COMPONENTS DBus)
 target_link_libraries(mozillavpn PRIVATE Qt6::DBus)
 
-# Link to libsecret
-find_package(PkgConfig REQUIRED)
-pkg_check_modules(LIBSECRET REQUIRED IMPORTED_TARGET libsecret-1)
-if (QT_FEATURE_static)
-    target_link_libraries(mozillavpn PRIVATE ${LIBSECRET_STATIC_LIBRARIES})
-    target_include_directories(mozillavpn PRIVATE ${LIBSECRET_STATIC_INCLUDE_DIRS})
-    target_compile_options(mozillavpn PRIVATE ${LIBSECRET_STATIC_CFLAGS})
-else()
-    target_link_libraries(mozillavpn PRIVATE PkgConfig::LIBSECRET)
-endif()
-
 # Linux platform source files
 target_sources(mozillavpn PRIVATE
     ${CMAKE_SOURCE_DIR}/src/platforms/linux/backendlogsobserver.cpp
@@ -39,19 +28,23 @@ target_sources(mozillavpn PRIVATE
 )
 
 if(NOT BUILD_FLATPAK)
-    # Link to libcap
+    # Link to libcap and libsecret
+    find_package(PkgConfig REQUIRED)
     pkg_check_modules(LIBCAP REQUIRED IMPORTED_TARGET libcap)
+    pkg_check_modules(LIBSECRET REQUIRED IMPORTED_TARGET libsecret-1)
     if (QT_FEATURE_static)
-        target_link_libraries(mozillavpn PRIVATE ${LIBCAP_STATIC_LIBRARIES})
-        target_include_directories(mozillavpn PRIVATE ${LIBCAP_STATIC_INCLUDE_DIRS})
-        target_compile_options(mozillavpn PRIVATE ${LIBCAP_STATIC_CFLAGS})
+        target_link_libraries(mozillavpn PRIVATE ${LIBCAP_STATIC_LIBRARIES} ${LIBSECRET_STATIC_LIBRARIES})
+        target_include_directories(mozillavpn PRIVATE ${LIBCAP_STATIC_INCLUDE_DIRS} ${LIBSECRET_STATIC_INCLUDE_DIRS})
+        target_compile_options(mozillavpn PRIVATE ${LIBCAP_STATIC_CFLAGS} ${LIBSECRET_STATIC_CFLAGS})
     else()
-        target_link_libraries(mozillavpn PRIVATE PkgConfig::LIBCAP)
+        target_link_libraries(mozillavpn PRIVATE PkgConfig::LIBCAP PkgConfig::LIBSECRET)
     endif()
 
     target_sources(mozillavpn PRIVATE
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/linuxcontroller.cpp
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/linuxcontroller.h
+        ${CMAKE_SOURCE_DIR}/src/platforms/linux/linuxcryptosettings.cpp
+        ${CMAKE_SOURCE_DIR}/src/platforms/linux/linuxcryptosettings.h
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/dbusclient.cpp
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/dbusclient.h
     )
@@ -115,6 +108,10 @@ else()
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/networkmanagerconnection.cpp
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/networkmanagercontroller.h
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/networkmanagercontroller.cpp
+        ${CMAKE_SOURCE_DIR}/src/platforms/linux/xdgcryptosettings.cpp
+        ${CMAKE_SOURCE_DIR}/src/platforms/linux/xdgcryptosettings.h
+        ${CMAKE_SOURCE_DIR}/src/platforms/linux/xdgportal.cpp
+        ${CMAKE_SOURCE_DIR}/src/platforms/linux/xdgportal.h
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/xdgstartatbootwatcher.h
         ${CMAKE_SOURCE_DIR}/src/platforms/linux/xdgstartatbootwatcher.cpp
     )

diff --git a/src/cmake/macos.cmake b/src/cmake/macos.cmake
@@ -65,6 +65,8 @@ target_sources(mozillavpn PRIVATE
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/daemon/macosroutemonitor.h
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/daemon/wireguardutilsmacos.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/daemon/wireguardutilsmacos.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/macoscryptosettings.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/macoscryptosettings.mm
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/macosmenubar.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/macosmenubar.h
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/macos/macospingsender.cpp

diff --git a/src/cmake/windows.cmake b/src/cmake/windows.cmake
@@ -68,6 +68,8 @@ target_sources(mozillavpn PRIVATE
      ${CMAKE_CURRENT_SOURCE_DIR}/platforms/windows/windowsservicemanager.h
      ${CMAKE_CURRENT_SOURCE_DIR}/platforms/windows/windowscommons.cpp
      ${CMAKE_CURRENT_SOURCE_DIR}/platforms/windows/windowscommons.h
+     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/windows/windowscryptosettings.cpp
+     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/windows/windowscryptosettings.h
      ${CMAKE_CURRENT_SOURCE_DIR}/platforms/windows/windowsnetworkwatcher.cpp
      ${CMAKE_CURRENT_SOURCE_DIR}/platforms/windows/windowsnetworkwatcher.h
      ${CMAKE_CURRENT_SOURCE_DIR}/platforms/windows/windowspingsender.cpp