-
Notifications
You must be signed in to change notification settings - Fork 104
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
VPN-6300: Refactor CryptoSettings and implement for Flatpaks #9596
Conversation
363d171
to
5fa6f36
Compare
e0978c8
to
18e40ca
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approval for iOS/macOS - that part looks good. Thanks.
The crypto stuff generally looks great, but would either want someone closer to crypto to review it, or for me to take a lot longer to go over it with a fine toothed comb.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
r+wc
I still need to debug why the unit test is segfaulting on my macos machine only :/
(Client works fine tho)
src/cryptosettings.cpp
Outdated
// Create a platform crypto settings implementation, if supported. | ||
if (!s_instance) { | ||
#if defined(UNIT_TEST) | ||
s_instance = new DummyCryptoSettings(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That is not needed , as the constructor does that, no?
tests/unit/testcryptosettings.cpp
Outdated
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you so much for adding tests! :)
Description
CryptoSettings
were never really a class and just a namespace of static methods, which made it challenging to implement for flatpaks because we need to interact with an XDG portal to fetch secrets and we need some interaction with extra state and signals.Further complicating matters for Flatpaks, the Secrets portal states that we may be given a
token
string back by the platform and we need to store it somewhere for the next time we fetch secrets. This presents a chicken-and-egg problem in that we can't store it in the settings if they're encrypted. To address this, we add a newEncryptionChachaPolyV2
file format, which adds a metadata field to the file header where plaintext values can be stored. These values are then passed back toCryptoSettings::getKey()
during key lookup.This is a PR that has been kicking around in my local branch for a while and I figured it was time to get it moving again. In this work we:
CryptoSettings
into a virtual class which can be instantiated by a platform implementation.XdgPortal
class.CryptoSettings::getKey()
to return aQByteArray
. Not really necessary but it just makes it more Qt-ish.XdgCryptoSettings
that connects to to the XDG org.freedesktop.portal.Secret portal.CryptoSettings
implementation for testing.CryptoSettings
to provide additional metadata for key lookup.EncryptionChachaPolyV2
file format to embed plaintext metadata.CryptoSettings
This turned into a pretty gnarly PR, but it seemed like the best way to do it. Some other solutions considered to the token storage problem:
token
and if we just omit it then the secrets portal works fine. We don't really have a viable solution for key rotation viaCryptoSettings::resetKey()
though but I guess we could do some shenanigans with inserting a salt into the unused bytes of the nonce or something.Reference
JIRA issue: VPN-6300
Checklist