* Replace {Set|Remove}MasterKey() by generic {Set|Remove}UnlockKey()
that works on a keyring.
* Implement {Set|Remove}MasterUnlockKey() on top of that.
* Rename the commands and constants accrodingly.
* Implement setting and removing keyring unlock keys.
* Rename fKeyMessage to fUnlockKey and the KeyMessage() getter to
UnlockKey().
* Keep track of whether the keyring has an unlock key set.
* Store and restore that info separately.
* En- and decryption will depend on unlock key presence later.
* Add functions to set and remove an unlock key and query for it.
* Each keyring is now stored in a proper message which allows it to
contain additional meta data along side the flat data.
* Adding all keyring messages under a common field also allows to add
meta data to the keystore, as the keyrings don't use up random field
names anymore.
* Treat the master keyring as any other keyring and just add it to the
list. This allows to write/read the keystore database without special
casing the master keyring.
Before, each permanently granted access flag would overwrite the
previously granted flag, causing the dialog to come up whenever the
operation was changed.
The application access concept is on the keyring level only for now.
Generally it probably would get pretty complicated and therefore harder
to use when application access needs to be granted on a per key basis.
Also add a well defined name ("Master") for the master keyring so it is
easier to understand what this keyring does instead of displaying an
empty string.
* Using Unset() initializes the BKey to default values.
* Also set fCreationTime to 0 for now. It is still unused but needs to
have a stable value for the exact matches when comparing keys.
The application is resolved and then looked up in the keyring. If the
keyring doesn't provide a matching entry, an application access request
is triggered. The mechanism doesn't yet do any actual checksums, but
has provisions for differentiating between new and changed/updated
applications.
This will have to be reworked though, as by using the roster only
BApplications can be resolved, as plain cli apps aren't registered with
the registrar.
* Pass them through a flat buffer that can later be encrypted and
decrypted in a central place.
* Remove the data argument from the constructor as keyrings are
now reading their data on their own.
* Prepare for additional application info storage in the keyring.
The type is relevant and required as it determines the type of the
handed in key. The purpose however isn't actually needed and rather
inconvenient to get by depending on the situation.
* The keyring needs to be made accessible before allowing any
operation.
* Before executing commands the keyring is made accessible if
possible (the command is aborted as needed).
* Accessing a keyring opens up a preliminary key request dialog.
* If the default keyring is accessible and a keyring key for the
requested keyring is found, that key will be used to automatically
make the requested keyring accessible.
* Implement adding/removing passwords and keyrings.
* Implement enumerating passwords and keyrings.
* Implement preliminary accessibility status check for keyrings.
* Move the *Key() functions into a Keyring class.
* Retrieve and select the right keyring for various commands.
* Implement adding/removing/enumerating keyrings.
* Rework the keystore database read/write to work with keyrings.
* Sync BKeyStore::IsKeyringAccessible() with the changed message.
* Remove leftover template code from registrar.
* Add reading/writing a yet unprotected flat BMessage as the storage
backend for the keys.
* Factor out the identifier based lookup logic into _FindKey() and use
that from _AddKey() to detect duplicates.
* Add _FindKey() variant that does the lookup based on given type and
purpose constraints.
