haiku/docs/user/app/KeyStore.dox
Niels Sascha Reedijk 0e6f95726d HaikuBook: Add documentation for Password and Key Storage API
The current implementation of the keystore_server is not perfect. While the
source has many seeds for a future of having keyrings encrypted, and having
more fine grained permissions, it is far from complete.

The main arguments for adding documentation about this new but incomplete
functionality is that while it is incomplete, the API is part of the public
headers, and there are some legitimate use cases for developers.

The documentation aims to give the proper amount of caution to any developer
that is considering using this API.

Change-Id: I154a3f8374b22dc6929758cba7ba810833bcfe9d
2020-03-13 21:32:38 +00:00

655 lines
18 KiB
Plaintext

/*
* Copyright 2020 Haiku, Inc. All rights reserved.
* Distributed under the terms of the MIT License.
*
* Authors:
* Niels Sascha Reedijk, niels.reedijk@gmail.com
*
* Corresponds to:
* headers/os/app/KeyStore.h hrev45434
* src/kits/app/KeyStore.cpp hrev45434
*/
/*!
\file KeyStore.h
\ingroup app
\ingroup libbe
\brief Provides BKeyStore class.
See the \link app_keystore overview to the Password and Key Storage API
\endlink for an introduction to the API.
*/
/*!
\class BKeyStore
\ingroup app
\ingroup libbe
\brief The BKeyStore lets you query, retrieve and store keys in the
system's key store.
Instances of this object give you an easy API to interact with the system's
\c keystore_server. This is the central service that manages storing and
retrieving keys, as well as managing the authorizations that a user grants
to individual applications.
It is important to note that all calls on this object operate
\b synchronously. This means that it should not be used during the event
loop of a visible \ref BWindow, as this may cause drawing and interaction
issues.
All operations are performed in the context of a keyring. All systems have
at least the \b Master \b keyring. Many of the methods take the name of the
keyring as its first argument. Most of the methods in this class have an
overloaded variant that operate on the Master keyring. If you want to
access this keyring through the normal methods, pass an empty string as the
identifier to the method.
See the \link app_keystore overview to the Password and Key Storage API
\endlink for an introduction to the API.
\since Haiku R1
*/
/*!
\fn BKeyStore::BKeyStore()
\brief Create a new BKeyStore object that you can use to query, retrieve
and store keys in the system's key store.
This is a cheap object to make, as it has no data associated with it. The
recommended use is to create an instance on the stack whenever you want to
interact with the API.
\since Haiku R1
*/
/*!
\fn virtual BKeyStore::~BKeyStore()
\brief Free all resources.
\since Haiku R1
*/
/*!
\name Key Management
*/
//! @{
/*!
\fn status_t BKeyStore::GetKey(BKeyType type, const char* identifier,
BKey& key)
\brief Query the Master keyring for for specific key.
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
It works on the Master \a keyring, and assumes an empty
\a secondaryIdentifier, \a secondaryIdentifierOptional set to \c false.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetKey(BKeyType type, const char* identifier,
const char* secondaryIdentifier, BKey& key)
\brief Query the Master keyring for for specific key.
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
It works on the Master \a keyring, it sets \a secondaryIdentifierOptional
to \c false, meaning it both identifiers are required to match.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetKey(BKeyType type, const char* identifier,
const char* secondaryIdentifier, bool secondaryIdentifierOptional,
BKey& key)
\brief Query the Master keyring for for specific key.
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
It works on the Master \a keyring.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetKey(const char* keyring, BKeyType type,
const char* identifier, BKey& key)
\brief Query a certain \a keyring for for specific key.
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
The call assumes an empty \a secondaryIdentifier, and sets
\a secondaryIdentifierOptional to \c false.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetKey(const char* keyring, BKeyType type,
const char* identifier, const char* secondaryIdentifier, BKey& key)
\brief Query a certain \a keyring for for specific key.
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
It sets \a secondaryIdentifierOptional to \c false, meaning it both
identifiers are required to match.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetKey(const char* keyring, BKeyType type,
const char* identifier, const char* secondaryIdentifier,
bool secondaryIdentifierOptional, BKey& key)
\brief Query a certain \a keyring for for specific key.
This variation of the query function is useful when you know that a key has
a secondary identifier, but you may not know it, or care about what it is.
\param[in] keyring A string that identifies the keyring get the key from.
\param[in] type The type of key to match. The type parameter is currently
ignored and therefore does not need to match the actual type of the key
that is stored.
\param[in] identifier The string with the primary identifier of the key that
you are looking for.
\param[in] secondaryIdentifier The string with the secondary identifier of
the key that you are looking for.
\param[in] secondaryIdentifierOptional Use this query parameter to indicate
if the secondary identifier has to match. When set to \a false, a
result will be returned, even if the \a secondaryIdentifer does not
match.
\param[out] key A BKey object to copy the found data to. Any existing data
in the key will be overwritten in case there is a match.
\returns
- \c B_OK in case the key was found and stored in \a key.
- \c B_BAD_VALUE in case the \a keyring does not exist.
- \c B_NOT_ALLOWED in case the user did not grant you access right to
this \a keyring.
- \c B_ENTRY_NOT_FOUND in case there is no key that matches the given
identifier(s).
- Any other error that indicates that there was a problem communicating
with the \c keystore_server.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::AddKey(const BKey& key)
\brief Add a \a key to the Master keyring
This is a convenience method that calls
\ref AddKey(const char *, const BKey&) for the \c Master keyring.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::AddKey(const char* keyring, const BKey& key)
\brief Add a \a key to a \a keyring.
This method will send the key to the \c keystore_server and request it to
be stored in the database.
A key needs to have a unique primary and secondary identifier within the
Master keyring.
\param keyring A string that identifies the keyring you want to add the
key to.
\param key The key you want to add.
\returns
- \c B_OK in case the \a key was succesfully added.
- \c B_BAD_VALUE in case the \a keyring does not exist.
- \c B_NOT_ALLOWED in case the user did not grant you access right to
this \a keyring.
- \c B_NAME_IN_USE in case there already is another key with the same
primary and secondary identifiers.
- Any other error that indicates that there was a problem communicating
with the \c keystore_server.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::RemoveKey(const BKey& key)
\brief Remove a \a key from the Master keyring.
This is a convenience method that calls
\ref RemoveKey(const char *, const BKey&) for the \c Master keyring.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::RemoveKey(const char* keyring, const BKey& key)
\brief Remove a \a key from a \a keyring.
This method will remove a \a key from a \a keyring. The \a key needs to
match exactly with the key that is in the database of \c keystore_server.
The easiest way to guarantee this, is to use the exact key you find using
GetKey() without making any alterations.
\param keyring A string that identifies the keyring you want to remove
the key from.
\param key The key you want to remove.
\returns
- \c B_OK in case the \a key was succesfully removed.
- \c B_BAD_VALUE in case the \a keyring does not exist.
- \c B_NOT_ALLOWED in case the user did not grant you access right to
this \a keyring.
- \c B_ENTRY_NOT_FOUND in case there is no key that matches the given
identifier(s).
- Any other error that indicates that there was a problem communicating
with the \c keystore_server.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetNextKey(uint32& cookie, BKey& key);
\brief Iterate through the keys of the Master keyring.
This convenience method that calls
\ref GetNextKey(const char*, BKeyType, BKeyPurpose, uint32&, BKey&) for the
Master keyring, with the arguments \ref BKeyType::B_KEY_TYPE_ANY for the
type and \ref BKeyPurpose::B_KEY_PURPOSE_ANY for the purpose.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetNextKey(BKeyType type, BKeyPurpose purpose,
uint32& cookie, BKey& key)
\brief Iterate through the keys of the Master keyring.
This convenience method calls
\ref GetNextKey(const char*, BKeyType, BKeyPurpose, uint32&, BKey&) for the
Master keyring.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetNextKey(const char* keyring, uint32& cookie,
BKey& key)
\brief Iterate through the keys of a \a keyring.
This convenience method calls
\ref GetNextKey(const char*, BKeyType, BKeyPurpose, uint32&, BKey&) with
the arguments \ref BKeyType::B_KEY_TYPE_ANY for the type and
\ref BKeyPurpose::B_KEY_PURPOSE_ANY for the purpose.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetNextKey(const char* keyring, BKeyType type,
BKeyPurpose purpose, uint32& cookie, BKey& key)
\brief Iterate through keys of a \a keyring.
This method allows you to query through the key store, and iterate through
a list of results of keys that match your query.
\param[in] keyring An UTF-8 string that identifies the keyring
\param[in] type The BKeyType that identifies the type of key you are
looking for. This may be \ref BKeyType::B_KEY_TYPE_ANY if it may be a
key of any type.
\param[in] purpose The BKeyPurpose that indicates the purpose of the key.
This may be \ref BKeyPurpose::B_KEY_PURPOSE_ANY if it may be a key with
any purpose.
\param[out] cookie A cookie that the \c keystore_server uses to keep track
of where you are in the list of keys. When you start the query, set the
initial value to \c 0. After that, pass the cookie to each subsequent
call to progress the iterator.
\param[out] key The key that holds the data. Any existing data in the key
will be overwritten, when a key is found that matches the criteria.
\returns
- \c B_OK in case the next \a key was found.
- \c B_BAD_VALUE in case the \a keyring does not exist.
- \c B_NOT_ALLOWED in case the user did not grant you access right to
this \a keyring.
- \c B_ENTRY_NOT_FOUND in case there is no key that matches the given
identifier(s), or if you retrieved the last key.
- Any other error that indicates that there was a problem communicating
with the \c keystore_server.
\since Haiku R1
*/
//! @}
/*!
\name Keyrings
*/
//! @{
/*!
\fn status_t BKeyStore::AddKeyring(const char* keyring)
\brief Create a new \a keyring.
\param keyring An UTF-8 string that identifies the keyring you want to
create.
\returns
- \c B_OK if the keyring was succesfully added.
- \c B_NAME_IN_USE if the \a keyring already exists.
- Any other error in case there was an unknown error in the
\c keystore_server, or while communicating to it.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::RemoveKeyring(const char* keyring)
\brief Remove a \a keyring.
\param keyring An UTF-8 string that identifies the keyring you want to
remove.
\returns
- \c B_OK if the keyring was sucessfully removed.
- \c B_ENTRY_NOT_FOUND if the keyring does not exist
- \c B_NOT_ALLOWED when you try to remove the Master keyring.
- Any other error in case there was an unknown error in the
\c keystore_server, or while communicating to it.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetNextKeyring(uint32& cookie, BString& keyring)
\brief Iterate through the keyrings.
\param[out] cookie A cookie that the \c keystore_server uses to keep track
of where you are in the list of keyrings. When you start the query, set
the initial value to \c 0. After that, pass the cookie to each
subsequent call to progress the iterator.
\param[out] keyring A BString that holds the current name of the keyring.
For each succesful iteration, the existing contents is overwritten.
\returns
- \c B_OK if the iteration was succesful.
- \c B_ENTRY_NOT_FOUND if there are no more keyrings left to iterate
- Any other error in case there was an unknown error in the
\c keystore_server, or while communicating to it.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::SetUnlockKey(const char* keyring, const BKey& key)
\brief Not implemented.
This feature is not available in the current release of Haiku.
*/
/*!
\fn status_t BKeyStore::RemoveUnlockKey(const char* keyring)
\brief Not implemented.
This feature is not available in the current release of Haiku.
*/
//! @}
/*!
\name Master keyring (future API)
*/
//! @{
/*!
\fn status_t BKeyStore::SetMasterUnlockKey(const BKey& key)
\brief Not implemented.
This feature is not available in the current release of Haiku.
*/
/*!
\fn status_t BKeyStore::RemoveMasterUnlockKey()
\brief Not implemented.
This feature is not available in the current release of Haiku.
*/
/*!
\fn status_t BKeyStore::AddKeyringToMaster(const char* keyring)
\brief Not implemented.
This feature is not available in the current release of Haiku.
\see AddKeyring(const char* keyring)
*/
/*!
\fn status_t BKeyStore::RemoveKeyringFromMaster(const char* keyring)
\brief Not implemented.
This feature is not available in the current release of Haiku.
\see RemoveKeyring(const char* keyring)
*/
/*!
\fn status_t BKeyStore::GetNextMasterKeyring(uint32& cookie,
BString& keyring)
\brief Not implemented.
This feature is not available in the current release of Haiku.
\see GetNextKeyring(uint32& cookie, BString& keyring)
*/
//! @}
/*!
\name Locking (future API)
In the future, locking is part of encrypting and decrypting keyrings.
\note If you are looking at this section because you assume you need to
check that users have the correct permissions, you are in the wrong
place. There is no particular way to determine whether a user has
access granted. Instead, each method of this API will return the error
code \c B_NOT_ALLOWED if the user has not granted access. Use that in
your control flow to determine if you have access.
*/
//! @{
/*!
\fn bool BKeyStore::IsKeyringUnlocked(const char* keyring)
\brief Not implemented.
This feature is not available in the current release of Haiku.
*/
/*!
\fn status_t BKeyStore::LockKeyring(const char* keyring)
\brief Not implemented.
This feature is not available in the current release of Haiku.
*/
/*!
\fn status_t BKeyStore::LockMasterKeyring()
\brief Not implemented.
This feature is not available in the current release of Haiku.
*/
//! @}
/*!
\name Applications
*/
//! @{
/*!
\fn status_t BKeyStore::GetNextApplication(uint32& cookie,
BString& signature) const
\brief Iterate through applications that currently have been granted access
to the Master keyring.
This is a convenience method that calls
\ref GetNextApplication(const char* keyring, uint32& cookie,
BString& signature) for the Master \a keyring.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::GetNextApplication(const char* keyring,
uint32& cookie, BString& signature) const
\brief Iterate through applications that currently have been granted access
to the specified \a keyring.
This method allows you to iterate through all applications that the user
has granted access to the \a keyring, whether it is temporarily, or on a
more permanent basis.
\param[in] keyring A UTF-8 string that identifies the keyring that you want
to inspect granted access to.
\param[out] cookie A cookie that the \c keystore_server uses to keep track
of where you are in the list of keys. When you start the query, set the
initial value to \c 0. After that, pass the cookie to each subsequent
call to progress the iterator.
\param[out] signature If a next application is found, the signature will be
stored in this parameter. Any existing string will be overwritten.
\returns
- \c B_OK if the next signature was found succesfully.
- \c B_BAD_VALUE if the keyring does not exist.
- \c B_NOT_ALLOWED in case the user did not grant you access right to
this \a keyring.
- \c B_ENTRY_NOT_FOUND if there are no more applications to iterate
through.
- Any other error in case there was an unknown error in the
\c keystore_server, or while communicating to it.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::RemoveApplication(const char* signature)
\brief Remove access for an application to the Master keyring.
This is a convenience method that calls
\ref RemoveApplication(const char *, const char*) for the Master
\a keyring.
\since Haiku R1
*/
/*!
\fn status_t BKeyStore::RemoveApplication(const char* keyring,
const char* signature)
\brief Remove access for an application to a \a keyring.
\param keyring A UTF-8 string that identifies the keyring that you want
to inspect granted access to.
\param signature The signature of the application that you want to revoke
permissions to access the keyring.
\returns
- \c B_OK if the application's access has been revoked.
- \c B_NOT_ALLOWED in case the user did not grant you access right to
this \a keyring.
- \c B_ENTRY_NOT_FOUND if the application did not have access to this
keyring.
- Any other error in case there was an unknown error in the
\c keystore_server, or while communicating to it.
\since Haiku R1
*/
//! @}
/*!
\name Service Functions (future API)
This feature is not available in the current release of Haiku.
*/
//! @{
/*!
\fn status_t BKeyStore::GeneratePassword(BPasswordKey& password,
size_t length, uint32 flags)
\brief Unimplemented.
This method is currently not implemented.
*/
/*!
\fn float BKeyStore::PasswordStrength(const char* password)
\brief Unimplemented
This method is currently not implemented
*/
//! @}