0e6f95726d
The current implementation of the keystore_server is not perfect. While the source has many seeds for a future of having keyrings encrypted, and having more fine grained permissions, it is far from complete. The main arguments for adding documentation about this new but incomplete functionality is that while it is incomplete, the API is part of the public headers, and there are some legitimate use cases for developers. The documentation aims to give the proper amount of caution to any developer that is considering using this API. Change-Id: I154a3f8374b22dc6929758cba7ba810833bcfe9d
655 lines
18 KiB
Plaintext
655 lines
18 KiB
Plaintext
/*
|
|
* Copyright 2020 Haiku, Inc. All rights reserved.
|
|
* Distributed under the terms of the MIT License.
|
|
*
|
|
* Authors:
|
|
* Niels Sascha Reedijk, niels.reedijk@gmail.com
|
|
*
|
|
* Corresponds to:
|
|
* headers/os/app/KeyStore.h hrev45434
|
|
* src/kits/app/KeyStore.cpp hrev45434
|
|
*/
|
|
|
|
|
|
/*!
|
|
\file KeyStore.h
|
|
\ingroup app
|
|
\ingroup libbe
|
|
\brief Provides BKeyStore class.
|
|
|
|
See the \link app_keystore overview to the Password and Key Storage API
|
|
\endlink for an introduction to the API.
|
|
*/
|
|
|
|
|
|
/*!
|
|
\class BKeyStore
|
|
\ingroup app
|
|
\ingroup libbe
|
|
\brief The BKeyStore lets you query, retrieve and store keys in the
|
|
system's key store.
|
|
|
|
Instances of this object give you an easy API to interact with the system's
|
|
\c keystore_server. This is the central service that manages storing and
|
|
retrieving keys, as well as managing the authorizations that a user grants
|
|
to individual applications.
|
|
|
|
It is important to note that all calls on this object operate
|
|
\b synchronously. This means that it should not be used during the event
|
|
loop of a visible \ref BWindow, as this may cause drawing and interaction
|
|
issues.
|
|
|
|
All operations are performed in the context of a keyring. All systems have
|
|
at least the \b Master \b keyring. Many of the methods take the name of the
|
|
keyring as its first argument. Most of the methods in this class have an
|
|
overloaded variant that operate on the Master keyring. If you want to
|
|
access this keyring through the normal methods, pass an empty string as the
|
|
identifier to the method.
|
|
|
|
See the \link app_keystore overview to the Password and Key Storage API
|
|
\endlink for an introduction to the API.
|
|
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn BKeyStore::BKeyStore()
|
|
\brief Create a new BKeyStore object that you can use to query, retrieve
|
|
and store keys in the system's key store.
|
|
|
|
This is a cheap object to make, as it has no data associated with it. The
|
|
recommended use is to create an instance on the stack whenever you want to
|
|
interact with the API.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn virtual BKeyStore::~BKeyStore()
|
|
\brief Free all resources.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
/*!
|
|
\name Key Management
|
|
*/
|
|
|
|
|
|
//! @{
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetKey(BKeyType type, const char* identifier,
|
|
BKey& key)
|
|
\brief Query the Master keyring for for specific key.
|
|
|
|
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
|
|
|
|
It works on the Master \a keyring, and assumes an empty
|
|
\a secondaryIdentifier, \a secondaryIdentifierOptional set to \c false.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetKey(BKeyType type, const char* identifier,
|
|
const char* secondaryIdentifier, BKey& key)
|
|
\brief Query the Master keyring for for specific key.
|
|
|
|
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
|
|
|
|
It works on the Master \a keyring, it sets \a secondaryIdentifierOptional
|
|
to \c false, meaning it both identifiers are required to match.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetKey(BKeyType type, const char* identifier,
|
|
const char* secondaryIdentifier, bool secondaryIdentifierOptional,
|
|
BKey& key)
|
|
\brief Query the Master keyring for for specific key.
|
|
|
|
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
|
|
|
|
It works on the Master \a keyring.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetKey(const char* keyring, BKeyType type,
|
|
const char* identifier, BKey& key)
|
|
\brief Query a certain \a keyring for for specific key.
|
|
|
|
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
|
|
|
|
The call assumes an empty \a secondaryIdentifier, and sets
|
|
\a secondaryIdentifierOptional to \c false.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetKey(const char* keyring, BKeyType type,
|
|
const char* identifier, const char* secondaryIdentifier, BKey& key)
|
|
\brief Query a certain \a keyring for for specific key.
|
|
|
|
This is a convenience method that calls \ref GetKey(const char* keyring, BKeyType type, const char* identifier, const char* secondaryIdentifier, bool secondaryIdentifierOptional, BKey& key).
|
|
|
|
It sets \a secondaryIdentifierOptional to \c false, meaning it both
|
|
identifiers are required to match.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetKey(const char* keyring, BKeyType type,
|
|
const char* identifier, const char* secondaryIdentifier,
|
|
bool secondaryIdentifierOptional, BKey& key)
|
|
\brief Query a certain \a keyring for for specific key.
|
|
|
|
This variation of the query function is useful when you know that a key has
|
|
a secondary identifier, but you may not know it, or care about what it is.
|
|
|
|
\param[in] keyring A string that identifies the keyring get the key from.
|
|
\param[in] type The type of key to match. The type parameter is currently
|
|
ignored and therefore does not need to match the actual type of the key
|
|
that is stored.
|
|
\param[in] identifier The string with the primary identifier of the key that
|
|
you are looking for.
|
|
\param[in] secondaryIdentifier The string with the secondary identifier of
|
|
the key that you are looking for.
|
|
\param[in] secondaryIdentifierOptional Use this query parameter to indicate
|
|
if the secondary identifier has to match. When set to \a false, a
|
|
result will be returned, even if the \a secondaryIdentifer does not
|
|
match.
|
|
\param[out] key A BKey object to copy the found data to. Any existing data
|
|
in the key will be overwritten in case there is a match.
|
|
|
|
\returns
|
|
- \c B_OK in case the key was found and stored in \a key.
|
|
- \c B_BAD_VALUE in case the \a keyring does not exist.
|
|
- \c B_NOT_ALLOWED in case the user did not grant you access right to
|
|
this \a keyring.
|
|
- \c B_ENTRY_NOT_FOUND in case there is no key that matches the given
|
|
identifier(s).
|
|
- Any other error that indicates that there was a problem communicating
|
|
with the \c keystore_server.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::AddKey(const BKey& key)
|
|
\brief Add a \a key to the Master keyring
|
|
|
|
This is a convenience method that calls
|
|
\ref AddKey(const char *, const BKey&) for the \c Master keyring.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::AddKey(const char* keyring, const BKey& key)
|
|
\brief Add a \a key to a \a keyring.
|
|
|
|
This method will send the key to the \c keystore_server and request it to
|
|
be stored in the database.
|
|
|
|
A key needs to have a unique primary and secondary identifier within the
|
|
Master keyring.
|
|
|
|
\param keyring A string that identifies the keyring you want to add the
|
|
key to.
|
|
\param key The key you want to add.
|
|
|
|
\returns
|
|
- \c B_OK in case the \a key was succesfully added.
|
|
- \c B_BAD_VALUE in case the \a keyring does not exist.
|
|
- \c B_NOT_ALLOWED in case the user did not grant you access right to
|
|
this \a keyring.
|
|
- \c B_NAME_IN_USE in case there already is another key with the same
|
|
primary and secondary identifiers.
|
|
- Any other error that indicates that there was a problem communicating
|
|
with the \c keystore_server.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::RemoveKey(const BKey& key)
|
|
\brief Remove a \a key from the Master keyring.
|
|
|
|
This is a convenience method that calls
|
|
\ref RemoveKey(const char *, const BKey&) for the \c Master keyring.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::RemoveKey(const char* keyring, const BKey& key)
|
|
\brief Remove a \a key from a \a keyring.
|
|
|
|
This method will remove a \a key from a \a keyring. The \a key needs to
|
|
match exactly with the key that is in the database of \c keystore_server.
|
|
The easiest way to guarantee this, is to use the exact key you find using
|
|
GetKey() without making any alterations.
|
|
|
|
\param keyring A string that identifies the keyring you want to remove
|
|
the key from.
|
|
\param key The key you want to remove.
|
|
|
|
\returns
|
|
- \c B_OK in case the \a key was succesfully removed.
|
|
- \c B_BAD_VALUE in case the \a keyring does not exist.
|
|
- \c B_NOT_ALLOWED in case the user did not grant you access right to
|
|
this \a keyring.
|
|
- \c B_ENTRY_NOT_FOUND in case there is no key that matches the given
|
|
identifier(s).
|
|
- Any other error that indicates that there was a problem communicating
|
|
with the \c keystore_server.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetNextKey(uint32& cookie, BKey& key);
|
|
\brief Iterate through the keys of the Master keyring.
|
|
|
|
This convenience method that calls
|
|
\ref GetNextKey(const char*, BKeyType, BKeyPurpose, uint32&, BKey&) for the
|
|
Master keyring, with the arguments \ref BKeyType::B_KEY_TYPE_ANY for the
|
|
type and \ref BKeyPurpose::B_KEY_PURPOSE_ANY for the purpose.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetNextKey(BKeyType type, BKeyPurpose purpose,
|
|
uint32& cookie, BKey& key)
|
|
\brief Iterate through the keys of the Master keyring.
|
|
|
|
This convenience method calls
|
|
\ref GetNextKey(const char*, BKeyType, BKeyPurpose, uint32&, BKey&) for the
|
|
Master keyring.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetNextKey(const char* keyring, uint32& cookie,
|
|
BKey& key)
|
|
\brief Iterate through the keys of a \a keyring.
|
|
|
|
This convenience method calls
|
|
\ref GetNextKey(const char*, BKeyType, BKeyPurpose, uint32&, BKey&) with
|
|
the arguments \ref BKeyType::B_KEY_TYPE_ANY for the type and
|
|
\ref BKeyPurpose::B_KEY_PURPOSE_ANY for the purpose.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetNextKey(const char* keyring, BKeyType type,
|
|
BKeyPurpose purpose, uint32& cookie, BKey& key)
|
|
\brief Iterate through keys of a \a keyring.
|
|
|
|
This method allows you to query through the key store, and iterate through
|
|
a list of results of keys that match your query.
|
|
|
|
\param[in] keyring An UTF-8 string that identifies the keyring
|
|
\param[in] type The BKeyType that identifies the type of key you are
|
|
looking for. This may be \ref BKeyType::B_KEY_TYPE_ANY if it may be a
|
|
key of any type.
|
|
\param[in] purpose The BKeyPurpose that indicates the purpose of the key.
|
|
This may be \ref BKeyPurpose::B_KEY_PURPOSE_ANY if it may be a key with
|
|
any purpose.
|
|
\param[out] cookie A cookie that the \c keystore_server uses to keep track
|
|
of where you are in the list of keys. When you start the query, set the
|
|
initial value to \c 0. After that, pass the cookie to each subsequent
|
|
call to progress the iterator.
|
|
\param[out] key The key that holds the data. Any existing data in the key
|
|
will be overwritten, when a key is found that matches the criteria.
|
|
|
|
\returns
|
|
- \c B_OK in case the next \a key was found.
|
|
- \c B_BAD_VALUE in case the \a keyring does not exist.
|
|
- \c B_NOT_ALLOWED in case the user did not grant you access right to
|
|
this \a keyring.
|
|
- \c B_ENTRY_NOT_FOUND in case there is no key that matches the given
|
|
identifier(s), or if you retrieved the last key.
|
|
- Any other error that indicates that there was a problem communicating
|
|
with the \c keystore_server.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
//! @}
|
|
|
|
|
|
/*!
|
|
\name Keyrings
|
|
*/
|
|
|
|
|
|
//! @{
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::AddKeyring(const char* keyring)
|
|
\brief Create a new \a keyring.
|
|
|
|
\param keyring An UTF-8 string that identifies the keyring you want to
|
|
create.
|
|
|
|
\returns
|
|
- \c B_OK if the keyring was succesfully added.
|
|
- \c B_NAME_IN_USE if the \a keyring already exists.
|
|
- Any other error in case there was an unknown error in the
|
|
\c keystore_server, or while communicating to it.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::RemoveKeyring(const char* keyring)
|
|
\brief Remove a \a keyring.
|
|
|
|
\param keyring An UTF-8 string that identifies the keyring you want to
|
|
remove.
|
|
|
|
\returns
|
|
- \c B_OK if the keyring was sucessfully removed.
|
|
- \c B_ENTRY_NOT_FOUND if the keyring does not exist
|
|
- \c B_NOT_ALLOWED when you try to remove the Master keyring.
|
|
- Any other error in case there was an unknown error in the
|
|
\c keystore_server, or while communicating to it.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetNextKeyring(uint32& cookie, BString& keyring)
|
|
\brief Iterate through the keyrings.
|
|
|
|
\param[out] cookie A cookie that the \c keystore_server uses to keep track
|
|
of where you are in the list of keyrings. When you start the query, set
|
|
the initial value to \c 0. After that, pass the cookie to each
|
|
subsequent call to progress the iterator.
|
|
\param[out] keyring A BString that holds the current name of the keyring.
|
|
For each succesful iteration, the existing contents is overwritten.
|
|
|
|
\returns
|
|
- \c B_OK if the iteration was succesful.
|
|
- \c B_ENTRY_NOT_FOUND if there are no more keyrings left to iterate
|
|
- Any other error in case there was an unknown error in the
|
|
\c keystore_server, or while communicating to it.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::SetUnlockKey(const char* keyring, const BKey& key)
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::RemoveUnlockKey(const char* keyring)
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
*/
|
|
|
|
|
|
//! @}
|
|
|
|
|
|
/*!
|
|
\name Master keyring (future API)
|
|
*/
|
|
|
|
|
|
//! @{
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::SetMasterUnlockKey(const BKey& key)
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::RemoveMasterUnlockKey()
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::AddKeyringToMaster(const char* keyring)
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
|
|
\see AddKeyring(const char* keyring)
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::RemoveKeyringFromMaster(const char* keyring)
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
|
|
\see RemoveKeyring(const char* keyring)
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetNextMasterKeyring(uint32& cookie,
|
|
BString& keyring)
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
|
|
\see GetNextKeyring(uint32& cookie, BString& keyring)
|
|
*/
|
|
|
|
|
|
//! @}
|
|
|
|
|
|
/*!
|
|
\name Locking (future API)
|
|
|
|
In the future, locking is part of encrypting and decrypting keyrings.
|
|
|
|
\note If you are looking at this section because you assume you need to
|
|
check that users have the correct permissions, you are in the wrong
|
|
place. There is no particular way to determine whether a user has
|
|
access granted. Instead, each method of this API will return the error
|
|
code \c B_NOT_ALLOWED if the user has not granted access. Use that in
|
|
your control flow to determine if you have access.
|
|
*/
|
|
|
|
|
|
//! @{
|
|
|
|
|
|
/*!
|
|
\fn bool BKeyStore::IsKeyringUnlocked(const char* keyring)
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::LockKeyring(const char* keyring)
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::LockMasterKeyring()
|
|
\brief Not implemented.
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
*/
|
|
|
|
|
|
//! @}
|
|
|
|
|
|
/*!
|
|
\name Applications
|
|
*/
|
|
|
|
|
|
//! @{
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetNextApplication(uint32& cookie,
|
|
BString& signature) const
|
|
\brief Iterate through applications that currently have been granted access
|
|
to the Master keyring.
|
|
|
|
This is a convenience method that calls
|
|
\ref GetNextApplication(const char* keyring, uint32& cookie,
|
|
BString& signature) for the Master \a keyring.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GetNextApplication(const char* keyring,
|
|
uint32& cookie, BString& signature) const
|
|
\brief Iterate through applications that currently have been granted access
|
|
to the specified \a keyring.
|
|
|
|
This method allows you to iterate through all applications that the user
|
|
has granted access to the \a keyring, whether it is temporarily, or on a
|
|
more permanent basis.
|
|
|
|
\param[in] keyring A UTF-8 string that identifies the keyring that you want
|
|
to inspect granted access to.
|
|
\param[out] cookie A cookie that the \c keystore_server uses to keep track
|
|
of where you are in the list of keys. When you start the query, set the
|
|
initial value to \c 0. After that, pass the cookie to each subsequent
|
|
call to progress the iterator.
|
|
\param[out] signature If a next application is found, the signature will be
|
|
stored in this parameter. Any existing string will be overwritten.
|
|
|
|
\returns
|
|
- \c B_OK if the next signature was found succesfully.
|
|
- \c B_BAD_VALUE if the keyring does not exist.
|
|
- \c B_NOT_ALLOWED in case the user did not grant you access right to
|
|
this \a keyring.
|
|
- \c B_ENTRY_NOT_FOUND if there are no more applications to iterate
|
|
through.
|
|
- Any other error in case there was an unknown error in the
|
|
\c keystore_server, or while communicating to it.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::RemoveApplication(const char* signature)
|
|
\brief Remove access for an application to the Master keyring.
|
|
|
|
This is a convenience method that calls
|
|
\ref RemoveApplication(const char *, const char*) for the Master
|
|
\a keyring.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::RemoveApplication(const char* keyring,
|
|
const char* signature)
|
|
\brief Remove access for an application to a \a keyring.
|
|
|
|
\param keyring A UTF-8 string that identifies the keyring that you want
|
|
to inspect granted access to.
|
|
\param signature The signature of the application that you want to revoke
|
|
permissions to access the keyring.
|
|
|
|
\returns
|
|
- \c B_OK if the application's access has been revoked.
|
|
- \c B_NOT_ALLOWED in case the user did not grant you access right to
|
|
this \a keyring.
|
|
- \c B_ENTRY_NOT_FOUND if the application did not have access to this
|
|
keyring.
|
|
- Any other error in case there was an unknown error in the
|
|
\c keystore_server, or while communicating to it.
|
|
|
|
\since Haiku R1
|
|
*/
|
|
|
|
|
|
//! @}
|
|
|
|
|
|
/*!
|
|
\name Service Functions (future API)
|
|
|
|
This feature is not available in the current release of Haiku.
|
|
*/
|
|
|
|
|
|
//! @{
|
|
|
|
|
|
/*!
|
|
\fn status_t BKeyStore::GeneratePassword(BPasswordKey& password,
|
|
size_t length, uint32 flags)
|
|
\brief Unimplemented.
|
|
|
|
This method is currently not implemented.
|
|
*/
|
|
|
|
|
|
/*!
|
|
\fn float BKeyStore::PasswordStrength(const char* password)
|
|
\brief Unimplemented
|
|
|
|
This method is currently not implemented
|
|
*/
|
|
|
|
|
|
//! @}
|