add secret service zbus implementation for std

pimalaya · Dec 17, 2024 · 99f8915 · 99f8915
1 parent 80dfeec
commit 99f8915
Show file tree

Hide file tree

Showing 10 changed files with 523 additions and 21 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -24,6 +24,7 @@ full = [
   "secret-service-dbus-std",
   "secret-service-dbus-tokio",
 
+  "secret-service-zbus-std",
   "secret-service-zbus-async-std",
   "secret-service-zbus-tokio",
 
@@ -38,8 +39,9 @@ secret-service-dbus-tokio = ["dep:dbus-codegen", "dep:dbus-tokio", "dep:tokio"]
 
 # Linux Secret service, based on Z-Bus
 #
-secret-service-zbus-async-std = ["dep:async-std", "dep:serde", "dep:zbus", "serde/derive"]
-secret-service-zbus-tokio = ["dep:serde", "dep:tokio", "dep:zbus", "serde/derive"]
+secret-service-zbus-std = ["dep:serde", "dep:zbus", "serde/derive", "zbus?/blocking-api"]
+secret-service-zbus-async-std = ["dep:async-std", "dep:serde", "dep:zbus", "serde?/derive"]
+secret-service-zbus-tokio = ["dep:serde", "dep:tokio", "dep:zbus", "serde?/derive"]
 
 # Linux Secret service crypto
 #

diff --git a/examples/secret-service-zbus-openssl-std.rs b/examples/secret-service-zbus-openssl-std.rs
@@ -0,0 +1,68 @@
+#![cfg(target_os = "linux")]
+#![cfg(feature = "secret-service-zbus-std")]
+#![cfg(feature = "secret-service-openssl-std")]
+
+use std::env;
+
+use keyring::{
+    secret_service::{
+        self,
+        crypto::{self, algorithm::Algorithm, openssl::std::IoConnector as CryptoIoConnector},
+        flow::{ReadEntryFlow, WriteEntryFlow},
+        zbus::std::IoConnector as ZbusIoConnector,
+    },
+    Io,
+};
+use secrecy::ExposeSecret;
+
+#[async_std::main]
+async fn main() {
+    let service = env::var("SERVICE").unwrap_or(String::from("test-service"));
+    println!("using service name: {service:?}");
+
+    let account = env::var("ACCOUNT").unwrap_or(String::from("test-account"));
+    println!("using account name: {service:?}");
+
+    let encryption = match env::var("ENCRYPTION") {
+        Ok(alg) if alg.trim().eq_ignore_ascii_case("dh") => Algorithm::Dh,
+        _ => Algorithm::Plain,
+    };
+    println!("using encryption algorithm: {encryption:?}");
+
+    let mut zbus = ZbusIoConnector::new(&service, &account, encryption.clone()).unwrap();
+    let mut crypto = CryptoIoConnector::new(zbus.session()).unwrap();
+
+    println!("write secret {:?} to entry {service}:{account}", "test");
+    let mut flow = WriteEntryFlow::new(b"test".to_vec(), encryption.clone());
+    while let Some(io) = flow.next() {
+        match io {
+            secret_service::Io::Crypto(crypto::Io::Encrypt) => {
+                crypto.encrypt(&mut flow).unwrap();
+            }
+            secret_service::Io::Entry(Io::Write) => {
+                zbus.write(&mut flow).unwrap();
+            }
+            _ => {
+                unreachable!();
+            }
+        }
+    }
+
+    let mut flow = ReadEntryFlow::new(encryption);
+    while let Some(io) = flow.next() {
+        match io {
+            secret_service::Io::Entry(Io::Read) => {
+                zbus.read(&mut flow).unwrap();
+            }
+            secret_service::Io::Crypto(crypto::Io::Decrypt) => {
+                crypto.decrypt(&mut flow).unwrap();
+            }
+            _ => unreachable!(),
+        }
+    }
+
+    let secret = flow.secret.take().unwrap();
+    let secret = secret.expose_secret();
+    let secret = String::from_utf8_lossy(&secret);
+    println!("read secret {secret:?} from entry {service}:{account}");
+}
diff --git a/examples/secret-service-zbus-rust-crypto-std.rs b/examples/secret-service-zbus-rust-crypto-std.rs
@@ -0,0 +1,68 @@
+#![cfg(target_os = "linux")]
+#![cfg(feature = "secret-service-zbus-std")]
+#![cfg(feature = "secret-service-rust-crypto-std")]
+
+use std::env;
+
+use keyring::{
+    secret_service::{
+        self,
+        crypto::{self, algorithm::Algorithm, rust_crypto::std::IoConnector as CryptoIoConnector},
+        flow::{ReadEntryFlow, WriteEntryFlow},
+        zbus::std::IoConnector as ZbusIoConnector,
+    },
+    Io,
+};
+use secrecy::ExposeSecret;
+
+#[async_std::main]
+async fn main() {
+    let service = env::var("SERVICE").unwrap_or(String::from("test-service"));
+    println!("using service name: {service:?}");
+
+    let account = env::var("ACCOUNT").unwrap_or(String::from("test-account"));
+    println!("using account name: {service:?}");
+
+    let encryption = match env::var("ENCRYPTION") {
+        Ok(alg) if alg.trim().eq_ignore_ascii_case("dh") => Algorithm::Dh,
+        _ => Algorithm::Plain,
+    };
+    println!("using encryption algorithm: {encryption:?}");
+
+    let mut zbus = ZbusIoConnector::new(&service, &account, encryption.clone()).unwrap();
+    let mut crypto = CryptoIoConnector::new(zbus.session()).unwrap();
+
+    println!("write secret {:?} to entry {service}:{account}", "test");
+    let mut flow = WriteEntryFlow::new(b"test".to_vec(), encryption.clone());
+    while let Some(io) = flow.next() {
+        match io {
+            secret_service::Io::Crypto(crypto::Io::Encrypt) => {
+                crypto.encrypt(&mut flow).unwrap();
+            }
+            secret_service::Io::Entry(Io::Write) => {
+                zbus.write(&mut flow).unwrap();
+            }
+            _ => {
+                unreachable!();
+            }
+        }
+    }
+
+    let mut flow = ReadEntryFlow::new(encryption);
+    while let Some(io) = flow.next() {
+        match io {
+            secret_service::Io::Entry(Io::Read) => {
+                zbus.read(&mut flow).unwrap();
+            }
+            secret_service::Io::Crypto(crypto::Io::Decrypt) => {
+                crypto.decrypt(&mut flow).unwrap();
+            }
+            _ => unreachable!(),
+        }
+    }
+
+    let secret = flow.secret.take().unwrap();
+    let secret = secret.expose_secret();
+    let secret = String::from_utf8_lossy(&secret);
+    println!("read secret {secret:?} from entry {service}:{account}");
+}
diff --git a/src/lib.rs b/src/lib.rs
@@ -10,6 +10,7 @@ pub mod apple;
 #[cfg(any(
     feature = "secret-service-dbus-std",
     feature = "secret-service-dbus-tokio",
+    feature = "secret-service-zbus-std",
     feature = "secret-service-zbus-async-std",
     feature = "secret-service-zbus-tokio",
 ))]

diff --git a/src/secret_service/mod.rs b/src/secret_service/mod.rs
@@ -9,6 +9,7 @@ pub mod flow;
 pub mod io;
 pub mod session;
 #[cfg(any(
+    feature = "secret-service-zbus-std",
     feature = "secret-service-zbus-async-std",
     feature = "secret-service-zbus-tokio",
 ))]

diff --git a/src/secret_service/zbus/api.rs b/src/secret_service/zbus/api.rs
@@ -3,11 +3,7 @@ use std::collections::HashMap;
 use serde::{Deserialize, Serialize};
 use zbus::zvariant::{ObjectPath, OwnedObjectPath, OwnedValue, Type, Value};
 
-#[zbus::proxy(
-    interface = "org.freedesktop.Secret.Service",
-    default_service = "org.freedesktop.secrets",
-    default_path = "/org/freedesktop/secrets"
-)]
+#[zbus::proxy(interface = "org.freedesktop.Secret.Service")]
 pub trait OrgFreedesktopSecretService {
     fn open_session(&self, algorithm: &str, input: Value<'_>) -> zbus::Result<OpenSessionResult>;
     fn create_collection(
@@ -29,10 +25,7 @@ pub trait OrgFreedesktopSecretService {
     fn collections(&self) -> zbus::fdo::Result<Vec<ObjectPath<'_>>>;
 }
 
-#[zbus::proxy(
-    interface = "org.freedesktop.Secret.Collection",
-    default_service = "org.freedesktop.Secret.Collection"
-)]
+#[zbus::proxy(interface = "org.freedesktop.Secret.Collection")]
 pub trait OrgFreedesktopSecretCollection {
     fn delete(&self) -> zbus::Result<OwnedObjectPath>;
     fn search_items(&self, attributes: HashMap<&str, &str>) -> zbus::Result<Vec<OwnedObjectPath>>;
@@ -57,10 +50,7 @@ pub trait OrgFreedesktopSecretCollection {
     fn modified(&self) -> zbus::fdo::Result<u64>;
 }
 
-#[zbus::proxy(
-    interface = "org.freedesktop.Secret.Item",
-    default_service = "org.freedesktop.Secret.Item"
-)]
+#[zbus::proxy(interface = "org.freedesktop.Secret.Item")]
 pub trait OrgFreedesktopSecretItem {
     fn delete(&self) -> zbus::Result<OwnedObjectPath>;
     fn get_secret(&self, session: &ObjectPath<'_>) -> zbus::Result<SecretStruct>;
@@ -82,10 +72,7 @@ pub trait OrgFreedesktopSecretItem {
     fn modified(&self) -> zbus::fdo::Result<u64>;
 }
 
-#[zbus::proxy(
-    interface = "org.freedesktop.Secret.Prompt",
-    default_service = "org.freedesktop.Secret.Prompt"
-)]
+#[zbus::proxy(interface = "org.freedesktop.Secret.Prompt")]
 pub trait OrgFreedesktopSecretPrompt {
     fn prompt(&self, window_id: &str) -> zbus::Result<()>;
     fn dismiss(&self) -> zbus::Result<()>;

diff --git a/src/secret_service/zbus/async_std.rs b/src/secret_service/zbus/async_std.rs
@@ -80,7 +80,7 @@ pub enum Error {
     CryptoError(#[from] crypto::Error),
 }
 
-pub type Result<T> = ::std::result::Result<T, Error>;
+pub type Result<T> = std::result::Result<T, Error>;
 
 pub struct SecretService {
     connection: Connection,

diff --git a/src/secret_service/zbus/mod.rs b/src/secret_service/zbus/mod.rs
@@ -2,6 +2,8 @@ pub mod api;
 #[cfg(feature = "secret-service-zbus-async-std")]
 pub mod async_std;
 pub mod session;
+#[cfg(feature = "secret-service-zbus-std")]
+pub mod std;
 #[cfg(feature = "secret-service-zbus-tokio")]
 pub mod tokio;