Re: [SailfishDevel] Secure storage for login data

[Caliste Damien]

Hello,

Chris Adams was quicker than me to provide an example. Thanks Chris for
this comprehensive and commented code.

I may add some more words and comment another example:
https://github.com/sailfishos/sailfish-secrets/plugins/gnupgplugin/pinentry/qassuanserver.cpp

This is the implementation of a pinentry for GnuPG and it can store the
provided passphrase to avoid typing it each time.

To enter Sailfish Secrets, it is important to know that you're relying
on plugins to actually store the data. There is a default encrypted
sqlite storage, see:
 Sailfish::Secrets::SecretManager::DefaultEncryptedStoragePluginName

Everything is asynchronous. To dialog with the daemon, you need to
instanciate a SecretManager and provide requests to it, to store or to
read a secret data.

The secret data will be stored in a collection that is defined by a
name. You need to ensure that the collection exists, see
ensureCacheCollection() in qassuanserver.cpp

You can store a secret with a Sailfish::Secrets::StoreSecretRequest and
read it with a Sailfish::Secrets::StoredSecretRequest, see
requestPassphrase() in qassuanserver.cpp. This routine is asking for a
passphrase, but before doing it it is reading the secret cache to see
if the passphrase has been stored already or not.

Last but not least, compile sailfish secret in SDK, it will generate a
HTML documentation that is quite extensive.

As Chris said, this is open source, and you're encourage to open bugs
in Github or give feedback about API, doc...

Don't hesitate to ask if you need more specific help.

Regards,

Damien.
___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

Re: [SailfishDevel] Secure storage for login data

[Dylan Van Assche via Devel]

Thanks for the demo application! This is something I can work with :)
It would be nice for Sailfinder to store its API keys in a secure storage.
This way, I don't have to authenticate the user each time he or she wants to 
use Sailfinder.
Only a check needs to be applied to see if the key hasn't been expired of 
course.

Kind regards,
Dylan

Sent with [ProtonMail](https://protonmail.com) Secure Email.

‐‐‐ Original Message ‐‐‐
On Thursday, June 13, 2019 11:18 AM, Chris Adams  wrote:

> Hi,
>
> Sorry for top posting.
> I've written a quick example which can be seen here:
> https://github.com/sailfishos/sailfish-secrets/pull/162/files
>
> I wrote it in my spare time rather than paid work so it's somewhat quick and 
> dirty.
>
> I've added a comment to the PR which documents a possible pain point for this 
> particular use case, and in general I would say that I consider these APIs to 
> be quite early stage and subject to revision, primarily because we haven't 
> had much real-world use or feedback, so far.  Please bear that in mind.  Of 
> course, feedback would definitely be appreciated.
>
> Best regards,
> Chris.
>
> ---
>
> From: Devel [devel-boun...@lists.sailfishos.org] on behalf of Dylan Van 
> Assche via Devel [devel@lists.sailfishos.org]
> Sent: Thursday, June 13, 2019 2:27 PM
> To: devel@lists.sailfishos.org
> Subject: Re: [SailfishDevel] Secure storage for login data
>
> Sailfish Secrets would be ideal. QtKeychain is also possible but KWallet is 
> missing.
>
> A Sailfish Secrets C++ example on Github would be very handy!
>
> Kind regards,
> Dylan
>
> Sent from ProtonMail mobile
>
>  Original Message 
> On 12 Jun 2019 22:41, Андрей Кожевников < coderusin...@gmail.com> wrote:
>
>> share sample project to github pleaes
>>
>> ср, 12 июн. 2019 г. в 23:30, Damien Caliste :
>>
>>> Hello,
>>>
>>> Indeed, sailfish secrets allow to store encrypted data. I can send an 
>>> example here in C++, and there are C bindings also.
>>>
>>> Damien.
>>>
 Le Mercredi 12 juin 2019, Dylan Van Assche via Devel a écrit :
 > Hi,
 >
 > Is there already a ready-to-use solution for storing login data (API 
 > keys) for apps? Ks Sailfish Secrets the way to go here
>>> ___
>>> SailfishOS.org Devel mailing list
>>> To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

Re: [SailfishDevel] Secure storage for login data

[Chris Adams]

Hi,

Sorry for top posting.
I've written a quick example which can be seen here:
https://github.com/sailfishos/sailfish-secrets/pull/162/files

I wrote it in my spare time rather than paid work so it's somewhat quick and 
dirty.

I've added a comment to the PR which documents a possible pain point for this 
particular use case, and in general I would say that I consider these APIs to 
be quite early stage and subject to revision, primarily because we haven't had 
much real-world use or feedback, so far.  Please bear that in mind.  Of course, 
feedback would definitely be appreciated.

Best regards,
Chris.



From: Devel [devel-boun...@lists.sailfishos.org] on behalf of Dylan Van Assche 
via Devel [devel@lists.sailfishos.org]
Sent: Thursday, June 13, 2019 2:27 PM
To: devel@lists.sailfishos.org
Subject: Re: [SailfishDevel] Secure storage for login data

Sailfish Secrets would be ideal. QtKeychain is also possible but KWallet is 
missing.

A Sailfish Secrets C++ example on Github would be very handy!


Kind regards,
Dylan


Sent from ProtonMail mobile



 Original Message 
On 12 Jun 2019 22:41, Андрей Кожевников < coderusin...@gmail.com> wrote:

share sample project to github pleaes


ср, 12 июн. 2019 г. в 23:30, Damien Caliste 
mailto:dcali...@free.fr>>:
Hello,

Indeed, sailfish secrets allow to store encrypted data. I can send an example 
here in C++, and there are C bindings also.

Damien.

> Le Mercredi 12 juin 2019, Dylan Van Assche via Devel a écrit :
> > Hi,
> >
> > Is there already a ready-to-use solution for storing login data (API keys) 
> > for apps? Ks Sailfish Secrets the way to go here
___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to 
devel-unsubscr...@lists.sailfishos.org
___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

[SailfishDevel] Sailfish OS, open source community collaboration meeting on June 13th 2019 at 08:00 UTC

[James Noori]

Hi all,

Welcome to today's IRC meeting! This week's meeting will contain the
topics below, with the following agenda:

Date: 13/06/2019
Time: 08:00 UTC
Duration: Approximately 85 minutes
Chair: sledges
Location: #mer-meeting on freenode IRC
http://webchat.freenode.net/Topics:

- Intro (5 min)
- Wireguard support directly in the Settings (30 min)
- Scratchbox2 vs glibc; or, limitations of hooking of public api's; 
dockerization as a solution (30 min)

- General discussion (15 min)
- Next meeting time & date (5 min)
--

More details on the topics can be found here:
https://together.jolla.com/question/54157/sailfishos-open-source-collaboration-meeting-planning/ 



Please familiarise yourself with them before the meeting, as well
as the common Meetbot commands https://wiki.debian.org/MeetBot (it's
used for meeting management and logging)

Cheers,
James

___
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org