1 /* libsecret - GLib wrapper for Secret Service
3 * Copyright 2011 Collabora Ltd.
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Lesser General Public License as published
7 * by the Free Software Foundation; either version 2.1 of the licence or (at
8 * your option) any later version.
10 * See the included COPYING file for more information.
12 * Author: Stef Walter <stefw@gnome.org>
17 #include "secret-attributes.h"
18 #include "secret-password.h"
19 #include "secret-private.h"
20 #include "secret-value.h"
22 #include <egg/egg-secure-memory.h>
25 * SECTION:secret-password
26 * @title: Password storage
27 * @short_description: Simple password storage and lookup
29 * This is a simple API for storing passwords and retrieving passwords in the
32 * Each password is associated with a set of attributes. Attribute values can
33 * be either strings, integers or booleans.
35 * The names and types of allowed attributes for a given password are defined
36 * with a schema. Certain schemas are predefined. Additional schemas can be
37 * defined via the %SecretSchema structure.
39 * Each of the functions accept a variable list of attributes names and their
40 * values. Include a %NULL to terminate the list of attributes.
46 * secret_password_store: (skip)
47 * @schema: the schema for attributes
48 * @collection: (allow-none): a collection alias, or D-Bus object path of the collection where to store the secret
49 * @label: label for the secret
50 * @password: the null-terminated password to store
51 * @cancellable: optional cancellation object
52 * @callback: called when the operation completes
53 * @user_data: data to be passed to the callback
54 * @...: the attribute keys and values, terminated with %NULL
56 * Store a password in the secret service.
58 * The variable argument list should contain pairs of a) The attribute name as
59 * a null-terminated string, followed by b) attribute value, either a character
60 * string, an int number, or a gboolean value, as defined in the @schema.
61 * The list of attribtues should be terminated with a %NULL.
63 * If the attributes match a secret item already stored in the collection, then
64 * the item will be updated with these new values.
66 * If @collection is %NULL, then the default collection will be
67 * used. Use #SECRET_COLLECTION_SESSION to store the password in the session
68 * collection, which doesn't get stored across login sessions.
70 * This method will return immediately and complete asynchronously.
73 secret_password_store (const SecretSchema *schema,
74 const gchar *collection,
76 const gchar *password,
77 GCancellable *cancellable,
78 GAsyncReadyCallback callback,
82 GHashTable *attributes;
85 g_return_if_fail (schema != NULL);
86 g_return_if_fail (label != NULL);
87 g_return_if_fail (password != NULL);
88 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
90 va_start (va, user_data);
91 attributes = secret_attributes_buildv (schema, va);
94 /* Precondition failed, already warned */
98 secret_password_storev (schema, attributes, collection, label, password,
99 cancellable, callback, user_data);
101 g_hash_table_unref (attributes);
105 * secret_password_storev:
106 * @schema: the schema for attributes
107 * @attributes: (element-type utf8 utf8): the attribute keys and values
108 * @collection: (allow-none): a collection alias, or D-Bus object path of the collection where to store the secret
109 * @label: label for the secret
110 * @password: the null-terminated password to store
111 * @cancellable: optional cancellation object
112 * @callback: called when the operation completes
113 * @user_data: data to be passed to the callback
115 * Store a password in the secret service.
117 * The @attributes should be a set of key and value string pairs.
119 * If the attributes match a secret item already stored in the collection, then
120 * the item will be updated with these new values.
122 * If @collection is %NULL, then the default collection will be
123 * used. Use #SECRET_COLLECTION_SESSION to store the password in the session
124 * collection, which doesn't get stored across login sessions.
126 * This method will return immediately and complete asynchronously.
128 * Rename to: secret_password_store
131 secret_password_storev (const SecretSchema *schema,
132 GHashTable *attributes,
133 const gchar *collection,
135 const gchar *password,
136 GCancellable *cancellable,
137 GAsyncReadyCallback callback,
142 g_return_if_fail (schema != NULL);
143 g_return_if_fail (label != NULL);
144 g_return_if_fail (password != NULL);
145 g_return_if_fail (attributes != NULL);
146 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
148 /* Warnings raised already */
149 if (!_secret_attributes_validate (schema, attributes, G_STRFUNC, FALSE))
152 value = secret_value_new (password, -1, "text/plain");
154 secret_service_store (NULL, schema, attributes, collection,
155 label, value, cancellable, callback, user_data);
157 secret_value_unref (value);
161 * secret_password_store_finish:
162 * @result: the asynchronous result passed to the callback
163 * @error: location to place an error on failure
165 * Finish asynchronous operation to store a password in the secret service.
167 * Returns: whether the storage was successful or not
170 secret_password_store_finish (GAsyncResult *result,
173 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
174 return secret_service_store_finish (NULL, result, error);
178 * secret_password_store_sync:
179 * @schema: the schema for attributes
180 * @collection: (allow-none): a collection alias, or D-Bus object path of the collection where to store the secret
181 * @label: label for the secret
182 * @password: the null-terminated password to store
183 * @cancellable: optional cancellation object
184 * @error: location to place an error on failure
185 * @...: the attribute keys and values, terminated with %NULL
187 * Store a password in the secret service.
189 * The variable argument list should contain pairs of a) The attribute name as
190 * a null-terminated string, followed by b) attribute value, either a character
191 * string, an int number, or a gboolean value, as defined in the @schema.
192 * The list of attribtues should be terminated with a %NULL.
194 * If the attributes match a secret item already stored in the collection, then
195 * the item will be updated with these new values.
197 * If @collection is %NULL, then the default collection will be
198 * used. Use #SECRET_COLLECTION_SESSION to store the password in the session
199 * collection, which doesn't get stored across login sessions.
201 * This method may block indefinitely and should not be used in user interface
204 * Returns: whether the storage was successful or not
207 secret_password_store_sync (const SecretSchema *schema,
208 const gchar *collection,
210 const gchar *password,
211 GCancellable *cancellable,
215 GHashTable *attributes;
219 g_return_val_if_fail (schema != NULL, FALSE);
220 g_return_val_if_fail (label != NULL, FALSE);
221 g_return_val_if_fail (password != NULL, FALSE);
222 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE);
223 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
225 va_start (va, error);
226 attributes = secret_attributes_buildv (schema, va);
229 /* Precondition failed, already warned */
233 ret = secret_password_storev_sync (schema, attributes, collection,
234 label, password, cancellable, error);
236 g_hash_table_unref (attributes);
241 * secret_password_storev_sync:
242 * @schema: the schema for attributes
243 * @attributes: (element-type utf8 utf8): the attribute keys and values
244 * @collection: (allow-none): a collection alias, or D-Bus object path of the collection where to store the secret
245 * @label: label for the secret
246 * @password: the null-terminated password to store
247 * @cancellable: optional cancellation object
248 * @error: location to place an error on failure
250 * Store a password in the secret service.
252 * The @attributes should be a set of key and value string pairs.
254 * If the attributes match a secret item already stored in the collection, then
255 * the item will be updated with these new values.
257 * If @collection is %NULL, then the default collection will be
258 * used. Use #SECRET_COLLECTION_SESSION to store the password in the session
259 * collection, which doesn't get stored across login sessions.
261 * This method may block indefinitely and should not be used in user interface
264 * Returns: whether the storage was successful or not
266 * Rename to: secret_password_store_sync
269 secret_password_storev_sync (const SecretSchema *schema,
270 GHashTable *attributes,
271 const gchar *collection,
273 const gchar *password,
274 GCancellable *cancellable,
280 g_return_val_if_fail (schema != NULL, FALSE);
281 g_return_val_if_fail (label != NULL, FALSE);
282 g_return_val_if_fail (password != NULL, FALSE);
283 g_return_val_if_fail (attributes != NULL, FALSE);
284 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE);
285 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
287 /* Warnings raised already */
288 if (!_secret_attributes_validate (schema, attributes, G_STRFUNC, FALSE))
291 sync = _secret_sync_new ();
292 g_main_context_push_thread_default (sync->context);
294 secret_password_storev (schema, attributes, collection, label, password,
295 cancellable, _secret_sync_on_result, sync);
297 g_main_loop_run (sync->loop);
299 ret = secret_password_store_finish (sync->result, error);
301 g_main_context_pop_thread_default (sync->context);
302 _secret_sync_free (sync);
308 * secret_password_lookup: (skip)
309 * @schema: the schema for the attributes
310 * @cancellable: optional cancellation object
311 * @callback: called when the operation completes
312 * @user_data: data to be passed to the callback
313 * @...: the attribute keys and values, terminated with %NULL
315 * Lookup a password in the secret service.
317 * The variable argument list should contain pairs of a) The attribute name as
318 * a null-terminated string, followed by b) attribute value, either a character
319 * string, an int number, or a gboolean value, as defined in the password
320 * @schema. The list of attribtues should be terminated with a %NULL.
322 * If no secret is found then %NULL is returned.
324 * This method will return immediately and complete asynchronously.
327 secret_password_lookup (const SecretSchema *schema,
328 GCancellable *cancellable,
329 GAsyncReadyCallback callback,
333 GHashTable *attributes;
336 g_return_if_fail (schema != NULL);
337 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
339 va_start (va, user_data);
340 attributes = secret_attributes_buildv (schema, va);
343 /* Precondition failed, already warned */
347 secret_password_lookupv (schema, attributes, cancellable,
348 callback, user_data);
350 g_hash_table_unref (attributes);
354 * secret_password_lookupv:
355 * @schema: the schema for attributes
356 * @attributes: (element-type utf8 utf8): the attribute keys and values
357 * @cancellable: optional cancellation object
358 * @callback: called when the operation completes
359 * @user_data: data to be passed to the callback
361 * Lookup a password in the secret service.
363 * The @attributes should be a set of key and value string pairs.
365 * If no secret is found then %NULL is returned.
367 * This method will return immediately and complete asynchronously.
369 * Rename to: secret_password_lookup
372 secret_password_lookupv (const SecretSchema *schema,
373 GHashTable *attributes,
374 GCancellable *cancellable,
375 GAsyncReadyCallback callback,
378 g_return_if_fail (schema != NULL);
379 g_return_if_fail (attributes != NULL);
380 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
382 /* Warnings raised already */
383 if (!_secret_attributes_validate (schema, attributes, G_STRFUNC, TRUE))
386 secret_service_lookup (NULL, schema, attributes,
387 cancellable, callback, user_data);
391 * secret_password_lookup_nonpageable_finish: (skip)
392 * @result: the asynchronous result passed to the callback
393 * @error: location to place an error on failure
395 * Finish an asynchronous operation to lookup a password in the secret service.
397 * Returns: (transfer full): a new password string stored in nonpageable memory
398 * which must be freed with secret_password_free() when done
401 secret_password_lookup_nonpageable_finish (GAsyncResult *result,
406 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
408 value = secret_service_lookup_finish (NULL, result, error);
412 return _secret_value_unref_to_password (value);
416 * secret_password_lookup_finish:
417 * @result: the asynchronous result passed to the callback
418 * @error: location to place an error on failure
420 * Finish an asynchronous operation to lookup a password in the secret service.
422 * Returns: (transfer full): a new password string which should be freed with
423 * secret_password_free() or may be freed with g_free() when done
426 secret_password_lookup_finish (GAsyncResult *result,
431 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
433 value = secret_service_lookup_finish (NULL, result, error);
437 return _secret_value_unref_to_string (value);
441 * secret_password_lookup_sync: (skip)
442 * @schema: the schema for the attributes
443 * @cancellable: optional cancellation object
444 * @error: location to place an error on failure
445 * @...: the attribute keys and values, terminated with %NULL
447 * Lookup a password in the secret service.
449 * The variable argument list should contain pairs of a) The attribute name as
450 * a null-terminated string, followed by b) attribute value, either a character
451 * string, an int number, or a gboolean value, as defined in the password
452 * @schema. The list of attribtues should be terminated with a %NULL.
454 * If no secret is found then %NULL is returned.
456 * This method may block indefinitely and should not be used in user interface
459 * Returns: (transfer full): a new password string which should be freed with
460 * secret_password_free() or may be freed with g_free() when done
463 secret_password_lookup_sync (const SecretSchema *schema,
464 GCancellable *cancellable,
468 GHashTable *attributes;
472 g_return_val_if_fail (schema != NULL, NULL);
473 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
474 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
476 va_start (va, error);
477 attributes = secret_attributes_buildv (schema, va);
480 /* Precondition failed, already warned */
484 password = secret_password_lookupv_sync (schema, attributes,
487 g_hash_table_unref (attributes);
493 * secret_password_lookup_nonpageable_sync: (skip)
494 * @schema: the schema for the attributes
495 * @cancellable: optional cancellation object
496 * @error: location to place an error on failure
497 * @...: the attribute keys and values, terminated with %NULL
499 * Lookup a password in the secret service.
501 * The variable argument list should contain pairs of a) The attribute name as
502 * a null-terminated string, followed by b) attribute value, either a character
503 * string, an int number, or a gboolean value, as defined in the password
504 * @schema. The list of attribtues should be terminated with a %NULL.
506 * If no secret is found then %NULL is returned.
508 * This method may block indefinitely and should not be used in user interface
511 * Returns: (transfer full): a new password string stored in nonpageable memory
512 * which must be freed with secret_password_free() when done
515 secret_password_lookup_nonpageable_sync (const SecretSchema *schema,
516 GCancellable *cancellable,
520 GHashTable *attributes;
524 g_return_val_if_fail (schema != NULL, NULL);
525 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
526 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
528 va_start (va, error);
529 attributes = secret_attributes_buildv (schema, va);
532 /* Precondition failed, already warned */
536 password = secret_password_lookupv_nonpageable_sync (schema, attributes,
539 g_hash_table_unref (attributes);
545 * secret_password_lookupv_nonpageable_sync: (skip)
546 * @schema: the schema for attributes
547 * @attributes: (element-type utf8 utf8): the attribute keys and values
548 * @cancellable: optional cancellation object
549 * @error: location to place an error on failure
551 * Lookup a password in the secret service.
553 * The @attributes should be a set of key and value string pairs.
555 * If no secret is found then %NULL is returned.
557 * This method may block indefinitely and should not be used in user interface
560 * Returns: (transfer full): a new password string stored in non pageable memory
561 * which should be freed with secret_password_free() when done
564 secret_password_lookupv_nonpageable_sync (const SecretSchema *schema,
565 GHashTable *attributes,
566 GCancellable *cancellable,
572 g_return_val_if_fail (schema != NULL, NULL);
573 g_return_val_if_fail (attributes != NULL, NULL);
574 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
575 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
577 /* Warnings raised already */
578 if (!_secret_attributes_validate (schema, attributes, G_STRFUNC, TRUE))
581 sync = _secret_sync_new ();
582 g_main_context_push_thread_default (sync->context);
584 secret_password_lookupv (schema, attributes, cancellable,
585 _secret_sync_on_result, sync);
587 g_main_loop_run (sync->loop);
589 password = secret_password_lookup_nonpageable_finish (sync->result, error);
591 g_main_context_pop_thread_default (sync->context);
592 _secret_sync_free (sync);
598 * secret_password_lookupv_sync:
599 * @schema: the schema for attributes
600 * @attributes: (element-type utf8 utf8): the attribute keys and values
601 * @cancellable: optional cancellation object
602 * @error: location to place an error on failure
604 * Lookup a password in the secret service.
606 * The @attributes should be a set of key and value string pairs.
608 * If no secret is found then %NULL is returned.
610 * This method may block indefinitely and should not be used in user interface
613 * Returns: (transfer full): a new password string which should be freed with
614 * secret_password_free() or may be freed with g_free() when done
616 * Rename to: secret_password_lookup_sync
619 secret_password_lookupv_sync (const SecretSchema *schema,
620 GHashTable *attributes,
621 GCancellable *cancellable,
627 g_return_val_if_fail (schema != NULL, NULL);
628 g_return_val_if_fail (attributes != NULL, NULL);
629 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
630 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
632 /* Warnings raised already */
633 if (!_secret_attributes_validate (schema, attributes, G_STRFUNC, TRUE))
636 sync = _secret_sync_new ();
637 g_main_context_push_thread_default (sync->context);
639 secret_password_lookupv (schema, attributes, cancellable,
640 _secret_sync_on_result, sync);
642 g_main_loop_run (sync->loop);
644 string = secret_password_lookup_finish (sync->result, error);
646 g_main_context_pop_thread_default (sync->context);
647 _secret_sync_free (sync);
653 * secret_password_clear:
654 * @schema: the schema for the attributes
655 * @cancellable: optional cancellation object
656 * @callback: called when the operation completes
657 * @user_data: data to be passed to the callback
658 * @...: the attribute keys and values, terminated with %NULL
660 * Clear unlocked matching passwords from the secret service.
662 * The variable argument list should contain pairs of a) The attribute name as
663 * a null-terminated string, followed by b) attribute value, either a character
664 * string, an int number, or a gboolean value, as defined in the password
665 * @schema. The list of attribtues should be terminated with a %NULL.
667 * All unlocked items that match the attributes will be deleted.
669 * This method will return immediately and complete asynchronously.
672 secret_password_clear (const SecretSchema *schema,
673 GCancellable *cancellable,
674 GAsyncReadyCallback callback,
678 GHashTable *attributes;
681 g_return_if_fail (schema != NULL);
682 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
684 va_start (va, user_data);
685 attributes = secret_attributes_buildv (schema, va);
688 /* Precondition failed, already warned */
692 secret_password_clearv (schema, attributes, cancellable,
693 callback, user_data);
695 g_hash_table_unref (attributes);
700 * secret_password_clearv:
701 * @schema: the schema for the attributes
702 * @attributes: (element-type utf8 utf8): the attribute keys and values
703 * @cancellable: optional cancellation object
704 * @callback: called when the operation completes
705 * @user_data: data to be passed to the callback
707 * Remove unlocked matching passwords from the secret service.
709 * The @attributes should be a set of key and value string pairs.
711 * All unlocked items that match the attributes will be deleted.
713 * This method will return immediately and complete asynchronously.
715 * Rename to: secret_password_clear
718 secret_password_clearv (const SecretSchema *schema,
719 GHashTable *attributes,
720 GCancellable *cancellable,
721 GAsyncReadyCallback callback,
724 g_return_if_fail (schema != NULL);
725 g_return_if_fail (attributes != NULL);
726 g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
728 /* Warnings raised already */
729 if (!_secret_attributes_validate (schema, attributes, G_STRFUNC, TRUE))
732 secret_service_clear (NULL, schema, attributes,
733 cancellable, callback, user_data);
737 * secret_password_clear_finish:
738 * @result: the asynchronous result passed to the callback
739 * @error: location to place an error on failure
741 * Finish an asynchronous operation to remove passwords from the secret
744 * Returns: whether any passwords were removed
747 secret_password_clear_finish (GAsyncResult *result,
750 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
751 return secret_service_clear_finish (NULL, result, error);
755 * secret_password_clear_sync:
756 * @schema: the schema for the attributes
757 * @cancellable: optional cancellation object
758 * @error: location to place an error on failure
759 * @...: the attribute keys and values, terminated with %NULL
761 * Remove unlocked matching passwords from the secret service.
763 * The variable argument list should contain pairs of a) The attribute name as
764 * a null-terminated string, followed by b) attribute value, either a character
765 * string, an int number, or a gboolean value, as defined in the password
766 * @schema. The list of attribtues should be terminated with a %NULL.
768 * All unlocked items that match the attributes will be deleted.
770 * This method may block indefinitely and should not be used in user interface
773 * Returns: whether the any passwords were removed
776 secret_password_clear_sync (const SecretSchema* schema,
777 GCancellable *cancellable,
781 GHashTable *attributes;
785 g_return_val_if_fail (schema != NULL, FALSE);
786 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE);
787 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
789 va_start (va, error);
790 attributes = secret_attributes_buildv (schema, va);
793 /* Precondition failed, already warned */
797 result = secret_password_clearv_sync (schema, attributes,
800 g_hash_table_unref (attributes);
806 * secret_password_clearv_sync:
807 * @schema: the schema for the attributes
808 * @attributes: (element-type utf8 utf8): the attribute keys and values
809 * @cancellable: optional cancellation object
810 * @error: location to place an error on failure
812 * Remove unlocked matching passwords from the secret service.
814 * The @attributes should be a set of key and value string pairs.
816 * All unlocked items that match the attributes will be deleted.
818 * This method may block indefinitely and should not be used in user interface
821 * Returns: whether any passwords were removed
823 * Rename to: secret_password_clear_sync
826 secret_password_clearv_sync (const SecretSchema *schema,
827 GHashTable *attributes,
828 GCancellable *cancellable,
834 g_return_val_if_fail (schema != NULL, FALSE);
835 g_return_val_if_fail (attributes != NULL, FALSE);
836 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE);
837 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
839 /* Warnings raised already */
840 if (!_secret_attributes_validate (schema, attributes, G_STRFUNC, TRUE))
843 sync = _secret_sync_new ();
844 g_main_context_push_thread_default (sync->context);
846 secret_password_clearv (schema, attributes, cancellable,
847 _secret_sync_on_result, sync);
849 g_main_loop_run (sync->loop);
851 result = secret_password_clear_finish (sync->result, error);
853 g_main_context_pop_thread_default (sync->context);
854 _secret_sync_free (sync);
860 * secret_password_free: (skip)
861 * @password: (allow-none): password to free
863 * Clear the memory used by a password, and then free it.
865 * This function must be used to free nonpageable memory returned by
866 * secret_password_lookup_nonpageable_finish(),
867 * secret_password_lookup_nonpageable_sync() or
868 * secret_password_lookupv_nonpageable_sync().
871 secret_password_free (gchar *password)
873 if (password == NULL)
876 egg_secure_strfree (password);
880 * secret_password_wipe:
881 * @password: (allow-none): password to clear
883 * Clear the memory used by a password.
886 secret_password_wipe (gchar *password)
888 if (password == NULL)
891 egg_secure_strclear (password);