New issue
Advanced search Search tips

Issue 639298 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Aug 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 3
Type: Bug

Blocking:
issue 602624



Sign in to add a comment

Libsecret schema for os_crypt is incompatible with gnome-keyring.

Project Member Reported by cfroussios@chromium.org, Aug 19 2016

Issue description

In the current implementation of libsecret for os_crypt, the schema used is not compatible with any possible schema from gnome-keyring. More specifically, libsecret can use a special schema name, of which keyring is not aware. As a result, it is impossible to create an implementation for gnome-keyring, such that the user can upgrade from gnome-keyring to libsecret without losing access to their local profile.

A solution is to migrate any existing keys stored by libsecret into a new schema, which will be compatible with gnome keyring. Since the problematic implementation has reached beta (M52), the code should continue to expect entries in the old schema.

Notes:
- gnome-keyring is a deprecated library for storing passwords in Gnome, whose successor is libsecret.
- There are still gnome machines that use the old library.
- Support in os_crypt for these libraries begun being implemented in reverse chronological order.

 
Owner: cfroussios@chromium.org
Cc: dvadym@chromium.org
dvadym@ suggested that we could scope encryption keys to a profile while we're at it. This allows migrating a profile to a new encryption key, without damaging other profiles.

The problem is that os_crypt is initialized before profile initialisation. It should not be possible to use profile information at that point.

In what circumstances would we migrate a profile and how likely is that we do? If the scenario is just hypothetical, I don't think it is worth solving beforehand. The other os_crypt implementations (including mac) don't scope the key either.
Blocking: 602624
Project Member

Comment 4 by bugdroid1@chromium.org, Aug 30 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/02da78d1d5cb36b3e40afd72e40c0c0cc6883c41

commit 02da78d1d5cb36b3e40afd72e40c0c0cc6883c41
Author: cfroussios <cfroussios@chromium.org>
Date: Tue Aug 30 09:27:05 2016

Migrate Libsecret for OSCrypt to a new schema

Schemas for gnome-keyring and libsecret are not 100% interchangeable. To
support gnome-keyring, we need to use equivalent schemas in both
libraries. This will allow a user to upgrade their machine from gnome-keyring
to libsecret, without chrome losing access to OSCrypt's encryption key.

We correct the unfortunate initial choice for a schema by copying entries
to the new schema.

As a bonus, this will correct the mislabeling of some entries (see crbug/640603)

BUG= 639298 

Review-Url: https://codereview.chromium.org/2273723002
Cr-Commit-Position: refs/heads/master@{#415254}

[modify] https://crrev.com/02da78d1d5cb36b3e40afd72e40c0c0cc6883c41/components/os_crypt/key_storage_libsecret.cc
[modify] https://crrev.com/02da78d1d5cb36b3e40afd72e40c0c0cc6883c41/components/os_crypt/key_storage_libsecret.h
[modify] https://crrev.com/02da78d1d5cb36b3e40afd72e40c0c0cc6883c41/components/os_crypt/os_crypt_util_linux_unittest.cc

Status: Fixed (was: Assigned)

Sign in to add a comment