Re: [SailfishDevel] Secure storage for login data
Hello, Chris Adams was quicker than me to provide an example. Thanks Chris for this comprehensive and commented code. I may add some more words and comment another example: https://github.com/sailfishos/sailfish-secrets/plugins/gnupgplugin/pinentry/qassuanserver.cpp This is the implementation of a pinentry for GnuPG and it can store the provided passphrase to avoid typing it each time. To enter Sailfish Secrets, it is important to know that you're relying on plugins to actually store the data. There is a default encrypted sqlite storage, see: Sailfish::Secrets::SecretManager::DefaultEncryptedStoragePluginName Everything is asynchronous. To dialog with the daemon, you need to instanciate a SecretManager and provide requests to it, to store or to read a secret data. The secret data will be stored in a collection that is defined by a name. You need to ensure that the collection exists, see ensureCacheCollection() in qassuanserver.cpp You can store a secret with a Sailfish::Secrets::StoreSecretRequest and read it with a Sailfish::Secrets::StoredSecretRequest, see requestPassphrase() in qassuanserver.cpp. This routine is asking for a passphrase, but before doing it it is reading the secret cache to see if the passphrase has been stored already or not. Last but not least, compile sailfish secret in SDK, it will generate a HTML documentation that is quite extensive. As Chris said, this is open source, and you're encourage to open bugs in Github or give feedback about API, doc... Don't hesitate to ask if you need more specific help. Regards, Damien. ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Secure storage for login data
Thanks for the demo application! This is something I can work with :) It would be nice for Sailfinder to store its API keys in a secure storage. This way, I don't have to authenticate the user each time he or she wants to use Sailfinder. Only a check needs to be applied to see if the key hasn't been expired of course. Kind regards, Dylan Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐ Original Message ‐‐‐ On Thursday, June 13, 2019 11:18 AM, Chris Adams wrote: > Hi, > > Sorry for top posting. > I've written a quick example which can be seen here: > https://github.com/sailfishos/sailfish-secrets/pull/162/files > > I wrote it in my spare time rather than paid work so it's somewhat quick and > dirty. > > I've added a comment to the PR which documents a possible pain point for this > particular use case, and in general I would say that I consider these APIs to > be quite early stage and subject to revision, primarily because we haven't > had much real-world use or feedback, so far. Please bear that in mind. Of > course, feedback would definitely be appreciated. > > Best regards, > Chris. > > --- > > From: Devel [devel-boun...@lists.sailfishos.org] on behalf of Dylan Van > Assche via Devel [devel@lists.sailfishos.org] > Sent: Thursday, June 13, 2019 2:27 PM > To: devel@lists.sailfishos.org > Subject: Re: [SailfishDevel] Secure storage for login data > > Sailfish Secrets would be ideal. QtKeychain is also possible but KWallet is > missing. > > A Sailfish Secrets C++ example on Github would be very handy! > > Kind regards, > Dylan > > Sent from ProtonMail mobile > > Original Message > On 12 Jun 2019 22:41, Андрей Кожевников < coderusin...@gmail.com> wrote: > >> share sample project to github pleaes >> >> ср, 12 июн. 2019 г. в 23:30, Damien Caliste : >> >>> Hello, >>> >>> Indeed, sailfish secrets allow to store encrypted data. I can send an >>> example here in C++, and there are C bindings also. >>> >>> Damien. >>> >>>> Le Mercredi 12 juin 2019, Dylan Van Assche via Devel a écrit : >>>> > Hi, >>>> > >>>> > Is there already a ready-to-use solution for storing login data (API >>>> > keys) for apps? Ks Sailfish Secrets the way to go here >>> ___ >>> SailfishOS.org Devel mailing list >>> To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Secure storage for login data
Hi, Sorry for top posting. I've written a quick example which can be seen here: https://github.com/sailfishos/sailfish-secrets/pull/162/files I wrote it in my spare time rather than paid work so it's somewhat quick and dirty. I've added a comment to the PR which documents a possible pain point for this particular use case, and in general I would say that I consider these APIs to be quite early stage and subject to revision, primarily because we haven't had much real-world use or feedback, so far. Please bear that in mind. Of course, feedback would definitely be appreciated. Best regards, Chris. From: Devel [devel-boun...@lists.sailfishos.org] on behalf of Dylan Van Assche via Devel [devel@lists.sailfishos.org] Sent: Thursday, June 13, 2019 2:27 PM To: devel@lists.sailfishos.org Subject: Re: [SailfishDevel] Secure storage for login data Sailfish Secrets would be ideal. QtKeychain is also possible but KWallet is missing. A Sailfish Secrets C++ example on Github would be very handy! Kind regards, Dylan Sent from ProtonMail mobile Original Message On 12 Jun 2019 22:41, Андрей Кожевников < coderusin...@gmail.com> wrote: share sample project to github pleaes ср, 12 июн. 2019 г. в 23:30, Damien Caliste mailto:dcali...@free.fr>>: Hello, Indeed, sailfish secrets allow to store encrypted data. I can send an example here in C++, and there are C bindings also. Damien. > Le Mercredi 12 juin 2019, Dylan Van Assche via Devel a écrit : > > Hi, > > > > Is there already a ready-to-use solution for storing login data (API keys) > > for apps? Ks Sailfish Secrets the way to go here ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org<mailto:devel-unsubscr...@lists.sailfishos.org> ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Secure storage for login data
Sailfish Secrets would be ideal. QtKeychain is also possible but KWallet is missing. A Sailfish Secrets C++ example on Github would be very handy! Kind regards, Dylan Sent from ProtonMail mobile Original Message On 12 Jun 2019 22:41, Андрей Кожевников wrote: > share sample project to github pleaes > > ср, 12 июн. 2019 г. в 23:30, Damien Caliste : > >> Hello, >> >> Indeed, sailfish secrets allow to store encrypted data. I can send an >> example here in C++, and there are C bindings also. >> >> Damien. >> >>> Le Mercredi 12 juin 2019, Dylan Van Assche via Devel a écrit : >>> > Hi, >>> > >>> > Is there already a ready-to-use solution for storing login data (API >>> > keys) for apps? Ks Sailfish Secrets the way to go here >> ___ >> SailfishOS.org Devel mailing list >> To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Secure storage for login data
share sample project to github pleaes ср, 12 июн. 2019 г. в 23:30, Damien Caliste : > Hello, > > Indeed, sailfish secrets allow to store encrypted data. I can send an > example here in C++, and there are C bindings also. > > Damien. > > > Le Mercredi 12 juin 2019, Dylan Van Assche via Devel a écrit : > > > Hi, > > > > > > Is there already a ready-to-use solution for storing login data (API > keys) for apps? Ks Sailfish Secrets the way to go here > ___ > SailfishOS.org Devel mailing list > To unsubscribe, please send a mail to > devel-unsubscr...@lists.sailfishos.org ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Secure storage for login data
Hello, Indeed, sailfish secrets allow to store encrypted data. I can send an example here in C++, and there are C bindings also. Damien. > Le Mercredi 12 juin 2019, Dylan Van Assche via Devel a écrit : > > Hi, > > > > Is there already a ready-to-use solution for storing login data (API keys) > > for apps? Ks Sailfish Secrets the way to go here ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Secure storage for login data
Hi there, A few months back, Andrew mentioned this in telegram: https://github.com/sailfishos/sailfish-secrets but I didn't used it or looked into it. It looks like what you are looking for, though. Cheers, Pablo. On miércoles, 12 de junio de 2019 19:41:22 (CEST) Iosif Hamlatzis wrote: > I know of an open source library based in Qt that I've used on other OS, > don't know if it's compatible with SailfishOS or can easily be converted > > You can try QtKeychain from > https://github.com/frankosterfeld/qtkeychain/wiki > > On Wed, 12 Jun 2019 at 20:19 Dylan Van Assche via Devel < > > devel@lists.sailfishos.org> wrote: > > Hi, > > > > Is there already a ready-to-use solution for storing login data (API keys) > > for apps? Ks Sailfish Secrets the way to go here? > > If not, any suggestions? I just don't want to save sensitive data like API > > keys in plain text. > > > > Kind regards, > > Dylan > > > > > > Sent from ProtonMail mobile > > > > > > ___ > > SailfishOS.org Devel mailing list > > To unsubscribe, please send a mail to > > devel-unsubscr...@lists.sailfishos.org ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
Re: [SailfishDevel] Secure storage for login data
I know of an open source library based in Qt that I've used on other OS, don't know if it's compatible with SailfishOS or can easily be converted You can try QtKeychain from https://github.com/frankosterfeld/qtkeychain/wiki On Wed, 12 Jun 2019 at 20:19 Dylan Van Assche via Devel < devel@lists.sailfishos.org> wrote: > Hi, > > Is there already a ready-to-use solution for storing login data (API keys) > for apps? Ks Sailfish Secrets the way to go here? > If not, any suggestions? I just don't want to save sensitive data like API > keys in plain text. > > Kind regards, > Dylan > > > Sent from ProtonMail mobile > > > ___ > SailfishOS.org Devel mailing list > To unsubscribe, please send a mail to > devel-unsubscr...@lists.sailfishos.org -- Sent from Gmail Mobile ___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
[SailfishDevel] Secure storage for login data
Hi, Is there already a ready-to-use solution for storing login data (API keys) for apps? Ks Sailfish Secrets the way to go here? If not, any suggestions? I just don't want to save sensitive data like API keys in plain text. Kind regards, Dylan Sent from ProtonMail mobile___ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org