1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
|
From cf21ad50b62f7c8e4b22ef374f0a73290a99bdb8 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@src.gnome.org>
Date: Tue, 14 Jan 2020 10:09:29 +0100
Subject: [PATCH 1/2] secret-file-collection: Rename internal functions to
avoid conflicts
As encrypt() is a standard POSIX function, its declaration had
conflict with our own. Let's be more verbose about naming of the
internal crypto functions.
Fixes #35.
---
libsecret/secret-file-collection.c | 38 +++++++++++++++---------------
1 file changed, 19 insertions(+), 19 deletions(-)
diff --git a/libsecret/secret-file-collection.c b/libsecret/secret-file-collection.c
index 79863ea..8ffb542 100644
--- a/libsecret/secret-file-collection.c
+++ b/libsecret/secret-file-collection.c
@@ -68,7 +68,7 @@ enum {
};
static gboolean
-derive (SecretFileCollection *self)
+do_derive_key (SecretFileCollection *self)
{
const gchar *password;
gsize n_password;
@@ -93,9 +93,9 @@ derive (SecretFileCollection *self)
}
static gboolean
-calculate_mac (SecretFileCollection *self,
- const guint8 *value, gsize n_value,
- guint8 *buffer)
+do_calculate_mac (SecretFileCollection *self,
+ const guint8 *value, gsize n_value,
+ guint8 *buffer)
{
gcry_mac_hd_t hd;
gcry_error_t gcry;
@@ -130,9 +130,9 @@ calculate_mac (SecretFileCollection *self,
}
static gboolean
-decrypt (SecretFileCollection *self,
- guint8 *data,
- gsize n_data)
+do_decrypt (SecretFileCollection *self,
+ guint8 *data,
+ gsize n_data)
{
gcry_cipher_hd_t hd;
gcry_error_t gcry;
@@ -164,9 +164,9 @@ decrypt (SecretFileCollection *self,
}
static gboolean
-encrypt (SecretFileCollection *self,
- guint8 *data,
- gsize n_data)
+do_encrypt (SecretFileCollection *self,
+ guint8 *data,
+ gsize n_data)
{
gcry_cipher_hd_t hd;
gcry_error_t gcry;
@@ -311,7 +311,7 @@ on_load_contents (GObject *source_object,
self->modified = g_date_time_new_now_utc ();
self->usage_count = 0;
- if (!derive (self)) {
+ if (!do_derive_key (self)) {
g_task_return_new_error (task,
SECRET_ERROR,
SECRET_ERROR_PROTOCOL,
@@ -375,7 +375,7 @@ on_load_contents (GObject *source_object,
g_assert (n_data == salt_size);
self->salt = g_bytes_new (data, n_data);
- if (!derive (self)) {
+ if (!do_derive_key (self)) {
g_task_return_new_error (task,
SECRET_ERROR,
SECRET_ERROR_PROTOCOL,
@@ -442,7 +442,7 @@ hash_attributes (SecretFileCollection *self,
GVariant *variant;
value = g_hash_table_lookup (attributes, l->data);
- if (!calculate_mac (self, (guint8 *)value, strlen (value), buffer)) {
+ if (!do_calculate_mac (self, (guint8 *)value, strlen (value), buffer)) {
g_list_free (keys);
return NULL;
}
@@ -485,7 +485,7 @@ hashed_attributes_match (SecretFileCollection *self,
return FALSE;
}
- if (!calculate_mac (self, value, strlen ((char *)value), buffer)) {
+ if (!do_calculate_mac (self, value, strlen ((char *)value), buffer)) {
g_variant_unref (hashed_attribute);
return FALSE;
}
@@ -584,7 +584,7 @@ secret_file_collection_replace (SecretFileCollection *self,
g_variant_store (serialized_item, data);
g_variant_unref (serialized_item);
memset (data + n_data, n_padded - n_data, n_padded - n_data);
- if (!encrypt (self, data, n_padded)) {
+ if (!do_encrypt (self, data, n_padded)) {
egg_secure_free (data);
g_set_error (error,
SECRET_ERROR,
@@ -593,8 +593,8 @@ secret_file_collection_replace (SecretFileCollection *self,
return FALSE;
}
- if (!calculate_mac (self, data, n_padded + IV_SIZE,
- data + n_padded + IV_SIZE)) {
+ if (!do_calculate_mac (self, data, n_padded + IV_SIZE,
+ data + n_padded + IV_SIZE)) {
egg_secure_free (data);
g_set_error (error,
SECRET_ERROR,
@@ -681,7 +681,7 @@ _secret_file_item_decrypt (GVariant *encrypted,
}
n_padded -= IV_SIZE + MAC_SIZE;
- if (!calculate_mac (collection, data, n_padded + IV_SIZE, mac)) {
+ if (!do_calculate_mac (collection, data, n_padded + IV_SIZE, mac)) {
egg_secure_free (data);
g_set_error (error,
SECRET_ERROR,
@@ -699,7 +699,7 @@ _secret_file_item_decrypt (GVariant *encrypted,
return FALSE;
}
- if (!decrypt (collection, data, n_padded)) {
+ if (!do_decrypt (collection, data, n_padded)) {
egg_secure_free (data);
g_set_error (error,
SECRET_ERROR,
--
2.24.1
From e6881d4ff1260c7308be56f21a9d354d7680dfaa Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@src.gnome.org>
Date: Tue, 14 Jan 2020 10:13:16 +0100
Subject: [PATCH 2/2] build: Suppress compiler warning if compiled with
G_DISABLE_ASSERT
This is similar to 0be63575ff47f19cff3688985c7f00e92bc25541 but for
test-file-collection.c.
Fixes #36.
---
libsecret/test-file-collection.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libsecret/test-file-collection.c b/libsecret/test-file-collection.c
index e016d45..512bfb6 100644
--- a/libsecret/test-file-collection.c
+++ b/libsecret/test-file-collection.c
@@ -1,11 +1,15 @@
#include "config.h"
+#undef G_DISABLE_ASSERT
+
#include "egg/egg-testing.h"
#include "secret-file-collection.h"
#include "secret-retrievable.h"
#include "secret-schema.h"
+#include <stdlib.h>
+
typedef struct {
gchar *directory;
GMainLoop *loop;
--
2.24.1
|
