[libsecret/nielsdg/extract-get-secret-file-func] file-backend: Extract TPM code into separate function




commit f2eaed98882d619152014f83fbe56d3a27f9fd49
Author: Niels De Graef <nielsdegraef gmail com>
Date:   Sat May 21 20:53:36 2022 +0200

    file-backend: Extract TPM code into separate function
    
    That way, we have a function we can also call in case we want to provide
    a synchronous constructor.
    
    This also fixes some cases where the `EggTpm2Context` was not properly
    cleaned up in case of some error paths.

 libsecret/secret-file-backend.c | 153 ++++++++++++++++++++--------------------
 1 file changed, 75 insertions(+), 78 deletions(-)
---
diff --git a/libsecret/secret-file-backend.c b/libsecret/secret-file-backend.c
index 9c9dc12..04d0445 100644
--- a/libsecret/secret-file-backend.c
+++ b/libsecret/secret-file-backend.c
@@ -464,6 +464,76 @@ on_bus_get (GObject *source_object,
        g_object_unref (fd_list);
 }
 
+#ifdef WITH_TPM
+static GBytes *
+load_password_from_tpm (GFile *file, GCancellable *cancellable, GError **error)
+{
+       EggTpm2Context *context = NULL;
+       char *tpm2_file_path;
+       GFile *tpm2_file = NULL;
+       gboolean status;
+       GBytes *encrypted = NULL;
+       GBytes *decrypted = NULL;
+
+       context = egg_tpm2_initialize (&error);
+       if (!context)
+               return NULL;
+
+       path = g_file_get_path (file);
+       tpm2_file_path = g_strdup_printf ("%s.tpm2", path);
+       g_free (path);
+
+       tpm2_file = g_file_new_for_path (tpm2_file_path);
+       status = g_file_test (tpm2_file_path, G_FILE_TEST_EXISTS);
+       g_free (tpm2_file_path);
+
+       if (!status) {
+               gconstpointer contents;
+               gsize size;
+
+               encrypted = egg_tpm2_generate_master_password (context, error);
+               if (!encrypted)
+                       return NULL;
+
+               contents = g_bytes_get_data (encrypted, &size);
+               status = g_file_replace_contents (tpm2_file,
+                                                 contents,
+                                                 size,
+                                                 NULL,
+                                                 FALSE,
+                                                 G_FILE_CREATE_PRIVATE,
+                                                 NULL,
+                                                 cancellable,
+                                                 error);
+               if (!status)
+                       goto out;
+       } else {
+               char *contents;
+               gsize length;
+
+               status = g_file_load_contents (tpm2_file,
+                                              cancellable,
+                                              &contents,
+                                              &length,
+                                              NULL,
+                                              &error);
+               if (!status)
+                       goto out;
+
+               encrypted = g_bytes_new_take (contents, length);
+       }
+
+       decrypted = egg_tpm2_decrypt_master_password (context, encrypted, error);
+
+out:
+       g_clear_object (&tpm2_file);
+       g_clear_pointer (&encrypted, g_bytes_unref);
+       egg_tpm2_finalize (context);
+
+       return decrypted;
+}
+#endif /* WITH_TPM */
+
 static void
 secret_file_backend_real_init_async (GAsyncInitable *initable,
                                     int io_priority,
@@ -508,90 +578,18 @@ secret_file_backend_real_init_async (GAsyncInitable *initable,
                g_bus_get (G_BUS_TYPE_SESSION, cancellable, on_bus_get, task);
        } else {
 #ifdef WITH_TPM
-               EggTpm2Context *context;
-               GFile *tpm2_file;
-               gchar *tpm2_file_path;
-               gboolean status;
-               GBytes *encrypted;
-               GBytes *decrypted;
-
-               context = egg_tpm2_initialize (&error);
-               if (!context) {
-                       g_task_return_error (task, error);
-                       g_object_unref (task);
-                       return;
-               }
-
-               path = g_file_get_path (file);
-               tpm2_file_path = g_strdup_printf ("%s.tpm2", path);
-               g_free(path);
-               tpm2_file = g_file_new_for_path (tpm2_file_path);
-               status = g_file_test (tpm2_file_path, G_FILE_TEST_EXISTS);
-               g_free (tpm2_file_path);
-
-               if (!status) {
-                       encrypted = egg_tpm2_generate_master_password (
-                                                       context,
-                                                       &error);
-                       if (!encrypted) {
-                               g_task_return_error (task, error);
-                               g_object_unref (task);
-                               return;
-                       }
-
-                       gconstpointer contents;
-                       gsize size;
-                       contents = g_bytes_get_data (encrypted, &size);
-                       status = g_file_replace_contents (tpm2_file,
-                                                         contents,
-                                                         size,
-                                                         NULL,
-                                                         FALSE,
-                                                         G_FILE_CREATE_PRIVATE,
-                                                         NULL,
-                                                         cancellable,
-                                                         &error);
-                       if (!status) {
-                               g_task_return_error (task, error);
-                               g_object_unref (task);
-                               return;
-                       }
-
-               } else {
-                       char *contents;
-                       gsize length;
-                       status = g_file_load_contents (tpm2_file,
-                                                      cancellable,
-                                                      &contents,
-                                                      &length,
-                                                      NULL,
-                                                      &error);
-                       if (!status) {
-                               g_task_return_error (task, error);
-                               g_object_unref (task);
-                               return;
-                       }
-
-                       encrypted = g_bytes_new_take (contents, length);
-               }
+               gconstpointer data;
+               gsize size;
 
-               decrypted = egg_tpm2_decrypt_master_password (context,
-                                                             encrypted,
-                                                             &error);
-               g_bytes_unref (encrypted);
-               egg_tpm2_finalize (context);
+               decrypted = load_password_from_tpm (file, cancellable, &error);
                if (!decrypted) {
                        g_task_return_error (task, error);
                        g_object_unref (task);
                        return;
                }
 
-               gconstpointer data;
-               gsize size;
-               data = g_bytes_get_data(decrypted, &size);
-               password = secret_value_new (data,
-                                            size,
-                                            "text/plain");
+               data = g_bytes_get_data (decrypted, &size);
+               password = secret_value_new (data,size, "text/plain");
                g_bytes_unref (decrypted);
                g_async_initable_new_async (SECRET_TYPE_FILE_COLLECTION,
                                            io_priority,
@@ -602,7 +600,6 @@ secret_file_backend_real_init_async (GAsyncInitable *initable,
                                            "password", password,
                                            NULL);
 
-               g_object_unref (tpm2_file);
                g_object_unref (file);
                secret_value_unref (password);
 #else


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]