Sailfish OS
  • Info
  • User Experience
  • Cases
  • Community
  • Developers
  • Contact
  • Get Sailfish OS
Select Page
  • Info
  • User Experience
  • Cases
  • Community
  • Developers
  • Contact
  • Get Sailfish OS

Sailfish Secrets

API Documentation
  • API Documentation
  • Libsailfishapp
  • Sailfish Silica
    • Documentation
    • Icon Reference
  • Sailfish Components
    • Sailfish Accounts
    • Sailfish Bluetooth
    • Sailfish Contacts
    • Sailfish Crypto
    • Sailfish Gallery
    • Sailfish Media
    • Sailfish Pickers
    • Sailfish Secrets
    • Sailfish Share
    • Sailfish Telephony
    • Sailfish Webview
    • Amber Web Authorization
    • Amber MPRIS
  • Nemo QML Plugins
    • Configuration
    • Contacts
    • D-Bus
    • Keepalive
    • Notifications
    • Thumbnailer
  • Sailfish Middleware
    • MDM Framework
    • MDM Policy Framework
    • User Manager Daemon
  • API Documentation
  • Libsailfishapp
  • Sailfish Silica
    • Documentation
    • Icon Reference
  • Sailfish Components
    • Sailfish Accounts
    • Sailfish Bluetooth
    • Sailfish Contacts
    • Sailfish Crypto
    • Sailfish Gallery
    • Sailfish Media
    • Sailfish Pickers
    • Sailfish Secrets
    • Sailfish Share
    • Sailfish Telephony
    • Sailfish Webview
    • Amber Web Authorization
    • Amber MPRIS
  • Nemo QML Plugins
    • Configuration
    • Contacts
    • D-Bus
    • Keepalive
    • Notifications
    • Thumbnailer
  • Sailfish Middleware
    • MDM Framework
    • MDM Policy Framework
    • User Manager Daemon

Contents

  • Public Types
  • Properties
  • Public Functions
  • Reimplemented Public Functions
  • Signals
  • Detailed Description

StoreSecretRequest Class

(Sailfish::Secrets::StoreSecretRequest)

Allows a client request that the system secrets service securely store a secret More...

Header: #include <Secrets/storesecretrequest.h>
Inherits: Sailfish::Secrets::Request
  • List of all members, including inherited members

Public Types

enum SecretStorageType { CollectionSecret, StandaloneDeviceLockSecret, StandaloneCustomLockSecret }

Properties

  • accessControlMode : Sailfish::Secrets::SecretManager::AccessControlMode
  • authenticationPluginName : QString
  • customLockUnlockSemantic : Sailfish::Secrets::SecretManager::CustomLockUnlockSemantic
  • deviceLockUnlockSemantic : Sailfish::Secrets::SecretManager::DeviceLockUnlockSemantic
  • encryptionPluginName : QString
  • interactionParameters : Sailfish::Secrets::InteractionParameters
  • secret : Sailfish::Secrets::Secret
  • secretStorageType : SecretStorageType
  • userInteractionMode : Sailfish::Secrets::SecretManager::UserInteractionMode
  • 3 properties inherited from Sailfish::Secrets::Request

Public Functions

StoreSecretRequest(QObject *parent = Q_NULLPTR)
~StoreSecretRequest()
Sailfish::Secrets::SecretManager::AccessControlMode accessControlMode() const
QString authenticationPluginName() const
Sailfish::Secrets::SecretManager::CustomLockUnlockSemantic customLockUnlockSemantic() const
Sailfish::Secrets::SecretManager::DeviceLockUnlockSemantic deviceLockUnlockSemantic() const
QString encryptionPluginName() const
InteractionParameters interactionParameters() const
Sailfish::Secrets::Secret secret() const
SecretStorageType secretStorageType() const
void setAccessControlMode(Sailfish::Secrets::SecretManager::AccessControlMode mode)
void setAuthenticationPluginName(const QString &pluginName)
void setCustomLockUnlockSemantic(Sailfish::Secrets::SecretManager::CustomLockUnlockSemantic semantic)
void setDeviceLockUnlockSemantic(Sailfish::Secrets::SecretManager::DeviceLockUnlockSemantic semantic)
void setEncryptionPluginName(const QString &pluginName)
void setInteractionParameters(const InteractionParameters &params)
void setSecret(const Sailfish::Secrets::Secret &secret)
void setSecretStorageType(SecretStorageType type)
void setUserInteractionMode(Sailfish::Secrets::SecretManager::UserInteractionMode mode)
Sailfish::Secrets::SecretManager::UserInteractionMode userInteractionMode() const

Reimplemented Public Functions

virtual Sailfish::Secrets::SecretManager *manager() const
virtual Sailfish::Secrets::Result result() const
virtual void setManager(Sailfish::Secrets::SecretManager *manager)
virtual void startRequest()
virtual Sailfish::Secrets::Request::Status status() const
virtual void waitForFinished()
  • 6 public functions inherited from Sailfish::Secrets::Request

Signals

void accessControlModeChanged()
void authenticationPluginNameChanged()
void customLockUnlockSemanticChanged()
void deviceLockUnlockSemanticChanged()
void encryptionPluginNameChanged()
void interactionParametersChanged()
void secretChanged()
void secretStorageTypeChanged()
void userInteractionModeChanged()
  • 3 signals inherited from Sailfish::Secrets::Request

Detailed Description

Allows a client request that the system secrets service securely store a secret

This class allows clients to request the Secrets service to store a secret (either in a particular collection or as a standalone secret) in a particular storage plugin.

Note that the filter data defined in the secret will be encrypted prior to storage only if the secret is stored in a collection and that collection is stored by an EncryptedStoragePlugin; otherwise, only the identifier and data will be stored in encrypted form.

If the calling application is the creator of the collection specified in the secret's identifier, or alternatively if the user has granted the application permission to modify that collection and either there are no special access controls associated with the particular secret or the secret does not yet exist, then the Secrets service will instruct the storage plugin to store the secret into the collection.

If the application is not the creator of the collection and the user has not yet been asked if the application should have permission to modify the collection, or if the secret already exists and has specific access controls associated with it but the user has not yet been asked whether the application should have permission to modify the secret, then a system-mediated access control UI flow may be triggered to obtain the user's permission (unless the given userInteractionMode is PreventInteraction in which case the request will fail).

Alternatively, if the secret is a standalone secret, and a standalone secret with that identifier already exists and was created by another application, but the accessControlMode is OwnerOnlyMode, the request will fail, as applications are not able to steal ownership from other applications.

If the collection uses an encryption key derived from the system device-lock, then the value will be able to be stored without any other UI flow being required; however, if the collection uses an encryption key derived from a custom lock, then the custom lock authentication key will be obtained from the user via an authentication flow determined by the authentication plugin used for that collection (which may support ApplicationInteraction if the collection is an application-specific collection using an ApplicationSpecificAuthentication plugin, but otherwise will be a system-mediated UI flow, unless the userInteractionMode specified is PreventInteraction in which case the request will fail).

If the secret is a standalone secret protected by a custom-lock rather than the system device-lock, then an authentication flow will be required in order to retrieve a custom lock code or passphrase from the user.

An example of storing a secret into a pre-existing collection is as follows:

 // Define the secret.
 Sailfish::Secrets::Secret exampleSecret(
         Sailfish::Secrets::Secret::Identifier(
                 QLatin1String("ExampleSecret"),
                 QLatin1String("ExampleCollection"),
                 Sailfish::Secrets::SecretManager::DefaultEncryptedStoragePluginName));
 exampleSecret.setData("Some secret data");
 exampleSecret.setType(Sailfish::Secrets::Secret::TypeBlob);
 exampleSecret.setFilterData(QLatin1String("domain"),
                             QLatin1String("sailfishos.org"));
 exampleSecret.setFilterData(QLatin1String("example"),
                             QLatin1String("true"));

 // Request that the secret be securely stored.
 Sailfish::Secrets::SecretManager sm;
 Sailfish::Secrets::StoreSecretRequest ssr;
 ssr.setManager(&sm);
 ssr.setSecretStorageType(Sailfish::Secrets::StoreSecretRequest::CollectionSecret);
 ssr.setUserInteractionMode(Sailfish::Secrets::SecretManager::SystemInteraction);
 ssr.setSecret(exampleSecret);
 ssr.startRequest(); // status() will change to Finished when complete

An example of storing a standalone secret protected by the device lock is:

 // Define a standalone secret (no collection name specified in the identifier)
 Sailfish::Secrets::Secret standaloneSecret(
         Sailfish::Secrets::Secret::Identifier(
              QStringLiteral("StandaloneSecret"),
              QString(),
              Sailfish::Secrets::SecretManager::DefaultEncryptedStoragePluginName));
 standaloneSecret.setData("Example secret data");
 standaloneSecret.setType(Secret::TypeBlob);
 standaloneSecret.setFilterData(QLatin1String("domain"),
                                QLatin1String("sailfishos.org"));
 standaloneSecret.setFilterData(QLatin1String("example"),
                                QLatin1String("true"));

 // Request that the secret be stored by the default storage plugin
 Sailfish::Secrets::SecretManager sm;
 Sailfish::Secrets::StoreSecretRequest ssr;
 ssr.setManager(&sm);
 ssr.setSecretStorageType(StoreSecretRequest::StandaloneDeviceLockSecret);
 ssr.setDeviceLockUnlockSemantic(Sailfish::Secrets::SecretManager::DeviceLockKeepUnlocked);
 ssr.setAccessControlMode(Sailfish::Secrets::SecretManager::OwnerOnlyMode);
 ssr.setEncryptionPluginName(Sailfish::Secrets::SecretManager::DefaultEncryptionPluginName);
 ssr.setUserInteractionMode(Sailfish::Secrets::SecretManager::SystemInteraction);
 ssr.setSecret(standaloneSecret);
 ssr.startRequest(); // status() will change to Finished when complete

An example of storing a secret into a pre-existing collection, where the secret data is requested securely from the user by the secrets service prior to storage, follows:

 // Define the secret data request prompt parameters.
 Sailfish::Secrets::InteractionParameters uiParams;
 uiParams.setInputType(Sailfish::Secrets::InteractionParameters::AlphaNumericInput);
 uiParams.setEchoMode(Sailfish::Secrets::InteractionParameters::NormalEcho);

 // Define the secret.  Note that it contains metadata only.
 Sailfish::Secrets::Secret exampleSecret(
         Sailfish::Secrets::Secret::Identifier(
                 QLatin1String("ExampleSecret"),
                 QLatin1String("ExampleCollection"),
                 Sailfish::Secrets::SecretManager::DefaultEncryptedStoragePluginName));
 exampleSecret.setType(Sailfish::Secrets::Secret::TypeBlob);
 exampleSecret.setFilterData(QLatin1String("domain"),
                             QLatin1String("sailfishos.org"));
 exampleSecret.setFilterData(QLatin1String("example"),
                             QLatin1String("true"));

 // Request that the secret be securely stored.
 Sailfish::Secrets::SecretManager sm;
 Sailfish::Secrets::StoreSecretRequest ssr;
 ssr.setManager(&sm);
 ssr.setInteractionParameters(uiParams);
 ssr.setSecretStorageType(Sailfish::Secrets::StoreSecretRequest::CollectionSecret);
 ssr.setUserInteractionMode(Sailfish::Secrets::SecretManager::SystemInteraction);
 ssr.setSecret(exampleSecret);
 ssr.startRequest(); // status() will change to Finished when complete

Member Type Documentation

enum StoreSecretRequest::SecretStorageType

Property Documentation

accessControlMode : Sailfish::Secrets::SecretManager::AccessControlMode

Access functions:

Sailfish::Secrets::SecretManager::AccessControlMode accessControlMode() const
void setAccessControlMode(Sailfish::Secrets::SecretManager::AccessControlMode mode)

Notifier signal:

void accessControlModeChanged()

authenticationPluginName : QString

Access functions:

QString authenticationPluginName() const
void setAuthenticationPluginName(const QString &pluginName)

Notifier signal:

void authenticationPluginNameChanged()

customLockUnlockSemantic : Sailfish::Secrets::SecretManager::CustomLockUnlockSemantic

Access functions:

Sailfish::Secrets::SecretManager::CustomLockUnlockSemantic customLockUnlockSemantic() const
void setCustomLockUnlockSemantic(Sailfish::Secrets::SecretManager::CustomLockUnlockSemantic semantic)

Notifier signal:

void customLockUnlockSemanticChanged()

deviceLockUnlockSemantic : Sailfish::Secrets::SecretManager::DeviceLockUnlockSemantic

Access functions:

Sailfish::Secrets::SecretManager::DeviceLockUnlockSemantic deviceLockUnlockSemantic() const
void setDeviceLockUnlockSemantic(Sailfish::Secrets::SecretManager::DeviceLockUnlockSemantic semantic)

Notifier signal:

void deviceLockUnlockSemanticChanged()

encryptionPluginName : QString

Access functions:

QString encryptionPluginName() const
void setEncryptionPluginName(const QString &pluginName)

Notifier signal:

void encryptionPluginNameChanged()

interactionParameters : Sailfish::Secrets::InteractionParameters

Access functions:

InteractionParameters interactionParameters() const
void setInteractionParameters(const InteractionParameters &params)

Notifier signal:

void interactionParametersChanged()

secret : Sailfish::Secrets::Secret

Access functions:

Sailfish::Secrets::Secret secret() const
void setSecret(const Sailfish::Secrets::Secret &secret)

Notifier signal:

void secretChanged()

secretStorageType : SecretStorageType

Access functions:

SecretStorageType secretStorageType() const
void setSecretStorageType(SecretStorageType type)

Notifier signal:

void secretStorageTypeChanged()

userInteractionMode : Sailfish::Secrets::SecretManager::UserInteractionMode

Access functions:

Sailfish::Secrets::SecretManager::UserInteractionMode userInteractionMode() const
void setUserInteractionMode(Sailfish::Secrets::SecretManager::UserInteractionMode mode)

Notifier signal:

void userInteractionModeChanged()

Member Function Documentation

StoreSecretRequest::StoreSecretRequest(QObject *parent = Q_NULLPTR)

Constructs a new StoreSecretRequest object with the given parent.

StoreSecretRequest::~StoreSecretRequest()

Destroys the StoreSecretRequest

Sailfish::Secrets::SecretManager::AccessControlMode StoreSecretRequest::accessControlMode() const

Returns the access control mode which will be enforced for the secret

Note: Getter function for property accessControlMode.

See also setAccessControlMode().

QString StoreSecretRequest::authenticationPluginName() const

Returns the name of the authentication plugin which the client wishes to use to authenticate the user (in order to unlock the secret)

Note: Getter function for property authenticationPluginName.

See also setAuthenticationPluginName().

Sailfish::Secrets::SecretManager::CustomLockUnlockSemantic StoreSecretRequest::customLockUnlockSemantic() const

Returns the unlock semantic which will apply to the secret if it is protected by a custom lock.

Note: Getter function for property customLockUnlockSemantic.

See also setCustomLockUnlockSemantic().

Sailfish::Secrets::SecretManager::DeviceLockUnlockSemantic StoreSecretRequest::deviceLockUnlockSemantic() const

Returns the unlock semantic which will apply to the secret if it is protected by the device lock.

Note: Getter function for property deviceLockUnlockSemantic.

See also setDeviceLockUnlockSemantic().

QString StoreSecretRequest::encryptionPluginName() const

Returns the name of the encryption plugin which the client wishes to use to encrypt the standalone secret

Note: Getter function for property encryptionPluginName.

See also setEncryptionPluginName().

InteractionParameters StoreSecretRequest::interactionParameters() const

Returns the user input parameters which should be used when requesting the secret data from the user

If the user input parameters are not valid, the secret data which is contained within the secret() will be stored. If the user input parameters are valid, then the secret data which is contained within the secret() will be overwritten prior to storage with the data retrieved from the user.

Note: specifying user input parameters implies that system-mediated user interaction flows are allowed by the calling application.

Note: Getter function for property interactionParameters.

See also setInteractionParameters().

[virtual] Sailfish::Secrets::SecretManager *StoreSecretRequest::manager() const

See also setManager().

[virtual] Sailfish::Secrets::Result StoreSecretRequest::result() const

Sailfish::Secrets::Secret StoreSecretRequest::secret() const

Returns the secret which the client wishes to store securely

Note: Getter function for property secret.

See also setSecret().

SecretStorageType StoreSecretRequest::secretStorageType() const

Returns the type of storage which will apply to the stored secret

A secret whose storage type is StoreSecretRequest::CollectionSecret will be stored in the collection whose name is specified in the secret's identifier's Sailfish::Secrets::Secret::Identifier::collectionName() field. The collection will have either a custom lock or device lock depending on the semantics defined for it when it was created.

A secret whose storage type is StoreSecretRequest::StandaloneCustomLockSecret will be individually encrypted with the custom lock code, and then the encrypted version will be stored in a standalone, unencrypted collection.

A secret whose storage type is StoreSecretRequest::StandaloneDeviceLockSecret will be individually encrypted with the device lock code, and then the encrypted version will be stored in a standalone, unencrypted collection.

Note: Getter function for property secretStorageType.

See also setSecretStorageType().

void StoreSecretRequest::setAuthenticationPluginName(const QString &pluginName)

Sets the name of the authentication plugin which the client wishes to use to authenticate the user (in order to unlock the secret) to pluginName

Note: this will only apply to secrets whose secretStorageType() is StoreSecretRequest::StandaloneCustomLockSecret.

Note: Setter function for property authenticationPluginName.

See also authenticationPluginName().

void StoreSecretRequest::setEncryptionPluginName(const QString &pluginName)

Sets the name of the encryption plugin which the client wishes to use to encrypt the standalone secret to pluginName

Note: this will only apply to secrets whose secretStorageType() is StoreSecretRequest::StandaloneCustomLockSecret or StoreSecretRequest::StandaloneDeviceLockSecret.

Note: Setter function for property encryptionPluginName.

See also encryptionPluginName().

void StoreSecretRequest::setInteractionParameters(const InteractionParameters &params)

Sets the user input parameters which should be used when requesting the secret data from the user to params

If the user input parameters are not valid, the secret data which is contained within the secret() will be stored. If the user input parameters are valid, then the secret data which is contained within the secret() will be overwritten prior to storage with the data retrieved from the user.

Note: specifying user input parameters implies that system-mediated user interaction flows are allowed by the calling application.

Note: Setter function for property interactionParameters.

See also interactionParameters().

[virtual] void StoreSecretRequest::setManager(Sailfish::Secrets::SecretManager *manager)

See also manager().

void StoreSecretRequest::setSecretStorageType(SecretStorageType type)

Sets the type of storage which will apply to the stored secret to type

Note: Setter function for property secretStorageType.

See also secretStorageType().

[virtual] void StoreSecretRequest::startRequest()

[virtual] Sailfish::Secrets::Request::Status StoreSecretRequest::status() const

Sailfish::Secrets::SecretManager::UserInteractionMode StoreSecretRequest::userInteractionMode() const

Returns the user interaction mode required when storing the secret (e.g. if a custom lock code must be requested from the user)

Note: Getter function for property userInteractionMode.

See also setUserInteractionMode().

[virtual] void StoreSecretRequest::waitForFinished()

  • Legal
  • Contact Us
  • Jollyboys Ltd © 2024

  • Facebook
  • Twitter
  • Mastodon
  • YouTube
  • LinkedIn