[desktop] use electron safeStorage to store device keys

* renames PathUtils.swapFilename to replaceLastComponent * provides a new impl for SecretStorage * uses electron.safeStorage to encrypt the device key that then gets stored in a file in app.getPath('userData')/safe_storage/ * from now on, per-user data is encrypted with a per-user key, even for per-machine installs. #3733 close #3676
tutao · Mar 22, 2022 · 6aa6787 · 6aa6787
1 parent 93373f0
commit 6aa6787
Show file tree

Hide file tree

Showing 5 changed files with 5 additions and 4 deletions.
diff --git a/src/desktop/DesktopMain.ts b/src/desktop/DesktopMain.ts
@@ -21,8 +21,9 @@ import {DesktopTray} from "./tray/DesktopTray"
 import {log} from "./DesktopLog"
 import {UpdaterWrapperImpl} from "./UpdaterWrapper"
 import {ElectronNotificationFactory} from "./NotificatonFactory"
-import {KeytarSecretStorage} from "./sse/SecretStorage"
+import {SafeStorageSecretStorage} from "./sse/SecretStorage"
 import fs from "fs"
+import path from "path"
 import {DesktopIntegrator, getDesktopIntegratorForPlatform} from "./integration/DesktopIntegrator"
 import net from "net"
 import child_process from "child_process"
@@ -106,7 +107,7 @@ if (opts.registerAsMailHandler && opts.unregisterAsMailHandler) {
 
 async function createComponents(): Promise<Components> {
 	lang.init(en)
-	const secretStorage = new KeytarSecretStorage()
+	const secretStorage = new SafeStorageSecretStorage(electron, fs, path)
 	const keyStoreFacade = new KeyStoreFacadeImpl(secretStorage, desktopCrypto)
 	const configMigrator = new DesktopConfigMigrator(desktopCrypto, keyStoreFacade, electron)
 	const conf = new DesktopConfig(app, configMigrator, keyStoreFacade, desktopCrypto)

diff --git a/src/desktop/DesktopUtils.js b/src/desktop/DesktopUtils.js
diff --git a/src/desktop/PathUtils.ts b/src/desktop/PathUtils.ts
@@ -122,9 +122,9 @@ export function urlIsPrefix(prefix: URL, url: URL): boolean {
 }
 
 /**
- * replace the last component in a file path with another
+ * replace the last component in a path with another
  * @param p path to a file/folder
- * @param file the file name to put in the last path component
+ * @param file the name to put in the last path component
  * @param pathModule path module to use for cross platform testing
  */
 export function swapFilename(p: string, file: string, pathModule: PathExports = path): string {

diff --git a/src/desktop/sse/SecretStorage.js b/src/desktop/sse/SecretStorage.js
diff --git a/test/client/desktop/PathUtilsTest.js b/test/client/desktop/PathUtilsTest.js