Rekeying support for oo7::portal::Keyring

bilelmoussaoui / oo7

James Bond went on a new mission as a Secret Service provider

https://bilelmoussaoui.github.io/oo7/oo7/

MIT License

63 stars 12 forks source link

Rekeying support for oo7::portal::Keyring #47

Closed ueno closed 4 months ago

ueno commented 9 months ago

The oo7::portal::Keyring API currently doesn't provide a way to change the key. It would be nice if there is an API, something like:

pub async fn change_secret(&mut self, secret: Secret) -> Result<(), Error>;
...
let mut keyring = oo7::portal::Keyring::load_path(..., secret).await?;
keyring.change_secret(new_secret).await?;
keyring.write().await?;

This would be particularly useful for implementing a gnome-keyring compatible server backed by this file format (#46) and supporting password change through PAM.

sophie-h commented 9 months ago

The oo7::portal::Keyring API currently doesn't provide a way to change the key

You can use replace_item_index() for that already.

It would be nice if there is an API, something like

This would need some rework of how the library works right now. Currently the portal::Item does not know anything about the keyring file.

ueno commented 9 months ago

I think there is a confusion; this issue is about master password to encrypt items, not the items themselves.

sophie-h commented 9 months ago

Oh sorry, I was totally off.

warusadura commented 9 months ago

@bilelmoussaoui I'm interested in working on this issue as well :)