search

hwchen / keyring-rs

Cross-platform library and utility to manage passwords
Apache License 2.0
490 stars 53 forks source link

Secret service is not returning the secrets that've been put into it #216

Open Zk2u opened 3 weeks ago

Zk2u commented 3 weeks ago

Hiya, some of the checks in a CLI tool I'm working on are failing in the secret management side. We're storing a blob of 76 bytes in the keychain, but when we immediately read it back, I get 152 bytes. The fact that it's exactly 2x what we're putting in makes me think that an implicit conversion to hex is occurring somewhere, but where I'm not sure.

I also tried using the password API to see if that made a difference - it did, but the string that I got back was not the string that I put in. Something's going a bit wrong :))

Operating System: Nobara Linux 40
KDE Plasma Version: 6.1.4
KDE Frameworks Version: 6.5.0
Qt Version: 6.7.2
Kernel Version: 6.11.0-200.fsync.fc40.x86_64 (64-bit)
Graphics Platform: Wayland
Processors: 16 × 12th Gen Intel® Core™ i5-12600K
Memory: 31.1 GiB of RAM
Graphics Processor: AMD Radeon RX 7900 XTX
Manufacturer: Gigabyte Technology Co., Ltd.
Product Name: Z690I AORUS ULTRA DDR4
System Version: -CF
brotskydotcom commented 1 week ago

Hi @Zk2u, sorry for taking so long to get back to you. I'm afraid this isn't enough information for me to investigate. Can you reproduce this issue using the keyring-cli with the -v argument and attach the terminal output here? Something like this:

$ echo "----+----1----+----2----+----3----+----4----+----5----+----6----+----7----+-" | base64
LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQo=
$ keyring-cli -v set --secret LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQo=
Set secret for 'dbrotsky@keyring-cli' to decode of 'LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQo='
21795$ keyring-cli -v secret
LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQo=
Secret for 'dbrotsky@keyring-cli' encodes as LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQo=
21796$ keyring-cli -v password
----+----1----+----2----+----3----+----4----+----5----+----6----+----7----+-

Password for 'dbrotsky@keyring-cli' is '----+----1----+----2----+----3----+----4----+----5----+----6----+----7----+-
'

See if the output matches the input when you use your data.

Zk2u commented 5 days ago

Hiya no worries, let me get back to this later today.

Zk2u commented 5 days ago
Screenshot 2024-10-15 at 13 49 37

Not even saving for some reason :/

brotskydotcom commented 5 days ago

In this run, it looks like you likely built the CLI without enabling the keystore features you want. This means that you get the mock keystore as the default, and the mock keystore has no persistence. Please try again with a full build and run so I can see the keystore you are using. Something like:

$ cargo run --features=sync-secret-service --example=keyring-cli -- -v set --secret LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQ==
   Compiling memchr v2.7.4
   Compiling regex-syntax v0.8.5
   Compiling aho-corasick v1.1.3
   Compiling regex-automata v0.4.8
   Compiling log v0.4.22
   Compiling humantime v2.1.0
   Compiling keyring v3.4.0 (/home/dbrotsky/src.vendor/keyring-rs)
   Compiling rprompt v2.1.1
   Compiling regex v1.11.0
   Compiling env_filter v0.1.2
   Compiling env_logger v0.11.5
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 4.03s
     Running `target/debug/examples/keyring-cli -v set --secret LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQ==`
Set secret for 'dbrotsky@keyring-cli' to decode of 'LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQ=='
$ cargo run --features=sync-secret-service --example=keyring-cli -- -v secret
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.03s
     Running `target/debug/examples/keyring-cli -v secret`
LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQ==
Secret for 'dbrotsky@keyring-cli' encodes as LS0tLSstLS0tMS0tLS0rLS0tLTItLS0tKy0tLS0zLS0tLSstLS0tNC0tLS0rLS0tLTUtLS0tKy0tLS02LS0tLSstLS0tNy0tLS0rLQ==
$ cargo run --features=sync-secret-service --example=keyring-cli -- -v password
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.03s
     Running `target/debug/examples/keyring-cli -v password`
----+----1----+----2----+----3----+----4----+----5----+----6----+----7----+-
Password for 'dbrotsky@keyring-cli' is '----+----1----+----2----+----3----+----4----+----5----+----6----+----7----+-'