Class
GcrSecretExchange
Description [src]
class Gcr.SecretExchange : GObject.Object {
/* No available fields */
}
Allows exchange of secrets between two processes on the same system without exposing those secrets to things like loggers, non-pageable memory etc.
This does not protect against active attacks like MITM attacks.
Each side creates a secret exchange object, and one of the sides calls
gcr_secret_exchange_begin()
. This creates a string, which should be passed
to the other side. Each side passes the strings it receives into
gcr_secret_exchange_receive()
.
In order to send a reply (either with or without a secret) use
gcr_secret_exchange_send()
. A side must have successfully called
gcr_secret_exchange_receive()
before it can use
gcr_secret_exchange_send()
.
The secret exchange objects can be used for multiple iterations of the conversation, or for just one request/reply. The only limitation being that the initial request cannot contain a secret.
Caveat: Information about the approximate length (rounded up to the nearest
16 bytes) may be leaked. If this is considered inacceptable, do not use
GcrSecretExchange
.
Constructors
gcr_secret_exchange_new
Create a new secret exchange object.
Instance methods
gcr_secret_exchange_begin
Begin the secret exchange. The resulting string should be sent to the other
side of the exchange. The other side should use gcr_secret_exchange_receive()
to process the string.
gcr_secret_exchange_get_protocol
Will return NULL
if no protocol was specified, and either
gcr_secret_exchange_begin()
or gcr_secret_exchange_receive()
have not
been called successfully.
gcr_secret_exchange_get_secret
Returns the last secret received. If no secret has yet been received this
will return NULL
. The string is owned by the GcrSecretExchange
object
and will be valid until the next time that gcr_secret_exchange_receive()
is called on this object, or the object is destroyed.
gcr_secret_exchange_receive
Receive a string from the other side of secret exchange. This string will
have been created by gcr_secret_exchange_begin()
or
gcr_secret_exchange_send()
.
gcr_secret_exchange_send
Send a reply to the other side of the secret exchange, optionally sending a secret.
Properties
Gcr.SecretExchange:protocol
The protocol being used for the exchange.
Signals
Signals inherited from GObject (1)
GObject.Object::notify
The notify signal is emitted on an object when one of its properties has its value set through g_object_set_property(), g_object_set(), et al.
Class structure
struct GcrSecretExchangeClass {
gboolean (* generate_exchange_key) (
GcrSecretExchange* exchange,
const gchar* scheme,
guchar** public_key,
gsize* n_public_key
);
gboolean (* derive_transport_key) (
GcrSecretExchange* exchange,
const guchar* peer,
gsize n_peer
);
gboolean (* encrypt_transport_data) (
GcrSecretExchange* exchange,
GckAllocator allocator,
const guchar* plain_text,
gsize n_plain_text,
guchar** parameter,
gsize* n_parameter,
guchar** cipher_text,
gsize* n_cipher_text
);
gboolean (* decrypt_transport_data) (
GcrSecretExchange* exchange,
GckAllocator allocator,
const guchar* cipher_text,
gsize n_cipher_text,
const guchar* parameter,
gsize n_parameter,
guchar** plain_text,
gsize* n_plain_text
);
}
Class members
generate_exchange_key |
|
No description available. | |
derive_transport_key |
|
No description available. | |
encrypt_transport_data |
|
No description available. | |
decrypt_transport_data |
|
No description available. |