Class
GcrSecretExchange
Description [src]
class Gcr.SecretExchange : GObject.Object {
/* No available fields */
}
Allows exchange of secrets between two processes on the same system without exposing those secrets to things like loggers, non-pageable memory etc.
This does not protect against active attacks like MITM attacks.
Each side creates a secret exchange object, and one of the sides calls
gcr_secret_exchange_begin(). This creates a string, which should be passed
to the other side. Each side passes the strings it receives into
gcr_secret_exchange_receive().
In order to send a reply (either with or without a secret) use
gcr_secret_exchange_send(). A side must have successfully called
gcr_secret_exchange_receive() before it can use
gcr_secret_exchange_send().
The secret exchange objects can be used for multiple iterations of the conversation, or for just one request/reply. The only limitation being that the initial request cannot contain a secret.
Caveat: Information about the approximate length (rounded up to the nearest
16 bytes) may be leaked. If this is considered inacceptable, do not use
GcrSecretExchange.
Instance methods
gcr_secret_exchange_begin
Begin the secret exchange. The resulting string should be sent to the other
side of the exchange. The other side should use gcr_secret_exchange_receive()
to process the string.
gcr_secret_exchange_get_protocol
Will return NULL if no protocol was specified, and either
gcr_secret_exchange_begin() or gcr_secret_exchange_receive() have not
been called successfully.
gcr_secret_exchange_get_secret
Returns the last secret received. If no secret has yet been received this
will return NULL. The string is owned by the GcrSecretExchange object
and will be valid until the next time that gcr_secret_exchange_receive()
is called on this object, or the object is destroyed.
gcr_secret_exchange_receive
Receive a string from the other side of secret exchange. This string will
have been created by gcr_secret_exchange_begin() or
gcr_secret_exchange_send().
gcr_secret_exchange_send
Send a reply to the other side of the secret exchange, optionally sending a secret.
Signals
Signals inherited from GObject (1)
GObject::notify
The notify signal is emitted on an object when one of its properties has its value set through g_object_set_property(), g_object_set(), et al.
Class structure
struct GcrSecretExchangeClass {
gboolean (* generate_exchange_key) (
GcrSecretExchange* exchange,
const gchar* scheme,
guchar** public_key,
gsize* n_public_key
);
gboolean (* derive_transport_key) (
GcrSecretExchange* exchange,
const guchar* peer,
gsize n_peer
);
gboolean (* encrypt_transport_data) (
GcrSecretExchange* exchange,
GckAllocator allocator,
const guchar* plain_text,
gsize n_plain_text,
guchar** parameter,
gsize* n_parameter,
guchar** cipher_text,
gsize* n_cipher_text
);
gboolean (* decrypt_transport_data) (
GcrSecretExchange* exchange,
GckAllocator allocator,
const guchar* cipher_text,
gsize n_cipher_text,
const guchar* parameter,
gsize n_parameter,
guchar** plain_text,
gsize* n_plain_text
);
}
Class members
generate_exchange_key: gboolean (* generate_exchange_key) ( GcrSecretExchange* exchange, const gchar* scheme, guchar** public_key, gsize* n_public_key )- No description available.
derive_transport_key: gboolean (* derive_transport_key) ( GcrSecretExchange* exchange, const guchar* peer, gsize n_peer )- No description available.
encrypt_transport_data: gboolean (* encrypt_transport_data) ( GcrSecretExchange* exchange, GckAllocator allocator, const guchar* plain_text, gsize n_plain_text, guchar** parameter, gsize* n_parameter, guchar** cipher_text, gsize* n_cipher_text )- No description available.
decrypt_transport_data: gboolean (* decrypt_transport_data) ( GcrSecretExchange* exchange, GckAllocator allocator, const guchar* cipher_text, gsize n_cipher_text, const guchar* parameter, gsize n_parameter, guchar** plain_text, gsize* n_plain_text )- No description available.