Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: crash in
safeStorage
on Linux (#34261)
* fix: fix a crash in `safeStorage` on Linux (#33913) On Linux, `isEncryptionAvailable()` was crashing instead of returning a boolean before the 'ready' event was emitted by the app. The reason of the crash is that [`CreateKeyStorage()`](https://source.chromium.org/chromium/chromium/src/+/main:components/os_crypt/os_crypt_linux.cc;l=74;drc=35be6215ec8f09e50176f36753c68f26c63d1885;bpv=1;bpt=0) expects the config to be set but the function responsible for setting the config, [`SetConfig()`](https://source.chromium.org/chromium/chromium/src/+/main:components/os_crypt/os_crypt_linux.cc;l=237;drc=35be6215ec8f09e50176f36753c68f26c63d1885;bpv=1;bpt=0), is called only after the app is ready inside [`PostCreateMainMessageLoop()`](https://github.com/electron/electron/blob/main/shell/browser/electron_browser_main_parts.cc#L499). So this changes `IsEncryptionAvailable()` to return `false` when the app is not ready on Linux and uses that instead of the raw API in other places like `EncryptString()` and `DecryptString()`. Fixes: #32206 Signed-off-by: Darshan Sen <raisinten@gmail.com> * fix: replace BUILDFLAG(IS_LINUX) with defined(OS_LINUX) Signed-off-by: Darshan Sen <raisinten@gmail.com> * Linux: Send OSCrypt raw encryption key to the Network Service This backports 0e09738. Signed-off-by: Darshan Sen <raisinten@gmail.com> * fix: add ifdef guard around NetworkService::SetEncryptionKey() network::mojom::NetworkService::SetEncryptionKey() is only available on Windows and macOS. Signed-off-by: Darshan Sen <raisinten@gmail.com>
- Loading branch information
Showing
6 changed files
with
103 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
const { app, safeStorage } = require('electron'); | ||
const { expect } = require('chai'); | ||
|
||
(async () => { | ||
if (!app.isReady()) { | ||
// isEncryptionAvailable() returns false before the app is ready on | ||
// Linux: https://github.com/electron/electron/issues/32206 | ||
// and | ||
// Windows: https://github.com/electron/electron/issues/33640. | ||
expect(safeStorage.isEncryptionAvailable()).to.equal(process.platform === 'darwin'); | ||
if (safeStorage.isEncryptionAvailable()) { | ||
const plaintext = 'plaintext'; | ||
const ciphertext = safeStorage.encryptString(plaintext); | ||
expect(Buffer.isBuffer(ciphertext)).to.equal(true); | ||
expect(safeStorage.decryptString(ciphertext)).to.equal(plaintext); | ||
} else { | ||
expect(() => safeStorage.encryptString('plaintext')).to.throw(/safeStorage cannot be used before app is ready/); | ||
expect(() => safeStorage.decryptString(Buffer.from(''))).to.throw(/safeStorage cannot be used before app is ready/); | ||
} | ||
} | ||
await app.whenReady(); | ||
// isEncryptionAvailable() will always return false on CI due to a mocked | ||
// dbus as mentioned above. | ||
expect(safeStorage.isEncryptionAvailable()).to.equal(process.platform !== 'linux'); | ||
if (safeStorage.isEncryptionAvailable()) { | ||
const plaintext = 'plaintext'; | ||
const ciphertext = safeStorage.encryptString(plaintext); | ||
expect(Buffer.isBuffer(ciphertext)).to.equal(true); | ||
expect(safeStorage.decryptString(ciphertext)).to.equal(plaintext); | ||
} else { | ||
expect(() => safeStorage.encryptString('plaintext')).to.throw(/Encryption is not available/); | ||
expect(() => safeStorage.decryptString(Buffer.from(''))).to.throw(/Decryption is not available/); | ||
} | ||
})() | ||
.then(app.quit) | ||
.catch((err) => { | ||
console.error(err); | ||
app.exit(1); | ||
}); |