|
| 1 | +//! Helper functions for migrating KWallet entries to Secret Service format |
| 2 | +//! matching the behavior of KWallet's own migration code. |
| 3 | +
|
| 4 | +use std::collections::HashMap; |
| 5 | + |
| 6 | +use base64::Engine; |
| 7 | + |
| 8 | +use crate::{Entry, EntryType}; |
| 9 | + |
| 10 | +/// Result of converting a KWallet entry to Secret Service format |
| 11 | +#[derive(Debug, Clone)] |
| 12 | +pub struct SecretServiceEntry { |
| 13 | + label: String, |
| 14 | + attributes: HashMap<String, String>, |
| 15 | + secret: Vec<u8>, |
| 16 | +} |
| 17 | + |
| 18 | +impl SecretServiceEntry { |
| 19 | + /// The Secret Service label (format: "folder/key") |
| 20 | + pub fn label(&self) -> &str { |
| 21 | + &self.label |
| 22 | + } |
| 23 | + |
| 24 | + /// Attributes that should be set on the Secret Service item |
| 25 | + pub fn attributes(&self) -> &HashMap<String, String> { |
| 26 | + &self.attributes |
| 27 | + } |
| 28 | + |
| 29 | + /// The secret value (as bytes) |
| 30 | + pub fn secret(&self) -> &[u8] { |
| 31 | + &self.secret |
| 32 | + } |
| 33 | +} |
| 34 | + |
| 35 | +/// Convert a KWallet entry to Secret Service format |
| 36 | +/// |
| 37 | +/// This follows KWallet's migration behavior: |
| 38 | +/// - Attributes: `user` (key), `server` (folder), `type` (password/map/base64) |
| 39 | +/// - Label: "folder/key" |
| 40 | +/// - Secret: |
| 41 | +/// - Password: UTF-8 text |
| 42 | +/// - Map: JSON object |
| 43 | +/// - Stream: Base64-encoded binary data |
| 44 | +pub fn convert_entry( |
| 45 | + folder: &str, |
| 46 | + key: &str, |
| 47 | + entry: &Entry, |
| 48 | +) -> Result<SecretServiceEntry, Box<dyn std::error::Error>> { |
| 49 | + let label = format!("{}/{}", folder, key); |
| 50 | + let mut attributes = HashMap::new(); |
| 51 | + |
| 52 | + // Standard Secret Service attributes used by KWallet |
| 53 | + attributes.insert("user".to_string(), key.to_string()); |
| 54 | + attributes.insert("server".to_string(), folder.to_string()); |
| 55 | + |
| 56 | + let (type_str, secret) = match entry.entry_type() { |
| 57 | + EntryType::Password => { |
| 58 | + let password = entry.as_password()?; |
| 59 | + ("password".to_string(), password.into_bytes()) |
| 60 | + } |
| 61 | + EntryType::Map => { |
| 62 | + let map = entry.as_map()?; |
| 63 | + // Convert map to JSON like KWallet does |
| 64 | + let json_value = serde_json::to_value(map)?; |
| 65 | + let json_bytes = serde_json::to_vec(&json_value)?; |
| 66 | + ("map".to_string(), json_bytes) |
| 67 | + } |
| 68 | + EntryType::Stream => { |
| 69 | + // KWallet stores streams as base64 |
| 70 | + let stream_data = entry.as_stream(); |
| 71 | + let base64_data = base64::engine::general_purpose::STANDARD.encode(stream_data); |
| 72 | + ("base64".to_string(), base64_data.into_bytes()) |
| 73 | + } |
| 74 | + EntryType::Unknown => { |
| 75 | + return Err("Cannot convert unknown entry type".into()); |
| 76 | + } |
| 77 | + }; |
| 78 | + |
| 79 | + attributes.insert("type".to_string(), type_str); |
| 80 | + |
| 81 | + Ok(SecretServiceEntry { |
| 82 | + label, |
| 83 | + attributes, |
| 84 | + secret, |
| 85 | + }) |
| 86 | +} |
0 commit comments