feat: add electron.safeStorage encryption API (#30020)

* feat: add SafeStorage api; first commit * chore: rename files to fit semantically * chore: add linkedBindings * chore: fix function signatures * chore: refactor eisCookieEncryptionEnabled() fuse * chore: create test file * chore: add tests and documentation * chore: add copyright and lint * chore: add additional tests * chore: fix constructor * chore: commit for pair programming * wip: commit for keeley pairing * chore: docs change and code cleanup * chore: add linux import * chore: add description to documentation * chore: fixing tests * chore: modify behaviour to not allow unencrypted strings as decyption input * fix add patch for enabling default v11 encryption on Linux * chore: remove file after each test * chore: fix patch * chore: remove chromium patch * chore: add linux specific tests * chore: fix path * chore: add checker for linuux file deletion * chore: add dcheck back * chore: remove reference to headless mode * chore: remove tests for linux * chore: edit commit message * chore: refactor safeStorage to not be a class * chore: remove static variable from header * chore: spec file remove settimeout Co-authored-by: VerteDinde <keeleymhammond@gmail.com>
2021-08-05 15:12:54 -07:00 · 2021-08-05 15:12:54 -07:00 · bc508c6113
commit bc508c6113
parent ec6cd0053e
17 changed files with 393 additions and 46 deletions
--- a/docs/api/safe-storage.md
+++ b/docs/api/safe-storage.md
@ -0,0 +1,40 @@
+# safeStorage
+
+> Allows access to simple encryption and decryption of strings for storage on the local machine.
+
+Process: [Main](../glossary.md#main-process)
+
+This module protects data stored on disk from being accessed by other applications or users with full disk access.
+
+Note that on Mac, access to the system Keychain is required and
+these calls can block the current thread to collect user input.
+The same is true for Linux, if a password management tool is available.
+
+## Methods
+
+The `safeStorage` module has the following methods:
+
+### `safeStorage.isEncryptionAvailable()`
+
+Returns `Boolean` - Whether encryption is available.
+
+On Linux, returns true if the secret key is
+available. On MacOS, returns true if Keychain is available.
+On Windows, returns true with no other preconditions.
+
+### `safeStorage.encryptString(plainText)`
+
+* `plainText` String
+
+Returns `Buffer` -  An array of bytes representing the encrypted string.
+
+This function will throw an error if encryption fails.
+
+### `safeStorage.decryptString(encrypted)`
+
+* `encrypted` Buffer
+
+Returns `String` - the decrypted string. Decrypts the encrypted buffer
+obtained  with `safeStorage.encryptString` back into a string.
+
+This function will throw an error if decryption fails.