libsecret: extend file backend to use TPM2 derived encryption keys
Project name:
libsecret: extend file backend to use TPM2 derived encryption keys
Mentors:
Description:
libsecret is a library that allows applications to store/retrieve user secrets (typically passwords). While it usually works as a client against a separate D-Bus service, it can also use a local file as database.
Currently, the file database uses an encryption key derived from user's login password. That is not ideal because the entire security relies on the login password and is not able to cope with alternative login methods, such as fingerprint readers. The situation could be improved if the key is protected by hardware, such as TPM2 on consumer notebooks. As TPM2 has a mechanism to securely import/export private keys in a wrapped form (i.e. encrypted), the libsecret implementation merely needs to record the wrapped key as an opaque key handle along with the encrypted database upon writing, and upon reading it can ask TPM2 to decrypt the session key from the key handle. The TPM2 Software Stack provides the necessary functions for that.
Additional note: we submitted a similar idea to a past Outreachy round, but this proposal is more scoped and feature oriented.
Requirements:
C language basics would be preferred.
Communication:
chat (#seahorse or #keyring on IRC/Matrix)
If you have any questions about the proposal itself, feel free to reach out to us through email (Daiki's address is ueno at gnu.org).