bitwarden · MGibson1 · Apr 16, 2024 · Apr 16, 2024 · Apr 16, 2024 · Apr 16, 2024
@@ -55,3 +55,4 @@ security-framework-sys = "=2.9.1"
 [target.'cfg(target_os = "linux")'.dependencies]
 gio = "=0.19.2"
 libsecret = "=0.5.0"
+zbus = "=4.1.2"
@@ -12,6 +12,7 @@ export namespace passwords {
   export function setPassword(service: string, account: string, password: string): Promise<void>
   /** Delete the stored password from the keychain. */
   export function deletePassword(service: string, account: string): Promise<void>
+  export function osSupport(): boolean
 }
 export namespace biometrics {
   export function prompt(hwnd: Buffer, message: string): Promise<boolean>

@@ -40,6 +40,11 @@ pub mod passwords {
         super::password::delete_password(&service, &account)
             .map_err(|e| napi::Error::from_reason(e.to_string()))
     }
+
+    #[napi]
+    pub fn os_support() -> bool {
+        super::password::has_password_management()
+    }
 }
 
 #[napi]

@@ -8,6 +8,10 @@ pub fn get_password(service: &str, account: &str) -> Result<String> {
     Ok(result)
 }
 
+pub fn has_password_management() -> bool {
+    true
+}
+
 pub fn get_password_keytar(service: &str, account: &str) -> Result<String> {
     get_password(service, account)
 }

@@ -1,6 +1,6 @@
 use anyhow::{anyhow, Result};
 use libsecret::{password_clear_sync, password_lookup_sync, password_store_sync, Schema};
-use std::collections::HashMap;
+use std::{collections::HashMap, time::Duration};
 
 pub fn get_password(service: &str, account: &str) -> Result<String> {
     let res = password_lookup_sync(
@@ -15,6 +15,33 @@ pub fn get_password(service: &str, account: &str) -> Result<String> {
     }
 }
 
+#[zbus::proxy(
+    interface = "org.freedesktop.DBus",
+    default_service = "org.freedesktop.DBus",
+    default_path = "/org/freedesktop/DBus"
+)]
+trait ListNames {
+    fn list_names(&self) -> Result<Vec<String>>;
+}
+
+// Query dbus names looking for the org.freedesktop.secrets service, which indicates an active libsecret provider
+pub fn has_password_management() -> bool {
+    let conn = match zbus::blocking::Connection::session() {
+        Ok(conn) => conn,
+        Err(_) => return false,
+    };
+    let proxy = match ListNamesProxyBlocking::new(&conn) {
+        Ok(proxy) => proxy,
+        Err(_) => return false,
+    };
+    let names = match proxy.list_names() {
+        Ok(names) => names,
+        Err(_) => return false,
+    };
+
+    names.contains(&"org.freedesktop.secrets".to_string())
+}
+
 pub fn get_password_keytar(service: &str, account: &str) -> Result<String> {
     get_password(service, account)
 }

@@ -45,6 +45,10 @@ pub fn get_password<'a>(service: &str, account: &str) -> Result<String> {
     Ok(String::from(password))
 }
 
+pub fn has_password_management() -> bool {
+    true
+}
+
 // Remove this after sufficient releases
 pub fn get_password_keytar<'a>(service: &str, account: &str) -> Result<String> {
     let target_name = U16CString::from_str(target_name(service, account))?;

diff --git a/apps/desktop/src/app/services/services.module.ts b/apps/desktop/src/app/services/services.module.ts
@@ -37,7 +37,10 @@
   LogService as LogServiceAbstraction,
 } from "@bitwarden/common/platform/abstractions/log.service";
 import { MessagingService as MessagingServiceAbstraction } from "@bitwarden/common/platform/abstractions/messaging.service";
-import { PlatformUtilsService as PlatformUtilsServiceAbstraction } from "@bitwarden/common/platform/abstractions/platform-utils.service";
+import {
+  PlatformUtilsService,
+  PlatformUtilsService as PlatformUtilsServiceAbstraction,
+} from "@bitwarden/common/platform/abstractions/platform-utils.service";
 import { StateService as StateServiceAbstraction } from "@bitwarden/common/platform/abstractions/state.service";
 import { AbstractStorageService } from "@bitwarden/common/platform/abstractions/storage.service";
 import { SystemService as SystemServiceAbstraction } from "@bitwarden/common/platform/abstractions/system.service";
@@ -63,10 +66,7 @@
 import { DesktopSettingsService } from "../../platform/services/desktop-settings.service";
 import { ElectronCryptoService } from "../../platform/services/electron-crypto.service";
 import { ElectronLogRendererService } from "../../platform/services/electron-log.renderer.service";
-import {
-  ELECTRON_SUPPORTS_SECURE_STORAGE,
-  ElectronPlatformUtilsService,
-} from "../../platform/services/electron-platform-utils.service";
+import { ElectronPlatformUtilsService } from "../../platform/services/electron-platform-utils.service";
 import { ElectronRendererMessageSender } from "../../platform/services/electron-renderer-message.sender";
 import { ElectronRendererSecureStorageService } from "../../platform/services/electron-renderer-secure-storage.service";
 import { ElectronRendererStorageService } from "../../platform/services/electron-renderer-storage.service";
@@ -135,7 +135,10 @@
     // the TokenService having to inject the PlatformUtilsService which introduces a
     // circular dependency on Desktop only.
     provide: SUPPORTS_SECURE_STORAGE,
-    useValue: ELECTRON_SUPPORTS_SECURE_STORAGE,
+    useFactory: (platformUtilsService: PlatformUtilsService) => {
+      return platformUtilsService.supportsSecureStorage();
+    },
+    deps: [PlatformUtilsServiceAbstraction],
   }),
   safeProvider({
     provide: I18nServiceAbstraction,

diff --git a/apps/desktop/src/main.ts b/apps/desktop/src/main.ts
@@ -31,6 +31,7 @@
 import { StateEventRegistrarService } from "@bitwarden/common/platform/state/state-event-registrar.service";
 import { MemoryStorageService as MemoryStorageServiceForStateProviders } from "@bitwarden/common/platform/state/storage/memory-storage.service";
 /* eslint-enable import/no-restricted-paths */
+import { passwords } from "@bitwarden/desktop-native";
 
 import { DesktopAutofillSettingsService } from "./autofill/services/desktop-autofill-settings.service";
 import { MenuMain } from "./main/menu/menu.main";
@@ -47,7 +48,6 @@
 import { MainCryptoFunctionService } from "./platform/main/main-crypto-function.service";
 import { DesktopSettingsService } from "./platform/services/desktop-settings.service";
 import { ElectronLogMainService } from "./platform/services/electron-log.main.service";
-import { ELECTRON_SUPPORTS_SECURE_STORAGE } from "./platform/services/electron-platform-utils.service";
 import { ElectronStateService } from "./platform/services/electron-state.service";
 import { ElectronStorageService } from "./platform/services/electron-storage.service";
 import { I18nMainService } from "./platform/services/i18n.main.service";
@@ -179,7 +179,7 @@
     this.tokenService = new TokenService(
       singleUserStateProvider,
       globalStateProvider,
-      ELECTRON_SUPPORTS_SECURE_STORAGE,
+      passwords.osSupport(),
       illegalSecureStorageService,
       this.keyGenerationService,
       this.encryptService,

@@ -18,6 +18,10 @@
   ) {}
 
   init() {
+    // Handle password management detection sync
+    ipcMain.on("osSupportsPasswords", (event) => {
+      event.returnValue = passwords.osSupport();
+    });
     ipcMain.handle("keytar", async (event: any, message: any) => {
       try {
         let serviceName = this.serviceName;

@@ -34,6 +34,7 @@
     ipcRenderer.invoke("keytar", { action: "setPassword", key, keySuffix, value }),
   delete: (key: string, keySuffix: string): Promise<void> =>
     ipcRenderer.invoke("keytar", { action: "deletePassword", key, keySuffix }),
+  osSupport: (): boolean => ipcRenderer.sendSync("osSupportsPasswords"),
 };
 
 const biometric = {

@@ -8,8 +8,6 @@
 
 import { ClipboardWriteMessage } from "../types/clipboard";
 
-export const ELECTRON_SUPPORTS_SECURE_STORAGE = true;
-
 export class ElectronPlatformUtilsService implements PlatformUtilsService {
   constructor(
     protected i18nService: I18nService,
@@ -144,7 +142,7 @@
   }
 
   supportsSecureStorage(): boolean {
-    return ELECTRON_SUPPORTS_SECURE_STORAGE;
+    return ipc.platform.passwords.osSupport();
   }
 
   getAutofillKeyboardShortcut(): Promise<string> {