New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add Secure Keyboard Entry APIs in macOS #20678
feat: Add Secure Keyboard Entry APIs in macOS #20678
Conversation
💖 Thanks for opening this pull request! 💖 We use semantic commit messages to streamline the release process. Before your pull request can be merged, you should update your pull request title to start with a semantic prefix. Examples of commit messages with semantic prefixes:
Things that will help get your PR across the finish line:
We get a lot of pull requests on this repo, so please be patient and we will get back to you as soon as we can. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are several incorrectly phrased sentences in the documentation.
void Browser::SetSecureInputEnabled(bool enabled) { | ||
// See | ||
// https://developer.apple.com/library/content/technotes/tn2150/_index.html | ||
if (enabled) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
calling setSecureInputEnabled()
with the same value twice should have no effect IMO.
@miniak I apologize for wasting your time for my first PR. I almost rewrote. There are several changes since first pull request:
|
void Browser::SetSecureKeyboardEntryEnabled(bool enabled) { | ||
if (enabled) { | ||
password_input_enabler_ = | ||
std::make_unique<ui::ScopedPasswordInputEnabler>(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
initializer enable Secure Keyboard Entry.
https://cs.chromium.org/chromium/src/ui/base/cocoa/secure_password_input.mm
@miniak Can you take another look at this? |
docs/api/app.md
Outdated
|
||
By default this API will return `false`. | ||
|
||
On _Linux_ and _Windows_, this API will return `false`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This API should probably be only exposed on Mac.
docs/api/app.md
Outdated
|
||
**Note:** Enable only when it is needed and disable it when it is no longer needed. | ||
|
||
On _Linux_ and _Windows_, this API will do nothing. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The same here, the method documentation says it's only available on Mac.
shell/browser/browser.h
Outdated
@@ -259,6 +263,11 @@ class Browser : public WindowListObserver { | |||
|
|||
void RemoveObserver(BrowserObserver* obs) { observers_.RemoveObserver(obs); } | |||
|
|||
// Returns whether secure input is enabled | |||
bool IsSecureKeyboardEntryEnabled(); | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why the space?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The implementation is good now, however these APIs should only be exposed on Mac IMO as they do nothing on other platforms.
Thanks for your review. I'll fix this weekend. |
Add methods: - app.isSecureInputEnabled() - app.setSecureInputEnabled(enabled) These enable to prevent other process listens keyboard input events.
efe9c2c
to
30f98fd
Compare
|
Can you fix the lint error?
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it be possible to write a test for this?
In particular, I'm worried that this might interact poorly with the existing password field security, where calling setSecureKeyboardEntryEnabled(true)
, then focusing a password field, then focusing out would result in the secure keyboard entry being disabled.
@electron/wg-api reviewed on May-18-2020. |
added. 619319f
I try to reproduce it by using sample app, but I can't. |
Thanks. I was hoping that it would be possible to test that the underlying feature was working—i.e. that it was protecting input from being read by other applications—but that seems hard and this test at least exercises the code path.
Thanks, your test looks good. Looking at the underlying code in chromium it looks like there's a counter to track how many ScopedPasswordInputEnablers are present, so it should be fine. |
Congrats on merging your first pull request! 🎉🎉🎉 |
Description of Change
Add two APIs to
app
to controlSecure Keyboard Entry
.In macOS, there is a way to protect from other processes listen keyboard input event.
https://developer.apple.com/library/archive/technotes/tn2150/_index.html
To enable it, we call
EnableSecureEventInput
, which available since Mac OS X 10.3.This functions helps the apps become more security like bitwarden/desktop#298
app.setSecureKeyboardEntryEnabled(enabled)
protects your application (your process) from listening keyboard input events. You have to disable before quit application.app.isSecureKeyboardEntryEnabled()
returns true if you already calledapp.setSecureInputEnabled(true)
.To confirm your application is protected or not, below command is helpful.
ioreg -l -w 0 | grep kCGSSessionSecureInputPID
I write sample Electron app to test this PR is working. (2020-05-17 added)
https://github.com/mtgto/electron-secure-event-input-sample
I test with Swift-Keylogger whether this API protect from keylogger.
Here is my electron sample.
Password textfield is already protected by Chromium, but plain textfield is not.
I confirmed this API protect plain textfield from keylogger.
Here is the list of other open source softwares use the API.
Chromium
https://cs.chromium.org/chromium/src/ui/base/cocoa/secure_password_input.mm
iTerm2
https://github.com/gnachman/iTerm2/blob/master/sources/iTermSecureKeyboardEntryController.m
Checklist
npm test
passes(https://github.com/electron/electron/blob/master/docs/development/testing.md)npm test
failed in my environment:Release Notes
Notes: add
app.isSecureInputEnabled()
andapp.setSecureInputEnabled(enabled)
to manage Secure Keyboard Entry in macOS.