Merge branch 'release/1.1.2'

Author: overheadhunter

.github/workflows/publish-github.yml

@@ -21,4 +21,20 @@ jobs:
         run: mvn deploy -B -DskipTests -Psign,deploy-github --no-transfer-progress
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+  notify:
+    runs-on: ubuntu-latest
+    needs: [publish]
+    steps:
+      - name: Slack Notification
+        uses: rtCamp/action-slack-notify@v2
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_USERNAME: 'Cryptobot'
+          SLACK_ICON:
+          SLACK_ICON_EMOJI: ':bot:'
+          SLACK_CHANNEL: 'cryptomator-desktop'
+          SLACK_TITLE: "Published ${{ github.event.repository.name }} ${{ github.event.release.tag_name }}"
+          SLACK_MESSAGE: "Ready to <https://github.com/${{ github.repository }}/actions/workflows/publish-central.yml|deploy to Maven Central>."
+          SLACK_FOOTER:
+          MSG_MINIMAL: true

pom.xml

@@ -5,7 +5,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.cryptomator</groupId>
 	<artifactId>integrations-mac</artifactId>
-	<version>1.1.1</version>
+	<version>1.1.2</version>
 
 	<name>Cryptomator Integrations for macOS</name>
 	<description>Provides optional macOS services used by Cryptomator</description>
@@ -38,7 +38,7 @@
 		<mockito.version>4.4.0</mockito.version>
 
 		<!-- build plugin dependencies -->
-		<dependency-check.version>7.0.0</dependency-check.version>
+		<dependency-check.version>7.1.1</dependency-check.version>
 		<nexus-staging.version>1.6.8</nexus-staging.version>
 	</properties>
 
@@ -284,6 +284,7 @@
 							<cveValidForHours>24</cveValidForHours>
 							<failBuildOnCVSS>0</failBuildOnCVSS>
 							<skipTestScope>true</skipTestScope>
+							<cveStartYear>2019</cveStartYear>
 							<detail>true</detail>
 							<suppressionFile>suppression.xml</suppressionFile>
 						</configuration>

src/main/java/org/cryptomator/macos/keychain/MacKeychain.java

@@ -18,8 +18,8 @@ class MacKeychain {
 	 * Associates the specified password with the specified key in the system keychain.
 	 *
 	 * @param serviceName Service name
-	 * @param account Unique account identifier
-	 * @param password Passphrase to store
+	 * @param account     Unique account identifier
+	 * @param password    Passphrase to store
 	 * @see <a href="https://developer.apple.com/documentation/security/1398366-seckeychainaddgenericpassword">SecKeychainAddGenericPassword</a>
 	 */
 	public void storePassword(String serviceName, String account, CharSequence password) throws KeychainAccessException {
@@ -38,13 +38,18 @@ public void storePassword(String serviceName, String account, CharSequence passw
 	 * Loads the password associated with the specified key from the system keychain.
 	 *
 	 * @param serviceName Service name
-	 * @param account Unique account identifier
+	 * @param account     Unique account identifier
 	 * @return password or <code>null</code> if no such keychain entry could be loaded from the keychain.
 	 * @see <a href="https://developer.apple.com/documentation/security/1397301-seckeychainfindgenericpassword">SecKeychainFindGenericPassword</a>
 	 */
 	public char[] loadPassword(String serviceName, String account) {
 		byte[] pwBytes = Native.INSTANCE.loadPassword(serviceName.getBytes(UTF_8), account.getBytes(UTF_8));
 		if (pwBytes == null) {
+			// this if-statement is a workaround for https://github.com/cryptomator/integrations-mac/issues/13:
+			if ("Cryptomator".equals(serviceName) && tryMigratePassword(account)) {
+				// on success: retry
+				return loadPassword(serviceName, account);
+			}
 			return null;
 		} else {
 			CharBuffer pwBuf = UTF_8.decode(ByteBuffer.wrap(pwBytes));
@@ -56,14 +61,36 @@ public char[] loadPassword(String serviceName, String account) {
 		}
 	}
 
+	/**
+	 * Fix for <a href="https://github.com/cryptomator/integrations-mac/issues/13">Issue 13</a>.
+	 * Attempts to find the account with the old hard-coded service name 'Cryptomator\0'
+	 *
+	 * @param account Unique account identifier
+	 * @return <code>true</code> on success
+	 */
+	private boolean tryMigratePassword(String account) {
+		byte[] oldServiceName = {'C', 'r', 'y', 'p', 't', 'o', 'm', 'a', 't', 'o', 'r', '\0'};
+		byte[] newServiceName = {'C', 'r', 'y', 'p', 't', 'o', 'm', 'a', 't', 'o', 'r'};
+		byte[] pwBytes = Native.INSTANCE.loadPassword(oldServiceName, account.getBytes(UTF_8));
+		if (pwBytes == null) {
+			return false;
+		}
+		int errorCode = Native.INSTANCE.storePassword(newServiceName, account.getBytes(UTF_8), pwBytes);
+		Arrays.fill(pwBytes, (byte) 0x00);
+		if (errorCode != OSSTATUS_SUCCESS) {
+			return false;
+		}
+		Native.INSTANCE.deletePassword(oldServiceName, account.getBytes(UTF_8));
+		return true;
+	}
+
 	/**
 	 * Deletes the password associated with the specified key from the system keychain.
 	 *
 	 * @param serviceName Service name
-	 * @param account Unique account identifier
+	 * @param account     Unique account identifier
 	 * @return <code>true</code> if the passwords has been deleted, <code>false</code> if no entry for the given key exists.
 	 * @see <a href="https://developer.apple.com/documentation/security/1395547-secitemdelete">SecKeychainItemDelete</a>
-
 	 */
 	public boolean deletePassword(String serviceName, String account) throws KeychainAccessException {
 		int errorCode = Native.INSTANCE.deletePassword(serviceName.getBytes(UTF_8), account.getBytes(UTF_8));