Remove private key from IPC interface

3 files changed, 27 insertions, 10 deletions

diff --git a/mullvad-daemon/src/lib.rs b/mullvad-daemon/src/lib.rs
index 066140152b..221d9632c6 100644
--- a/mullvad-daemon/src/lib.rs
+++ b/mullvad-daemon/src/lib.rs
@@ -36,7 +36,7 @@ use mullvad_rpc::{
 };
 use mullvad_types::{
     account::{AccountData, AccountToken, VoucherSubmission},
-    device::{Device, DeviceData, DeviceEvent, DeviceId, RemoveDeviceEvent},
+    device::{Device, DeviceConfig, DeviceData, DeviceEvent, DeviceId, RemoveDeviceEvent},
     endpoint::MullvadEndpoint,
     location::{Coordinates, GeoIpLocation},
     relay_constraints::{
@@ -245,7 +245,7 @@ pub enum DaemonCommand {
     /// Log out of the current account and remove the device, if they exist.
     LogoutAccount(ResponseTx<(), Error>),
     /// Return the current device configuration, if there is one.
-    GetDevice(ResponseTx<Option<DeviceData>, Error>),
+    GetDevice(ResponseTx<Option<DeviceConfig>, Error>),
     /// Return all the devices for a given account token.
     ListDevices(ResponseTx<Vec<Device>, Error>, AccountToken),
     /// Remove device from a given account.
@@ -1721,8 +1721,12 @@ where
         Ok(true)
     }
 
-    async fn on_get_device(&mut self, tx: ResponseTx<Option<DeviceData>, Error>) {
-        Self::oneshot_send(tx, Ok(self.account_manager.get()), "get_device response");
+    async fn on_get_device(&mut self, tx: ResponseTx<Option<DeviceConfig>, Error>) {
+        Self::oneshot_send(
+            tx,
+            Ok(self.account_manager.get().map(DeviceConfig::from)),
+            "get_device response",
+        );
     }
 
     async fn on_list_devices(&mut self, tx: ResponseTx<Vec<Device>, Error>, token: AccountToken) {
diff --git a/mullvad-management-interface/src/types.rs b/mullvad-management-interface/src/types.rs
index 1119b8f363..5e10853b7c 100644
--- a/mullvad-management-interface/src/types.rs
+++ b/mullvad-management-interface/src/types.rs
@@ -227,8 +227,8 @@ impl From<mullvad_types::device::RemoveDeviceEvent> for RemoveDeviceEvent {
     }
 }
 
-impl From<mullvad_types::device::DeviceData> for DeviceConfig {
-    fn from(device: mullvad_types::device::DeviceData) -> Self {
+impl From<mullvad_types::device::DeviceConfig> for DeviceConfig {
+    fn from(device: mullvad_types::device::DeviceConfig) -> Self {
         DeviceConfig {
             account_token: device.token,
             device: Some(Device::from(device.device)),
@@ -239,10 +239,7 @@ impl From<mullvad_types::device::DeviceData> for DeviceConfig {
 impl From<Vec<mullvad_types::device::Device>> for DeviceList {
     fn from(devices: Vec<mullvad_types::device::Device>) -> Self {
         DeviceList {
-            devices: devices
-                .into_iter()
-                .map(|device| Device::from(device))
-                .collect(),
+            devices: devices.into_iter().map(Device::from).collect(),
         }
     }
 }
diff --git a/mullvad-types/src/device.rs b/mullvad-types/src/device.rs
index 730c9fdce7..bb605a928c 100644
--- a/mullvad-types/src/device.rs
+++ b/mullvad-types/src/device.rs
@@ -32,6 +32,22 @@ impl From<DeviceData> for Device {
     }
 }
 
+/// [`DeviceData`] excluding the private key.
+#[derive(Debug, Clone, Deserialize, Serialize, PartialEq)]
+pub struct DeviceConfig {
+    pub token: AccountToken,
+    pub device: Device,
+}
+
+impl From<DeviceData> for DeviceConfig {
+    fn from(data: DeviceData) -> DeviceConfig {
+        DeviceConfig {
+            token: data.token,
+            device: data.device,
+        }
+    }
+}
+
 /// Emitted when logging in or out of an account, or when the device changes.
 #[derive(Clone, Debug)]
 pub struct DeviceEvent(pub Option<(AccountToken, Device)>);