From 58a0b5e71c355452937de319d47c36e4eb3e104e Mon Sep 17 00:00:00 2001
From: Mikkel Oscar Lyderik Larsen <mikkel.larsen@zalando.de>
Date: Tue, 13 Sep 2022 20:43:23 +0200
Subject: [PATCH 1/2] Use dh-ietf1024-sha256-aes128-cbc-pkcs7 algorithm for
 secret service

Signed-off-by: Mikkel Oscar Lyderik Larsen <mikkel.larsen@zalando.de>
---
 secret_service/secret_service.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/secret_service/secret_service.go b/secret_service/secret_service.go
index 2037e40..95681ce 100644
--- a/secret_service/secret_service.go
+++ b/secret_service/secret_service.go
@@ -63,7 +63,7 @@ func NewSecretService() (*SecretService, error) {
 func (s *SecretService) OpenSession() (dbus.BusObject, error) {
 	var disregard dbus.Variant
 	var sessionPath dbus.ObjectPath
-	err := s.object.Call(serviceInterface+".OpenSession", 0, "plain", dbus.MakeVariant("")).Store(&disregard, &sessionPath)
+	err := s.object.Call(serviceInterface+".OpenSession", 0, "dh-ietf1024-sha256-aes128-cbc-pkcs7", dbus.MakeVariant("")).Store(&disregard, &sessionPath)
 	if err != nil {
 		return nil, err
 	}

From f33cb93f44d06b011c93da78609cadc6ba8b9053 Mon Sep 17 00:00:00 2001
From: Mikkel Oscar Lyderik Larsen <mikkel.larsen@zalando.de>
Date: Tue, 13 Sep 2022 20:49:08 +0200
Subject: [PATCH 2/2] Fall back to dh

Signed-off-by: Mikkel Oscar Lyderik Larsen <mikkel.larsen@zalando.de>
---
 secret_service/secret_service.go | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/secret_service/secret_service.go b/secret_service/secret_service.go
index 95681ce..38fef31 100644
--- a/secret_service/secret_service.go
+++ b/secret_service/secret_service.go
@@ -2,6 +2,7 @@ package ss
 
 import (
 	"fmt"
+	"strings"
 
 	"errors"
 
@@ -63,9 +64,16 @@ func NewSecretService() (*SecretService, error) {
 func (s *SecretService) OpenSession() (dbus.BusObject, error) {
 	var disregard dbus.Variant
 	var sessionPath dbus.ObjectPath
-	err := s.object.Call(serviceInterface+".OpenSession", 0, "dh-ietf1024-sha256-aes128-cbc-pkcs7", dbus.MakeVariant("")).Store(&disregard, &sessionPath)
+	err := s.object.Call(serviceInterface+".OpenSession", 0, "plain", dbus.MakeVariant("")).Store(&disregard, &sessionPath)
 	if err != nil {
-		return nil, err
+		if strings.Contains(err.Error(), "Algorithm plain is not supported") {
+			err := s.object.Call(serviceInterface+".OpenSession", 0, "dh-ietf1024-sha256-aes128-cbc-pkcs7", dbus.MakeVariant("")).Store(&disregard, &sessionPath)
+			if err != nil {
+				return nil, err
+			}
+		} else {
+			return nil, err
+		}
 	}
 
 	return s.Object(serviceName, sessionPath), nil