def testUpdate(self):
desc = b"dummyKey"
value = b"dummyValue1"
keyring = keyutils.KEY_SPEC_THREAD_KEYRING
key_id = keyutils.add_key(desc, value, keyring)
self.assertEqual(b"dummyValue1", keyutils.read_key(key_id))
keyutils.update_key(key_id, b"dummyValue2")
self.assertEqual(b"dummyValue2", keyutils.read_key(key_id))
def testSet(self):
keyDesc = "test:key:01"
keyVal = "key value with\0 some weird chars in it too"
keyring = keyutils.KEY_SPEC_THREAD_KEYRING
# Key not initialized; should get None
keyId = keyutils.request_key(keyDesc, keyring)
self.failUnlessEqual(keyId, None)
self.failUnlessRaises(keyutils.Error, keyutils.read_key, 12345L)
try:
keyutils.read_key(12345L)
except keyutils.Error, e:
self.failUnlessEqual(e.args, (126, "Required key not available"))
def __getitem__(self, device):
key_id = self._key_id(device)
self._touch(key_id)
try:
return keyutils.read_key(key_id)
except keyutils.Error:
raise KeyError("Key not cached!")
def __getitem__(self, device):
key_id = self._key_id(device)
self._touch(key_id)
try:
return keyutils.read_key(key_id).decode('utf-8')
except keyutils.Error:
raise KeyError("Key not cached!")
def promptPassword(self, keyDesc, prompt, promptDesc, validateCallback):
try:
import keyutils
keyring = keyutils.KEY_SPEC_SESSION_KEYRING
except ImportError:
keyutils = keyring = None
if keyutils:
keyId = keyutils.request_key(keyDesc, keyring)
if keyId is not None:
passwd = keyutils.read_key(keyId)
if validateCallback(passwd):
return passwd
# Fall through if the cached creds are invalid
for x in range(3):
self.write(promptDesc)
passwd = self.inputPassword(prompt)
if validateCallback(passwd):
if keyutils:
keyutils.add_key(keyDesc, passwd, keyring)
return passwd
if not passwd:
# User wants out but getpass eats Ctrl-C
break
self.write("The specified credentials were not valid.\n")
return None
def promptPassword(self, keyDesc, prompt, promptDesc, validateCallback):
try:
import keyutils
keyring = keyutils.KEY_SPEC_SESSION_KEYRING
except ImportError:
keyutils = keyring = None
if keyutils:
keyId = keyutils.request_key(keyDesc, keyring)
if keyId is not None:
passwd = keyutils.read_key(keyId)
if validateCallback(passwd):
return passwd
# Fall through if the cached creds are invalid
for x in range(3):
self.write(promptDesc)
passwd = self.inputPassword(prompt)
if validateCallback(passwd):
if keyutils:
keyutils.add_key(keyDesc, passwd, keyring)
return passwd
if not passwd:
# User wants out but getpass eats Ctrl-C
break
self.write("The specified credentials were not valid.\n")
return None
def _read(keyId):
value = None
try:
value = keyutils.read_key(keyId)
except keyutils.Error as exc:
if exc.args[0] != keyutils.EKEYEXPIRED:
raise
return value
def testSet(self):
keyDesc = b"test:key:01"
keyVal = b"key value with\0 some weird chars in it too"
keyring = keyutils.KEY_SPEC_THREAD_KEYRING
# Key not initialized; should get None
keyId = keyutils.request_key(keyDesc, keyring)
self.assertEqual(keyId, None)
self.assertRaises(keyutils.Error, keyutils.read_key, 12345)
try:
keyutils.read_key(12345)
except keyutils.Error as e:
self.assertEqual(e.args, (126, 'Required key not available'))
keyutils.add_key(keyDesc, keyVal, keyring)
keyId = keyutils.request_key(keyDesc, keyring)
data = keyutils.read_key(keyId)
self.assertEqual(data, keyVal)
def getPassword(keyDesc):
if not _keyutils:
return None
_setupSession()
try:
keyId = _keyutils.request_key(keyDesc, _keyring)
except _keyutils.Error as err:
if err.args[0] != _keyutils.EKEYREVOKED:
raise
# This happens if using old keyutils if the session was revoked (which
# normally _setupSession would fix), or using new keyutils if the key
# itself was revoked.
return None
if keyId is not None:
return _keyutils.read_key(keyId)
return None
def getPassword(keyDesc):
if not _keyutils:
return None
_setupSession()
try:
keyId = _keyutils.request_key(keyDesc, _keyring)
except _keyutils.Error as err:
if err.args[0] != _keyutils.EKEYREVOKED:
raise
# This happens if using old keyutils if the session was revoked (which
# normally _setupSession would fix), or using new keyutils if the key
# itself was revoked.
return None
if keyId is not None:
return _keyutils.read_key(keyId)
return None
def getKeyPassphrase(self, keyId, prompt, errorMessage=None):
if errorMessage:
print errorMessage
keyDesc = "conary:pgp:%s" % keyId
try:
import keyutils
# We only initialize keyring if keyutils is not None
keyring = keyutils.KEY_SPEC_SESSION_KEYRING
except ImportError:
keyutils = None
# If the passphrase was invalidated, we don't want to be stuck; so, if
# the caller did set an error message, we will not try to use keyutils
if keyutils and not errorMessage:
keyId = keyutils.request_key(keyDesc, keyring)
if keyId is not None:
return keyutils.read_key(keyId)
print
print prompt
passPhrase = getpass.getpass("Passphrase: ")
if keyutils:
keyutils.add_key(keyDesc, passPhrase, keyring)
return passPhrase
def getKeyPassphrase(self, keyId, prompt, errorMessage=None):
if errorMessage:
print errorMessage
keyDesc = "conary:pgp:%s" % keyId
try:
import keyutils
# We only initialize keyring if keyutils is not None
keyring = keyutils.KEY_SPEC_SESSION_KEYRING
except ImportError:
keyutils = None
# If the passphrase was invalidated, we don't want to be stuck; so, if
# the caller did set an error message, we will not try to use keyutils
if keyutils and not errorMessage:
keyId = keyutils.request_key(keyDesc, keyring)
if keyId is not None:
return keyutils.read_key(keyId)
print
print prompt
passPhrase = getpass.getpass("Passphrase: ")
if keyutils:
keyutils.add_key(keyDesc, passPhrase, keyring)
return passPhrase
def get_user_password_through_keyctl(self,
timeout,
active_directory,
skip_test,
keyring=None,
raise_on_error=True):
'''
:param timeout:
:param active_directory:
:param skip_test:
:param keyring:
:param raise_on_error:
:return:
'''
password = None
try:
if keyring is None: # if keyring doesn't exist, generate a new keyring
keyring = keyutils.KEY_SPEC_SESSION_KEYRING
log.debug('KEY_SPEC_SESSION_KEYRING generated\n')
elif keyring is 'user':
keyring == keyutils.KEY_SPEC_USER_SESSION_KEYRING
log.debug('KEY_SPEC_USER_SESSION_KEYRING generated\n')
if keyring == keyutils.KEY_SPEC_SESSION_KEYRING:
keyctl_keyring_name = '@s'
elif keyring == keyutils.KEY_SPEC_USER_SESSION_KEYRING:
keyctl_keyring_name = '@us'
else:
sys.exit(
'update this code to add the un translated keyring type {}\n'
.format(keyring))
key_id = keyutils.request_key(self.key_name, keyring)
if key_id:
log.debug('Key {} exists on {}. Pulling from keyring\n'.format(
self.key_name, keyring))
password = keyutils.read_key(key_id)
else:
log.debug(
'Key {} does not exist on {}. creating new key\n'.format(
self.key_name, keyring))
password = password_check(username=self.username,
keyname=self.key_name,
active_directory=active_directory,
skip_test=skip_test)
key_id = keyutils.add_key(
self.key_name, password,
keyring) # for keyctl(1) the 'type' is 'user'
keyutils.set_timeout(key_id,
timeout) # Reset it each time it's accessed
except Exception as e:
if raise_on_error:
raise Exception(
"Failed to get key from keyutils using keyring {} - exception was {}"
.format(keyctl_keyring_name, e))
return password
def getPassword(keyDesc):
if _keyutils:
keyId = _keyutils.request_key(keyDesc, _keyring)
if keyId is not None:
return _keyutils.read_key(keyId)
return None
def user_get(self, key=None, pid=None):
""" Returns value of key from current user's keyring.
"""
return _keyutils.read_key(self._get_user_key_id(key))
def getPassword(keyDesc):
if _keyutils:
keyId = _keyutils.request_key(keyDesc, _keyring)
if keyId is not None:
return _keyutils.read_key(keyId)
return None
