def set_password(self, service, key, value):
"""
Set secret for the key of the service
"""
raise PasswordSetError(
"Write secret to cyberark backend is disabled"
)
def set_password(self, service, username, password):
if username is None:
username = ''
set_error = PasswordSetError("Can't store password in keychain")
try:
# set up the call for security.
cmd = [
'security',
SecurityCommand('add', self.store),
'-a',
username,
'-s',
service,
'-w',
password,
'-U',
]
call = subprocess.Popen(cmd,
stderr=subprocess.PIPE,
stdout=subprocess.PIPE)
stdoutdata, stderrdata = call.communicate()
code = call.returncode
# check return code.
if code is not 0:
raise set_error
except:
raise set_error
def set_password(self, service, username, password):
"""Set password for the username of the service
"""
wallet = open_kwallet()
if wallet is None:
# the user pressed "cancel" when prompted to unlock their keyring.
raise PasswordSetError("Cancelled by user")
wallet.writePassword(username+'@'+service, password)
def set_password(self, service, username, password):
try:
subprocess.run(
['pass', 'insert', '--multiline', f'{service}/{username}'],
capture_output=True,
check=True,
input=password.encode('utf-8'))
except subprocess.CalledProcessError as e:
raise PasswordSetError(e.output)
def set_password(self, service, username, password):
"""Set password for the username of the service
"""
service = self._safe_string(service)
username = self._safe_string(username)
password = self._safe_string(password)
attrs = GnomeKeyring.Attribute.list_new()
GnomeKeyring.Attribute.list_append_string(attrs, 'username', username)
GnomeKeyring.Attribute.list_append_string(attrs, 'service', service)
GnomeKeyring.Attribute.list_append_string(attrs, 'application',
'python-keyring')
result = GnomeKeyring.item_create_sync(
self.keyring_name, GnomeKeyring.ItemType.NETWORK_PASSWORD,
"Password for '%s' on '%s'" % (username, service), attrs, password,
True)[0]
if result == GnomeKeyring.Result.CANCELLED:
# The user pressed "Cancel" when prompted to unlock their keyring.
raise PasswordSetError("Cancelled by user")
elif result != GnomeKeyring.Result.OK:
raise PasswordSetError(result.value_name)
def set_password(
self, service: str, username: str, password: Union[str, bytes, None]
):
"""
Inserts the given key to keychain, or generates a new one if password is blank.
Key generation is only supported for RSA & Elliptic-Curve assymetric keys, due to keychain's API limitations.
Meaning, DSA and symmetric keys are not supported for generation - only for existing key import.
:param service: Will be used as the kSecAttrLabel attribute.
:param username: Will be used as the kSecAttrApplicationTag attribute.
:param password: If blank, a key is generated, if non-blank - should be either a path to a key-file,
or key-data, encoded in some known format (e.g. PEM).
:return: A reference to a python-wrapped private or public key, if is_extractable is set; else, None.
"""
assert isinstance(
service, str
), f'Expected service to be of type str, but got: {type(service)}'
assert isinstance(
username, str
), f'Expected username to be of type str, but got: {type(username)}'
assert isinstance(password, (str, bytes, type(None))), (
'Expected password to be one of: str, bytes, None, '
f'but got: {type(password)}'
)
params = CFDictionaryCreateMutable(kCFAllocatorDefault, 0, None, None)
private_key_params = CFDictionaryCreateMutable(
kCFAllocatorDefault, 0, None, None
)
access_control = self._get_access_control()
try:
self._populate_private_key_params(
private_key_params, service, username, access_control
)
self._populate_key_params(params, private_key_params, password)
if password:
error, key = SecItemAdd(params, None)
key = key[-1] if key else key
elif self.key_class_type == OSXKeychainKeyType.DSA:
raise PasswordSetError(
'Generating asymmetric keys is only supported for RSA and Elliptic-Curve algorithms'
)
elif self.key_class_type == OSXKeyChainKeyClassType.Symmetric.value:
raise PasswordSetError(
'Generating symmetric keys is not supported by the keychain API'
)
else:
key, error = SecKeyCreateRandomKey(params, None)
if key and self.key_class_type == OSXKeyChainKeyClassType.Public.value:
key = SecKeyCopyPublicKey(key)
if error or not key:
raise PasswordSetError(f'Failed creating private key: {error}')
if self.is_extractable:
return self._pythonify_key(key)
finally:
if access_control:
CFRelease(access_control)
CFRelease(private_key_params)
CFRelease(params)