def testUpdate(self): desc = b"dummyKey" value = b"dummyValue1" keyring = keyutils.KEY_SPEC_THREAD_KEYRING key_id = keyutils.add_key(desc, value, keyring) self.assertEqual(b"dummyValue1", keyutils.read_key(key_id)) keyutils.update_key(key_id, b"dummyValue2") self.assertEqual(b"dummyValue2", keyutils.read_key(key_id))
def testSet(self): keyDesc = "test:key:01" keyVal = "key value with\0 some weird chars in it too" keyring = keyutils.KEY_SPEC_THREAD_KEYRING # Key not initialized; should get None keyId = keyutils.request_key(keyDesc, keyring) self.failUnlessEqual(keyId, None) self.failUnlessRaises(keyutils.Error, keyutils.read_key, 12345L) try: keyutils.read_key(12345L) except keyutils.Error, e: self.failUnlessEqual(e.args, (126, "Required key not available"))
def __getitem__(self, device): key_id = self._key_id(device) self._touch(key_id) try: return keyutils.read_key(key_id) except keyutils.Error: raise KeyError("Key not cached!")
def __getitem__(self, device): key_id = self._key_id(device) self._touch(key_id) try: return keyutils.read_key(key_id).decode('utf-8') except keyutils.Error: raise KeyError("Key not cached!")
def promptPassword(self, keyDesc, prompt, promptDesc, validateCallback): try: import keyutils keyring = keyutils.KEY_SPEC_SESSION_KEYRING except ImportError: keyutils = keyring = None if keyutils: keyId = keyutils.request_key(keyDesc, keyring) if keyId is not None: passwd = keyutils.read_key(keyId) if validateCallback(passwd): return passwd # Fall through if the cached creds are invalid for x in range(3): self.write(promptDesc) passwd = self.inputPassword(prompt) if validateCallback(passwd): if keyutils: keyutils.add_key(keyDesc, passwd, keyring) return passwd if not passwd: # User wants out but getpass eats Ctrl-C break self.write("The specified credentials were not valid.\n") return None
def _read(keyId): value = None try: value = keyutils.read_key(keyId) except keyutils.Error as exc: if exc.args[0] != keyutils.EKEYEXPIRED: raise return value
def testSet(self): keyDesc = b"test:key:01" keyVal = b"key value with\0 some weird chars in it too" keyring = keyutils.KEY_SPEC_THREAD_KEYRING # Key not initialized; should get None keyId = keyutils.request_key(keyDesc, keyring) self.assertEqual(keyId, None) self.assertRaises(keyutils.Error, keyutils.read_key, 12345) try: keyutils.read_key(12345) except keyutils.Error as e: self.assertEqual(e.args, (126, 'Required key not available')) keyutils.add_key(keyDesc, keyVal, keyring) keyId = keyutils.request_key(keyDesc, keyring) data = keyutils.read_key(keyId) self.assertEqual(data, keyVal)
def getPassword(keyDesc): if not _keyutils: return None _setupSession() try: keyId = _keyutils.request_key(keyDesc, _keyring) except _keyutils.Error as err: if err.args[0] != _keyutils.EKEYREVOKED: raise # This happens if using old keyutils if the session was revoked (which # normally _setupSession would fix), or using new keyutils if the key # itself was revoked. return None if keyId is not None: return _keyutils.read_key(keyId) return None
def getKeyPassphrase(self, keyId, prompt, errorMessage=None): if errorMessage: print errorMessage keyDesc = "conary:pgp:%s" % keyId try: import keyutils # We only initialize keyring if keyutils is not None keyring = keyutils.KEY_SPEC_SESSION_KEYRING except ImportError: keyutils = None # If the passphrase was invalidated, we don't want to be stuck; so, if # the caller did set an error message, we will not try to use keyutils if keyutils and not errorMessage: keyId = keyutils.request_key(keyDesc, keyring) if keyId is not None: return keyutils.read_key(keyId) print print prompt passPhrase = getpass.getpass("Passphrase: ") if keyutils: keyutils.add_key(keyDesc, passPhrase, keyring) return passPhrase
def get_user_password_through_keyctl(self, timeout, active_directory, skip_test, keyring=None, raise_on_error=True): ''' :param timeout: :param active_directory: :param skip_test: :param keyring: :param raise_on_error: :return: ''' password = None try: if keyring is None: # if keyring doesn't exist, generate a new keyring keyring = keyutils.KEY_SPEC_SESSION_KEYRING log.debug('KEY_SPEC_SESSION_KEYRING generated\n') elif keyring is 'user': keyring == keyutils.KEY_SPEC_USER_SESSION_KEYRING log.debug('KEY_SPEC_USER_SESSION_KEYRING generated\n') if keyring == keyutils.KEY_SPEC_SESSION_KEYRING: keyctl_keyring_name = '@s' elif keyring == keyutils.KEY_SPEC_USER_SESSION_KEYRING: keyctl_keyring_name = '@us' else: sys.exit( 'update this code to add the un translated keyring type {}\n' .format(keyring)) key_id = keyutils.request_key(self.key_name, keyring) if key_id: log.debug('Key {} exists on {}. Pulling from keyring\n'.format( self.key_name, keyring)) password = keyutils.read_key(key_id) else: log.debug( 'Key {} does not exist on {}. creating new key\n'.format( self.key_name, keyring)) password = password_check(username=self.username, keyname=self.key_name, active_directory=active_directory, skip_test=skip_test) key_id = keyutils.add_key( self.key_name, password, keyring) # for keyctl(1) the 'type' is 'user' keyutils.set_timeout(key_id, timeout) # Reset it each time it's accessed except Exception as e: if raise_on_error: raise Exception( "Failed to get key from keyutils using keyring {} - exception was {}" .format(keyctl_keyring_name, e)) return password
def getPassword(keyDesc): if _keyutils: keyId = _keyutils.request_key(keyDesc, _keyring) if keyId is not None: return _keyutils.read_key(keyId) return None
def user_get(self, key=None, pid=None): """ Returns value of key from current user's keyring. """ return _keyutils.read_key(self._get_user_key_id(key))