Exemplo n.º 1
0
def get_class_inheritance(io_object):
    classes = []
    cls = IOObjectCopyClass(io_object)
    while cls:
        # yield cls
        classes.append(cls)
        CFRelease(cls)
        cls = IOObjectCopySuperclassForClass(cls)
    return classes
Exemplo n.º 2
0
    def delete(self):
        """Removes this item from the keychain"""
        rc = Security.lib.SecKeychainItemDelete(self.keychain_item)
        if rc != 0:
            raise RuntimeError("Unable to delete %s: rc=%d" % (self, rc))

        from CoreFoundation import CFRelease
        CFRelease(self.keychain_item)

        self.keychain_item = None
        self.service_name = None
        self.account_name = None
        self.password = None
Exemplo n.º 3
0
def corefoundation_to_native(collection):
    if collection is None:  # nullptr
        return None
    native = Conversion.pythonCollectionFromPropertyList(collection)
    CFRelease(collection)
    return native
Exemplo n.º 4
0
attr     = SecKeychainAttribute(tag, 1, plabel)
attrList = SecKeychainAttributeList(1, attr)

# http://developer.apple.com/DOCUMENTATION/Security/Reference/keychainservices/Reference/reference.html#//apple_ref/c/tdef/SecItemClass

searchRef = ctypes.c_void_p()
itemRef   = ctypes.c_void_p()

try:
    Security.SecKeychainSearchCreateFromAttributes(
        None,
        kSecCertificateItemClass,
        ctypes.byref(attrList),
        ctypes.pointer(searchRef)
    )

    Security.SecKeychainSearchCopyNext(
        searchRef,
        ctypes.byref(itemRef)
    )

    if searchRef:
        CFRelease(searchRef)

    Security.SecKeychainItemDelete(itemRef)

    if itemRef:
        CFRelease(itemRef)
except RuntimeError, e:
    print >>sys.stderr, "ERROR: %s" % e
    sys.exit(1)
Exemplo n.º 5
0
def corefoundation_to_native(collection):
    native = Conversion.pythonCollectionFromPropertyList(collection)
    CFRelease(collection)
    return native
Exemplo n.º 6
0
    def set_password(
        self, service: str, username: str, password: Union[str, bytes, None]
    ):
        """
        Inserts the given key to keychain, or generates a new one if password is blank.
        Key generation is only supported for RSA & Elliptic-Curve assymetric keys, due to keychain's API limitations.
        Meaning, DSA and symmetric keys are not supported for generation - only for existing key import.

        :param service: Will be used as the kSecAttrLabel attribute.
        :param username: Will be used as the kSecAttrApplicationTag attribute.
        :param password: If blank, a key is generated, if non-blank - should be either a path to a key-file,
                         or key-data, encoded in some known format (e.g. PEM).
        :return: A reference to a python-wrapped private or public key, if is_extractable is set; else, None.
        """
        assert isinstance(
            service, str
        ), f'Expected service to be of type str, but got: {type(service)}'
        assert isinstance(
            username, str
        ), f'Expected username to be of type str, but got: {type(username)}'
        assert isinstance(password, (str, bytes, type(None))), (
            'Expected password to be one of: str, bytes, None, '
            f'but got: {type(password)}'
        )

        params = CFDictionaryCreateMutable(kCFAllocatorDefault, 0, None, None)
        private_key_params = CFDictionaryCreateMutable(
            kCFAllocatorDefault, 0, None, None
        )
        access_control = self._get_access_control()
        try:
            self._populate_private_key_params(
                private_key_params, service, username, access_control
            )
            self._populate_key_params(params, private_key_params, password)

            if password:
                error, key = SecItemAdd(params, None)
                key = key[-1] if key else key
            elif self.key_class_type == OSXKeychainKeyType.DSA:
                raise PasswordSetError(
                    'Generating asymmetric keys is only supported for RSA and Elliptic-Curve algorithms'
                )
            elif self.key_class_type == OSXKeyChainKeyClassType.Symmetric.value:
                raise PasswordSetError(
                    'Generating symmetric keys is not supported by the keychain API'
                )
            else:
                key, error = SecKeyCreateRandomKey(params, None)
                if key and self.key_class_type == OSXKeyChainKeyClassType.Public.value:
                    key = SecKeyCopyPublicKey(key)

            if error or not key:
                raise PasswordSetError(f'Failed creating private key: {error}')

            if self.is_extractable:
                return self._pythonify_key(key)
        finally:
            if access_control:
                CFRelease(access_control)
            CFRelease(private_key_params)
            CFRelease(params)