def test_create_lock(self):
        '''create_sync() and locking/unlocking'''

        # create
        self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD),
                         GnomeKeyring.Result.OK)
        (result, info) = GnomeKeyring.get_info_sync(TEST_KEYRING)
        self.assertEqual(result, GnomeKeyring.Result.OK)
        self.assertFalse(info.get_is_locked())

        # try to create already existing ring
        self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD),
                         GnomeKeyring.Result.KEYRING_ALREADY_EXISTS)

        # lock
        self.assertEqual(GnomeKeyring.lock_sync(TEST_KEYRING),
                         GnomeKeyring.Result.OK)
        self.assertTrue(
            GnomeKeyring.get_info_sync(TEST_KEYRING)[1].get_is_locked())

        # unlock with wrong password
        self.assertEqual(GnomeKeyring.unlock_sync(TEST_KEYRING, 'h4ck'),
                         GnomeKeyring.Result.IO_ERROR)

        # unlock with correct password
        self.assertEqual(GnomeKeyring.unlock_sync(TEST_KEYRING, TEST_PWD),
                         GnomeKeyring.Result.OK)
示例#2
0
    def test_create_lock(self):
        '''create_sync() and locking/unlocking'''

        # create
        self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD),
                GnomeKeyring.Result.OK)
        (result, info) = GnomeKeyring.get_info_sync(TEST_KEYRING)
        self.assertEqual(result, GnomeKeyring.Result.OK)
        self.assertFalse(info.get_is_locked())

        # try to create already existing ring
        self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD),
                GnomeKeyring.Result.KEYRING_ALREADY_EXISTS)

        # lock
        self.assertEqual(GnomeKeyring.lock_sync(TEST_KEYRING),
                GnomeKeyring.Result.OK)
        self.assertTrue(GnomeKeyring.get_info_sync(TEST_KEYRING)[1].get_is_locked())

        # unlock with wrong password
        self.assertEqual(GnomeKeyring.unlock_sync(TEST_KEYRING, 'h4ck'),
                GnomeKeyring.Result.IO_ERROR)

        # unlock with correct password
        self.assertEqual(GnomeKeyring.unlock_sync(TEST_KEYRING, TEST_PWD),
                GnomeKeyring.Result.OK)
 def add_account(self, name, secret_code, image):
     """
         Add an account to accounts table
         :param name: (str) account name
         :param secret_code: (str) ASCII Secret code
         :param image: image path or icon name
         :return:
     """
     encrypted_secret = sha256(secret_code.encode('utf-8')).hexdigest()
     t = (
         name,
         encrypted_secret,
         image,
     )
     query = "INSERT INTO accounts (name, secret_code, image) VALUES (?, ?, ?)"
     try:
         GK.create_sync("TwoFactorAuth", None)
         attr = GK.Attribute.list_new()
         GK.Attribute.list_append_string(attr, 'id', encrypted_secret)
         GK.Attribute.list_append_string(attr, 'secret_code', secret_code)
         GK.item_create_sync("TwoFactorAuth", GK.ItemType.GENERIC_SECRET,
                             repr(encrypted_secret), attr, secret_code,
                             False)
         self.conn.execute(query, t)
         self.conn.commit()
     except Exception as e:
         logging.error("SQL: Couldn't add a new account : %s ", str(e))
示例#4
0
 def do_store(self, id, username, password):
     GnomeKeyring.create_sync("liferea", None)
     attrs = GnomeKeyring.Attribute.list_new()
     GnomeKeyring.Attribute.list_append_string(attrs, "id", id)
     GnomeKeyring.Attribute.list_append_string(attrs, "user", username)
     GnomeKeyring.item_create_sync(
         "liferea", GnomeKeyring.ItemType.GENERIC_SECRET, repr(id), attrs, "@@@".join([username, password]), True
     )
示例#5
0
 def do_store(self, id, username, password):
     GnomeKeyring.create_sync("liferea", None)
     attrs = GnomeKeyring.Attribute.list_new()
     GnomeKeyring.Attribute.list_append_string(attrs, 'id', id)
     GnomeKeyring.Attribute.list_append_string(attrs, 'user', username)
     GnomeKeyring.item_create_sync("liferea",
                                   GnomeKeyring.ItemType.GENERIC_SECRET,
                                   repr(id), attrs,
                                   '@@@'.join([username, password]), True)
示例#6
0
文件: KeyRing.py 项目: subutux/gusic
    def __init__(self):
        self.loginDetails = False
        if gk.is_available() is True:
            if "Gusic" in gk.list_keyring_names_sync()[1]:
                self.keyring = gk.list_item_ids_sync("Gusic")[1]

                self.loginDetails = self._get_first_key("Gusic")

            else:
                gk.create_sync("Gusic", "Gusic")
示例#7
0
    def store_password(self,
                       entry,
                       password,
                       attributes=None,
                       entry_type=EntryType.GENERIC):
        """Create new entry in keyring with specified data"""
        assert self.is_available()

        # create a new keyring if it doesn't exist
        if not self.KEYRING_NAME in keyring.list_keyring_names_sync()[1]:
            dialog = PasswordDialog(self._application)
            dialog.set_title(_('New keyring'))
            dialog.set_label(
                _('We need to create a new keyring to safely '
                  'store your passwords. Choose the password you '
                  'want to use for it.'))

            response = dialog.get_response()

            if response[0] == Gtk.ResponseType.OK \
            and response[1] == response[2]:
                # create new keyring
                keyring.create_sync(self.KEYRING_NAME, response[1])
                self.__update_info()

            else:
                # wrong password
                raise KeyringCreateError('No keyring to store password to.')

        # if keyring is locked, try to unlock it
        if self.is_locked() and not self.__unlock_keyring():
            return False

        attribute_array = keyring.Attribute.list_new()
        for key in attributes:
            keyring.Attribute.list_append_string(attribute_array, key,
                                                 attributes[key])

        # store password to existing keyring
        keyring.item_create_sync(
            self.KEYRING_NAME,
            self.KEYRING_TYPE[entry_type],
            entry,
            attribute_array,
            password,
            True  # update if exists
        )

        return True
    def test_item_create_info(self):
        '''item_create_sync(),  item_get_info_sync(), list_item_ids_sync()'''

        self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD),
                         GnomeKeyring.Result.OK)
        self.assertEqual(
            GnomeKeyring.get_info_sync(TEST_KEYRING)[0],
            GnomeKeyring.Result.OK)

        attrs = GnomeKeyring.Attribute.list_new()
        GnomeKeyring.Attribute.list_append_string(attrs, 'context',
                                                  'testsuite')
        GnomeKeyring.Attribute.list_append_uint32(attrs, 'answer', 42)

        (result, id) = GnomeKeyring.item_create_sync(
            TEST_KEYRING, GnomeKeyring.ItemType.GENERIC_SECRET, 'my_password',
            attrs, 'my_secret', False)
        self.assertEqual(result, GnomeKeyring.Result.OK)

        # now query for it
        (result, info) = GnomeKeyring.item_get_info_sync(TEST_KEYRING, id)
        self.assertEqual(result, GnomeKeyring.Result.OK)
        self.assertEqual(info.get_display_name(), 'my_password')
        self.assertEqual(info.get_secret(), 'my_secret')

        # list_item_ids_sync()
        (result, items) = GnomeKeyring.list_item_ids_sync(TEST_KEYRING)
        self.assertEqual(result, GnomeKeyring.Result.OK)
        self.assertEqual(items, [id])
 def __init__(self):
     self._protocol = "network"
     self._key = gk.ItemType.NETWORK_PASSWORD
     if not gk.is_available():
         raise KeyringException("The Gnome keyring is not available")
     logger.debug("GnomeKeyring is available")
     self.loaded = False
     self.lock = threading.RLock()
     
     if not self.loaded:
         (result, keyring_names) = gk.list_keyring_names_sync()
         if self._KEYRING_NAME not in keyring_names:
             logger.error("Error getting the gnome keyring. We'll try to create it: %s")
             logger.debug("Creating keyring " + self._KEYRING_NAME)
             gk.create_sync(self._KEYRING_NAME, None)
         self.loaded = True
示例#10
0
    def test_item_create_info(self):
        '''item_create_sync(),  item_get_info_sync(), list_item_ids_sync()'''

        self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD),
                GnomeKeyring.Result.OK)
        self.assertEqual(GnomeKeyring.get_info_sync(TEST_KEYRING)[0], GnomeKeyring.Result.OK)

        attrs = GnomeKeyring.Attribute.list_new()
        GnomeKeyring.Attribute.list_append_string(attrs, 'context', 'testsuite')
        GnomeKeyring.Attribute.list_append_uint32(attrs, 'answer', 42)

        (result, id) = GnomeKeyring.item_create_sync(TEST_KEYRING,
                GnomeKeyring.ItemType.GENERIC_SECRET, 'my_password', attrs,
                'my_secret', False)
        self.assertEqual(result, GnomeKeyring.Result.OK)

        # now query for it
        (result, info) = GnomeKeyring.item_get_info_sync(TEST_KEYRING, id)
        self.assertEqual(result, GnomeKeyring.Result.OK)
        self.assertEqual(info.get_display_name(), 'my_password')
        self.assertEqual(info.get_secret(), 'my_secret')

        # list_item_ids_sync()
        (result, items) = GnomeKeyring.list_item_ids_sync(TEST_KEYRING)
        self.assertEqual(result, GnomeKeyring.Result.OK)
        self.assertEqual(items, [id])
示例#11
0
    def __init__(self):
        self._protocol = "network"
        self._key = gk.ItemType.NETWORK_PASSWORD
        if not gk.is_available():
            raise KeyringException("The Gnome keyring is not available")
        logger.debug("GnomeKeyring is available")
        self.loaded = False
        self.lock = threading.RLock()

        if not self.loaded:
            (result, keyring_names) = gk.list_keyring_names_sync()
            if self._KEYRING_NAME not in keyring_names:
                logger.error(
                    "Error getting the gnome keyring. We'll try to create it: %s"
                )
                logger.debug("Creating keyring " + self._KEYRING_NAME)
                gk.create_sync(self._KEYRING_NAME, None)
            self.loaded = True
示例#12
0
def setup_gnome_keyring():
    """
    Provide clean login Gnome keyring (removes the previous one
    beforehand, if there is a one).
    """
    try:
        # Delete originally stored password
        (response, keyring) = GnomeKeyring.get_default_keyring_sync()
        log.debug('get_info default: %s, %s' % (response, keyring))
        if response == GnomeKeyring.Result.OK:
            if keyring is not None:
                delete_response = GnomeKeyring.delete_sync(keyring)
                log.debug('delete default: %s' % delete_response)
                assert delete_response == GnomeKeyring.Result.OK, \
                    "Delete failed: %s" % delete_response
            response, keyring = GnomeKeyring.get_info_sync('login')
            if response == GnomeKeyring.Result.OK:
                if keyring is not None:
                    delete_response = GnomeKeyring.delete_sync('login')
                    log.debug('delete login: %s' % delete_response)
                    assert delete_response == GnomeKeyring.Result.OK, \
                        "Delete failed: %s" % delete_response
            elif response != GnomeKeyring.Result.NO_SUCH_KEYRING:
                raise IOError(
                    'Unexpected error when manipulating login keyring')

            # This is result of the underlying DBus error:
            # CKR_WRAPPED_KEY_INVALID, CKR_WRAPPED_KEY_LEN_RANGE,
            # CKR_MECHANISM_PARAM_INVALID
            # So, failed either
            # * egg_padding_pkcs7_unpad
            #   (gnome-keyring/egg/egg-padding.c)
            # * gkm_aes_mechanism_unwrap
            #   (gnome-keyring/pkcs11/gkm/gkm-aes-mechanism.c)
            # * gkm_dh_mechanism_derive
            #   (gnome-keyring/pkcs11/gkm/gkm-dh-mechanism.c)
            # * gkm_null_mechanism_unwrap or gkm_null_mechanism_wrap
            #   (gnome-keyring/pkcs11/gkm/gkm-null-mechanism.c)
            create_response = GnomeKeyring.create_sync('login', 'redhat')
            log.debug('create login: %s' % create_response)
            if create_response != GnomeKeyring.Result.OK:
                raise IOError(
                    'Create failed: %s\n%s' %
                    (create_response,
                     GnomeKeyring.result_to_message(create_response)))

            set_default_response = \
                GnomeKeyring.set_default_keyring_sync('login')
            assert set_default_response == GnomeKeyring.Result.OK, \
                "Set default failed: %s" % set_default_response
        unlock_response = GnomeKeyring.unlock_sync("login", 'redhat')
        assert unlock_response == GnomeKeyring.Result.OK, \
            "Unlock failed: %s" % unlock_response
    except Exception as e:
        log.error("Exception while unlocking a keyring: %s", e.message)
        raise  # We shouldn’t let this exception evaporate
示例#13
0
def setup_gnome_keyring():
    """
    Provide clean login Gnome keyring (removes the previous one
    beforehand, if there is a one).
    """
    try:
        # Delete originally stored password
        (response, keyring) = GnomeKeyring.get_default_keyring_sync()
        log.debug('get_info default: %s, %s' % (response, keyring))
        if response == GnomeKeyring.Result.OK:
            if keyring is not None:
                delete_response = GnomeKeyring.delete_sync(keyring)
                log.debug('delete default: %s' % delete_response)
                assert delete_response == GnomeKeyring.Result.OK, \
                    "Delete failed: %s" % delete_response
            response, keyring = GnomeKeyring.get_info_sync('login')
            if response == GnomeKeyring.Result.OK:
                if keyring is not None:
                    delete_response = GnomeKeyring.delete_sync('login')
                    log.debug('delete login: %s' % delete_response)
                    assert delete_response == GnomeKeyring.Result.OK, \
                        "Delete failed: %s" % delete_response
            elif response != GnomeKeyring.Result.NO_SUCH_KEYRING:
                raise IOError(
                    'Unexpected error when manipulating login keyring')

            # This is result of the underlying DBus error:
            # CKR_WRAPPED_KEY_INVALID, CKR_WRAPPED_KEY_LEN_RANGE,
            # CKR_MECHANISM_PARAM_INVALID
            # So, failed either
            # * egg_padding_pkcs7_unpad
            #   (gnome-keyring/egg/egg-padding.c)
            # * gkm_aes_mechanism_unwrap
            #   (gnome-keyring/pkcs11/gkm/gkm-aes-mechanism.c)
            # * gkm_dh_mechanism_derive
            #   (gnome-keyring/pkcs11/gkm/gkm-dh-mechanism.c)
            # * gkm_null_mechanism_unwrap or gkm_null_mechanism_wrap
            #   (gnome-keyring/pkcs11/gkm/gkm-null-mechanism.c)
            create_response = GnomeKeyring.create_sync('login', 'redhat')
            log.debug('create login: %s' % create_response)
            if create_response != GnomeKeyring.Result.OK:
                raise IOError(
                    'Create failed: %s\n%s' %
                    (create_response,
                     GnomeKeyring.result_to_message(create_response)))

            set_default_response = \
                GnomeKeyring.set_default_keyring_sync('login')
            assert set_default_response == GnomeKeyring.Result.OK, \
                "Set default failed: %s" % set_default_response
        unlock_response = GnomeKeyring.unlock_sync("login", 'redhat')
        assert unlock_response == GnomeKeyring.Result.OK, \
            "Unlock failed: %s" % unlock_response
    except Exception as e:
        log.error("Exception while unlocking a keyring: %s", e.message)
        raise  # We shouldn’t let this exception evaporate
示例#14
0
 def add_account(self, name, secret_code, image):
     """
         Add an account to accounts table
         :param name: (str) account name
         :param secret_code: (str) ASCII Secret code
         :param image: image path or icon name
         :return:
     """
     encrypted_secret = sha256(secret_code.encode('utf-8')).hexdigest()
     t = (name, encrypted_secret, image,)
     query = "INSERT INTO accounts (name, secret_code, image) VALUES (?, ?, ?)"
     try:
         GK.create_sync("TwoFactorAuth", None)
         attr = GK.Attribute.list_new()
         GK.Attribute.list_append_string(attr, 'id', encrypted_secret)
         GK.Attribute.list_append_string(attr, 'secret_code', secret_code)
         GK.item_create_sync("TwoFactorAuth", GK.ItemType.GENERIC_SECRET, repr(encrypted_secret), attr,
                             secret_code, False)
         self.conn.execute(query, t)
         self.conn.commit()
     except Exception as e:
         logging.error("SQL: Couldn't add a new account : %s ", str(e))
def before_all(context):
    """Setup evolution stuff
    Being executed before all features
    """

    # Reset GSettings
    schemas = [x for x in Gio.Settings.list_schemas() if 'evolution' in x.lower()]
    for schema in schemas:
        os.system("gsettings reset-recursively %s" % schema)

    # Skip warning dialog
    os.system("gsettings set org.gnome.evolution.shell skip-warning-dialog true")
    # Show switcher buttons as icons (to minimize tree scrolling)
    os.system("gsettings set org.gnome.evolution.shell buttons-style icons")

    # Wait for things to settle
    sleep(0.5)

    # Skip dogtail actions to print to stdout
    config.logDebugToStdOut = False
    config.typingDelay = 0.2

    # Include assertion object
    context.assertion = dummy()

    # Kill initial setup
    os.system("killall /usr/libexec/gnome-initial-setup")

    # Delete existing ABRT problems
    if problem.list():
        [x.delete() for x in problem.list()]

    try:
        from gi.repository import GnomeKeyring
        # Delete originally stored password
        (response, keyring) = GnomeKeyring.get_default_keyring_sync()
        if response == GnomeKeyring.Result.OK:
            if keyring is not None:
                delete_response = GnomeKeyring.delete_sync(keyring)
                assert delete_response == GnomeKeyring.Result.OK, "Delete failed: %s" % delete_response
            create_response = GnomeKeyring.create_sync("login", 'gnome')
            assert create_response == GnomeKeyring.Result.OK, "Create failed: %s" % create_response
            set_default_response = GnomeKeyring.set_default_keyring_sync('login')
            assert set_default_response == GnomeKeyring.Result.OK, "Set default failed: %s" % set_default_response
        unlock_response = GnomeKeyring.unlock_sync("login", 'gnome')
        assert unlock_response == GnomeKeyring.Result.OK, "Unlock failed: %s" % unlock_response
    except Exception as e:
        print("Exception while unlocking a keyring: %s" % e.message)

    context.app = App('evolution')
示例#16
0
def process(args):
    krname = args.get('namespace')
    if krname is None:
        err('No namespace (keyring name) specified')

    to_write = args.get('write', {})
    to_remove = args.get('remove', {})
    overwrite_all = args.get('overwrite', False)
    password = args.get('password')

    try:
        keyring_info = verify(gk.get_info_sync(krname),
                              'access keyring=%s' % krname)
    except NoSuchKeyringError:
        if password is None:
            err('Cannot create keyring=%s without a password' % krname)
        # Desired keyring does not yet exist. Create it on-demand.
        verify(gk.create_sync(krname, password), 'create keyring=%s' % krname)
        # Try to get info again, now that we have created the missing keyring.
        keyring_info = verify(gk.get_info_sync(krname),
                              'access keyring=%s' % krname)

    if keyring_info.get_is_locked():
        if password is None:
            err('Cannot access locked keyring=%s without a password' % krname)
        # Unlock the desired keyring.
        ok = gk.unlock_sync(krname, password)
        if ok is not None:
            # Handle pygobject3-style invocation of unlock_sync().
            if ok == gk.Result.IO_ERROR:
                # An incorrect password causes an IO_ERROR for some reason. Emit a
                # clearer error message than the default result_to_message() one.
                err('Cannot unlock keyring=%s: Invalid password' % krname)
            verify(ok, 'unlock keyring=%s' % krname)

    result = {}  # By default, emit minimal valid JSON.

    if len(to_write) == 0 and len(to_remove) == 0:
        # Given nothing to write, we emit existing secrets.
        result = get_secrets(krname)

    if len(to_write) > 0:
        set_secrets(krname, to_write, overwrite_all)

    if len(to_remove) > 0:
        remove_secrets(krname, to_remove)

    json.dump(result, sys.stdout)
 def gkr_store(self, id, secret):
     GnomeKeyring.create_sync(KEYRING_NAME, None)
     attrs = GnomeKeyring.Attribute.list_new()
     GnomeKeyring.Attribute.list_append_string(attrs, 'id', id)
     GnomeKeyring.item_create_sync(KEYRING_NAME, GnomeKeyring.ItemType.GENERIC_SECRET, id, attrs, secret, True)