def test_create_lock(self): '''create_sync() and locking/unlocking''' # create self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD), GnomeKeyring.Result.OK) (result, info) = GnomeKeyring.get_info_sync(TEST_KEYRING) self.assertEqual(result, GnomeKeyring.Result.OK) self.assertFalse(info.get_is_locked()) # try to create already existing ring self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD), GnomeKeyring.Result.KEYRING_ALREADY_EXISTS) # lock self.assertEqual(GnomeKeyring.lock_sync(TEST_KEYRING), GnomeKeyring.Result.OK) self.assertTrue( GnomeKeyring.get_info_sync(TEST_KEYRING)[1].get_is_locked()) # unlock with wrong password self.assertEqual(GnomeKeyring.unlock_sync(TEST_KEYRING, 'h4ck'), GnomeKeyring.Result.IO_ERROR) # unlock with correct password self.assertEqual(GnomeKeyring.unlock_sync(TEST_KEYRING, TEST_PWD), GnomeKeyring.Result.OK)
def test_create_lock(self): '''create_sync() and locking/unlocking''' # create self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD), GnomeKeyring.Result.OK) (result, info) = GnomeKeyring.get_info_sync(TEST_KEYRING) self.assertEqual(result, GnomeKeyring.Result.OK) self.assertFalse(info.get_is_locked()) # try to create already existing ring self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD), GnomeKeyring.Result.KEYRING_ALREADY_EXISTS) # lock self.assertEqual(GnomeKeyring.lock_sync(TEST_KEYRING), GnomeKeyring.Result.OK) self.assertTrue(GnomeKeyring.get_info_sync(TEST_KEYRING)[1].get_is_locked()) # unlock with wrong password self.assertEqual(GnomeKeyring.unlock_sync(TEST_KEYRING, 'h4ck'), GnomeKeyring.Result.IO_ERROR) # unlock with correct password self.assertEqual(GnomeKeyring.unlock_sync(TEST_KEYRING, TEST_PWD), GnomeKeyring.Result.OK)
def add_account(self, name, secret_code, image): """ Add an account to accounts table :param name: (str) account name :param secret_code: (str) ASCII Secret code :param image: image path or icon name :return: """ encrypted_secret = sha256(secret_code.encode('utf-8')).hexdigest() t = ( name, encrypted_secret, image, ) query = "INSERT INTO accounts (name, secret_code, image) VALUES (?, ?, ?)" try: GK.create_sync("TwoFactorAuth", None) attr = GK.Attribute.list_new() GK.Attribute.list_append_string(attr, 'id', encrypted_secret) GK.Attribute.list_append_string(attr, 'secret_code', secret_code) GK.item_create_sync("TwoFactorAuth", GK.ItemType.GENERIC_SECRET, repr(encrypted_secret), attr, secret_code, False) self.conn.execute(query, t) self.conn.commit() except Exception as e: logging.error("SQL: Couldn't add a new account : %s ", str(e))
def do_store(self, id, username, password): GnomeKeyring.create_sync("liferea", None) attrs = GnomeKeyring.Attribute.list_new() GnomeKeyring.Attribute.list_append_string(attrs, "id", id) GnomeKeyring.Attribute.list_append_string(attrs, "user", username) GnomeKeyring.item_create_sync( "liferea", GnomeKeyring.ItemType.GENERIC_SECRET, repr(id), attrs, "@@@".join([username, password]), True )
def do_store(self, id, username, password): GnomeKeyring.create_sync("liferea", None) attrs = GnomeKeyring.Attribute.list_new() GnomeKeyring.Attribute.list_append_string(attrs, 'id', id) GnomeKeyring.Attribute.list_append_string(attrs, 'user', username) GnomeKeyring.item_create_sync("liferea", GnomeKeyring.ItemType.GENERIC_SECRET, repr(id), attrs, '@@@'.join([username, password]), True)
def __init__(self): self.loginDetails = False if gk.is_available() is True: if "Gusic" in gk.list_keyring_names_sync()[1]: self.keyring = gk.list_item_ids_sync("Gusic")[1] self.loginDetails = self._get_first_key("Gusic") else: gk.create_sync("Gusic", "Gusic")
def store_password(self, entry, password, attributes=None, entry_type=EntryType.GENERIC): """Create new entry in keyring with specified data""" assert self.is_available() # create a new keyring if it doesn't exist if not self.KEYRING_NAME in keyring.list_keyring_names_sync()[1]: dialog = PasswordDialog(self._application) dialog.set_title(_('New keyring')) dialog.set_label( _('We need to create a new keyring to safely ' 'store your passwords. Choose the password you ' 'want to use for it.')) response = dialog.get_response() if response[0] == Gtk.ResponseType.OK \ and response[1] == response[2]: # create new keyring keyring.create_sync(self.KEYRING_NAME, response[1]) self.__update_info() else: # wrong password raise KeyringCreateError('No keyring to store password to.') # if keyring is locked, try to unlock it if self.is_locked() and not self.__unlock_keyring(): return False attribute_array = keyring.Attribute.list_new() for key in attributes: keyring.Attribute.list_append_string(attribute_array, key, attributes[key]) # store password to existing keyring keyring.item_create_sync( self.KEYRING_NAME, self.KEYRING_TYPE[entry_type], entry, attribute_array, password, True # update if exists ) return True
def test_item_create_info(self): '''item_create_sync(), item_get_info_sync(), list_item_ids_sync()''' self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD), GnomeKeyring.Result.OK) self.assertEqual( GnomeKeyring.get_info_sync(TEST_KEYRING)[0], GnomeKeyring.Result.OK) attrs = GnomeKeyring.Attribute.list_new() GnomeKeyring.Attribute.list_append_string(attrs, 'context', 'testsuite') GnomeKeyring.Attribute.list_append_uint32(attrs, 'answer', 42) (result, id) = GnomeKeyring.item_create_sync( TEST_KEYRING, GnomeKeyring.ItemType.GENERIC_SECRET, 'my_password', attrs, 'my_secret', False) self.assertEqual(result, GnomeKeyring.Result.OK) # now query for it (result, info) = GnomeKeyring.item_get_info_sync(TEST_KEYRING, id) self.assertEqual(result, GnomeKeyring.Result.OK) self.assertEqual(info.get_display_name(), 'my_password') self.assertEqual(info.get_secret(), 'my_secret') # list_item_ids_sync() (result, items) = GnomeKeyring.list_item_ids_sync(TEST_KEYRING) self.assertEqual(result, GnomeKeyring.Result.OK) self.assertEqual(items, [id])
def __init__(self): self._protocol = "network" self._key = gk.ItemType.NETWORK_PASSWORD if not gk.is_available(): raise KeyringException("The Gnome keyring is not available") logger.debug("GnomeKeyring is available") self.loaded = False self.lock = threading.RLock() if not self.loaded: (result, keyring_names) = gk.list_keyring_names_sync() if self._KEYRING_NAME not in keyring_names: logger.error("Error getting the gnome keyring. We'll try to create it: %s") logger.debug("Creating keyring " + self._KEYRING_NAME) gk.create_sync(self._KEYRING_NAME, None) self.loaded = True
def test_item_create_info(self): '''item_create_sync(), item_get_info_sync(), list_item_ids_sync()''' self.assertEqual(GnomeKeyring.create_sync(TEST_KEYRING, TEST_PWD), GnomeKeyring.Result.OK) self.assertEqual(GnomeKeyring.get_info_sync(TEST_KEYRING)[0], GnomeKeyring.Result.OK) attrs = GnomeKeyring.Attribute.list_new() GnomeKeyring.Attribute.list_append_string(attrs, 'context', 'testsuite') GnomeKeyring.Attribute.list_append_uint32(attrs, 'answer', 42) (result, id) = GnomeKeyring.item_create_sync(TEST_KEYRING, GnomeKeyring.ItemType.GENERIC_SECRET, 'my_password', attrs, 'my_secret', False) self.assertEqual(result, GnomeKeyring.Result.OK) # now query for it (result, info) = GnomeKeyring.item_get_info_sync(TEST_KEYRING, id) self.assertEqual(result, GnomeKeyring.Result.OK) self.assertEqual(info.get_display_name(), 'my_password') self.assertEqual(info.get_secret(), 'my_secret') # list_item_ids_sync() (result, items) = GnomeKeyring.list_item_ids_sync(TEST_KEYRING) self.assertEqual(result, GnomeKeyring.Result.OK) self.assertEqual(items, [id])
def __init__(self): self._protocol = "network" self._key = gk.ItemType.NETWORK_PASSWORD if not gk.is_available(): raise KeyringException("The Gnome keyring is not available") logger.debug("GnomeKeyring is available") self.loaded = False self.lock = threading.RLock() if not self.loaded: (result, keyring_names) = gk.list_keyring_names_sync() if self._KEYRING_NAME not in keyring_names: logger.error( "Error getting the gnome keyring. We'll try to create it: %s" ) logger.debug("Creating keyring " + self._KEYRING_NAME) gk.create_sync(self._KEYRING_NAME, None) self.loaded = True
def setup_gnome_keyring(): """ Provide clean login Gnome keyring (removes the previous one beforehand, if there is a one). """ try: # Delete originally stored password (response, keyring) = GnomeKeyring.get_default_keyring_sync() log.debug('get_info default: %s, %s' % (response, keyring)) if response == GnomeKeyring.Result.OK: if keyring is not None: delete_response = GnomeKeyring.delete_sync(keyring) log.debug('delete default: %s' % delete_response) assert delete_response == GnomeKeyring.Result.OK, \ "Delete failed: %s" % delete_response response, keyring = GnomeKeyring.get_info_sync('login') if response == GnomeKeyring.Result.OK: if keyring is not None: delete_response = GnomeKeyring.delete_sync('login') log.debug('delete login: %s' % delete_response) assert delete_response == GnomeKeyring.Result.OK, \ "Delete failed: %s" % delete_response elif response != GnomeKeyring.Result.NO_SUCH_KEYRING: raise IOError( 'Unexpected error when manipulating login keyring') # This is result of the underlying DBus error: # CKR_WRAPPED_KEY_INVALID, CKR_WRAPPED_KEY_LEN_RANGE, # CKR_MECHANISM_PARAM_INVALID # So, failed either # * egg_padding_pkcs7_unpad # (gnome-keyring/egg/egg-padding.c) # * gkm_aes_mechanism_unwrap # (gnome-keyring/pkcs11/gkm/gkm-aes-mechanism.c) # * gkm_dh_mechanism_derive # (gnome-keyring/pkcs11/gkm/gkm-dh-mechanism.c) # * gkm_null_mechanism_unwrap or gkm_null_mechanism_wrap # (gnome-keyring/pkcs11/gkm/gkm-null-mechanism.c) create_response = GnomeKeyring.create_sync('login', 'redhat') log.debug('create login: %s' % create_response) if create_response != GnomeKeyring.Result.OK: raise IOError( 'Create failed: %s\n%s' % (create_response, GnomeKeyring.result_to_message(create_response))) set_default_response = \ GnomeKeyring.set_default_keyring_sync('login') assert set_default_response == GnomeKeyring.Result.OK, \ "Set default failed: %s" % set_default_response unlock_response = GnomeKeyring.unlock_sync("login", 'redhat') assert unlock_response == GnomeKeyring.Result.OK, \ "Unlock failed: %s" % unlock_response except Exception as e: log.error("Exception while unlocking a keyring: %s", e.message) raise # We shouldn’t let this exception evaporate
def add_account(self, name, secret_code, image): """ Add an account to accounts table :param name: (str) account name :param secret_code: (str) ASCII Secret code :param image: image path or icon name :return: """ encrypted_secret = sha256(secret_code.encode('utf-8')).hexdigest() t = (name, encrypted_secret, image,) query = "INSERT INTO accounts (name, secret_code, image) VALUES (?, ?, ?)" try: GK.create_sync("TwoFactorAuth", None) attr = GK.Attribute.list_new() GK.Attribute.list_append_string(attr, 'id', encrypted_secret) GK.Attribute.list_append_string(attr, 'secret_code', secret_code) GK.item_create_sync("TwoFactorAuth", GK.ItemType.GENERIC_SECRET, repr(encrypted_secret), attr, secret_code, False) self.conn.execute(query, t) self.conn.commit() except Exception as e: logging.error("SQL: Couldn't add a new account : %s ", str(e))
def before_all(context): """Setup evolution stuff Being executed before all features """ # Reset GSettings schemas = [x for x in Gio.Settings.list_schemas() if 'evolution' in x.lower()] for schema in schemas: os.system("gsettings reset-recursively %s" % schema) # Skip warning dialog os.system("gsettings set org.gnome.evolution.shell skip-warning-dialog true") # Show switcher buttons as icons (to minimize tree scrolling) os.system("gsettings set org.gnome.evolution.shell buttons-style icons") # Wait for things to settle sleep(0.5) # Skip dogtail actions to print to stdout config.logDebugToStdOut = False config.typingDelay = 0.2 # Include assertion object context.assertion = dummy() # Kill initial setup os.system("killall /usr/libexec/gnome-initial-setup") # Delete existing ABRT problems if problem.list(): [x.delete() for x in problem.list()] try: from gi.repository import GnomeKeyring # Delete originally stored password (response, keyring) = GnomeKeyring.get_default_keyring_sync() if response == GnomeKeyring.Result.OK: if keyring is not None: delete_response = GnomeKeyring.delete_sync(keyring) assert delete_response == GnomeKeyring.Result.OK, "Delete failed: %s" % delete_response create_response = GnomeKeyring.create_sync("login", 'gnome') assert create_response == GnomeKeyring.Result.OK, "Create failed: %s" % create_response set_default_response = GnomeKeyring.set_default_keyring_sync('login') assert set_default_response == GnomeKeyring.Result.OK, "Set default failed: %s" % set_default_response unlock_response = GnomeKeyring.unlock_sync("login", 'gnome') assert unlock_response == GnomeKeyring.Result.OK, "Unlock failed: %s" % unlock_response except Exception as e: print("Exception while unlocking a keyring: %s" % e.message) context.app = App('evolution')
def process(args): krname = args.get('namespace') if krname is None: err('No namespace (keyring name) specified') to_write = args.get('write', {}) to_remove = args.get('remove', {}) overwrite_all = args.get('overwrite', False) password = args.get('password') try: keyring_info = verify(gk.get_info_sync(krname), 'access keyring=%s' % krname) except NoSuchKeyringError: if password is None: err('Cannot create keyring=%s without a password' % krname) # Desired keyring does not yet exist. Create it on-demand. verify(gk.create_sync(krname, password), 'create keyring=%s' % krname) # Try to get info again, now that we have created the missing keyring. keyring_info = verify(gk.get_info_sync(krname), 'access keyring=%s' % krname) if keyring_info.get_is_locked(): if password is None: err('Cannot access locked keyring=%s without a password' % krname) # Unlock the desired keyring. ok = gk.unlock_sync(krname, password) if ok is not None: # Handle pygobject3-style invocation of unlock_sync(). if ok == gk.Result.IO_ERROR: # An incorrect password causes an IO_ERROR for some reason. Emit a # clearer error message than the default result_to_message() one. err('Cannot unlock keyring=%s: Invalid password' % krname) verify(ok, 'unlock keyring=%s' % krname) result = {} # By default, emit minimal valid JSON. if len(to_write) == 0 and len(to_remove) == 0: # Given nothing to write, we emit existing secrets. result = get_secrets(krname) if len(to_write) > 0: set_secrets(krname, to_write, overwrite_all) if len(to_remove) > 0: remove_secrets(krname, to_remove) json.dump(result, sys.stdout)
def gkr_store(self, id, secret): GnomeKeyring.create_sync(KEYRING_NAME, None) attrs = GnomeKeyring.Attribute.list_new() GnomeKeyring.Attribute.list_append_string(attrs, 'id', id) GnomeKeyring.item_create_sync(KEYRING_NAME, GnomeKeyring.ItemType.GENERIC_SECRET, id, attrs, secret, True)