Module: Keychain

Defined in:

lib/keychain.rb,
lib/keychain/key.rb,
lib/keychain/item.rb,
lib/keychain/error.rb,
lib/keychain/access.rb,
lib/keychain/version.rb,
lib/keychain/identity.rb,
lib/keychain/keychain.rb,
lib/keychain/certificate.rb,
lib/keychain/trusted_application.rb

Overview

The base class of all keychain related errors

The original error code is available as ‘code`

Defined Under Namespace

Modules: Protocols Classes: Access, AuthFailedError, Certificate, DuplicateItemError, Error, Identity, InteractionNotAllowedError, Item, Key, Keychain, NoSuchKeychainError, Scope, TrustedApplication, UserCancelledError

Constant Summary

VERSION =

The current version string

'0.3.2'

Class Method Summary

• .create(path, password = nil) ⇒ Keychain::Keychain

  creates a new keychain file and adds it to the keychain search path ( SecKeychainCreate ).

• .default ⇒ Keychain::Keychain

  Gets the default keychain object ( SecKeychainCopyDefault ).

• .generic_passwords ⇒ Keychain::Scope

  Returns a scope for generic passwords in all keychains.

• .internet_passwords ⇒ Keychain::Scope

  Returns a scope for internet passwords contained in all keychains.

• .open(path) ⇒ Keychain::Keychain

  Opens the keychain file at the specified path and adds it to the keychain search path ( SecKeychainOpen ).

• .user_interaction_allowed=(value) ⇒ Object

  sets whether user interaction is allowed If false then operations that would require user interaction (for example prompting the user for a password to unlock a keychain) will raise InteractionNotAllowedError.

• .user_interaction_allowed? ⇒ Boolean

  Returns whether user interaction is allowed If false then operations that would require user interaction (for example prompting the user for a password to unlock a keychain) will raise InteractionNotAllowedError.

Class Method Details

.create(path, password = nil) ⇒ Keychain::Keychain

creates a new keychain file and adds it to the keychain search path ( SecKeychainCreate )

See developer.apple.com/library/mac/documentation/security/Reference/keychainservices/Reference/reference.html#//apple_ref/c/func/SecKeychainCreate

Parameters:

• path (String) —

  The path to the keychain file to create If it is not absolute it is interpreted relative to ~/Library/Keychains

• password (optional, String) (defaults to: nil) —

  The password to use for the keychain. if not supplied, the user will be prompted for a password

Returns:

• (Keychain::Keychain) —

  a keychain object representing the newly created keychain

# File 'lib/keychain.rb', line 25

def create(path, password=nil)
  path = path.encode(Encoding::UTF_8)
  out_buffer = FFI::MemoryPointer.new(:pointer)

  if password
    password = password.encode(Encoding::UTF_8)
    status = Sec.SecKeychainCreate(path, password.bytesize, FFI::MemoryPointer.from_string(password), 0,
                                      nil, out_buffer)

  else
    status = Sec.SecKeychainCreate(path, 0, nil, 1, nil, out_buffer)
  end

  Sec.check_osstatus(status)
  Keychain.new(out_buffer.read_pointer).release_on_gc
end

.default ⇒ Keychain::Keychain

Gets the default keychain object ( SecKeychainCopyDefault )

See developer.apple.com/library/mac/documentation/security/Reference/keychainservices/Reference/reference.html#//apple_ref/c/func/SecKeychainCopyDefault

Returns:

• (Keychain::Keychain) —

  a keychain object

# File 'lib/keychain.rb', line 46

def default
  out_buffer = FFI::MemoryPointer.new(:pointer)
  status = Sec.SecKeychainCopyDefault(out_buffer);
  Sec.check_osstatus(status)

  Keychain.new(out_buffer.read_pointer).release_on_gc
end

.generic_passwords ⇒ Keychain::Scope

Returns a scope for generic passwords in all keychains

Returns:

• (Keychain::Scope) —

  a new scope object

# File 'lib/keychain.rb', line 79

def generic_passwords
  Scope.new(Sec::Classes::GENERIC)
end

.internet_passwords ⇒ Keychain::Scope

Returns a scope for internet passwords contained in all keychains

Returns:

• (Keychain::Scope) —

  a new scope object

# File 'lib/keychain.rb', line 72

def internet_passwords
  Scope.new(Sec::Classes::INTERNET)
end

.open(path) ⇒ Keychain::Keychain

Opens the keychain file at the specified path and adds it to the keychain search path ( SecKeychainOpen )

Will succeed even if the file doesn’t exists (however most operations on the keychain will then fail)

See developer.apple.com/library/mac/documentation/security/Reference/keychainservices/Reference/reference.html#//apple_ref/c/func/SecKeychainCopyDefault

Parameters:

• path (String) —

  Path to the keychain file

Returns:

• (Keychain::Keychain) —

  a keychain object

Raises:

• (ArgumentError)

# File 'lib/keychain.rb', line 61

def open(path)
  raise ArgumentError unless path
  out_buffer = FFI::MemoryPointer.new(:pointer)
  status = Sec.SecKeychainOpen(path,out_buffer);
  Sec.check_osstatus(status)
  Keychain.new(out_buffer.read_pointer).release_on_gc
end

.user_interaction_allowed=(value) ⇒ Object

sets whether user interaction is allowed If false then operations that would require user interaction (for example prompting the user for a password to unlock a keychain) will raise InteractionNotAllowedError

Parameters:

• value (Boolean)

# File 'lib/keychain.rb', line 87

def user_interaction_allowed= value
  status = Sec.SecKeychainSetUserInteractionAllowed( value ? 1 : 0)
  Sec.check_osstatus(status)
  value
end

.user_interaction_allowed? ⇒ Boolean

Returns whether user interaction is allowed If false then operations that would require user interaction (for example prompting the user for a password to unlock a keychain) will raise InteractionNotAllowedError

Returns:

• (Boolean) —

  whether interaction is allowed

# File 'lib/keychain.rb', line 97

def user_interaction_allowed?
  out_buffer = FFI::MemoryPointer.new(:uchar)
  status = Sec.SecKeychainGetUserInteractionAllowed(out_buffer)
  Sec.check_osstatus(status)
  out_buffer.read_uchar.nonzero?
end