yakg 0.0.1

data/.gitignore

@@ -0,0 +1,11 @@
+.bundle
+.DS_Store
+vendor/bundle
+default.pem
+*.swo
+resources_dump.json
+hosts.txt
+out
+coverage
+todo
+*.gem

data/Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+gemspec
+gem "corefoundation", :git => "https://github.com/tmaher/corefoundation.git"

data/Gemfile.lock

@@ -0,0 +1,43 @@
+GIT
+  remote: https://github.com/tmaher/corefoundation.git
+  revision: 73a97c6e7d268d21d17f671c94e98185153c5e3f
+  specs:
+    corefoundation (0.1.4)
+      ffi
+
+PATH
+  remote: .
+  specs:
+    yakg (0.0.1)
+      corefoundation
+      ffi
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    diff-lcs (1.1.3)
+    excon (0.16.10)
+    ffi (1.2.0)
+    highline (1.6.15)
+    rake (10.0.2)
+    rspec (2.12.0)
+      rspec-core (~> 2.12.0)
+      rspec-expectations (~> 2.12.0)
+      rspec-mocks (~> 2.12.0)
+    rspec-core (2.12.0)
+    rspec-expectations (2.12.0)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.12.0)
+    woof_util (0.0.16)
+      excon (~> 0.16.10)
+      highline (~> 1.6.15)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  corefoundation!
+  rake
+  rspec
+  woof_util
+  yakg!

data/Rakefile

@@ -0,0 +1,7 @@
+require "bundler/setup"
+require "rspec/core/rake_task"
+require "woof_util/gem_rake_tasks"
+
+RSpec::Core::RakeTask.new "spec"
+WoofUtil::GemRakeTasks.create_tasks
+

data/VERSION

@@ -0,0 +1 @@
+0.0.1

data/lib/yakg/backend.rb

@@ -0,0 +1,220 @@
+# https://developer.apple.com/library/mac/#documentation/security/Reference/keychainservices/Reference/reference.html
+require "ffi"
+require "corefoundation"
+
+class Yakg
+  module Backend
+
+    def self.framework name
+      "/System/Library/Frameworks/#{name}.framework/#{name}"
+    end
+
+    class KeychainError < Exception
+    end
+
+    extend FFI::Library
+    NULL = FFI::Pointer::NULL
+    ffi_lib(FFI::Library::LIBC,
+            framework(:CoreFoundation),
+            framework(:Security))
+
+    attach_function :malloc, [:size_t], :pointer
+    attach_function :free, [:pointer], :void
+    attach_function :CFRelease, [:pointer], :void
+
+    attach_function(:SecKeychainItemFreeContent,
+                    [:pointer, :pointer], :uint32)
+
+    attach_function(:SecKeychainFindGenericPassword,
+                    [:pointer, :uint32, :string, :uint32, :string,
+                     :pointer, :pointer, :pointer],
+                    :uint32)
+
+    attach_function(:SecKeychainAddGenericPassword,
+                    [:pointer, :uint32, :string, :uint32, :string,
+                     :uint32, :pointer, :pointer],
+                    :uint32)
+
+    attach_function(:SecKeychainItemDelete, [:pointer], :uint32)
+    attach_function(:SecCopyErrorMessageString, [:uint32, :pointer],
+                    :pointer)
+
+    attach_function(:SecKeychainItemModifyContent,
+                    [:pointer, :pointer, :uint32, :string], :uint32)
+
+    attach_function(:SecKeychainSearchCreateFromAttributes,
+                    [:pointer, :uint32, :pointer, :pointer], :uint32)
+    attach_function(:SecKeychainSearchCopyNext,
+                    [:pointer, :pointer], :uint32)
+    attach_function(:SecKeychainItemCopyAttributesAndData,
+                    [:pointer, :pointer, :pointer, :pointer,
+                     :pointer, :pointer], :uint32)
+    attach_function(:SecKeychainItemFreeAttributesAndData,
+                    [:pointer, :pointer], :uint32)
+
+    def self.error_message code
+      CF::String.new(SecCopyErrorMessageString(code, NULL)).to_s
+    end
+
+    def self.raise_error? code
+      raise KeychainError.new(error_message code) if code != 0
+      code
+    end
+    
+    def self.delete acct, svc
+      pw_length = FFI::MemoryPointer.new :uint32
+      pw_val = FFI::MemoryPointer.new :pointer
+      item_ref = FFI::MemoryPointer.new :pointer
+      raise_error? SecKeychainFindGenericPassword(NULL, svc.length, svc,
+                                                  acct.length, acct,
+                                                  pw_length, pw_val,
+                                                  item_ref)
+      raise_error? SecKeychainItemFreeContent(NULL, pw_val.read_pointer)
+      raise_error? SecKeychainItemDelete(item_ref.read_pointer)
+      CFRelease item_ref.read_pointer
+      true
+    end
+
+    def self.get acct, svc
+      pw_length = FFI::MemoryPointer.new :uint32
+      pw_val = FFI::MemoryPointer.new :pointer
+      retval = SecKeychainFindGenericPassword(NULL, svc.length, svc,
+                                              acct.length, acct,
+                                              pw_length, pw_val, NULL)
+      return nil unless 0 == retval
+      pw = pw_val.read_pointer.read_string(pw_length.read_int)
+      retval = SecKeychainItemFreeContent(NULL, pw_val.read_pointer)
+      return nil unless 0 == retval
+
+      pw
+    end
+
+    def self.set acct, value, svc
+      pw_length = FFI::MemoryPointer.new :uint32
+      pw_val = FFI::MemoryPointer.new :pointer
+      item_ref = FFI::MemoryPointer.new :pointer
+      retval = SecKeychainFindGenericPassword(NULL, svc.length, svc,
+                                              acct.length, acct,
+                                              pw_length, pw_val, item_ref)
+      if retval != 0
+        raise_error? SecKeychainAddGenericPassword(NULL, svc.length, svc,
+                                                   acct.length, acct,
+                                                   value.length, value, NULL)
+      else
+        raise_error? SecKeychainItemFreeContent(NULL, pw_val.read_pointer)
+        raise_error? SecKeychainItemModifyContent(item_ref.read_pointer, NULL,
+                                                  value.length, value)
+        CFRelease item_ref.read_pointer
+      end
+      true
+    end
+
+    class SecKeychainAttributeList < FFI::Struct
+      layout(:count, :uint32,
+             :attr, :pointer)
+    end
+
+    def self.s2i s
+      s.unpack("N")[0].to_i
+    end
+    
+    enum :SecItemAttr, [:kSecCreatiofnDateItemAttr, s2i('cdat'),
+                        :kSecModDateItemAttr, s2i('mdat'),
+                        :kSecDescriptionItemAttr, s2i('desc'),
+                        :kSecCommentItemAttr, s2i('icmt'),
+                        :kSecCreatorItemAttr, s2i('crtr'),
+                        :kSecTypeItemAttr, s2i('type'),
+                        :kSecScriptCodeItemAttr, s2i('scrp'),
+                        :kSecLabelItemAttr, s2i('labl'),
+                        :kSecInvisibleItemAttr, s2i('invi'),
+                        :kSecNegativeItemAttr, s2i('nega'),
+                        :kSecCustomIconItemAttr, s2i('cusi'),
+                        :kSecAccountItemAttr, s2i('acct'),
+                        :kSecServiceItemAttr, s2i('svce'),
+                        :kSecGenericItemAttr, s2i('gena'),
+                        :kSecSecurityDomainItemAttr, s2i('sdmn'),
+                        :kSecServerItemAttr, s2i('srvr'),
+                        :kSecAuthenticationTypeItemAttr, s2i('atyp'),
+                        :kSecPortItemAttr, s2i('port'),
+                        :kSecPathItemAttr, s2i('path'),
+                        :kSecVolumeItemAttr, s2i('vlme'),
+                        :kSecAddressItemAttr, s2i('addr'),
+                        :kSecSignatureItemAttr, s2i('ssig'),
+                        :kSecProtocolItemAttr, s2i('ptcl'),
+                        :kSecCertificateType, s2i('ctyp'),
+                        :kSecCertificateEncoding, s2i('cenc'),
+                        :kSecCrlType, s2i('crtp'),
+                        :kSecCrlEncoding, s2i('crnc'),
+                        :kSecAlias, s2i('alis')
+                       ]
+    
+    class SecKeychainAttribute < FFI::Struct
+      layout(:tag, :SecItemAttr,
+             :length, :uint32,
+             :data, :pointer)
+    end
+
+    class SecKeychainAttributeInfo < FFI::Struct
+      layout(:count, :uint32,
+             :tag, :pointer,
+             :format, :pointer)
+    end
+
+    
+    def self.list svc
+      search_ref = FFI::MemoryPointer.new :pointer
+      found_item = FFI::MemoryPointer.new :pointer
+      found_attr_list = FFI::MemoryPointer.new :pointer
+      svc_attr = SecKeychainAttribute.new
+
+      acct_info = SecKeychainAttributeInfo.new
+      acct_info[:count] = 1
+      acct_info[:tag] = FFI::MemoryPointer.new :uint32
+      acct_info[:tag].write_array_of_int [s2i("acct")]
+      acct_info[:format] = FFI::MemoryPointer.new :uint32
+      acct_info[:format].write_array_of_int [0]
+      
+      svc_attr[:tag] = s2i "svce"
+      svc_attr[:length] = svc.length
+      svc_attr[:data] = FFI::MemoryPointer.from_string(svc)
+
+      search_attr_list = SecKeychainAttributeList.new
+      search_attr_list[:count] = 1
+      search_attr_list[:attr] = svc_attr.pointer
+      
+      raise_error? SecKeychainSearchCreateFromAttributes(NULL,
+                                                         s2i("genp"),
+                                                         search_attr_list,
+                                                         search_ref)
+
+      acct_names = []
+      while true
+        retval = SecKeychainSearchCopyNext(search_ref.read_pointer,
+                                           found_item)
+        # the magic "no more items" number
+        break if retval == 4294941996
+        raise_error? retval
+
+        raise_error? SecKeychainItemCopyAttributesAndData(found_item.read_pointer,
+                                                          acct_info,
+                                                          NULL,
+                                                          found_attr_list,
+                                                          NULL, NULL)
+        f = SecKeychainAttributeList.new found_attr_list.read_pointer
+        next if f[:count] != 1
+
+        a = SecKeychainAttribute.new f[:attr]
+        next if a[:tag] != :kSecAccountItemAttr
+
+        acct_names.push a[:data].get_string(0, a[:length])
+      end
+
+      raise_error? SecKeychainItemFreeAttributesAndData(found_attr_list.read_pointer,
+                                                        NULL)
+      CFRelease search_ref.read_pointer
+      
+      acct_names
+    end
+    
+  end
+end

data/lib/yakg.rb

@@ -0,0 +1,24 @@
+require "yakg/backend"
+
+class Yakg
+  @@DEFAULT_SERVICE_NAME = "ruby-yakg-gem"
+  def self.DEFAULT_SERVICE_NAME= x; @@DEFAULT_SERVICE_NAME = x; end
+  def self.DEFAULT_SERVICE_NAME ; @@DEFAULT_SERVICE_NAME; end
+  
+  def self.set acct, value, svc=@@DEFAULT_SERVICE_NAME
+    Backend.set acct, value, svc
+  end
+
+  def self.get acct, svc=@@DEFAULT_SERVICE_NAME
+    Backend.get acct, svc
+  end
+
+  def self.unset acct, svc=@@DEFAULT_SERVICE_NAME
+    Backend.delete acct, svc
+  end
+
+  def self.list svc=@@DEFAULT_SERVICE_NAME
+    Backend.list svc
+  end
+  
+end

data/spec/spec_helper.rb

@@ -0,0 +1,18 @@
+require 'rubygems'
+require 'bundler/setup'
+
+$: << File.dirname(__FILE__) + '/../lib'
+
+require 'yakg'
+Yakg.DEFAULT_SERVICE_NAME = "yakg-rspec"
+require 'securerandom'
+
+RSpec.configure do |config|
+  config.color_enabled = true
+
+  # Use color not only in STDOUT but also in pagers and files
+  config.tty = true
+
+  # Use the specified formatter
+  #config.formatter = :documentation # :progress, :html, :textmate
+end

data/spec/yakg_spec.rb

@@ -0,0 +1,38 @@
+require 'spec_helper'
+
+describe Yakg do
+  pw_name = SecureRandom.hex 4
+  pw_value = SecureRandom.hex 4
+  new_pw_name = SecureRandom.hex 4
+
+  it "pre-nukes everything" do
+    Yakg.list.each {|x| Yakg.unset x }
+    Yakg.list.should eq []
+  end
+  
+  it "confirms nonexistent keys are nil" do
+    Yakg.get(pw_name).should be_nil
+  end
+
+  it "can create a key" do
+    Yakg.set(pw_name, pw_value).should be_true
+    Yakg.get(pw_name).should eq pw_value
+  end
+
+  it "can list keys" do
+    Yakg.set(new_pw_name, SecureRandom.hex(4))
+    Yakg.list.should eq [pw_name, new_pw_name]
+  end
+  
+  it "can update keys" do
+    new_pw_value = SecureRandom.hex 4
+    Yakg.set(pw_name, new_pw_value).should be_true
+    Yakg.get(pw_name).should eq new_pw_value
+  end
+
+  it "can delete a key" do
+    Yakg.unset(pw_name).should be_true
+    Yakg.get(pw_name).should be_nil
+  end
+  
+end

data/test/cribsheet.md

@@ -0,0 +1,11 @@
+set
+        `security add-generic-password -a keyname -s service_name -w password`
+
+get
+        `security find-generic-password -a somekey -s service_name -w`
+
+delete
+        `security delete-generic-password -a somekey -s service_name`
+
+update
+        delete and add, or call add with `-U`

data/test/mytest.rb

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+
+require "rubygems"
+require "bundler/setup"
+require "lib/yakg"
+
+Yakg.DEFAULT_SERVICE_NAME = "yakg-rspec"
+Yakg.list.each {|x| Yakg.unset x }
+
+exit 0

data/yakg.gemspec

@@ -0,0 +1,18 @@
+require 'find'
+
+Gem::Specification.new do |s|
+  s.name = 'yakg'
+  s.version = File.read("VERSION").chomp
+  s.date = '2012-11-25'
+  s.summary = 'Yet Another Keyring Gem'
+  s.description = "Use Ruby's DL mechanism to access the MacOS Keychain"
+  s.authors = ["Tom Maher"]
+  s.email = "tmaher@tursom.org"
+  s.files = `git ls-files`.split("\n")
+  s.homepage = "https://github.com/tmaher/yakg"
+  s.add_dependency "ffi"
+  s.add_dependency "corefoundation"
+  s.add_development_dependency "woof_util"
+  s.add_development_dependency "rake"
+  s.add_development_dependency "rspec"
+end

metadata

@@ -0,0 +1,145 @@
+--- !ruby/object:Gem::Specification 
+name: yakg
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Tom Maher
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2012-11-25 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  prerelease: false
+  type: :runtime
+  name: ffi
+  requirement: *id001
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  prerelease: false
+  type: :runtime
+  name: corefoundation
+  requirement: *id002
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  prerelease: false
+  type: :development
+  name: woof_util
+  requirement: *id003
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  prerelease: false
+  type: :development
+  name: rake
+  requirement: *id004
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  prerelease: false
+  type: :development
+  name: rspec
+  requirement: *id005
+description: Use Ruby's DL mechanism to access the MacOS Keychain
+email: tmaher@tursom.org
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- Gemfile.lock
+- Rakefile
+- VERSION
+- lib/yakg.rb
+- lib/yakg/backend.rb
+- spec/spec_helper.rb
+- spec/yakg_spec.rb
+- test/cribsheet.md
+- test/mytest.rb
+- yakg.gemspec
+homepage: https://github.com/tmaher/yakg
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Yet Another Keyring Gem
+test_files: []
+