go-keychain – github.com/keybase/go-keychain Index | Files | Directories

package keychain

import "github.com/keybase/go-keychain"

Index

Constants 

const (
	// SynchronizableDefault is the default setting
	SynchronizableDefault Synchronizable = 0
	// SynchronizableAny is for kSecAttrSynchronizableAny
	SynchronizableAny = 1
	// SynchronizableYes enables synchronization
	SynchronizableYes = 2
	// SynchronizableNo disables synchronization
	SynchronizableNo = 3
)
const (
	// AccessibleDefault is the default
	AccessibleDefault Accessible = 0
	// AccessibleWhenUnlocked is when unlocked
	AccessibleWhenUnlocked = 1
	// AccessibleAfterFirstUnlock is after first unlock
	AccessibleAfterFirstUnlock = 2
	// AccessibleAlways is always
	AccessibleAlways = 3
	// AccessibleWhenPasscodeSetThisDeviceOnly is when passcode is set
	AccessibleWhenPasscodeSetThisDeviceOnly = 4
	// AccessibleWhenUnlockedThisDeviceOnly is when unlocked for this device only
	AccessibleWhenUnlockedThisDeviceOnly = 5
	// AccessibleAfterFirstUnlockThisDeviceOnly is after first unlock for this device only
	AccessibleAfterFirstUnlockThisDeviceOnly = 6
	// AccessibleAccessibleAlwaysThisDeviceOnly is always for this device only
	AccessibleAccessibleAlwaysThisDeviceOnly = 7
)
const (
	// MatchLimitDefault is the default
	MatchLimitDefault MatchLimit = 0
	// MatchLimitOne limits to one result
	MatchLimitOne = 1
	// MatchLimitAll is no limit
	MatchLimitAll = 2
)

Variables 

var (
	// ErrorUnimplemented corresponds to errSecUnimplemented result code
	ErrorUnimplemented = Error(C.errSecUnimplemented)
	// ErrorParam corresponds to errSecParam result code
	ErrorParam = Error(C.errSecParam)
	// ErrorAllocate corresponds to errSecAllocate result code
	ErrorAllocate = Error(C.errSecAllocate)
	// ErrorNotAvailable corresponds to errSecNotAvailable result code
	ErrorNotAvailable = Error(C.errSecNotAvailable)
	// ErrorAuthFailed corresponds to errSecAuthFailed result code
	ErrorAuthFailed = Error(C.errSecAuthFailed)
	// ErrorDuplicateItem corresponds to errSecDuplicateItem result code
	ErrorDuplicateItem = Error(C.errSecDuplicateItem)
	// ErrorItemNotFound corresponds to errSecItemNotFound result code
	ErrorItemNotFound = Error(C.errSecItemNotFound)
	// ErrorInteractionNotAllowed corresponds to errSecInteractionNotAllowed result code
	ErrorInteractionNotAllowed = Error(C.errSecInteractionNotAllowed)
	// ErrorDecode corresponds to errSecDecode result code
	ErrorDecode = Error(C.errSecDecode)
	// ErrorNoSuchKeychain corresponds to errSecNoSuchKeychain result code
	ErrorNoSuchKeychain = Error(C.errSecNoSuchKeychain)
	// ErrorNoAccessForItem corresponds to errSecNoAccessForItem result code
	ErrorNoAccessForItem = Error(C.errSecNoAccessForItem)
	// ErrorReadOnly corresponds to errSecReadOnly result code
	ErrorReadOnly = Error(C.errSecReadOnly)
	// ErrorInvalidKeychain corresponds to errSecInvalidKeychain result code
	ErrorInvalidKeychain = Error(C.errSecInvalidKeychain)
	// ErrorDuplicateKeyChain corresponds to errSecDuplicateKeychain result code
	ErrorDuplicateKeyChain = Error(C.errSecDuplicateKeychain)
	// ErrorWrongVersion corresponds to errSecWrongSecVersion result code
	ErrorWrongVersion = Error(C.errSecWrongSecVersion)
	// ErrorReadonlyAttribute corresponds to errSecReadOnlyAttr result code
	ErrorReadonlyAttribute = Error(C.errSecReadOnlyAttr)
	// ErrorInvalidSearchRef corresponds to errSecInvalidSearchRef result code
	ErrorInvalidSearchRef = Error(C.errSecInvalidSearchRef)
	// ErrorInvalidItemRef corresponds to errSecInvalidItemRef result code
	ErrorInvalidItemRef = Error(C.errSecInvalidItemRef)
	// ErrorDataNotAvailable corresponds to errSecDataNotAvailable result code
	ErrorDataNotAvailable = Error(C.errSecDataNotAvailable)
	// ErrorDataNotModifiable corresponds to errSecDataNotModifiable result code
	ErrorDataNotModifiable = Error(C.errSecDataNotModifiable)
	// ErrorInvalidOwnerEdit corresponds to errSecInvalidOwnerEdit result code
	ErrorInvalidOwnerEdit = Error(C.errSecInvalidOwnerEdit)
	// ErrorUserCanceled corresponds to errSecUserCanceled result code
	ErrorUserCanceled = Error(C.errSecUserCanceled)
)
var (
	// ServiceKey is for kSecAttrService
	ServiceKey = attrKey(C.CFTypeRef(C.kSecAttrService))

	// ServerKey is for kSecAttrServer
	ServerKey = attrKey(C.CFTypeRef(C.kSecAttrServer))
	// ProtocolKey is for kSecAttrProtocol
	ProtocolKey = attrKey(C.CFTypeRef(C.kSecAttrProtocol))
	// AuthenticationTypeKey is for kSecAttrAuthenticationType
	AuthenticationTypeKey = attrKey(C.CFTypeRef(C.kSecAttrAuthenticationType))
	// PortKey is for kSecAttrPort
	PortKey = attrKey(C.CFTypeRef(C.kSecAttrPort))
	// PathKey is for kSecAttrPath
	PathKey = attrKey(C.CFTypeRef(C.kSecAttrPath))

	// LabelKey is for kSecAttrLabel
	LabelKey = attrKey(C.CFTypeRef(C.kSecAttrLabel))
	// AccountKey is for kSecAttrAccount
	AccountKey = attrKey(C.CFTypeRef(C.kSecAttrAccount))
	// AccessGroupKey is for kSecAttrAccessGroup
	AccessGroupKey = attrKey(C.CFTypeRef(C.kSecAttrAccessGroup))
	// DataKey is for kSecValueData
	DataKey = attrKey(C.CFTypeRef(C.kSecValueData))
	// DescriptionKey is for kSecAttrDescription
	DescriptionKey = attrKey(C.CFTypeRef(C.kSecAttrDescription))
	// CommentKey is for kSecAttrComment
	CommentKey = attrKey(C.CFTypeRef(C.kSecAttrComment))
	// CreationDateKey is for kSecAttrCreationDate
	CreationDateKey = attrKey(C.CFTypeRef(C.kSecAttrCreationDate))
	// ModificationDateKey is for kSecAttrModificationDate
	ModificationDateKey = attrKey(C.CFTypeRef(C.kSecAttrModificationDate))
)
var AccessibleKey = attrKey(C.CFTypeRef(C.kSecAttrAccessible))

AccessibleKey is key for kSecAttrAccessible 

var MatchLimitKey = attrKey(C.CFTypeRef(C.kSecMatchLimit))

MatchLimitKey is key type for MatchLimit 

var ReturnAttributesKey = attrKey(C.CFTypeRef(C.kSecReturnAttributes))

ReturnAttributesKey is key type for kSecReturnAttributes 

var ReturnDataKey = attrKey(C.CFTypeRef(C.kSecReturnData))

ReturnDataKey is key type for kSecReturnData 

var ReturnRefKey = attrKey(C.CFTypeRef(C.kSecReturnRef))

ReturnRefKey is key type for kSecReturnRef 

var SecClassKey = attrKey(C.CFTypeRef(C.kSecClass))

SecClassKey is the key type for SecClass 

var SynchronizableKey = attrKey(C.CFTypeRef(C.kSecAttrSynchronizable))

SynchronizableKey is the key type for Synchronizable

Functions

func AddItem 

func AddItem(item Item) error

AddItem adds a Item to a Keychain

func ArrayToCFArray 

func ArrayToCFArray(a []C.CFTypeRef) C.CFArrayRef

ArrayToCFArray will return a CFArrayRef and if non-nil, must be released with Release(ref).

func BytesToCFData 

func BytesToCFData(b []byte) (C.CFDataRef, error)

BytesToCFData will return a CFDataRef and if non-nil, must be released with Release(ref).

func CFArrayToArray 

func CFArrayToArray(cfArray C.CFArrayRef) (a []C.CFTypeRef)

CFArrayToArray converts a CFArrayRef to an array of CFTypes.

func CFDataToBytes 

func CFDataToBytes(cfData C.CFDataRef) ([]byte, error)

CFDataToBytes converts CFData to bytes.

func CFDateToTime 

func CFDateToTime(d C.CFDateRef) time.Time

CFDateToTime will convert the given CFDateRef to a time.Time.

func CFDictionaryToMap 

func CFDictionaryToMap(cfDict C.CFDictionaryRef) (m map[C.CFTypeRef]C.CFTypeRef)

CFDictionaryToMap converts CFDictionaryRef to a map.

func CFNumberToInterface 

func CFNumberToInterface(cfNumber C.CFNumberRef) interface{}

CFNumberToInterface converts the CFNumberRef to the most appropriate numeric type. This code is from github.com/kballard/go-osx-plist.

func CFStringToString 

func CFStringToString(s C.CFStringRef) string

CFStringToString converts a CFStringRef to a string.

func CFTypeDescription 

func CFTypeDescription(ref C.CFTypeRef) string

CFTypeDescription returns type string for CFTypeRef.

func Convert 

func Convert(ref C.CFTypeRef) (interface{}, error)

Convert converts a CFTypeRef to a go instance.

func ConvertCFDictionary 

func ConvertCFDictionary(d C.CFDictionaryRef) (map[interface{}]interface{}, error)

ConvertCFDictionary converts a CFDictionary to map (deep).

func ConvertMapToCFDictionary 

func ConvertMapToCFDictionary(attr map[string]interface{}) (C.CFDictionaryRef, error)

ConvertMapToCFDictionary converts a map to a CFDictionary and if non-nil, must be released with Release(ref).

func DeleteGenericPasswordItem 

func DeleteGenericPasswordItem(service string, account string) error

DeleteGenericPasswordItem removes a generic password item.

func DeleteItem 

func DeleteItem(item Item) error

DeleteItem removes a Item

func GetAccountsForService 

func GetAccountsForService(service string) ([]string, error)

GetAccountsForService is deprecated

func GetGenericPassword 

func GetGenericPassword(service string, account string, label string, accessGroup string) ([]byte, error)

GetGenericPassword returns password data for service and account. This is a convenience method. If item is not found returns nil, nil.

func GetGenericPasswordAccounts 

func GetGenericPasswordAccounts(service string) ([]string, error)

GetGenericPasswordAccounts returns generic password accounts for service. This is a convenience method.

func Int32ToCFNumber 

func Int32ToCFNumber(u int32) C.CFNumberRef

Int32ToCFNumber will return a CFNumberRef, must be released with Release(ref).

func MapToCFDictionary 

func MapToCFDictionary(m map[C.CFTypeRef]C.CFTypeRef) (C.CFDictionaryRef, error)

MapToCFDictionary will return a CFDictionaryRef and if non-nil, must be released with Release(ref).

func QueryItemRef 

func QueryItemRef(item Item) (C.CFTypeRef, error)

QueryItemRef returns query result as CFTypeRef. You must release it when you are done.

func RandBytes 

func RandBytes(length int) ([]byte, error)

RandBytes returns random bytes of length

func RandomID 

func RandomID(prefix string) (string, error)

RandomID returns random ID (base32) string with prefix, using 256 bits as recommended by tptacek: https://gist.github.com/tqbf/be58d2d39690c3b366ad

func Release 

func Release(ref C.CFTypeRef)

Release releases memory pointed to by a CFTypeRef.

func StringToCFString 

func StringToCFString(s string) (C.CFStringRef, error)

StringToCFString will return a CFStringRef and if non-nil, must be released with Release(ref).

func TimeToCFDate 

func TimeToCFDate(t time.Time) C.CFDateRef

TimeToCFDate will convert the given time.Time to a CFDateRef, which must be released with Release(ref).

func UpdateItem 

func UpdateItem(queryItem Item, updateItem Item) error

UpdateItem updates the queryItem with the parameters from updateItem

Types

type Accessible 

type Accessible int

Accessible is the items accessibility

type Convertable 

type Convertable interface {
	Convert() (C.CFTypeRef, error)
}

Convertable knows how to convert an instance to a CFTypeRef.

type Error 

type Error int

Error defines keychain errors

func (Error) Error 

func (k Error) Error() (msg string)

type Item 

type Item struct {
	// contains filtered or unexported fields
}

Item for adding, querying or deleting.

func NewGenericPassword 

func NewGenericPassword(service string, account string, label string, data []byte, accessGroup string) Item

NewGenericPassword creates a generic password item with the default keychain. This is a convenience method.

func NewItem 

func NewItem() Item

NewItem is a new empty keychain item

func (*Item) SetAccessGroup 

func (k *Item) SetAccessGroup(ag string)

SetAccessGroup sets the access group attribute

func (*Item) SetAccessible 

func (k *Item) SetAccessible(accessible Accessible)

SetAccessible sets the accessible attribute

func (*Item) SetAccount 

func (k *Item) SetAccount(a string)

SetAccount sets the account attribute

func (*Item) SetAuthenticationType 

func (k *Item) SetAuthenticationType(s string)

SetAuthenticationType sets the authentication type attribute (for internet password items)

func (*Item) SetComment 

func (k *Item) SetComment(s string)

SetComment sets the comment attribute

func (*Item) SetData 

func (k *Item) SetData(b []byte)

SetData sets the data attribute

func (*Item) SetDescription 

func (k *Item) SetDescription(s string)

SetDescription sets the description attribute

func (*Item) SetInt32 

func (k *Item) SetInt32(key string, v int32)

SetInt32 sets an int32 attribute for a string key

func (*Item) SetLabel 

func (k *Item) SetLabel(l string)

SetLabel sets the label attribute

func (*Item) SetMatchLimit 

func (k *Item) SetMatchLimit(matchLimit MatchLimit)

SetMatchLimit sets the match limit

func (*Item) SetPath 

func (k *Item) SetPath(s string)

SetPath sets the path attribute (for internet password items)

func (*Item) SetPort 

func (k *Item) SetPort(v int32)

SetPort sets the port attribute (for internet password items)

func (*Item) SetProtocol 

func (k *Item) SetProtocol(s string)

SetProtocol sets the protocol attribute (for internet password items) Example values are: "htps", "http", "smb "

func (*Item) SetReturnAttributes 

func (k *Item) SetReturnAttributes(b bool)

SetReturnAttributes sets the return value type on query

func (*Item) SetReturnData 

func (k *Item) SetReturnData(b bool)

SetReturnData enables returning data on query

func (*Item) SetReturnRef 

func (k *Item) SetReturnRef(b bool)

SetReturnRef enables returning references on query

func (*Item) SetSecClass 

func (k *Item) SetSecClass(sc SecClass)

SetSecClass sets the security class

func (*Item) SetServer 

func (k *Item) SetServer(s string)

SetServer sets the server attribute (for internet password items)

func (*Item) SetService 

func (k *Item) SetService(s string)

SetService sets the service attribute (for generic application items)

func (*Item) SetString 

func (k *Item) SetString(key string, s string)

SetString sets a string attibute for a string key

func (*Item) SetSynchronizable 

func (k *Item) SetSynchronizable(sync Synchronizable)

SetSynchronizable sets the synchronizable attribute

type MatchLimit 

type MatchLimit int

MatchLimit is whether to limit results on query

type QueryResult 

type QueryResult struct {
	// For generic application items
	Service string

	// For internet password items
	Server             string
	Protocol           string
	AuthenticationType string
	Port               int32
	Path               string

	Account          string
	AccessGroup      string
	Label            string
	Description      string
	Comment          string
	Data             []byte
	CreationDate     time.Time
	ModificationDate time.Time
}

QueryResult stores all possible results from queries. Not all fields are applicable all the time. Results depend on query.

func QueryItem 

func QueryItem(item Item) ([]QueryResult, error)

QueryItem returns a list of query results.

type SecClass 

type SecClass int

SecClass is the items class code 

var (
	/*
		kSecClassGenericPassword item attributes:
		 kSecAttrAccess (OS X only)
		 kSecAttrAccessGroup (iOS; also OS X if kSecAttrSynchronizable specified)
		 kSecAttrAccessible (iOS; also OS X if kSecAttrSynchronizable specified)
		 kSecAttrAccount
		 kSecAttrService
	*/
	SecClassGenericPassword  SecClass = 1
	SecClassInternetPassword SecClass = 2
)

Keychain Item Classes

type Synchronizable 

type Synchronizable int

Synchronizable is the items synchronizable status

Source Files

corefoundation.go datetime.go keychain.go macos.go util.go

Directories

PathSynopsis
bind
bindtest
secretservice
Version
v0.0.1 (latest)
Published
Feb 27, 2025
Platform
darwin/amd64
Imports
11 packages
Last checked
now

Tools for package owners.