lib/PyMacAdmin/Security/__init__.py at 649dae5c16e380d8ac36c8430e4dcca81ab57fe7 from acdha's pymacadmin

acdha / pymacadmin

Description:	Python tools for Mac system administration edit
Homepage:	http://pymacadmin.googlecode.com/ edit
Public Clone URL:	git://github.com/acdha/pymacadmin.git Give this clone URL to anyone. `git clone git://github.com/acdha/pymacadmin.git`
Your Clone URL:	git@github.com:acdha/pymacadmin.git Use this clone URL yourself. `git clone git@github.com:acdha/pymacadmin.git`

Keychain cleanup

Chris Adams (author)

Sat Mar 21 13:55:16 -0700 2009

commit 649dae5c16e380d8ac36c8430e4dcca81ab57fe7
tree e1ac9330caa88f2bbefe5ff4d4cf1d70fc40a20a
parent 60630dbdb99c37193673c100c7239c80a8b90527

pymacadmin / lib / PyMacAdmin / Security / __init__.py

100755 60 lines (55 sloc) 2.58 kb

raw blame history

# encoding: utf-8
import PyMacAdmin
import ctypes
import struct
import sys
 
# This is not particularly elegant but to avoid everything having to load the
# Security framework we use a single copy hanging of this module so everything
# else can simply use Security.lib.SecKeychainFoo(…)
lib = PyMacAdmin.load_carbon_framework('/System/Library/Frameworks/Security.framework/Versions/Current/Security')
 
CSSM_DB_RECORDTYPE_APP_DEFINED_START = 0x80000000
CSSM_DL_DB_RECORD_X509_CERTIFICATE   = CSSM_DB_RECORDTYPE_APP_DEFINED_START + 0x1000
 
# This is somewhat gross: we define a bunch of module-level constants based on
# the SecKeychainItem.h defines (FourCharCodes) by passing them through
# struct.unpack and converting them to ctypes.c_long() since we'll never use
# them for non-native APIs
 
CARBON_DEFINES = {
    'kSecCreationDateItemAttr':         'cdat',
    'kSecModDateItemAttr':              'mdat',
    'kSecDescriptionItemAttr':          'desc',
    'kSecCommentItemAttr':              'icmt',
    'kSecCreatorItemAttr':              'crtr',
    'kSecTypeItemAttr':                 'type',
    'kSecScriptCodeItemAttr':           'scrp',
    'kSecLabelItemAttr':                'labl',
    'kSecInvisibleItemAttr':            'invi',
    'kSecNegativeItemAttr':             'nega',
    'kSecCustomIconItemAttr':           'cusi',
    'kSecAccountItemAttr':              'acct',
    'kSecServiceItemAttr':              'svce',
    'kSecGenericItemAttr':              'gena',
    'kSecSecurityDomainItemAttr':       'sdmn',
    'kSecServerItemAttr':               'srvr',
    'kSecAuthenticationTypeItemAttr':   'atyp',
    'kSecPortItemAttr':                 'port',
    'kSecPathItemAttr':                 'path',
    'kSecVolumeItemAttr':               'vlme',
    'kSecAddressItemAttr':              'addr',
    'kSecSignatureItemAttr':            'ssig',
    'kSecProtocolItemAttr':             'ptcl',
    'kSecCertificateType':              'ctyp',
    'kSecCertificateEncoding':          'cenc',
    'kSecCrlType':                      'crtp',
    'kSecCrlEncoding':                  'crnc',
    'kSecAlias':                        'alis',
    'kSecInternetPasswordItemClass':    'inet',
    'kSecGenericPasswordItemClass':     'genp',
    'kSecAppleSharePasswordItemClass':  'ashp',
    'kSecCertificateItemClass':         CSSM_DL_DB_RECORD_X509_CERTIFICATE
}
 
for k in CARBON_DEFINES:
    v = CARBON_DEFINES[k]
    if isinstance(v, str):
        assert(len(v) == 4)
        v = ctypes.c_ulong(struct.unpack(">L", v)[0])
    setattr(sys.modules[__name__], k, v)