This is a simple wrapper around credential manager utilities on Windows, macOS and Linux. It respectively interacts with:
- the system credential manager on Windows
- the keychain on macOS
- the "Secret service" of your distribution on Linux (such as
sr_keychain.c are required. A basic example in C can be found in the
- On Windows, this should link against
- On macOS, this should link against
- On Linux, this should link against the
All strings passed as arguments below should be null-terminated, including the passwords.
int sr_keychain_set_password(const char * domain, char * user, const char * password);
Store a password in the keychain, for a given domain and user name. This will return 0 on success.
int sr_keychain_get_password(const char * domain, const char * user, char ** password);
Retrieve the password previously stored for a given domain and username. The string will be internally allocated and its ownership is transferred to the caller. This will return 0 on success.
void sr_keychain_set_stdin_printback(int enable)
Disable printback when querying for user input on stdin, if the terminal honors it.
sr_keychain internally allocate a few strings (including the retrieved password). By default, it uses the standard
free but these can be overriden by defining
On Linux, a URL identifier is associated to all elements stored by
sr_keychain. It defaults to
"com.sr.sr_keychain", but can be overriden by defining
SR_KEYCHAIN_LINUX_SCHEME_NAME to the desired string.
This library currently does not allow for the deletion of existing passwords from the system keychain. It exposes no additional options such as the lifespan of a password, the associated protocol or application, etc. Finally, it doesn't protect the password once it is stored in memory in your application.