Merge pull request #91 from DocLambda/for-upstream

Add Linux kernel keyring (keyctl) backend implementation

config.go

@@ -29,6 +29,12 @@ type Config struct {
 	// FileDir is the directory that keyring files are stored in, ~ is resolved to home dir
 	FileDir string
 
+	// KeyCtlScope is the scope of the kernel keyring (either "user", "session", "process" or "thread")
+	KeyCtlScope string
+
+	// KeyCtlPerm is the permission mask to use for new keys
+	KeyCtlPerm uint32
+
 	// KWalletAppID is the application id for KWallet
 	KWalletAppID string
 

file.go

@@ -67,7 +67,7 @@ func (k *fileKeyring) unlock() error {
 	}
 
 	if k.password == "" {
-		pwd, err := k.passwordFunc(fmt.Sprintf("Enter passphrase to unlock %s", dir))
+		pwd, err := k.passwordFunc(fmt.Sprintf("Enter passphrase to unlock %q", dir))
 		if err != nil {
 			return err
 		}

file_test.go

@@ -8,7 +8,7 @@ import (
 func TestFileKeyringSetWhenEmpty(t *testing.T) {
 	k := &fileKeyring{
 		dir:          os.TempDir(),
-		passwordFunc: fixedStringPrompt("no more secrets"),
+		passwordFunc: FixedStringPrompt("no more secrets"),
 	}
 	item := Item{Key: "llamas", Data: []byte("llamas are great")}
 
@@ -33,7 +33,7 @@ func TestFileKeyringSetWhenEmpty(t *testing.T) {
 func TestFileKeyringGetWithSlashes(t *testing.T) {
 	k := &fileKeyring{
 		dir:          os.TempDir(),
-		passwordFunc: fixedStringPrompt("no more secrets"),
+		passwordFunc: FixedStringPrompt("no more secrets"),
 	}
 
 	item := Item{Key: "https://aws-sso-portal.awsapps.com/start", Data: []byte("https://aws-sso-portal.awsapps.com/start")}

go.mod

@@ -10,10 +10,12 @@ require (
 	github.com/keybase/go-keychain v0.0.0-20190712205309-48d3d31d256d
 	github.com/kr/pretty v0.1.0 // indirect
 	github.com/mtibben/percent v0.2.1
-	github.com/stretchr/objx v0.2.0 // indirect
+	github.com/stretchr/objx v0.3.0 // indirect
+	github.com/stretchr/testify v1.7.0
 	golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4
-	golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7 // indirect
+	golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7
 	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 )
 
 replace github.com/keybase/go-keychain => github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4

go.sum

@@ -2,7 +2,6 @@ github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 h1:/vQbFIOMb
 github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4/go.mod h1:hN7oaIRCjzsZ2dE+yG5k+rsdt3qcwykqK6HVGcKwsw4=
 github.com/danieljoos/wincred v1.0.2 h1:zf4bhty2iLuwgjgpraD2E9UbvO+fe54XXGJbOwe23fU=
 github.com/danieljoos/wincred v1.0.2/go.mod h1:SnuYRW9lp1oJrZX/dXJqr0cPK5gYXqx3EJbmjhLdK9U=
-github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -21,12 +20,12 @@ github.com/mtibben/percent v0.2.1 h1:5gssi8Nqo8QU/r2pynCm+hBQHpkB/uNK7BJCFogWdzs
 github.com/mtibben/percent v0.2.1/go.mod h1:KG9uO+SZkUp+VkRHsCdYQV3XSZrrSpR3O9ibNBTZrns=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48=
-github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
-github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
+github.com/stretchr/objx v0.3.0 h1:NGXK3lHquSN08v5vWalVI/L8XU9hdzE/G6xsrze47As=
+github.com/stretchr/objx v0.3.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc=
 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@@ -36,5 +35,9 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7 h1:LepdCS8Gf/MVejFIt8lsiexZATdoGVyp5bcyS+rYoUI=
 golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

keychain.go

@@ -1,3 +1,4 @@
+//go:build darwin && cgo
 // +build darwin,cgo
 
 package keyring

keychain_test.go

@@ -1,3 +1,4 @@
+//go:build darwin
 // +build darwin
 
 package keyring
@@ -17,7 +18,7 @@ func TestOSXKeychainKeyringSet(t *testing.T) {
 
 	k := &keychain{
 		path:         path,
-		passwordFunc: fixedStringPrompt("test password"),
+		passwordFunc: FixedStringPrompt("test password"),
 		service:      "test",
 		isTrusted:    true,
 	}
@@ -57,7 +58,7 @@ func TestOSXKeychainKeyringOverwrite(t *testing.T) {
 
 	k := &keychain{
 		path:         path,
-		passwordFunc: fixedStringPrompt("test password"),
+		passwordFunc: FixedStringPrompt("test password"),
 		service:      "test",
 		isTrusted:    true,
 	}
@@ -110,7 +111,7 @@ func TestOSXKeychainKeyringListKeysWhenEmpty(t *testing.T) {
 	k := &keychain{
 		path:         path,
 		service:      "test",
-		passwordFunc: fixedStringPrompt("test password"),
+		passwordFunc: FixedStringPrompt("test password"),
 		isTrusted:    true,
 	}
 
@@ -130,7 +131,7 @@ func TestOSXKeychainKeyringListKeysWhenNotEmpty(t *testing.T) {
 	k := &keychain{
 		path:         path,
 		service:      "test",
-		passwordFunc: fixedStringPrompt("test password"),
+		passwordFunc: FixedStringPrompt("test password"),
 		isTrusted:    true,
 	}
 
@@ -175,7 +176,7 @@ func TestOSXKeychainGetKeyWhenEmpty(t *testing.T) {
 
 	k := &keychain{
 		path:         path,
-		passwordFunc: fixedStringPrompt("test password"),
+		passwordFunc: FixedStringPrompt("test password"),
 		service:      "test",
 		isTrusted:    true,
 	}
@@ -192,7 +193,7 @@ func TestOSXKeychainGetKeyWhenNotEmpty(t *testing.T) {
 
 	k := &keychain{
 		path:         path,
-		passwordFunc: fixedStringPrompt("test password"),
+		passwordFunc: FixedStringPrompt("test password"),
 		service:      "test",
 		isTrusted:    true,
 	}
@@ -222,7 +223,7 @@ func TestOSXKeychainRemoveKeyWhenEmpty(t *testing.T) {
 
 	k := &keychain{
 		path:         path,
-		passwordFunc: fixedStringPrompt("test password"),
+		passwordFunc: FixedStringPrompt("test password"),
 		service:      "test",
 		isTrusted:    true,
 	}
@@ -239,7 +240,7 @@ func TestOSXKeychainRemoveKeyWhenNotEmpty(t *testing.T) {
 
 	k := &keychain{
 		path:         path,
-		passwordFunc: fixedStringPrompt("test password"),
+		passwordFunc: FixedStringPrompt("test password"),
 		service:      "test",
 		isTrusted:    true,
 	}