But the end result is you use PKCS#11 and stuff like the Gcr certificate widgets, from languages like python and javascript (although not your browser). For example this:
const Gck = imports.gi.Gck;
const Gcr = imports.gi.Gcr;
const Gtk = imports.gi.Gtk;
/* TODO: From pkcs11.h */
const CKA_CLASS = 0;
const CKO_CERTIFICATE = 1;
const CKA_VALUE = 17;
const URI = "pkcs11:object-type=cert";
Gtk.init(null, null);
var dialog = new Gtk.Dialog();
var viewer = new Gcr.ViewerWidget();
dialog.get_content_area().pack_start(viewer, true, true, 0);
var modules = Gck.modules_initialize_registered(null);
var objects = Gck.modules_objects_for_uri(modules, URI, Gck.SessionOptions.READ_ONLY);
objects.forEach(function(object) {
viewer.load_data(null, object.get_data(CKA_VALUE, null));
});
viewer.show();
dialog.run();
... will pop up a window show up with every certificate on every smart card and key storage you have configured. All of this goodness is in gnome-keyring git master.
When will you make libgnome-keyring introspectable? Python devs really want this.
ReplyDeletehttps://bugzilla.gnome.org/show_bug.cgi?id=598414
libgnome-keyring is an old and busted API, broken with regards to threading, and hard to make introspectable.
ReplyDeleteI'm working on a new library called gsecret which properly exposes the capabilities of the Secret Service DBus API [1] (what's actually used for communication with the daemon).
http://standards.freedesktop.org/secret-service/
That said ... if you or someone would like to work on the introspection support for libgnome-keyring I would review it and support you effort.
ReplyDeleteThanks for the explanation! I heard about secret-service, but didn't know about gsecret.
ReplyDeleteWhen will it be ready (approximately)?
I'm working toward having initial gsecret library (store, find, remove passwords) by GNOME 3.4.
ReplyDelete