Monday, December 11, 2017

#1 2016-03-13 04:29:21 pm

bentoms
Member
Registered: 2008-10-21
Posts: 66
Website

Keychain Services API

Hi folks,

I'm looking to move some of the keychain interaction of a project I maintain (https://github.com/macmule/ADPassMon) from using the security binary to the Keychain Services API (https://developer.apple.com/library/pre … H1g-286517).

But I'm struggling to figure out how best to add/call the API from my ADPassMon.

I've added the framework the to app in Xcode in a test project, which main.m looks like:

Applescript:

#import <Cocoa/Cocoa.h>
#import <AppleScriptObjC/AppleScriptObjC.h>
#import <Security/SecKeychain.h>

int main(int argc, const char * argv[]) {
[[NSBundle mainBundle] loadAppleScriptObjectiveCScripts];
return NSApplicationMain(argc, argv);
}

I've then tried to declare a property as per, the below in the AppDelegate:

Applescript:

script AppDelegate
   property parent : class "NSObject"
property SecKeychain : class "SecKeychain"
property defaultKeychain : ""
   
   -- IBOutlets
   property theWindow : missing value
   
   on applicationWillFinishLaunching_(aNotification)
       -- Insert code here to initialize your application before any files are opened
set keychain_status to SecKeychain's SecKeychainGetVersion
log keychain_status

   end applicationWillFinishLaunching_
   
   on applicationShouldTerminate_(sender)
       -- Insert code here to do any housekeeping before your application quits
       return current application's NSTerminateNow
   end applicationShouldTerminate_
   
end script

But, I'm getting the below with the above:

Applescript:

*** -[AppDelegate applicationWillFinishLaunching:]: Can’t get SecKeychainGetVersion of class "SecKeychain". (error -1728)

Help appreciated!

Offline

 

#2 2016-03-13 05:28:23 pm

Shane Stanley
Member
From:: Australia
Registered: 2002-12-07
Posts: 5197

Re: Keychain Services API

I don't think you'll be able to do that from ASObjC. You call functions such as SecKeychainGetVersion() like this:

Applescript:

current application's SecKeychainGetVersion(var)

The problem is not so much the function as the fact that the argument is of a type (pointer to an integer) that ASObjC doesn't support.


Shane Stanley <sstanley@myriad-com.com.au>
www.macosxautomation.com/applescript/apps/

Offline

 

#3 2016-03-14 03:37:14 pm

bentoms
Member
Registered: 2008-10-21
Posts: 66
Website

Re: Keychain Services API

Thanks, Shane.

That was an example, one of the keys I was after is SecKeychainGetStatus https://developer.apple.com/library/mac … nGetStatus.

Presumably that's the same?

Offline

 

#4 2016-03-14 05:06:07 pm

Shane Stanley
Member
From:: Australia
Registered: 2002-12-07
Posts: 5197

Re: Keychain Services API

Yes, same sort of problem. With a few exceptions, the only functions you can call from ASObjC are those that take no arguments.


Shane Stanley <sstanley@myriad-com.com.au>
www.macosxautomation.com/applescript/apps/

Offline

 

#5 2016-03-14 05:20:14 pm

bentoms
Member
Registered: 2008-10-21
Posts: 66
Website

Re: Keychain Services API

Yea, that's a shame.

I've done some NS stuff (NSTask, NSTimer, NSArray etc).

The other shame is that the security binary does not function as per the underlying API, which might have helped smooth out some code as well as allowed me to amend ADPassMon to not only update & manage the login.keychain but also local items (as per: https://github.com/google/macops-keychainminder).

Hmm.. is there not a way to address ObjC as ObjC? then I could pass a value to a variable then back to AppleScript?

Offline

 

#6 2016-03-14 05:23:23 pm

Shane Stanley
Member
From:: Australia
Registered: 2002-12-07
Posts: 5197

Re: Keychain Services API

bentoms wrote:

is there not a way to address ObjC as ObjC?


I'm not sure what you mean. You can add an Objective-C class and wrap the code in an ASObjC method that you can call from ASObjC.


Shane Stanley <sstanley@myriad-com.com.au>
www.macosxautomation.com/applescript/apps/

Offline

 

#7 2016-03-14 05:26:49 pm

bentoms
Member
Registered: 2008-10-21
Posts: 66
Website

Re: Keychain Services API

That's kind of what I thought I was doing.

Or rather, an avenue of approach I was hoping to go down. But am missing some level of understanding, & if that even something that would work for this?

Offline

 

#8 2016-03-14 05:31:04 pm

Shane Stanley
Member
From:: Australia
Registered: 2002-12-07
Posts: 5197

Re: Keychain Services API

Just add your own Objective-C class to your project, and wrap the security code in an Objective-C method. Then call it from your ASObjC code.


Shane Stanley <sstanley@myriad-com.com.au>
www.macosxautomation.com/applescript/apps/

Offline

 

#9 2016-03-14 05:37:50 pm

bentoms
Member
Registered: 2008-10-21
Posts: 66
Website

Re: Keychain Services API

Is this a valid example? http://macscripter.net/viewtopic.php?id=43556

Sorry, but I'm not following.

Offline

 

#10 2016-03-14 05:43:46 pm

Shane Stanley
Member
From:: Australia
Registered: 2002-12-07
Posts: 5197

Re: Keychain Services API

Yes, that's the sort of thing.


Shane Stanley <sstanley@myriad-com.com.au>
www.macosxautomation.com/applescript/apps/

Offline

 

Board footer

Powered by FluxBB

RSS (new topics) RSS (active topics)