• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Replacing keychain scripting
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Replacing keychain scripting


  • Subject: Replacing keychain scripting
  • From: David Crowe <email@hidden>
  • Date: Sun, 18 Dec 2011 20:40:19 -0700

I recently got a new computer with Lion installed so have to finally break ties with Keychain Scripting. The Keychain Scripting scripting addition is no longer included with Lion and although I've heard you can port it from an older OS that doesn't sound like a great solution. I used Usable Keychain Scripting Addition for better speed on read operations (it doesn't make modifications to the keychain) but that's showing some new bugs and without the ability to write to the keychain my applications still won't work. Plus, that software has never been supported, so if there are bugs you can't workaround you're on your own.

At first I was kind of ticked off at Apple, but when I thought about the unix command line app "Security" which is their alternative, I realized that this is much better. It appears to work reliably and fast, and in general a built-in unix app is a better solution than a custom scripting addition.


Here are a few lines of code that I used that show how easy it is to use the security app:

First, getting a password knowing the server (e.g. ftp.xxx.com) and account (e.g. "David Crowe") for an internet key (obviously you need to program the variables):
set thePassword to do shell script "security find-internet-password -a '" & theAccount & "' -s '" & theServer & "' -g  2>&1 | sed -n '/password/ s/password: \"\\([^\"]*\\)\"/\\1/p'"

(okay, the use of SED is ugly, but basically this takes the output of the security command which includes everything about the keychain item and strips out just the password. It would fail if the password had a quote mark in it.)

Secondly, adding a new internet key:

do shell script "security add-internet-password -a '" & theAccount & "' -s '" & theService & "'  -p '" & thePath & "' -P " & thePort & " -r '" & theProtocol & "'  -w '" & thePassword & "'"

So, apart from the SED ugliness (I probably should have parsed it in AS instead) it was not very difficult to port over. The security app is on my 10.4 system so it even provides backwards compatibility.

This all makes me realize that scripting additions are probably dead for new functionality (they still have value for language extensions). I might be slow coming to this realization.

- David Crowe
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users

This email sent to email@hidden

  • Prev by Date: Re: Script Editor Text Prefs Lost After System Upgrade
  • Next by Date: Converting flv to mp4
  • Previous by thread: Apple/Shell script to ping multiple host/ip
  • Next by thread: Re: Replacing keychain scripting
  • Index(es):
    • Date
    • Thread