keyring-rs, a (soon-to-be) cross-platform library for managing passwords, and which uses secret-service-rs as the linux backend.
Inspiration was python keyring. At work, we have a tool which uses it, and I want to be able to rewrite it in Rust
####Secret Service secret-service-rs is currently feature-complete. I will be doing a refactoring pass soon, though, and would be happy to get feedback. @YBRyn in particular mentioned that it would be good to look over the crypto stuff before publishing. Also, much thanks to @willi_kappler for looking over my code and giving guidance.
I'd also like to mention that I really enjoyed the documentation process, rustdoc was great! And the error-handling section of the rust book made writing custom errors straightforward (and fun?).
Keyring
As for keyring-rs, it's still half-baked. The most glaring omissions are lack of OSX and Windows support. I've had a look at winapi, but it's a bit foreign to me as I don't develop on Windows. If anybody could give me some direction on Windows Credentials, that would be great.
For OSX support, I was looking at security-framework, but I had a hard time figuring it out. If anybody could let me know that's the right direction to go to interact with OSX Keychain, I'll dig a little deeper. (For reference, python keyring OSX backend appears to pipe data in and out of the security utility).
Finally, I'm trying to use conditional compilation, but could be doing it incorrectly or weirdly.
Thanks!
Just want to say again that I've had great interactions with the Rust community, and I really enjoy programming in Rust.
The last few months have been a bit of turmoil for me, but I'm planning on finishing this library in the next couple of weeks (after getting access to a Mac). If you have questions or suggestions, feel free to discuss with me here or on github issues.
piping to/from security isn't a terrible way to do it, but the "official apple approved way" is through the security api, and if you want to do the fancy thing where you do per application ACL stuff you'll need to ignore the warning from apple and use SecKeychainItemCreateFromContent
There's currently a pull request in keyring to add the functionality that you mention, it's only waiting on a pull request for password support in osx security-framework.
I am about to try and to use keyring-rs on Windows. It seems easy to use and setting and getting passwords are easy. Unfortunately, I wasn't able to find more information about the underlying Windows vault. Could you point to some recent documentation and what's the name of the Windows Vault in Windows 10.
I'm not an expert on the Windows vault/credential system, so if somebody knows more please correct me and/or add to my comment.
The Windows Credential Manager is the interface through which users can manage secrets like passwords. The secrets themselves are stored in the Windows Vault. I believe that this is true from Windows 7 onwards (I tested on Win7). And, from my understanding, Windows uses this vault to store system and network credentials, including IE passwords.
With some googling, I wasn't able to find good documentation on Microsoft's site.
It's seems to be okay. It doesn't show the password (Kennwort) and I can change the password there but I can't read it anywhere.
Personally I think it is safe enough to store some sensible information, e.g. Pinboard API token, there. That is in my opinion safer than writing that token in the source code or in a unencrypted settings file.