From 2be4802e112f5bf79bf36c71f73ae9a1873fb010 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Le=20Barbier?= Date: Sun, 15 Sep 2024 23:17:38 +0200 Subject: [PATCH] Save encrpytion keys in OS-X keychain --- libexec/lisp/operation.lisp | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/libexec/lisp/operation.lisp b/libexec/lisp/operation.lisp index d039b67..9c06cc1 100644 --- a/libexec/lisp/operation.lisp +++ b/libexec/lisp/operation.lisp @@ -428,11 +428,33 @@ project-name "project.lisp"))) +(defun save-encryption-key () + (unless cid:*encryption-key* + (error "No encryption key.")) + (uiop:run-program + (list "/usr/bin/security" "add-generic-password" "-U" + "-T" "" + "-s" "org.melusina.cid" + "-a" (slot-value *project* 'name) + "-w" (ironclad:byte-array-to-hex-string cid:*encryption-key*)))) + +(defun load-encryption-key () + (flet ((find-encryption-key () + (uiop:run-program + (list "/usr/bin/security" "find-generic-password" + "-s" "org.melusina.cid" + "-a" (slot-value *project* 'name) + "-w") + :output '(:string :stripped t)))) + (setf cid:*encryption-key* + (ironclad:hex-string-to-byte-array (find-encryption-key))))) + (defun save-project () "Save *PROJECT* under PATHNAME." (let ((filename (project-filename *project*))) - (ensure-directories-exist filename) + (ensure-directories-exist filename) + (save-encryption-key) (with-open-file (stream filename :direction :output :if-exists :supersede @@ -450,9 +472,9 @@ (project-filename designator))) (assert (probe-file filename) () 'file-does-not-exist) (with-open-file (stream filename :direction :input) - (values - (setf *project* (cid:read-persistent-object stream)) - filename)))) + (setf *project* (cid:read-persistent-object stream))) + (load-encryption-key) + (values *project* filename))) ;;;;