Function: auth-source-macos-keychain-search-items

auth-source-macos-keychain-search-items is a byte-compiled function defined in auth-source.el.gz.

Signature

(auth-source-macos-keychain-search-items COLL TYPE MAX HOST PORT &key LABEL TYPE USER &allow-other-keys)

Source Code

;; Defined in /usr/src/emacs/lisp/auth-source.el.gz
(cl-defun auth-source-macos-keychain-search-items (coll _type _max host port
                                                   &key label type user
                                                   &allow-other-keys)
  (let* ((keychain-generic (eq type 'macos-keychain-generic))
         (args `(,(if keychain-generic
                      "find-generic-password"
                    "find-internet-password")
                 "-g"))
         (ret (list :type type)))
    (when label
      (setq args (append args (list "-l" label))))
    (when host
      (setq args (append args (list (if keychain-generic "-c" "-s") host))))
    (when user
      (setq args (append args (list "-a" user))))

    (when port
      (if keychain-generic
          (setq args (append args (list "-s" port)))
        (setq args (append args (list
                                 (if (string-match "[0-9]+" port) "-P" "-r")
                                 port)))))

      (unless (equal coll "default")
        (setq args (append args (list coll))))

      (with-temp-buffer
        (apply #'call-process "/usr/bin/security" nil t nil args)
        (goto-char (point-min))
        (while (not (eobp))
          (cond
           ((looking-at "^password: \\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
            (setq ret (auth-source-macos-keychain-result-append
                       ret
                       keychain-generic
                       "secret"
                       (let ((v (auth-source--decode-octal-string
                                 (match-string 1))))
                         (lambda () v)))))
           ;; TODO: check if this is really the label
           ;; match 0x00000007 <blob>="AppleID"
           ((looking-at
             "^[ ]+0x00000007 <blob>=\\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
            (setq ret (auth-source-macos-keychain-result-append
                       ret
                       keychain-generic
                       "label"
                       (auth-source--decode-octal-string (match-string 1)))))
           ;; match "crtr"<uint32>="aapl"
           ;; match "svce"<blob>="AppleID"
           ((looking-at
             "^[ ]+\"\\([a-z]+\\)\"[^=]+=\\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
            (setq ret (auth-source-macos-keychain-result-append
                       ret
                       keychain-generic
                       (auth-source--decode-octal-string (match-string 1))
                       (auth-source--decode-octal-string (match-string 2))))))
          (forward-line)))
      ;; return `ret' iff it has the :secret key
      (and (plist-get ret :secret) (list ret))))