wincred

package
v1.6.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2022 License: Apache-2.0, MIT Imports: 6 Imported by: 0

README

This project needed some refinements (mostly to keep up with go stdlib) so I forked it at v1.1.0 (78f93c1f8b99b0c2f6e7f3d2bdc4993cf87bddff) and modified it slightly. I will keep it here with all original licensing intact - later I may submit PR upstream.

wincred

Go wrapper around the Windows Credential Manager API functions.

Go GoDoc

Installation

go get github.com/danieljoos/wincred

Usage

See the following examples:

Create and store a new generic credential object
package main

import (
    "fmt"
    "github.com/danieljoos/wincred"
)

func main() {
    cred := wincred.NewGenericCredential("myGoApplication")
    cred.CredentialBlob = []byte("my secret")
    err := cred.Write()
    
    if err != nil {
        fmt.Println(err)
    }
}
Retrieve a credential object
package main

import (
    "fmt"
    "github.com/danieljoos/wincred"
)

func main() {
    cred, err := wincred.GetGenericCredential("myGoApplication")
    if err == nil {
        fmt.Println(string(cred.CredentialBlob))
    }
}
Remove a credential object
package main

import (
    "fmt"
    "github.com/danieljoos/wincred"
)

func main() {
    cred, err := wincred.GetGenericCredential("myGoApplication")
    if err != nil {
        fmt.Println(err)
        return
    }
    cred.Delete()
}
List all available credentials
package main

import (
    "fmt"
    "github.com/danieljoos/wincred"
)

func main() {
    creds, err := wincred.List()
    if err != nil {
        fmt.Println(err)
        return
    }
    for i := range(creds) {
        fmt.Println(creds[i].TargetName)
    }
}

Documentation

Overview

nolint

Package wincred provides primitives for accessing the Windows Credentials Management API. This includes functions for retrieval, listing and storage of credentials as well as Go structures for convenient access to the credential data.

A more detailed description of Windows Credentials Management can be found on Docs: https://docs.microsoft.com/en-us/windows/desktop/SecAuthN/credentials-management

Index

Constants

View Source 
const (
	// ErrElementNotFound is the error that is returned if a requested element cannot be found.
	// This error constant can be used to check if a credential could not be found.
	ErrElementNotFound = sysERROR_NOT_FOUND

	// ErrInvalidParameter is the error that is returned for invalid parameters.
	// This error constant can be used to check if the given function parameters were invalid.
	// For example when trying to create a new generic credential with an empty target name.
	ErrInvalidParameter = sysERROR_INVALID_PARAMETER
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Credential 

type Credential struct {
	TargetName     string
	Comment        string
	LastWritten    time.Time
	CredentialBlob []byte
	Attributes     []CredentialAttribute
	TargetAlias    string
	UserName       string
	Persist        CredentialPersistence
}

Credential is the basic credential structure. A credential is identified by its target name. The actual credential secret is available in the CredentialBlob field.

func FilteredList 

func FilteredList(filter string) ([]*Credential, error)

FilteredList retrieves the list of credentials from the Credentials store that match the given filter. The filter string defines the prefix followed by an asterisk for the `TargetName` attribute of the credentials.

func List 

func List() ([]*Credential, error)

List retrieves all credentials of the Credentials store.

type CredentialAttribute 

type CredentialAttribute struct {
	Keyword string
	Value   []byte
}

CredentialAttribute represents an application-specific attribute of a credential.

type CredentialPersistence 

type CredentialPersistence uint32

CredentialPersistence describes one of three persistence modes of a credential. A detailed description of the available modes can be found on Docs: https://docs.microsoft.com/en-us/windows/desktop/api/wincred/ns-wincred-_credentialw. 

const (
	// PersistSession indicates that the credential only persists for the life
	// of the current Windows login session. Such a credential is not visible in
	// any other logon session, even from the same user.
	PersistSession CredentialPersistence = 0x1

	// PersistLocalMachine indicates that the credential persists for this and
	// all subsequent logon sessions on this local machine/computer. It is
	// however not visible for logon sessions of this user on a different
	// machine.
	PersistLocalMachine CredentialPersistence = 0x2

	// PersistEnterprise indicates that the credential persists for this and all
	// subsequent logon sessions for this user. It is also visible for logon
	// sessions on different computers.
	PersistEnterprise CredentialPersistence = 0x3
)

type DomainPassword 

type DomainPassword struct {
	Credential
}

DomainPassword holds a domain credential that is typically used by the operating system for user logon.

More information about the available kinds of credentials of the Windows. Credential Management API can be found on Docs: https://docs.microsoft.com/en-us/windows/desktop/SecAuthN/kinds-of-credentials.

func GetDomainPassword 

func GetDomainPassword(targetName string) (*DomainPassword, error)

GetDomainPassword fetches the domain-password credential with the given target host name from Windows credential manager. It returns nil and an error if the credential could not be found or an error occurred.

func NewDomainPassword 

func NewDomainPassword(targetName string) (result *DomainPassword)

NewDomainPassword creates a new domain-password credential used for login to the given target host name. The persist mode of the newly created object is set to a default value that indicates local-machine-wide storage. The credential object is NOT yet persisted to the Windows credential vault.

func (*DomainPassword) Delete 

func (t *DomainPassword) Delete() (err error)

Delete removes the domain-password credential from Windows credential manager.

func (*DomainPassword) SetPassword 

func (t *DomainPassword) SetPassword(pw string)

SetPassword sets the CredentialBlob field of a domain password credential to the given string.

func (*DomainPassword) Write 

func (t *DomainPassword) Write() (err error)

Write persists the domain-password credential to Windows credential manager.

type GenericCredential 

type GenericCredential struct {
	Credential
}

GenericCredential holds a credential for generic usage. It is typically defined and used by applications that need to manage user secrets.

More information about the available kinds of credentials of the Windows. Credential Management API can be found on Docs: https://docs.microsoft.com/en-us/windows/desktop/SecAuthN/kinds-of-credentials.

func GetGenericCredential 

func GetGenericCredential(targetName string) (*GenericCredential, error)

GetGenericCredential fetches the generic credential with the given name from Windows credential manager. It returns nil and an error if the credential could not be found or an error occurred.

func NewGenericCredential 

func NewGenericCredential(targetName string) (result *GenericCredential)

NewGenericCredential creates a new generic credential object with the given name. The persist mode of the newly created object is set to a default value that indicates local-machine-wide storage. The credential object is NOT yet persisted to the Windows credential vault.

func (*GenericCredential) Delete 

func (t *GenericCredential) Delete() (err error)

Delete removes the credential object from Windows credential manager.

func (*GenericCredential) Write 

func (t *GenericCredential) Write() (err error)

Write persists the generic credential object to Windows credential manager.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.