in keyper/__init__.py [0:0]
def install_cert(self, certificate: Certificate) -> None:
"""Install the supplied certificate to the keychain.
If this is a temporary keychain, the search list will be modified so that
we can use it in other applications such as using the codesign binary.
NOTE: The certificate (and private key) is set to allow any program on the
system to access it. Be sure that this is what you want.
:param Certificate certificate: The certificate to be installed.
"""
# The keychain must be unlocked before we can do anything further
self.unlock()
# Import the certificate into the keychain
import_command = [
"security",
"import",
certificate.path,
"-P",
certificate.password,
"-A",
"-t",
"cert",
"-f",
"pkcs12",
"-k",
self.path,
]
try:
subprocess.run(import_command, check=True)
except subprocess.CalledProcessError as ex:
log.error("Failed to get import certificate: %s", ex)
raise
# Give everything access to the keychain so that it is actually useful
self.set_key_partition_list(certificate)
# Add the keychain to the search list so that we can just search across all
# keychains
self.add_to_user_search_list()