[keyring] support for kwallet, pass (#5560)

Add support for KDE Wallet service and the pass command line tool.

CHANGELOG.md

@@ -152,6 +152,8 @@ correct version via: `pkgutil --pkg-info=com.apple.pkg.CLTools_Executables`.
 by the new key store:
   - `os`: use OS default credentials storage (default).
   - `file`: use encrypted file-based store.
+  - `kwallet`: use [KDE Wallet](https://utils.kde.org/projects/kwalletmanager/) service.
+  - `pass`: use the [pass](https://www.passwordstore.org/) command line password manager.
   - `test`: use password-less key store. *For testing purposes only. Use it at your own risk.*
 * (keys) [\#5097](https://github.com/cosmos/cosmos-sdk/pull/5097) New `keys migrate` command to assist users migrate their keys
 to the new keyring.

crypto/keys/keyring.go

@@ -26,9 +26,11 @@ import (
 )
 
 const (
-	BackendFile = "file"
-	BackendOS   = "os"
-	BackendTest = "test"
+	BackendFile    = "file"
+	BackendOS      = "os"
+	BackendKWallet = "kwallet"
+	BackendPass    = "pass"
+	BackendTest    = "test"
 )
 
 const (
@@ -71,6 +73,10 @@ func NewKeyring(
 		db, err = keyring.Open(newFileBackendKeyringConfig(svcName, rootDir, userInput))
 	case BackendOS:
 		db, err = keyring.Open(lkbToKeyringConfig(svcName, rootDir, userInput, false))
+	case BackendKWallet:
+		db, err = keyring.Open(newKWalletBackendKeyringConfig(svcName, rootDir, userInput))
+	case BackendPass:
+		db, err = keyring.Open(newPassBackendKeyringConfig(svcName, rootDir, userInput))
 	default:
 		return nil, fmt.Errorf("unknown keyring backend %v", backend)
 	}
@@ -485,7 +491,7 @@ func (kb keyringKeybase) writeInfo(name string, info Info) {
 func lkbToKeyringConfig(name, dir string, buf io.Reader, test bool) keyring.Config {
 	if test {
 		return keyring.Config{
-			AllowedBackends: []keyring.BackendType{"file"},
+			AllowedBackends: []keyring.BackendType{keyring.FileBackend},
 			ServiceName:     name,
 			FileDir:         filepath.Join(dir, fmt.Sprintf(testKeyringDirNameFmt, name)),
 			FilePasswordFunc: func(_ string) (string, error) {
@@ -501,10 +507,28 @@ func lkbToKeyringConfig(name, dir string, buf io.Reader, test bool) keyring.Conf
 	}
 }
 
+func newKWalletBackendKeyringConfig(name, _ string, _ io.Reader) keyring.Config {
+	return keyring.Config{
+		AllowedBackends: []keyring.BackendType{keyring.KWalletBackend},
+		ServiceName:     "kdewallet",
+		KWalletAppID:    name,
+		KWalletFolder:   "",
+	}
+}
+
+func newPassBackendKeyringConfig(name, dir string, _ io.Reader) keyring.Config {
+	prefix := filepath.Join(dir, fmt.Sprintf(keyringDirNameFmt, name))
+	return keyring.Config{
+		AllowedBackends: []keyring.BackendType{keyring.PassBackend},
+		ServiceName:     name,
+		PassPrefix:      prefix,
+	}
+}
+
 func newFileBackendKeyringConfig(name, dir string, buf io.Reader) keyring.Config {
 	fileDir := filepath.Join(dir, fmt.Sprintf(keyringDirNameFmt, name))
 	return keyring.Config{
-		AllowedBackends:  []keyring.BackendType{"file"},
+		AllowedBackends:  []keyring.BackendType{keyring.FileBackend},
 		ServiceName:      name,
 		FileDir:          fileDir,
 		FilePasswordFunc: newRealPrompt(fileDir, buf),