Project public key files for use in configs (#264)

2022-01-02 23:25:40 -08:00 · 2022-01-02 23:25:40 -08:00 · 05c5aca9b6
parent 5894bbca00
commit 05c5aca9b6
4 changed files with 51 additions and 9 deletions
--- a/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift
+++ b/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift
@ -0,0 +1,41 @@
+import Foundation
+import OSLog
+
+/// Controller responsible for writing public keys to disk, so that they're easily accessible by scripts.
+public class PublicKeyFileStoreController {
+
+    private let logger = Logger()
+    private let directory: String
+
+    /// Initializes a PublicKeyFileStoreController.
+    public init(homeDirectory: String) {
+        directory = homeDirectory.appending("/PublicKeys")
+    }
+
+    /// Writes out the keys specified to disk.
+    /// - Parameter secrets: The Secrets to generate keys for.
+    /// - Parameter clear: Whether or not the directory should be erased before writing keys.
+    public func generatePublicKeys(for secrets: [AnySecret], clear: Bool = false) throws {
+        logger.log("Writing public keys to disk")
+        if clear {
+            try? FileManager.default.removeItem(at: URL(fileURLWithPath: directory))
+        }
+        try? FileManager.default.createDirectory(at: URL(fileURLWithPath: directory), withIntermediateDirectories: false, attributes: nil)
+        let keyWriter = OpenSSHKeyWriter()
+        for secret in secrets {
+            let path = path(for: secret)
+            guard let data = keyWriter.openSSHString(secret: secret).data(using: .utf8) else { continue }
+            FileManager.default.createFile(atPath: path, contents: data, attributes: nil)
+        }
+        logger.log("Finished writing public keys")
+    }
+
+    /// The path for a Secret's public key.
+    /// - Parameter secret: The Secret to return the path for.
+    /// - Returns: The path to the Secret's public key.
+    /// - Warning: This method returning a path does not imply that a key has been written to disk already. This method only describes where it will be written to.
+    public func path<SecretType: Secret>(for secret: SecretType) -> String {
+        directory.appending("/").appending("\(secret.name.replacingOccurrences(of: " ", with: "-")).pub")
+    }
+
+}
--- a/Sources/Packages/Sources/SmartCardSecretKit/SmartCardStore.swift
+++ b/Sources/Packages/Sources/SmartCardSecretKit/SmartCardStore.swift
@ -4,8 +4,6 @@ import CryptoTokenKit
 import LocalAuthentication
 import SecretKit

-// TODO: Might need to split this up into "sub-stores?"
-// ie, each token has its own Store.
 extension SmartCard {

    /// An implementation of Store backed by a Smart Card.
--- a/Sources/SecretAgent/AppDelegate.swift
+++ b/Sources/SecretAgent/AppDelegate.swift
@ -18,6 +18,7 @@ class AppDelegate: NSObject, NSApplicationDelegate {
    }()
    private let updater = Updater(checkOnLaunch: false)
    private let notifier = Notifier()
+    private let publicKeyFileStoreController = PublicKeyFileStoreController(homeDirectory: NSHomeDirectory())
    private lazy var agent: Agent = {
        Agent(storeList: storeList, witness: notifier)
    }()
@ -32,6 +33,10 @@ class AppDelegate: NSObject, NSApplicationDelegate {
        DispatchQueue.main.async {
            self.socketController.handler = self.agent.handle(reader:writer:)
        }
+        DistributedNotificationCenter.default().addObserver(forName: .secretStoreUpdated, object: nil, queue: .main) { [self] _ in
+            try? publicKeyFileStoreController.generatePublicKeys(for: storeList.stores.flatMap({ $0.secrets }), clear: true)
+        }
+        try? publicKeyFileStoreController.generatePublicKeys(for: storeList.stores.flatMap({ $0.secrets }), clear: true)
        notifier.prompt()
        updateSink = updater.$update.sink { update in
            guard let update = update else { return }
@ -39,6 +44,5 @@ class AppDelegate: NSObject, NSApplicationDelegate {
        }
    }

-
 }

--- a/Sources/Secretive/Views/SecretDetailView.swift
+++ b/Sources/Secretive/Views/SecretDetailView.swift
@ -6,6 +6,7 @@ struct SecretDetailView<SecretType: Secret>: View {
    @State var secret: SecretType

    private let keyWriter = OpenSSHKeyWriter()
+    private let publicKeyFileStoreController = PublicKeyFileStoreController(homeDirectory: NSHomeDirectory().replacingOccurrences(of: Bundle.main.hostBundleID, with: Bundle.main.agentBundleID))
    
    var body: some View {
        ScrollView {
@ -18,6 +19,9 @@ struct SecretDetailView<SecretType: Secret>: View {
                    Spacer()
                        .frame(height: 20)
                    CopyableView(title: "Public Key", image: Image(systemName: "key"), text: keyString)
+                    Spacer()
+                        .frame(height: 20)
+                    CopyableView(title: "Public Key Path", image: Image(systemName: "lock.doc"), text: publicKeyFileStoreController.path(for: secret))
                    Spacer()
                }
            }
@ -40,12 +44,7 @@ struct SecretDetailView<SecretType: Secret>: View {
    var keyString: String {
        keyWriter.openSSHString(secret: secret, comment: "\(dashedKeyName)@\(dashedHostName)")
    }
-    
-    func copy() {
-        NSPasteboard.general.declareTypes([.string], owner: nil)
-        NSPasteboard.general.setString(keyString, forType: .string)
-    }
-    
+
 }

 #if DEBUG