Project public key files for use in configs (#264)

This commit is contained in:
Max Goedjen 2022-01-02 23:25:40 -08:00 committed by GitHub
parent 5894bbca00
commit 05c5aca9b6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 51 additions and 9 deletions

View File

@ -0,0 +1,41 @@
import Foundation
import OSLog
/// Controller responsible for writing public keys to disk, so that they're easily accessible by scripts.
public class PublicKeyFileStoreController {
private let logger = Logger()
private let directory: String
/// Initializes a PublicKeyFileStoreController.
public init(homeDirectory: String) {
directory = homeDirectory.appending("/PublicKeys")
}
/// Writes out the keys specified to disk.
/// - Parameter secrets: The Secrets to generate keys for.
/// - Parameter clear: Whether or not the directory should be erased before writing keys.
public func generatePublicKeys(for secrets: [AnySecret], clear: Bool = false) throws {
logger.log("Writing public keys to disk")
if clear {
try? FileManager.default.removeItem(at: URL(fileURLWithPath: directory))
}
try? FileManager.default.createDirectory(at: URL(fileURLWithPath: directory), withIntermediateDirectories: false, attributes: nil)
let keyWriter = OpenSSHKeyWriter()
for secret in secrets {
let path = path(for: secret)
guard let data = keyWriter.openSSHString(secret: secret).data(using: .utf8) else { continue }
FileManager.default.createFile(atPath: path, contents: data, attributes: nil)
}
logger.log("Finished writing public keys")
}
/// The path for a Secret's public key.
/// - Parameter secret: The Secret to return the path for.
/// - Returns: The path to the Secret's public key.
/// - Warning: This method returning a path does not imply that a key has been written to disk already. This method only describes where it will be written to.
public func path<SecretType: Secret>(for secret: SecretType) -> String {
directory.appending("/").appending("\(secret.name.replacingOccurrences(of: " ", with: "-")).pub")
}
}

View File

@ -4,8 +4,6 @@ import CryptoTokenKit
import LocalAuthentication import LocalAuthentication
import SecretKit import SecretKit
// TODO: Might need to split this up into "sub-stores?"
// ie, each token has its own Store.
extension SmartCard { extension SmartCard {
/// An implementation of Store backed by a Smart Card. /// An implementation of Store backed by a Smart Card.

View File

@ -18,6 +18,7 @@ class AppDelegate: NSObject, NSApplicationDelegate {
}() }()
private let updater = Updater(checkOnLaunch: false) private let updater = Updater(checkOnLaunch: false)
private let notifier = Notifier() private let notifier = Notifier()
private let publicKeyFileStoreController = PublicKeyFileStoreController(homeDirectory: NSHomeDirectory())
private lazy var agent: Agent = { private lazy var agent: Agent = {
Agent(storeList: storeList, witness: notifier) Agent(storeList: storeList, witness: notifier)
}() }()
@ -32,6 +33,10 @@ class AppDelegate: NSObject, NSApplicationDelegate {
DispatchQueue.main.async { DispatchQueue.main.async {
self.socketController.handler = self.agent.handle(reader:writer:) self.socketController.handler = self.agent.handle(reader:writer:)
} }
DistributedNotificationCenter.default().addObserver(forName: .secretStoreUpdated, object: nil, queue: .main) { [self] _ in
try? publicKeyFileStoreController.generatePublicKeys(for: storeList.stores.flatMap({ $0.secrets }), clear: true)
}
try? publicKeyFileStoreController.generatePublicKeys(for: storeList.stores.flatMap({ $0.secrets }), clear: true)
notifier.prompt() notifier.prompt()
updateSink = updater.$update.sink { update in updateSink = updater.$update.sink { update in
guard let update = update else { return } guard let update = update else { return }
@ -39,6 +44,5 @@ class AppDelegate: NSObject, NSApplicationDelegate {
} }
} }
} }

View File

@ -6,6 +6,7 @@ struct SecretDetailView<SecretType: Secret>: View {
@State var secret: SecretType @State var secret: SecretType
private let keyWriter = OpenSSHKeyWriter() private let keyWriter = OpenSSHKeyWriter()
private let publicKeyFileStoreController = PublicKeyFileStoreController(homeDirectory: NSHomeDirectory().replacingOccurrences(of: Bundle.main.hostBundleID, with: Bundle.main.agentBundleID))
var body: some View { var body: some View {
ScrollView { ScrollView {
@ -18,6 +19,9 @@ struct SecretDetailView<SecretType: Secret>: View {
Spacer() Spacer()
.frame(height: 20) .frame(height: 20)
CopyableView(title: "Public Key", image: Image(systemName: "key"), text: keyString) CopyableView(title: "Public Key", image: Image(systemName: "key"), text: keyString)
Spacer()
.frame(height: 20)
CopyableView(title: "Public Key Path", image: Image(systemName: "lock.doc"), text: publicKeyFileStoreController.path(for: secret))
Spacer() Spacer()
} }
} }
@ -41,11 +45,6 @@ struct SecretDetailView<SecretType: Secret>: View {
keyWriter.openSSHString(secret: secret, comment: "\(dashedKeyName)@\(dashedHostName)") keyWriter.openSSHString(secret: secret, comment: "\(dashedKeyName)@\(dashedHostName)")
} }
func copy() {
NSPasteboard.general.declareTypes([.string], owner: nil)
NSPasteboard.general.setString(keyString, forType: .string)
}
} }
#if DEBUG #if DEBUG