external/secretive
1
0
Fork 0
mirror of https://github.com/maxgoedjen/secretive.git synced 2025-09-15 08:50:57 +00:00
Code Issues Projects Releases Wiki Activity

Fix issue where “mark as migrated” could fail (#715)

Browse Source
This commit is contained in:
Max Goedjen 2025-09-14 16:11:54 -07:00 committed by GitHub
parent 1df0c8e96b
commit 15e8ed1ec2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift
View File

@ -50,16 +50,16 @@ extension SecureEnclave {
let secret = Secret(id: UUID().uuidString, name: name, publicKey: parsed.publicKey.x963Representation, attributes: Attributes(keyType: .init(algorithm: .ecdsa, size: 256), authentication: auth)) let secret = Secret(id: UUID().uuidString, name: name, publicKey: parsed.publicKey.x963Representation, attributes: Attributes(keyType: .init(algorithm: .ecdsa, size: 256), authentication: auth))
guard !migratedPublicKeys.contains(parsed.publicKey.x963Representation) else { guard !migratedPublicKeys.contains(parsed.publicKey.x963Representation) else {
logger.log("Skipping \(name), public key already present. Marking as migrated.") logger.log("Skipping \(name), public key already present. Marking as migrated.")
try markMigrated(secret: secret, oldID: id) markMigrated(secret: secret, oldID: id)
continue continue
} }
logger.log("Migrating \(name).") logger.log("Migrating \(name).")
try store.saveKey(tokenObjectID, name: name, attributes: secret.attributes) try store.saveKey(tokenObjectID, name: name, attributes: secret.attributes)
logger.log("Migrated \(name).") logger.log("Migrated \(name).")
try markMigrated(secret: secret, oldID: id) markMigrated(secret: secret, oldID: id)
migratedAny = true migratedAny = true
} catch { } catch {
logger.error("Failed to migrate \(name): \(error).") logger.error("Failed to migrate \(name): \(error.localizedDescription).")
} }
} }
if migratedAny { if migratedAny {
@ -69,10 +69,10 @@ extension SecureEnclave {
public func markMigrated(secret: Secret, oldID: Data) throws { public func markMigrated(secret: Secret, oldID: Data) {
let updateQuery = KeychainDictionary([ let updateQuery = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrApplicationLabel: secret.id kSecAttrApplicationLabel: oldID
]) ])
let newID = oldID + Constants.migrationMagicNumber let newID = oldID + Constants.migrationMagicNumber
@ -82,7 +82,7 @@ extension SecureEnclave {
let status = SecItemUpdate(updateQuery, updatedAttributes) let status = SecItemUpdate(updateQuery, updatedAttributes)
if status != errSecSuccess { if status != errSecSuccess {
throw KeychainError(statusCode: status) logger.warning("Failed to mark \(secret.name) as migrated: \(status).")
} }
} }