Cleanup of agent (#58)

* Extract key selection.

* Moving agent and socket stuff to SecretAgentKit

* Cleanup of agent

SecretAgent/AppDelegate.swift

@@ -1,5 +1,6 @@
 import Cocoa
 import SecretKit
+import SecretAgentKit
 import OSLog
 
 @NSApplicationMain
@@ -13,7 +14,7 @@ class AppDelegate: NSObject, NSApplicationDelegate {
     }()
     let notifier = Notifier()
     lazy var agent: Agent = {
-        Agent(storeList: storeList, notifier: notifier)
+        Agent(storeList: storeList/*, notifier: notifier*/)
     }()
     lazy var socketController: SocketController = {
         let path = (NSHomeDirectory() as NSString).appendingPathComponent("socket.ssh") as String

SecretAgent/Notifier.swift

@@ -1,5 +1,6 @@
 import Foundation
 import SecretKit
+import SecretAgentKit
 import UserNotifications
 
 class Notifier {
@@ -10,7 +11,7 @@ class Notifier {
         }
     }
 
-    func notify<SecretType: Secret>(accessTo secret: SecretType) {
+    func notify(accessTo secret: AnySecret) {
         let notificationCenter = UNUserNotificationCenter.current()
         let notificationContent = UNMutableNotificationContent()
         notificationContent.title = "Signed Request"
@@ -20,3 +21,11 @@ class Notifier {
     }
 
 }
+
+extension Notifier: SigningWitness {
+
+    func witness(accessTo secret: AnySecret) throws {
+        notify(accessTo: secret)
+    }
+
+}

SecretAgentKit/Agent.swift

@@ -2,24 +2,24 @@ import Foundation
 import CryptoKit
 import OSLog
 import SecretKit
-import SecretAgentKit
 
-class Agent {
+public class Agent {
 
     fileprivate let storeList: SecretStoreList
-    fileprivate let notifier: Notifier
+    fileprivate let witness: SigningWitness?
+    fileprivate let writer = OpenSSHKeyWriter()
 
-    public init(storeList: SecretStoreList, notifier: Notifier) {
+    public init(storeList: SecretStoreList, witness: SigningWitness? = nil) {
         os_log(.debug, "Agent is running")
         self.storeList = storeList
-        self.notifier = notifier
+        self.witness = witness
     }
     
 }
 
 extension Agent {
 
-    func handle(fileHandle: FileHandle) {
+    public func handle(fileHandle: FileHandle) {
         os_log(.debug, "Agent handling new data")
         let data = fileHandle.availableData
         guard !data.isEmpty else { return }
@@ -76,24 +76,19 @@ extension Agent {
 
     func sign(data: Data) throws -> Data {
         let reader = OpenSSHReader(data: data)
-        let writer = OpenSSHKeyWriter()
         let hash = try reader.readNextChunk()
-        let matching = storeList.stores.compactMap { store -> (AnySecretStore, AnySecret)? in
-            let allMatching = store.secrets.filter { secret in
-                hash == writer.data(secret: secret)
-            }
-            if let matching = allMatching.first {
-                return (store, matching)
-            }
-            return nil
-        }
-        guard let (store, secret) = matching.first else {
+        guard let (store, secret) = secret(matching: hash) else {
+            os_log(.debug, "Agent did not have a key matching %@", hash as NSData)
             throw AgentError.noMatchingKey
         }
+
+        if let witness = witness {
+            try witness.witness(accessTo: secret)
+        }
+
         let dataToSign = try reader.readNextChunk()
         let derSignature = try store.sign(data: dataToSign, with: secret)
-        // TODO: Move this
-        notifier.notify(accessTo: secret)
+
         let curveData = writer.curveType(for: secret.algorithm, length: secret.keySize).data(using: .utf8)!
 
         // Convert from DER formatted rep to raw (r||s)
@@ -130,6 +125,22 @@ extension Agent {
 
 }
 
+extension Agent {
+
+    func secret(matching hash: Data) -> (AnySecretStore, AnySecret)? {
+        storeList.stores.compactMap { store -> (AnySecretStore, AnySecret)? in
+            let allMatching = store.secrets.filter { secret in
+                hash == writer.data(secret: secret)
+            }
+            if let matching = allMatching.first {
+                return (store, matching)
+            }
+            return nil
+        }.first
+    }
+
+}
+
 
 extension Agent {
 

SecretAgentKit/SigningWitness.swift

@@ -0,0 +1,8 @@
+import Foundation
+import SecretKit
+
+public protocol SigningWitness {
+
+    func witness(accessTo secret: AnySecret) throws
+
+}

SecretAgentKit/SocketController.swift

@@ -1,13 +1,13 @@
 import Foundation
 import OSLog
 
-class SocketController {
+public class SocketController {
 
     fileprivate var fileHandle: FileHandle?
     fileprivate var port: SocketPort?
-    var handler: ((FileHandle) -> Void)?
+    public var handler: ((FileHandle) -> Void)?
 
-    init(path: String) {
+    public init(path: String) {
         os_log(.debug, "Socket controller setting up at %@", path)
         if let _ = try? FileManager.default.removeItem(atPath: path) {
             os_log(.debug, "Socket controller removed existing socket")

Secretive.xcodeproj/project.pbxproj

@@ -32,6 +32,9 @@
 		506AB87E2412334700335D91 /* SecretAgent.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 50A3B78A24026B7500D209EA /* SecretAgent.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; };
 		50731666241DF8660023809E /* Updater.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50731665241DF8660023809E /* Updater.swift */; };
 		50731669241E00C20023809E /* NoticeView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50731668241E00C20023809E /* NoticeView.swift */; };
+		507CE4ED2420A3C70029F750 /* Agent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50A3B79F24026B9900D209EA /* Agent.swift */; };
+		507CE4EE2420A3CA0029F750 /* SocketController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50A3B79D24026B9900D209EA /* SocketController.swift */; };
+		507CE4F02420A4C50029F750 /* SigningWitness.swift in Sources */ = {isa = PBXBuildFile; fileRef = 507CE4EF2420A4C50029F750 /* SigningWitness.swift */; };
 		508A58AA241E06B40069DC07 /* PreviewUpdater.swift in Sources */ = {isa = PBXBuildFile; fileRef = 508A58A9241E06B40069DC07 /* PreviewUpdater.swift */; };
 		508A58B3241ED2180069DC07 /* AgentStatusChecker.swift in Sources */ = {isa = PBXBuildFile; fileRef = 508A58B2241ED2180069DC07 /* AgentStatusChecker.swift */; };
 		508A58B5241ED48F0069DC07 /* PreviewAgentStatusChecker.swift in Sources */ = {isa = PBXBuildFile; fileRef = 508A58B4241ED48F0069DC07 /* PreviewAgentStatusChecker.swift */; };
@@ -49,8 +52,6 @@
 		50A3B79124026B7600D209EA /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 50A3B79024026B7600D209EA /* Assets.xcassets */; };
 		50A3B79424026B7600D209EA /* Preview Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 50A3B79324026B7600D209EA /* Preview Assets.xcassets */; };
 		50A3B79724026B7600D209EA /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 50A3B79524026B7600D209EA /* Main.storyboard */; };
-		50A3B7A024026B9900D209EA /* SocketController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50A3B79D24026B9900D209EA /* SocketController.swift */; };
-		50A3B7A224026B9900D209EA /* Agent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50A3B79F24026B9900D209EA /* Agent.swift */; };
 		50A5C18C240E4B4B00E2996C /* SecretAgentKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 5099A06C240242BA0062B6F2 /* SecretAgentKit.framework */; };
 		50A5C18D240E4B4B00E2996C /* SecretAgentKit.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = 5099A06C240242BA0062B6F2 /* SecretAgentKit.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; };
 		50A5C18F240E4B4C00E2996C /* SecretKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 50617DA823FCE4AB0099B055 /* SecretKit.framework */; };
@@ -98,6 +99,13 @@
 			remoteGlobalIDString = 50617DA723FCE4AB0099B055;
 			remoteInfo = SecretKit;
 		};
+		507CE4F12420A6B50029F750 /* PBXContainerItemProxy */ = {
+			isa = PBXContainerItemProxy;
+			containerPortal = 50617D7723FCE48D0099B055 /* Project object */;
+			proxyType = 1;
+			remoteGlobalIDString = 50617DA723FCE4AB0099B055;
+			remoteInfo = SecretKit;
+		};
 		5099A076240242BA0062B6F2 /* PBXContainerItemProxy */ = {
 			isa = PBXContainerItemProxy;
 			containerPortal = 50617D7723FCE48D0099B055 /* Project object */;
@@ -194,6 +202,7 @@
 		506838A22415EA5D00F55094 /* AnySecretStore.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AnySecretStore.swift; sourceTree = "<group>"; };
 		50731665241DF8660023809E /* Updater.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Updater.swift; sourceTree = "<group>"; };
 		50731668241E00C20023809E /* NoticeView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NoticeView.swift; sourceTree = "<group>"; };
+		507CE4EF2420A4C50029F750 /* SigningWitness.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SigningWitness.swift; sourceTree = "<group>"; };
 		508A58A9241E06B40069DC07 /* PreviewUpdater.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PreviewUpdater.swift; sourceTree = "<group>"; };
 		508A58AB241E121B0069DC07 /* Config.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = Config.xcconfig; sourceTree = "<group>"; };
 		508A58B2241ED2180069DC07 /* AgentStatusChecker.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AgentStatusChecker.swift; sourceTree = "<group>"; };
@@ -457,6 +466,9 @@
 			children = (
 				5099A06E240242BA0062B6F2 /* SecretAgentKit.h */,
 				5099A089240242C20062B6F2 /* SSHAgentProtocol.swift */,
+				50A3B79D24026B9900D209EA /* SocketController.swift */,
+				507CE4EF2420A4C50029F750 /* SigningWitness.swift */,
+				50A3B79F24026B9900D209EA /* Agent.swift */,
 				5099A06F240242BA0062B6F2 /* Info.plist */,
 			);
 			path = SecretAgentKit;
@@ -482,9 +494,7 @@
 			isa = PBXGroup;
 			children = (
 				50020BAF24064869003D4025 /* AppDelegate.swift */,
-				50A3B79F24026B9900D209EA /* Agent.swift */,
 				5018F54E24064786002EB505 /* Notifier.swift */,
-				50A3B79D24026B9900D209EA /* SocketController.swift */,
 				50A3B79024026B7600D209EA /* Assets.xcassets */,
 				50A3B79524026B7600D209EA /* Main.storyboard */,
 				50A3B79824026B7600D209EA /* Info.plist */,
@@ -611,6 +621,7 @@
 			buildRules = (
 			);
 			dependencies = (
+				507CE4F22420A6B50029F750 /* PBXTargetDependency */,
 			);
 			name = SecretAgentKit;
 			productName = SecretAgentKit;
@@ -835,7 +846,10 @@
 			isa = PBXSourcesBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				507CE4EE2420A3CA0029F750 /* SocketController.swift in Sources */,
 				5099A08A240242C20062B6F2 /* SSHAgentProtocol.swift in Sources */,
+				507CE4ED2420A3C70029F750 /* Agent.swift in Sources */,
+				507CE4F02420A4C50029F750 /* SigningWitness.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -853,8 +867,6 @@
 			files = (
 				50020BB024064869003D4025 /* AppDelegate.swift in Sources */,
 				5018F54F24064786002EB505 /* Notifier.swift in Sources */,
-				50A3B7A224026B9900D209EA /* Agent.swift in Sources */,
-				50A3B7A024026B9900D209EA /* SocketController.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -886,6 +898,11 @@
 			target = 50617DA723FCE4AB0099B055 /* SecretKit */;
 			targetProxy = 50617DBB23FCE4AB0099B055 /* PBXContainerItemProxy */;
 		};
+		507CE4F22420A6B50029F750 /* PBXTargetDependency */ = {
+			isa = PBXTargetDependency;
+			target = 50617DA723FCE4AB0099B055 /* SecretKit */;
+			targetProxy = 507CE4F12420A6B50029F750 /* PBXContainerItemProxy */;
+		};
 		5099A077240242BA0062B6F2 /* PBXTargetDependency */ = {
 			isa = PBXTargetDependency;
 			target = 5099A06B240242BA0062B6F2 /* SecretAgentKit */;