From 4de805dd37becf804ac82ab603fa1e67894c20c5 Mon Sep 17 00:00:00 2001 From: Max Goedjen Date: Sun, 17 Jan 2021 16:16:38 -0800 Subject: [PATCH] Add support for SHA256 fingerprints (#198) * Add SHA256 * Update tests * Fix padding --- SecretKit/Common/OpenSSH/OpenSSHKeyWriter.swift | 10 +++++++++- SecretKitTests/OpenSSHWriterTests.swift | 16 ++++++++++++---- Secretive/Views/SecretDetailView.swift | 5 ++++- 3 files changed, 25 insertions(+), 6 deletions(-) diff --git a/SecretKit/Common/OpenSSH/OpenSSHKeyWriter.swift b/SecretKit/Common/OpenSSH/OpenSSHKeyWriter.swift index 9889835..a577476 100644 --- a/SecretKit/Common/OpenSSH/OpenSSHKeyWriter.swift +++ b/SecretKit/Common/OpenSSH/OpenSSHKeyWriter.swift @@ -19,7 +19,15 @@ public struct OpenSSHKeyWriter { .joined(separator: " ") } - public func openSSHFingerprint(secret: SecretType) -> String { + public func openSSHSHA256Fingerprint(secret: SecretType) -> String { + // OpenSSL format seems to strip the padding at the end. + let base64 = Data(SHA256.hash(data: data(secret: secret))).base64EncodedString() + let paddingRange = base64.index(base64.endIndex, offsetBy: -2)..(secret: SecretType) -> String { Insecure.MD5.hash(data: data(secret: secret)) .compactMap { ("0" + String($0, radix: 16, uppercase: false)).suffix(2) } .joined(separator: ":") diff --git a/SecretKitTests/OpenSSHWriterTests.swift b/SecretKitTests/OpenSSHWriterTests.swift index d7a17b5..fcb0c96 100644 --- a/SecretKitTests/OpenSSHWriterTests.swift +++ b/SecretKitTests/OpenSSHWriterTests.swift @@ -6,8 +6,12 @@ class OpenSSHWriterTests: XCTestCase { let writer = OpenSSHKeyWriter() - func testECDSA256Fingerprint() { - XCTAssertEqual(writer.openSSHFingerprint(secret: Constants.ecdsa256Secret), "dc:60:4d:ff:c2:d9:18:8b:2f:24:40:b5:7f:43:47:e5") + func testECDSA256MD5Fingerprint() { + XCTAssertEqual(writer.openSSHMD5Fingerprint(secret: Constants.ecdsa256Secret), "dc:60:4d:ff:c2:d9:18:8b:2f:24:40:b5:7f:43:47:e5") + } + + func testECDSA256SHA256Fingerprint() { + XCTAssertEqual(writer.openSSHSHA256Fingerprint(secret: Constants.ecdsa256Secret), "SHA256:/VQFeGyM8qKA8rB6WGMuZZxZLJln2UgXLk3F0uTF650") } func testECDSA256PublicKey() { @@ -19,8 +23,12 @@ class OpenSSHWriterTests: XCTestCase { XCTAssertEqual(writer.data(secret: Constants.ecdsa256Secret), Data(base64Encoded: "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOVEjgAA5PHqRgwykjN5qM21uWCHFSY/Sqo5gkHAkn+e1MMQKHOLga7ucB9b3mif33MBid59GRK9GEPVlMiSQwo=")) } - func testECDSA384Fingerprint() { - XCTAssertEqual(writer.openSSHFingerprint(secret: Constants.ecdsa384Secret), "66:e0:66:d7:41:ed:19:8e:e2:20:df:ce:ac:7e:2b:6e") + func testECDSA384MD5Fingerprint() { + XCTAssertEqual(writer.openSSHMD5Fingerprint(secret: Constants.ecdsa384Secret), "66:e0:66:d7:41:ed:19:8e:e2:20:df:ce:ac:7e:2b:6e") + } + + func testECDSA384SHA256Fingerprint() { + XCTAssertEqual(writer.openSSHSHA256Fingerprint(secret: Constants.ecdsa384Secret), "SHA256:GJUEymQNL9ymaMRRJCMGY4rWIJHu/Lm8Yhao/PAiz1I") } func testECDSA384PublicKey() { diff --git a/Secretive/Views/SecretDetailView.swift b/Secretive/Views/SecretDetailView.swift index e1878dd..20fa76e 100644 --- a/Secretive/Views/SecretDetailView.swift +++ b/Secretive/Views/SecretDetailView.swift @@ -10,7 +10,10 @@ struct SecretDetailView: View { var body: some View { Form { Section { - CopyableView(title: "Fingerprint", image: Image(systemName: "touchid"), text: keyWriter.openSSHFingerprint(secret: secret)) + CopyableView(title: "SHA256 Fingerprint", image: Image(systemName: "touchid"), text: keyWriter.openSSHSHA256Fingerprint(secret: secret)) + Spacer() + .frame(height: 20) + CopyableView(title: "MD5 Fingerprint", image: Image(systemName: "touchid"), text: keyWriter.openSSHMD5Fingerprint(secret: secret)) Spacer() .frame(height: 20) CopyableView(title: "Public Key", image: Image(systemName: "key"), text: keyString)