external/secretive
1
0
Fork 0
mirror of https://github.com/maxgoedjen/secretive.git synced 2025-08-31 01:20:57 +00:00
Code Issues Projects Releases Wiki Activity

Merge branch 'main' into mldsa

Browse Source
This commit is contained in:
Max Goedjen 2025-08-24 15:38:01 -07:00
commit 54ced6040f
No known key found for this signature in database
5 changed files with 8 additions and 179 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

162
Sources/Packages/Localizable.xcstrings
View File

@ -930,84 +930,6 @@
}
}
},
"auth_context_request_decrypt_description" : {
"comment" : "When the user performs a decryption action using a secret, they are shown a prompt to approve the action. This is the description, showing which secret will be used. The placeholder is the name of the secret. NOTE: This is currently not exposed in UI.",
"extractionState" : "manual",
"localizations" : {
"ca" : {
"stringUnit" : {
"state" : "translated",
"value" : "desencripta dades usant el secret \"%1$(secretName)@\" "
}
},
"de" : {
"stringUnit" : {
"state" : "translated",
"value" : "Daten mit dem Secret \"%1$(secretName)@\" entschlüsseln"
}
},
"en" : {
"stringUnit" : {
"state" : "translated",
"value" : "decrypt data using secret \"%1$(secretName)@“"
}
},
"fi" : {
"stringUnit" : {
"state" : "translated",
"value" : "pura salaus käyttäen salaisuutta \"%1$(secretName)@\""
}
},
"fr" : {
"stringUnit" : {
"state" : "translated",
"value" : "déchiffrer les données en utilisant le secret \"%1$(secretName)@\"."
}
},
"it" : {
"stringUnit" : {
"state" : "translated",
"value" : "decifra i dati usando il Segreto \"%1$(secretName)@\""
}
},
"ja" : {
"stringUnit" : {
"state" : "translated",
"value" : "シークレット“%1$(secretName)@”を使って復号化します"
}
},
"ko" : {
"stringUnit" : {
"state" : "translated",
"value" : "비밀 \"%1$(secretName)@\"를 사용해서 데이터 복호화"
}
},
"pl" : {
"stringUnit" : {
"state" : "translated",
"value" : "odszyfruj dane używając sekretu “%1$(secretName)@”"
}
},
"pt-BR" : {
"stringUnit" : {
"state" : "translated",
"value" : "decriptar o dado utilizando segredo \"%1$(secretName)@\""
}
},
"ru" : {
"stringUnit" : {
"state" : "translated",
"value" : "расшифровать данные используя секрет \"%1$(secretName)@\""
}
},
"zh-Hans" : {
"stringUnit" : {
"state" : "translated",
"value" : "使用密钥串 \"%1$(secretName)@\" 解密数据"
}
}
}
},
"auth_context_request_deny_button" : {
"comment" : "When the user chooses to perform an action that requires Touch ID/password authentication, they are shown a prompt to approve the action. This is the deny button for that prompt.",
"extractionState" : "manual",
@ -1086,84 +1008,6 @@
}
}
},
"auth_context_request_encrypt_description" : {
"comment" : "When the user performs an encryption action using a secret, they are shown a prompt to approve the action. This is the description, showing which secret will be used. The placeholder is the name of the secret. NOTE: This is currently not exposed in UI.",
"extractionState" : "manual",
"localizations" : {
"ca" : {
"stringUnit" : {
"state" : "translated",
"value" : "encripta dades usant el secret \"%1$(secretName)@\""
}
},
"de" : {
"stringUnit" : {
"state" : "translated",
"value" : "Daten mit dem Secret \"%1$(secretName)@\" verschlüsseln"
}
},
"en" : {
"stringUnit" : {
"state" : "translated",
"value" : "encrypt data using secret \"%1$(secretName)@“"
}
},
"fi" : {
"stringUnit" : {
"state" : "translated",
"value" : "salaa käyttäen salaisuutta \"%1$(secretName)@\""
}
},
"fr" : {
"stringUnit" : {
"state" : "translated",
"value" : "chiffrer les données en utilisant le secret \"%1$(secretName)@\""
}
},
"it" : {
"stringUnit" : {
"state" : "translated",
"value" : "cifra i dati usando il Segreto \"%1$(secretName)@\""
}
},
"ja" : {
"stringUnit" : {
"state" : "translated",
"value" : "シークレット“%1$(secretName)@”を使って暗号化します"
}
},
"ko" : {
"stringUnit" : {
"state" : "translated",
"value" : "비밀 \"%1$(secretName)@\"를 사용해서 데이터 암호화"
}
},
"pl" : {
"stringUnit" : {
"state" : "translated",
"value" : "zaszyfruj dane używając sekretu “%1$(secretName)@”"
}
},
"pt-BR" : {
"stringUnit" : {
"state" : "translated",
"value" : "encriptar dado utilizando o segredo \"%1$(secretName)@\""
}
},
"ru" : {
"stringUnit" : {
"state" : "translated",
"value" : "зашифровать данные используя секрет \"%1$(secretName)@\""
}
},
"zh-Hans" : {
"stringUnit" : {
"state" : "translated",
"value" : "使用密钥串 \"%1$(secretName)@\" 加密数据"
}
}
}
},
"auth_context_request_signature_description" : {
"comment" : "When the user performs a signature action using a secret, they are shown a prompt to approve the action. This is the description, showing which secret will be used, and where the request is coming from. The first placeholder is the name of the app requesting the operation. The second placeholder is the name of the secret.",
"extractionState" : "manual",
@ -5356,9 +5200,6 @@
}
}
}
},
"Test" : {
},
"test@example.com" : {
@ -6311,9 +6152,6 @@
}
}
}
},
"Warning: ML-DSA keys are very new, and not supported by many servers yet. Please verify the server you'll be using this key for accepts ML-DSA keys." : {
}
},
"version" : "1.0"

4
Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHReader.swift
View File

@ -17,9 +17,7 @@ public final class OpenSSHReader {
let lengthRange = 0..<(UInt32.bitWidth/8)
let lengthChunk = remaining[lengthRange]
remaining.removeSubrange(lengthRange)
let littleEndianLength = lengthChunk.withUnsafeBytes { pointer in
return pointer.load(as: UInt32.self)
}
let littleEndianLength = lengthChunk.bytes.unsafeLoad(as: UInt32.self)
let length = Int(littleEndianLength.bigEndian)
let dataRange = 0..<length
let ret = Data(remaining[dataRange])

2
Sources/Packages/Sources/SecretKit/Types/Secret.swift
View File

@ -68,7 +68,7 @@ public struct KeyType: Hashable, Sendable, Codable, CustomStringConvertible {
kSecAttrKeyTypeEC
case .rsa:
kSecAttrKeyTypeRSA
default:
case .mldsa:
nil
}
}

2
Sources/Packages/Tests/SecretAgentKitTests/AgentTests.swift
View File

@ -35,7 +35,7 @@ import CryptoKit
#expect(stubWriter.data == Constants.Responses.requestFailure)
}
@Test func signature() async throws {
@Test func ecdsaSignature() async throws {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
let requestReader = OpenSSHReader(data: Constants.Requests.requestSignature[5...])
_ = requestReader.readNextChunk()

17
Sources/Packages/Tests/SecretAgentKitTests/StubStore.swift
View File

@ -52,13 +52,8 @@ extension Stub {
guard !shouldThrow else {
throw NSError(domain: "test", code: 0, userInfo: nil)
}
let privateKey = SecKeyCreateWithData(secret.privateKey as CFData, KeychainDictionary([
kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeySizeInBits: secret.keySize,
kSecAttrKeyClass: kSecAttrKeyClassPrivate
])
, nil)!
return SecKeyCreateSignature(privateKey, signatureAlgorithm(for: secret), data as CFData, nil)! as Data
let privateKey = try CryptoKit.P256.Signing.PrivateKey(x963Representation: secret.privateKey)
return try privateKey.signature(for: data).rawRepresentation
}
public func existingPersistedAuthenticationContext(secret: Stub.Secret) -> PersistedAuthenticationContext? {
@ -81,22 +76,20 @@ extension Stub {
let id = Data(UUID().uuidString.utf8)
let name = UUID().uuidString
let algorithm = Algorithm.ecdsa
let keySize: Int
let attributes: Attributes
let publicKey: Data
let requiresAuthentication = false
let privateKey: Data
init(keySize: Int, publicKey: Data, privateKey: Data) {
self.keySize = keySize
self.attributes = Attributes(keyType: .init(algorithm: .ecdsa, size: keySize), authentication: .notRequired)
self.publicKey = publicKey
self.privateKey = privateKey
}
var debugDescription: String {
"""
Key Size \(keySize)
Key Size \(attributes.keyType.size)
Private: \(privateKey.base64EncodedString())
Public: \(publicKey.base64EncodedString())
"""