Allow limited key validity window for authenticated keys (#252)

SecretAgentKitTests/StubStore.swift

@@ -48,7 +48,7 @@ extension Stub {
             print("Public Key OpenSSH: \(OpenSSHKeyWriter().openSSHString(secret: secret))")
         }
 
-        public func sign(data: Data, with secret: Secret, for provenance: SigningRequestProvenance) throws -> Data {
+        public func sign(data: Data, with secret: Secret, for provenance: SigningRequestProvenance) throws -> SignedData {
             guard !shouldThrow else {
                 throw NSError(domain: "test", code: 0, userInfo: nil)
             }
@@ -67,7 +67,10 @@ extension Stub {
             default:
                 fatalError()
             }
-            return SecKeyCreateSignature(privateKey, signatureAlgorithm, data as CFData, nil)! as Data
+            return SignedData(data: SecKeyCreateSignature(privateKey, signatureAlgorithm, data as CFData, nil)! as Data, requiredAuthentication: false)
+        }
+
+        public func persistAuthentication(secret: Stub.Secret, forDuration duration: TimeInterval) throws {
         }
 
     }

SecretAgentKitTests/StubWitness.swift

@@ -10,14 +10,14 @@ struct StubWitness {
 
 extension StubWitness: SigningWitness {
 
-    func speakNowOrForeverHoldYourPeace(forAccessTo secret: AnySecret, by provenance: SigningRequestProvenance) throws {
+func speakNowOrForeverHoldYourPeace(forAccessTo secret: AnySecret, from store: AnySecretStore, by provenance: SigningRequestProvenance) throws {
         let objection = speakNow(secret, provenance)
         if objection {
             throw TheresMyChance()
         }
     }
 
-    func witness(accessTo secret: AnySecret, by provenance: SigningRequestProvenance) throws {
+func witness(accessTo secret: AnySecret, from store: AnySecretStore, by provenance: SigningRequestProvenance, requiredAuthentication: Bool) throws {
         witness(secret, provenance)
     }