Split witness call (fixes #62)

SecretAgent/Notifier.swift

@@ -24,6 +24,9 @@ class Notifier {
 
 extension Notifier: SigningWitness {
 
+    func speakNowOrForeverHoldYourPeace(forAccessTo secret: AnySecret, by provenance: SigningRequestProvenance) throws {
+    }
+
     func witness(accessTo secret: AnySecret, by provenance: SigningRequestProvenance) throws {
         notify(accessTo: secret, by: provenance)
     }

SecretAgentKit/Agent.swift

@@ -87,7 +87,7 @@ extension Agent {
 
         let provenance = requestTracer.provenance(from: pid)
         if let witness = witness {
-            try witness.witness(accessTo: secret, by: provenance)
+            try witness.speakNowOrForeverHoldYourPeace(forAccessTo: secret, by: provenance)
         }
 
         let dataToSign = try reader.readNextChunk()
@@ -122,6 +122,10 @@ extension Agent {
         sub.append(writer.lengthAndData(of: signatureChunk))
         signedData.append(writer.lengthAndData(of: sub))
 
+        if let witness = witness {
+            try witness.witness(accessTo: secret, by: provenance)
+        }
+
         os_log(.debug, "Agent signed request")
 
         return signedData

SecretAgentKit/SigningWitness.swift

@@ -3,6 +3,7 @@ import SecretKit
 
 public protocol SigningWitness {
 
+    func speakNowOrForeverHoldYourPeace(forAccessTo secret: AnySecret, by provenance: SigningRequestProvenance) throws
     func witness(accessTo secret: AnySecret, by provenance: SigningRequestProvenance) throws
 
 }