Supporting different EC sizes, RSA not working yet

2026-03-05 09:24:49 +01:00 · 2020-03-08 22:17:59 -07:00
parent 603d021939
commit 945907cfd4
8 changed files with 94 additions and 24 deletions
--- a/SecretKit/Common/Erasers/AnySecret.swift
+++ b/SecretKit/Common/Erasers/AnySecret.swift
@@ -6,6 +6,8 @@ public struct AnySecret: Secret {
    fileprivate let hashable: AnyHashable
    fileprivate let _id: () -> AnyHashable
    fileprivate let _name: () -> String
+    fileprivate let _algorithm: () -> Algorithm
+    fileprivate let _keySize: () -> Int
    fileprivate let _publicKey: () -> Data

    public init<T>(_ secret: T) where T: Secret {
@@ -14,26 +16,38 @@ public struct AnySecret: Secret {
            hashable = secret.hashable
            _id = secret._id
            _name = secret._name
+            _algorithm = secret._algorithm
+            _keySize = secret._keySize
            _publicKey = secret._publicKey
        } else {
            base = secret as Any
            self.hashable = secret
            _id = { secret.id as AnyHashable }
            _name = { secret.name }
+            _algorithm = { secret.algorithm }
+            _keySize = { secret.keySize }
            _publicKey = { secret.publicKey }
        }
    }

    public var id: AnyHashable {
-        return _id()
+        _id()
    }

    public var name: String {
-        return _name()
+        _name()
+    }
+
+    public var algorithm: Algorithm {
+        _algorithm()
+    }
+
+    public var keySize: Int {
+        _keySize()
    }

    public var publicKey: Data {
-        return _publicKey()
+        _publicKey()
    }

    public static func == (lhs: AnySecret, rhs: AnySecret) -> Bool {
--- a/SecretKit/Common/OpenSSH/OpenSSHKeyWriter.swift
+++ b/SecretKit/Common/OpenSSH/OpenSSHKeyWriter.swift
@@ -8,13 +8,13 @@ public struct OpenSSHKeyWriter {
    }

    public func data<SecretType: Secret>(secret: SecretType) -> Data {
-        lengthAndData(of: Constants.curveType.data(using: .utf8)!) +
-            lengthAndData(of: Constants.curveIdentifier.data(using: .utf8)!) +
+        lengthAndData(of: curveType(for: secret.algorithm, length: secret.keySize).data(using: .utf8)!) +
+            lengthAndData(of: curveIdentifier(for: secret.algorithm, length: secret.keySize).data(using: .utf8)!) +
            lengthAndData(of: secret.publicKey)
    }

    public func openSSHString<SecretType: Secret>(secret: SecretType) -> String {
-        "\(Constants.curveType) \(data(secret: secret).base64EncodedString())"
+        "\(curveType(for: secret.algorithm, length: secret.keySize)) \(data(secret: secret).base64EncodedString())"
    }

    public func openSSHFingerprint<SecretType: Secret>(secret: SecretType) -> String {
@@ -33,14 +33,21 @@ extension OpenSSHKeyWriter {
        return Data(bytes: &endian, count: UInt32.bitWidth/8) + data
    }

-    public func readData() {}
-}
-
-extension OpenSSHKeyWriter {
-
-    public enum Constants {
-        public static let curveIdentifier = "nistp256"
-        public static let curveType = "ecdsa-sha2-nistp256"
+    public func curveIdentifier(for algorithm: Algorithm, length: Int) -> String {
+        switch algorithm {
+        case .ellipticCurve:
+            return "nistp" + String(describing: length)
+        case .rsa:
+            return "ssh-rsa"
+        }
    }

+    public func curveType(for algorithm: Algorithm, length: Int) -> String {
+        switch algorithm {
+        case .ellipticCurve:
+            return "ecdsa-sha2-nistp" + String(describing: length)
+        case .rsa:
+            return "ssh-rsa"
+        }
+    }
 }