Statically load whether or not a key requires authentication before use (#357)

* Add protocol requirements * Load auth settings. * Updates. * Update preview store * Add lock icon
2026-03-05 17:27:24 +01:00 · 2022-02-24 22:59:35 -08:00
parent ae7394f771
commit a1009d0dac
18 changed files with 129 additions and 58 deletions
--- a/Sources/Packages/Tests/SecretAgentKitTests/StubStore.swift
+++ b/Sources/Packages/Tests/SecretAgentKitTests/StubStore.swift
@@ -49,7 +49,7 @@ extension Stub {
            print("Public Key OpenSSH: \(OpenSSHKeyWriter().openSSHString(secret: secret))")
        }

-        public func sign(data: Data, with secret: Secret, for provenance: SigningRequestProvenance) throws -> SignedData {
+        public func sign(data: Data, with secret: Secret, for provenance: SigningRequestProvenance) throws -> Data {
            guard !shouldThrow else {
                throw NSError(domain: "test", code: 0, userInfo: nil)
            }
@@ -68,7 +68,11 @@ extension Stub {
            default:
                fatalError()
            }
-            return SignedData(data: SecKeyCreateSignature(privateKey, signatureAlgorithm, data as CFData, nil)! as Data, requiredAuthentication: false)
+            return SecKeyCreateSignature(privateKey, signatureAlgorithm, data as CFData, nil)! as Data
+        }
+
+        public func existingPersistedAuthenticationContext(secret: Stub.Secret) -> PersistedAuthenticationContext? {
+            nil
        }

        public func persistAuthentication(secret: Stub.Secret, forDuration duration: TimeInterval) throws {
@@ -88,6 +92,7 @@ extension Stub {

        let keySize: Int
        let publicKey: Data
+        let requiresAuthentication = false
        let privateKey: Data

        init(keySize: Int, publicKey: Data, privateKey: Data) {
--- a/Sources/Packages/Tests/SecretAgentKitTests/StubWitness.swift
+++ b/Sources/Packages/Tests/SecretAgentKitTests/StubWitness.swift
@@ -17,7 +17,7 @@ func speakNowOrForeverHoldYourPeace(forAccessTo secret: AnySecret, from store: A
        }
    }

-func witness(accessTo secret: AnySecret, from store: AnySecretStore, by provenance: SigningRequestProvenance, requiredAuthentication: Bool) throws {
+func witness(accessTo secret: AnySecret, from store: AnySecretStore, by provenance: SigningRequestProvenance) throws {
        witness(secret, provenance)
    }