Stub add identities

2025-04-04 06:37:07 +00:00 · 2022-10-27 18:40:11 -07:00 · 2022-10-27 18:40:11 -07:00 · a728e0bf54
commit a728e0bf54
parent 667c01b20b
3 changed files with 33 additions and 4 deletions
--- a/Sources/Packages/Sources/SecretAgentKit/Agent.swift
+++ b/Sources/Packages/Sources/SecretAgentKit/Agent.swift
@ -65,6 +65,9 @@ extension Agent {
                response.append(SSHAgent.ResponseType.agentSignResponse.data)
                response.append(try sign(data: data, provenance: provenance))
                logger.debug("Agent returned \(SSHAgent.ResponseType.agentSignResponse.debugDescription)")
+            case .addIdentity:
+                try addIdentity(data: data)
+                response.append(SSHAgent.ResponseType.agentSuccess.data)
            }
        } catch {
            response.removeAll()
@ -183,6 +186,18 @@ extension Agent {
        return signedData
    }

+    /// Stub for the ssh-add operation, which reloads from the store and reloads any OpenSSH certificate public keys.
+    /// - Returns: An OpenSSH formatted Data payload listing the identities available for signing operations.
+    func addIdentity(data: Data) throws {
+        // FIXME: This
+//        guard isCertificate else throw { AgentError.notOpenSSHCertificate }
+        // FIXME: READ REAL SECRET HASH
+//        let secret = secret(matching: hash)
+        let secret = AnySecret(storeList.stores.first!.secrets.first!)
+        try certificateHandler.copyCertificate(data: data, for: secret)
+        print(data)
+    }
+
 }

 extension Agent {
@ -212,6 +227,7 @@ extension Agent {
        case unhandledType
        case noMatchingKey
        case unsupportedKeyType
+        case notOpenSSHCertificate
    }

 }
--- a/Sources/Packages/Sources/SecretAgentKit/SSHAgentProtocol.swift
+++ b/Sources/Packages/Sources/SecretAgentKit/SSHAgentProtocol.swift
@ -1,15 +1,16 @@
 import Foundation

-/// A namespace for the SSH Agent Protocol, as described in https://tools.ietf.org/id/draft-miller-ssh-agent-01.html
+/// A namespace for the SSH Agent Protocol, as described in https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent#section-5.1
 public enum SSHAgent {}

 extension SSHAgent {

-    /// The type of the SSH Agent Request, as described in https://tools.ietf.org/id/draft-miller-ssh-agent-01.html#rfc.section.5.1
+    /// The type of the SSH Agent Request, as described in https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent#section-5.1
    public enum RequestType: UInt8, CustomDebugStringConvertible {

        case requestIdentities = 11
        case signRequest = 13
+        case addIdentity = 17

        public var debugDescription: String {
            switch self {
@ -17,14 +18,17 @@ extension SSHAgent {
                return "RequestIdentities"
            case .signRequest:
                return "SignRequest"
+            case .addIdentity:
+                return "AddIdentity"
            }
        }
    }

-    /// The type of the SSH Agent Response, as described in https://tools.ietf.org/id/draft-miller-ssh-agent-01.html#rfc.section.5.1
+    /// The type of the SSH Agent Response, as described in https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent#section-5.1
    public enum ResponseType: UInt8, CustomDebugStringConvertible {
        
        case agentFailure = 5
+        case agentSuccess = 6
        case agentIdentitiesAnswer = 12
        case agentSignResponse = 14

@ -32,6 +36,8 @@ extension SSHAgent {
            switch self {
            case .agentFailure:
                return "AgentFailure"
+            case .agentSuccess:
+                return "AgentSuccess"
            case .agentIdentitiesAnswer:
                return "AgentIdentitiesAnswer"
            case .agentSignResponse:
--- a/Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHCertificateHandler.swift
+++ b/Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHCertificateHandler.swift
@ -13,7 +13,7 @@ public class OpenSSHCertificateHandler {
    public init() {
    }

-    /// Reloads any
+    /// Reloads any certificates in the PublicKeys folder.
    /// - Parameter secrets: the secrets to look up corresponding certificates for.
    public func reloadCertificates(for secrets: [AnySecret]) {
        keyBlobsAndNames = secrets.reduce(into: [:]) { partialResult, next in
@ -21,6 +21,13 @@ public class OpenSSHCertificateHandler {
        }
    }

+    /// Copies a certificate to the PublicKeys folder, if it's not already tehre.
+    /// - Parameter url: the URL of the certificate to copy.
+    public func copyCertificate(data: Data, for secret: AnySecret) throws {
+        try data.write(to: URL(fileURLWithPath: publicKeyFileStoreController.sshCertificatePath(for: secret))
+)
+    }
+
    /// Whether or not the certificate handler has a certifiicate associated with a given secret.
    /// - Parameter secret: The secret to check for a certificate.
    /// - Returns: A boolean describing whether or not the certificate handler has a certifiicate associated with a given secret