external/secretive
1
0
Fork 0
mirror of https://github.com/maxgoedjen/secretive.git synced 2025-04-10 17:47:19 +00:00
Code Issues Projects Releases Wiki Activity

Stub add identities

Browse Source
This commit is contained in:
Max Goedjen 2022-10-27 18:40:11 -07:00
parent 667c01b20b
commit a728e0bf54
No known key found for this signature in database
3 changed files with 33 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Sources/Packages/Sources/SecretAgentKit/Agent.swift
View File

@ -65,6 +65,9 @@ extension Agent {
response.append(SSHAgent.ResponseType.agentSignResponse.data) response.append(SSHAgent.ResponseType.agentSignResponse.data)
response.append(try sign(data: data, provenance: provenance)) response.append(try sign(data: data, provenance: provenance))
logger.debug("Agent returned \(SSHAgent.ResponseType.agentSignResponse.debugDescription)") logger.debug("Agent returned \(SSHAgent.ResponseType.agentSignResponse.debugDescription)")
case .addIdentity:
try addIdentity(data: data)
response.append(SSHAgent.ResponseType.agentSuccess.data)
} }
} catch { } catch {
response.removeAll() response.removeAll()
@ -183,6 +186,18 @@ extension Agent {
return signedData return signedData
} }
/// Stub for the ssh-add operation, which reloads from the store and reloads any OpenSSH certificate public keys.
/// - Returns: An OpenSSH formatted Data payload listing the identities available for signing operations.
func addIdentity(data: Data) throws {
// FIXME: This
// guard isCertificate else throw { AgentError.notOpenSSHCertificate }
// FIXME: READ REAL SECRET HASH
// let secret = secret(matching: hash)
let secret = AnySecret(storeList.stores.first!.secrets.first!)
try certificateHandler.copyCertificate(data: data, for: secret)
print(data)
}
} }
extension Agent { extension Agent {
@ -212,6 +227,7 @@ extension Agent {
case unhandledType case unhandledType
case noMatchingKey case noMatchingKey
case unsupportedKeyType case unsupportedKeyType
case notOpenSSHCertificate
} }
} }

12
Sources/Packages/Sources/SecretAgentKit/SSHAgentProtocol.swift
View File

@ -1,15 +1,16 @@
import Foundation import Foundation
/// A namespace for the SSH Agent Protocol, as described in https://tools.ietf.org/id/draft-miller-ssh-agent-01.html /// A namespace for the SSH Agent Protocol, as described in https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent#section-5.1
public enum SSHAgent {} public enum SSHAgent {}
extension SSHAgent { extension SSHAgent {
/// The type of the SSH Agent Request, as described in https://tools.ietf.org/id/draft-miller-ssh-agent-01.html#rfc.section.5.1 /// The type of the SSH Agent Request, as described in https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent#section-5.1
public enum RequestType: UInt8, CustomDebugStringConvertible { public enum RequestType: UInt8, CustomDebugStringConvertible {
case requestIdentities = 11 case requestIdentities = 11
case signRequest = 13 case signRequest = 13
case addIdentity = 17
public var debugDescription: String { public var debugDescription: String {
switch self { switch self {
@ -17,14 +18,17 @@ extension SSHAgent {
return "RequestIdentities" return "RequestIdentities"
case .signRequest: case .signRequest:
return "SignRequest" return "SignRequest"
case .addIdentity:
return "AddIdentity"
} }
} }
} }
/// The type of the SSH Agent Response, as described in https://tools.ietf.org/id/draft-miller-ssh-agent-01.html#rfc.section.5.1 /// The type of the SSH Agent Response, as described in https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent#section-5.1
public enum ResponseType: UInt8, CustomDebugStringConvertible { public enum ResponseType: UInt8, CustomDebugStringConvertible {
case agentFailure = 5 case agentFailure = 5
case agentSuccess = 6
case agentIdentitiesAnswer = 12 case agentIdentitiesAnswer = 12
case agentSignResponse = 14 case agentSignResponse = 14
@ -32,6 +36,8 @@ extension SSHAgent {
switch self { switch self {
case .agentFailure: case .agentFailure:
return "AgentFailure" return "AgentFailure"
case .agentSuccess:
return "AgentSuccess"
case .agentIdentitiesAnswer: case .agentIdentitiesAnswer:
return "AgentIdentitiesAnswer" return "AgentIdentitiesAnswer"
case .agentSignResponse: case .agentSignResponse:

9
Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHCertificateHandler.swift
View File

@ -13,7 +13,7 @@ public class OpenSSHCertificateHandler {
public init() { public init() {
} }
/// Reloads any /// Reloads any certificates in the PublicKeys folder.
/// - Parameter secrets: the secrets to look up corresponding certificates for. /// - Parameter secrets: the secrets to look up corresponding certificates for.
public func reloadCertificates(for secrets: [AnySecret]) { public func reloadCertificates(for secrets: [AnySecret]) {
keyBlobsAndNames = secrets.reduce(into: [:]) { partialResult, next in keyBlobsAndNames = secrets.reduce(into: [:]) { partialResult, next in
@ -21,6 +21,13 @@ public class OpenSSHCertificateHandler {
} }
} }
/// Copies a certificate to the PublicKeys folder, if it's not already tehre.
/// - Parameter url: the URL of the certificate to copy.
public func copyCertificate(data: Data, for secret: AnySecret) throws {
try data.write(to: URL(fileURLWithPath: publicKeyFileStoreController.sshCertificatePath(for: secret))
)
}
/// Whether or not the certificate handler has a certifiicate associated with a given secret. /// Whether or not the certificate handler has a certifiicate associated with a given secret.
/// - Parameter secret: The secret to check for a certificate. /// - Parameter secret: The secret to check for a certificate.
/// - Returns: A boolean describing whether or not the certificate handler has a certifiicate associated with a given secret /// - Returns: A boolean describing whether or not the certificate handler has a certifiicate associated with a given secret