From e70774f6aadda49aea0472f58ed2d86928b26c96 Mon Sep 17 00:00:00 2001
From: Max Goedjen <max.goedjen@gmail.com>
Date: Mon, 16 Mar 2020 00:49:43 -0700
Subject: [PATCH] Rough POC

---
 SecretAgent/Agent.swift             | 32 ++++++++++++++++++++++++++---
 SecretAgent/Notifier.swift          |  5 +++--
 Secretive.xcodeproj/project.pbxproj |  3 +++
 3 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/SecretAgent/Agent.swift b/SecretAgent/Agent.swift
index a21e559..6f8ea8e 100644
--- a/SecretAgent/Agent.swift
+++ b/SecretAgent/Agent.swift
@@ -3,6 +3,7 @@ import CryptoKit
 import OSLog
 import SecretKit
 import SecretAgentKit
+import AppKit
 
 class Agent {
 
@@ -40,7 +41,7 @@ extension Agent {
                 os_log(.debug, "Agent returned %@", SSHAgent.ResponseType.agentIdentitiesAnswer.debugDescription)
             case .signRequest:
                 response.append(SSHAgent.ResponseType.agentSignResponse.data)
-                response.append(try sign(data: data))
+                response.append(try sign(data: data, from: fileHandle.fileDescriptor))
                 os_log(.debug, "Agent returned %@", SSHAgent.ResponseType.agentSignResponse.debugDescription)
             }
         } catch {
@@ -74,7 +75,7 @@ extension Agent {
         return countData + keyData
     }
 
-    func sign(data: Data) throws -> Data {
+    func sign(data: Data, from pid: Int32) throws -> Data {
         let reader = OpenSSHReader(data: data)
         let writer = OpenSSHKeyWriter()
         let hash = try reader.readNextChunk()
@@ -92,8 +93,10 @@ extension Agent {
         }
         let dataToSign = try reader.readNextChunk()
         let derSignature = try store.sign(data: dataToSign, with: secret)
+        let callerApp = caller(from: pid)
         // TODO: Move this
-        notifier.notify(accessTo: secret)
+        notifier.notify(accessTo: secret, from: callerApp)
+
         let curveData = writer.curveType(for: secret.algorithm, length: secret.keySize).data(using: .utf8)!
 
         // Convert from DER formatted rep to raw (r||s)
@@ -128,6 +131,29 @@ extension Agent {
         return signedData
     }
 
+    func caller(from pid: Int32) -> NSRunningApplication {
+        let pidPointer = UnsafeMutableRawPointer.allocate(byteCount: 4, alignment: 1)
+        var len = socklen_t(MemoryLayout<Int32>.size)
+        getsockopt(pid, SOCK_STREAM, LOCAL_PEERPID, pidPointer, &len)
+        let pid = pidPointer.load(as: Int32.self)
+
+        var current = pid
+        while NSRunningApplication(processIdentifier: current) == nil {
+            current = originalProcess(of: current)
+        }
+        return NSRunningApplication(processIdentifier: current)!
+    }
+
+    func originalProcess(of pid: Int32) -> Int32 {
+        var len = MemoryLayout<kinfo_proc>.size
+        let infoPointer = UnsafeMutableRawPointer.allocate(byteCount: len, alignment: 1)
+        var name: [Int32] = [CTL_KERN, KERN_PROC, KERN_PROC_PID, pid]
+        sysctl(&name, UInt32(name.count), infoPointer, &len, nil, 0)
+        let info =  infoPointer.load(as: kinfo_proc.self)
+        let parent = info.kp_eproc.e_ppid
+        return parent
+    }
+
 }
 
 
diff --git a/SecretAgent/Notifier.swift b/SecretAgent/Notifier.swift
index 19d93ea..d5c537c 100644
--- a/SecretAgent/Notifier.swift
+++ b/SecretAgent/Notifier.swift
@@ -1,6 +1,7 @@
 import Foundation
 import SecretKit
 import UserNotifications
+import AppKit
 
 class Notifier {
 
@@ -10,11 +11,11 @@ class Notifier {
         }
     }
 
-    func notify<SecretType: Secret>(accessTo secret: SecretType) {
+    func notify<SecretType: Secret>(accessTo secret: SecretType, from caller: NSRunningApplication) {
         let notificationCenter = UNUserNotificationCenter.current()
         let notificationContent = UNMutableNotificationContent()
         notificationContent.title = "Signed Request"
-        notificationContent.body = "\(secret.name) was used to sign a request."
+        notificationContent.body = "\(secret.name) was used to sign a request from \(caller.localizedName!)."
         let request = UNNotificationRequest(identifier: UUID().uuidString, content: notificationContent, trigger: nil)
         notificationCenter.add(request, withCompletionHandler: nil)
     }
diff --git a/Secretive.xcodeproj/project.pbxproj b/Secretive.xcodeproj/project.pbxproj
index b1c924e..6255a63 100644
--- a/Secretive.xcodeproj/project.pbxproj
+++ b/Secretive.xcodeproj/project.pbxproj
@@ -1355,6 +1355,7 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
+				LIBRARY_SEARCH_PATHS = /usr/include;
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
@@ -1574,6 +1575,7 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
+				LIBRARY_SEARCH_PATHS = /usr/include;
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
@@ -1599,6 +1601,7 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
+				LIBRARY_SEARCH_PATHS = /usr/include;
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;