external
/
secretive
mirror of https://github.com/maxgoedjen/secretive.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix a few analyzer/Xcode 13.4b1 warnings (#449) 

* Fix missing combine imports

* Fix a few other new warnings
This commit is contained in:
Max Goedjen 2023-02-18 17:37:38 -08:00 committed by GitHub
parent 3bd8e3b494
commit f54b2a33bf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 34 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Sources/Packages/Sources/Brief/UpdaterProtocol.swift
View File

@ -1,4 +1,5 @@
import Foundation import Foundation
import Combine
/// A protocol for retreiving the latest available version of an app. /// A protocol for retreiving the latest available version of an app.
public protocol UpdaterProtocol: ObservableObject { public protocol UpdaterProtocol: ObservableObject {

5
Sources/Packages/Sources/SecretKit/KeychainDictionary.swift Normal file
View File

@ -0,0 +1,5 @@
import Foundation
public func KeychainDictionary(_ dictionary: [CFString: Any]) -> CFDictionary {
dictionary as CFDictionary
}

33
Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
View File

@ -1,4 +1,5 @@
import Foundation import Foundation
import Combine
import Security import Security
import CryptoTokenKit import CryptoTokenKit
import LocalAuthentication import LocalAuthentication
@ -48,7 +49,7 @@ extension SecureEnclave {
throw error.takeRetainedValue() as Error throw error.takeRetainedValue() as Error
} }
let attributes = [ let attributes = KeychainDictionary([
kSecAttrLabel: name, kSecAttrLabel: name,
kSecAttrKeyType: Constants.keyType, kSecAttrKeyType: Constants.keyType,
kSecAttrTokenID: kSecAttrTokenIDSecureEnclave, kSecAttrTokenID: kSecAttrTokenIDSecureEnclave,
@ -57,7 +58,7 @@ extension SecureEnclave {
kSecAttrIsPermanent: true, kSecAttrIsPermanent: true,
kSecAttrAccessControl: access kSecAttrAccessControl: access
] ]
] as CFDictionary ])
var createKeyError: SecurityError? var createKeyError: SecurityError?
let keypair = SecKeyCreateRandomKey(attributes, &createKeyError) let keypair = SecKeyCreateRandomKey(attributes, &createKeyError)
@ -72,10 +73,10 @@ extension SecureEnclave {
} }
public func delete(secret: Secret) throws { public func delete(secret: Secret) throws {
let deleteAttributes = [ let deleteAttributes = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrApplicationLabel: secret.id as CFData kSecAttrApplicationLabel: secret.id as CFData
] as CFDictionary ])
let status = SecItemDelete(deleteAttributes) let status = SecItemDelete(deleteAttributes)
if status != errSecSuccess { if status != errSecSuccess {
throw KeychainError(statusCode: status) throw KeychainError(statusCode: status)
@ -84,14 +85,14 @@ extension SecureEnclave {
} }
public func update(secret: Secret, name: String) throws { public func update(secret: Secret, name: String) throws {
let updateQuery = [ let updateQuery = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrApplicationLabel: secret.id as CFData kSecAttrApplicationLabel: secret.id as CFData
] as CFDictionary ])
let updatedAttributes = [ let updatedAttributes = KeychainDictionary([
kSecAttrLabel: name, kSecAttrLabel: name,
] as CFDictionary ])
let status = SecItemUpdate(updateQuery, updatedAttributes) let status = SecItemUpdate(updateQuery, updatedAttributes)
if status != errSecSuccess { if status != errSecSuccess {
@ -110,7 +111,7 @@ extension SecureEnclave {
context = newContext context = newContext
} }
context.localizedReason = "sign a request from \"\(provenance.origin.displayName)\" using secret \"\(secret.name)\"" context.localizedReason = "sign a request from \"\(provenance.origin.displayName)\" using secret \"\(secret.name)\""
let attributes = [ let attributes = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrKeyClass: kSecAttrKeyClassPrivate, kSecAttrKeyClass: kSecAttrKeyClassPrivate,
kSecAttrApplicationLabel: secret.id as CFData, kSecAttrApplicationLabel: secret.id as CFData,
@ -119,7 +120,7 @@ extension SecureEnclave {
kSecAttrApplicationTag: Constants.keyTag, kSecAttrApplicationTag: Constants.keyTag,
kSecUseAuthenticationContext: context, kSecUseAuthenticationContext: context,
kSecReturnRef: true kSecReturnRef: true
] as CFDictionary ])
var untyped: CFTypeRef? var untyped: CFTypeRef?
let status = SecItemCopyMatching(attributes, &untyped) let status = SecItemCopyMatching(attributes, &untyped)
if status != errSecSuccess { if status != errSecSuccess {
@ -189,7 +190,7 @@ extension SecureEnclave.Store {
/// Loads all secrets from the store. /// Loads all secrets from the store.
private func loadSecrets() { private func loadSecrets() {
let publicAttributes = [ let publicAttributes = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrKeyType: SecureEnclave.Constants.keyType, kSecAttrKeyType: SecureEnclave.Constants.keyType,
kSecAttrApplicationTag: SecureEnclave.Constants.keyTag, kSecAttrApplicationTag: SecureEnclave.Constants.keyTag,
@ -197,11 +198,11 @@ extension SecureEnclave.Store {
kSecReturnRef: true, kSecReturnRef: true,
kSecMatchLimit: kSecMatchLimitAll, kSecMatchLimit: kSecMatchLimitAll,
kSecReturnAttributes: true kSecReturnAttributes: true
] as CFDictionary ])
var publicUntyped: CFTypeRef? var publicUntyped: CFTypeRef?
SecItemCopyMatching(publicAttributes, &publicUntyped) SecItemCopyMatching(publicAttributes, &publicUntyped)
guard let publicTyped = publicUntyped as? [[CFString: Any]] else { return } guard let publicTyped = publicUntyped as? [[CFString: Any]] else { return }
let privateAttributes = [ let privateAttributes = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrKeyType: SecureEnclave.Constants.keyType, kSecAttrKeyType: SecureEnclave.Constants.keyType,
kSecAttrApplicationTag: SecureEnclave.Constants.keyTag, kSecAttrApplicationTag: SecureEnclave.Constants.keyTag,
@ -209,7 +210,7 @@ extension SecureEnclave.Store {
kSecReturnRef: true, kSecReturnRef: true,
kSecMatchLimit: kSecMatchLimitAll, kSecMatchLimit: kSecMatchLimitAll,
kSecReturnAttributes: true kSecReturnAttributes: true
] as CFDictionary ])
var privateUntyped: CFTypeRef? var privateUntyped: CFTypeRef?
SecItemCopyMatching(privateAttributes, &privateUntyped) SecItemCopyMatching(privateAttributes, &privateUntyped)
guard let privateTyped = privateUntyped as? [[CFString: Any]] else { return } guard let privateTyped = privateUntyped as? [[CFString: Any]] else { return }
@ -247,7 +248,7 @@ extension SecureEnclave.Store {
/// - publicKey: The public key to save. /// - publicKey: The public key to save.
/// - name: A user-facing name for the key. /// - name: A user-facing name for the key.
private func savePublicKey(_ publicKey: SecKey, name: String) throws { private func savePublicKey(_ publicKey: SecKey, name: String) throws {
let attributes = [ let attributes = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrKeyType: SecureEnclave.Constants.keyType, kSecAttrKeyType: SecureEnclave.Constants.keyType,
kSecAttrKeyClass: kSecAttrKeyClassPublic, kSecAttrKeyClass: kSecAttrKeyClassPublic,
@ -256,7 +257,7 @@ extension SecureEnclave.Store {
kSecAttrIsPermanent: true, kSecAttrIsPermanent: true,
kSecReturnData: true, kSecReturnData: true,
kSecAttrLabel: name kSecAttrLabel: name
] as CFDictionary ])
let status = SecItemAdd(attributes, nil) let status = SecItemAdd(attributes, nil)
if status != errSecSuccess { if status != errSecSuccess {
throw SecureEnclave.KeychainError(statusCode: status) throw SecureEnclave.KeychainError(statusCode: status)

9
Sources/Packages/Sources/SmartCardSecretKit/SmartCardStore.swift
View File

@ -1,4 +1,5 @@
import Foundation import Foundation
import Combine
import Security import Security
import CryptoTokenKit import CryptoTokenKit
import LocalAuthentication import LocalAuthentication
@ -49,14 +50,14 @@ extension SmartCard {
let context = LAContext() let context = LAContext()
context.localizedReason = "sign a request from \"\(provenance.origin.displayName)\" using secret \"\(secret.name)\"" context.localizedReason = "sign a request from \"\(provenance.origin.displayName)\" using secret \"\(secret.name)\""
context.localizedCancelTitle = "Deny" context.localizedCancelTitle = "Deny"
let attributes = [ let attributes = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrKeyClass: kSecAttrKeyClassPrivate, kSecAttrKeyClass: kSecAttrKeyClassPrivate,
kSecAttrApplicationLabel: secret.id as CFData, kSecAttrApplicationLabel: secret.id as CFData,
kSecAttrTokenID: tokenID, kSecAttrTokenID: tokenID,
kSecUseAuthenticationContext: context, kSecUseAuthenticationContext: context,
kSecReturnRef: true kSecReturnRef: true
] as CFDictionary ])
var untyped: CFTypeRef? var untyped: CFTypeRef?
let status = SecItemCopyMatching(attributes, &untyped) let status = SecItemCopyMatching(attributes, &untyped)
if status != errSecSuccess { if status != errSecSuccess {
@ -136,14 +137,14 @@ extension SmartCard.Store {
} }
} }
let attributes = [ let attributes = KeychainDictionary([
kSecClass: kSecClassKey, kSecClass: kSecClassKey,
kSecAttrTokenID: tokenID, kSecAttrTokenID: tokenID,
kSecAttrKeyType: kSecAttrKeyTypeEC, // Restrict to EC kSecAttrKeyType: kSecAttrKeyTypeEC, // Restrict to EC
kSecReturnRef: true, kSecReturnRef: true,
kSecMatchLimit: kSecMatchLimitAll, kSecMatchLimit: kSecMatchLimitAll,
kSecReturnAttributes: true kSecReturnAttributes: true
] as CFDictionary ])
var untyped: CFTypeRef? var untyped: CFTypeRef?
SecItemCopyMatching(attributes, &untyped) SecItemCopyMatching(attributes, &untyped)
guard let typed = untyped as? [[CFString: Any]] else { return } guard let typed = untyped as? [[CFString: Any]] else { return }

13
Sources/Packages/Tests/SecretAgentKitTests/StubStore.swift
View File

@ -27,7 +27,7 @@ extension Stub {
flags, flags,
nil) as Any nil) as Any
let attributes = [ let attributes = KeychainDictionary([
kSecAttrLabel: name, kSecAttrLabel: name,
kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom, kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeySizeInBits: size, kSecAttrKeySizeInBits: size,
@ -35,11 +35,10 @@ extension Stub {
kSecAttrIsPermanent: true, kSecAttrIsPermanent: true,
kSecAttrAccessControl: access kSecAttrAccessControl: access
] ]
] as CFDictionary ])
var privateKey: SecKey! = nil let privateKey = SecKeyCreateRandomKey(attributes, nil)!
var publicKey: SecKey! = nil let publicKey = SecKeyCopyPublicKey(privateKey)!
SecKeyGeneratePair(attributes, &publicKey, &privateKey)
let publicAttributes = SecKeyCopyAttributes(publicKey) as! [CFString: Any] let publicAttributes = SecKeyCopyAttributes(publicKey) as! [CFString: Any]
let privateAttributes = SecKeyCopyAttributes(privateKey) as! [CFString: Any] let privateAttributes = SecKeyCopyAttributes(privateKey) as! [CFString: Any]
let publicData = (publicAttributes[kSecValueData] as! Data) let publicData = (publicAttributes[kSecValueData] as! Data)
@ -53,11 +52,11 @@ extension Stub {
guard !shouldThrow else { guard !shouldThrow else {
throw NSError(domain: "test", code: 0, userInfo: nil) throw NSError(domain: "test", code: 0, userInfo: nil)
} }
let privateKey = SecKeyCreateWithData(secret.privateKey as CFData, [ let privateKey = SecKeyCreateWithData(secret.privateKey as CFData, KeychainDictionary([
kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom, kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeySizeInBits: secret.keySize, kSecAttrKeySizeInBits: secret.keySize,
kSecAttrKeyClass: kSecAttrKeyClassPrivate kSecAttrKeyClass: kSecAttrKeyClassPrivate
] as CFDictionary ])
, nil)! , nil)!
let signatureAlgorithm: SecKeyAlgorithm let signatureAlgorithm: SecKeyAlgorithm
switch secret.keySize { switch secret.keySize {