external/secretive
1
0
Fork 0
mirror of https://github.com/maxgoedjen/secretive.git synced 2025-09-20 03:10:57 +00:00
Code Issues Projects Releases Wiki Activity

Strip out extensions

Browse Source
This commit is contained in:
Max Goedjen 2025-09-06 12:44:46 -07:00
parent 55ce4fdbea
commit fe5c46277e
No known key found for this signature in database
1 changed files with 0 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
Sources/Packages/Sources/SecretAgentKit/Agent.swift
View File

@ -66,24 +66,6 @@ extension Agent {
response.append(SSHAgent.ResponseType.agentSignResponse.data) response.append(SSHAgent.ResponseType.agentSignResponse.data)
response.append(try await sign(data: data, provenance: provenance)) response.append(try await sign(data: data, provenance: provenance))
logger.debug("Agent returned \(SSHAgent.ResponseType.agentSignResponse.debugDescription)") logger.debug("Agent returned \(SSHAgent.ResponseType.agentSignResponse.debugDescription)")
case .protocolExtension:
response.append(SSHAgent.ResponseType.agentExtensionResponse.data)
try await handleExtension(data)
case .addIDConstrained, .addIdentity:
let reader = OpenSSHReader(data: data)
let keyname = try reader.readNextChunkAsString()
print(keyname)
while true {
do {
let payloadHash = try reader.readNextChunk(convertEndianness: true)
print(String(decoding: payloadHash, as: UTF8.self))
print(payloadHash)
} catch {
break
}
}
case .addSmartcardKeyConstrained, .addSmartcardKey:
break
default: default:
logger.debug("Agent received valid request of type \(requestType.debugDescription), but not currently supported.") logger.debug("Agent received valid request of type \(requestType.debugDescription), but not currently supported.")
response.append(SSHAgent.ResponseType.agentFailure.data) response.append(SSHAgent.ResponseType.agentFailure.data)
@ -98,30 +80,6 @@ extension Agent {
} }
// PROTOCOL EXTENSIONS
extension Agent {
func handleExtension(_ data: Data) async throws {
let reader = OpenSSHReader(data: data)
guard try reader.readNextChunkAsString() == "session-bind@openssh.com" else {
throw UnsupportedExtensionError()
}
let hostKey = try reader.readNextChunk()
let keyReader = OpenSSHReader(data: hostKey)
_ = try keyReader.readNextChunkAsString() // Key Type
let keyData = try keyReader.readNextChunk()
let sessionID = try reader.readNextChunk()
let signatureData = try reader.readNextChunk()
let forwarding = try reader.readNextBytes(as: Bool.self)
let signatureReader = OpenSSHSignatureReader()
guard try signatureReader.verify(signatureData, for: sessionID, with: keyData) else { throw SignatureVerificationFailedError() }
print("Fowarding: \(forwarding)")
}
struct UnsupportedExtensionError: Error {}
struct SignatureVerificationFailedError: Error {}
}
extension Agent { extension Agent {
/// Lists the identities available for signing operations /// Lists the identities available for signing operations