external
/
secretive
mirror of https://github.com/maxgoedjen/secretive.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Compare commits

base: external:v2.3.1
Branches Tags
external:main
external:completeconcurrency
external:experimental_refresh
external:RoboRich00A16_italian_loc
external:homedir
external:restartagent
external:viewbuildercleanup
external:automatic_signing
external:socketportoverflow
external:xcode_14
external:proxystore
external:newcreation
external:xpc
external:async
external:projected_xpc
external:v2.4.1
external:v0.0.0_test
external:v2.4.0
external:v2.3.1
external:v2.3.0
external:v2.2.0
external:v0.0.0_beta1
external:v2.1.1
external:v2.1.0
external:v2.0.0
external:v1.0.3
external:v1.0.2
external:v1.0.1
external:v1.0.0
external:v0.5.1
external:v0.5.0
external:v0.4.2
external:v0.4.1
external:v0.4.0
external:v0.3.2
external:v0.3.1
external:v0.3.0
external:v0.2.0
external:v0.1.1
...
compare: external:main
Branches Tags
external:main
external:completeconcurrency
external:experimental_refresh
external:RoboRich00A16_italian_loc
external:homedir
external:restartagent
external:viewbuildercleanup
external:automatic_signing
external:socketportoverflow
external:xcode_14
external:proxystore
external:newcreation
external:xpc
external:async
external:projected_xpc
external:v2.4.1
external:v0.0.0_test
external:v2.4.0
external:v2.3.1
external:v2.3.0
external:v2.2.0
external:v0.0.0_beta1
external:v2.1.1
external:v2.1.0
external:v2.0.0
external:v1.0.3
external:v1.0.2
external:v1.0.1
external:v1.0.0
external:v0.5.1
external:v0.5.0
external:v0.4.2
external:v0.4.1
external:v0.4.0
external:v0.3.2
external:v0.3.1
external:v0.3.0
external:v0.2.0
external:v0.1.1

30 Commits
v2.3.1 ... main

Author SHA1 Message Date
Yoshimasa Niwa fc21018eb4
Add Japanese translations (#546) 2024-04-28 22:33:51 +00:00
mog422 52cc08424e
Add Korean localization (#537) 2024-03-01 22:58:08 +00:00
Max Goedjen d13f4ee7ba
Revert "Use Apple Silicon runners (#519)" (#533) 
This reverts commit 409efa5f9f.
 2024-02-26 00:24:48 +00:00
Max Goedjen 6f4226f97a
Standardize newline handling (#522) 
* Standardize newline handling

* Fix some unterminated bolds in other languages

* Set language back
 2024-01-25 02:14:34 +00:00
Aarni Koskela 3315a4bfbc
Add Finnish localization (#521) 2024-01-23 00:58:36 +00:00
Riccardo Pesciarelli 85a7a64bc9
Updated Italian localization strings (#520) 
* 🇮🇹 Initial proposal for Italian localization

* 🇮🇹 Updated Italian localization

---------

Co-authored-by: Max Goedjen <max.goedjen@gmail.com>
 2024-01-18 17:35:36 +00:00
Max Goedjen 409efa5f9f
Use Apple Silicon runners (#519) 
* Test running on XL (does this work for OSS projects?)

* Move over test/release
 2024-01-17 19:28:29 +00:00
Max Goedjen bb63ae8469
Set min width/height for setup. (#518) 2024-01-17 04:08:48 +00:00
Max Goedjen 30c1d36974
Mark newlines as verbatim (#517) 
* Merge

* Add missing key
 2024-01-17 03:49:14 +00:00
Max Goedjen de8d18f9e9
Switch to Xcode 15.2 (#516) 2024-01-16 21:39:07 +00:00
Riccardo Pesciarelli 1ae0996e2c
🇮🇹 Initial proposal for Italian localization (#512) 
Co-authored-by: Max Goedjen <max.goedjen@gmail.com>
 2024-01-16 21:35:28 +00:00
Moritz Sternemann 3d50a99430
Add German Localization 🇩🇪 (#514) 
* Add German localization

* Small adjustments

* Add German localization in project file

---------

Co-authored-by: Max Goedjen <max.goedjen@gmail.com>
 2024-01-16 21:15:07 +00:00
Marcio Saeger 45fc356f0f
Add PT-BR to the i18n (#515) 2024-01-16 21:12:46 +00:00
Mahé 212678b94e
Fix missing French translations (#510) 2024-01-13 14:32:08 -08:00
RyuS 2e1f4881a9
Translate_Addlang_ZH_Han (#508) 
Co-authored-by: Alex Q <ln41xgpy@addymail.com>
 2024-01-13 06:25:20 +00:00
Max Goedjen c2b80e3c7c
Localization fixes (#507) 
* Consolidate localization files into one file that both targets reference

* Update readme

* Secret Agent/Agent consolidation

* NSLS -> String(localized:)

* Auth contexts
 2024-01-12 12:50:52 -08:00
Mahé 15d2afd2cb
Add French localization (#506) 2024-01-12 12:14:02 -08:00
Ale Muñoz 2a4da36c4e
Fix escaped text on Agent is running popover (#505) 2024-01-11 23:09:04 +00:00
Max Goedjen 1fc8fa25d9
Update runners to use Xcode 15.1 (#504) 
* Update to Xcode 15.1

* Update nightly.yml

* Update test.yml
 2024-01-07 01:36:59 +00:00
Max Goedjen 5718ae6805
Continue localization (#503) 
* Comments in agent.

* Fix copyable view
 2024-01-05 20:37:59 +00:00
Max Goedjen 5af84583ab
Fix separator parsing in update view (#502) 2024-01-05 20:33:10 +00:00
Max Goedjen afc54c5e40
Localizing help pages (#501) 
* localizing

* Add files via upload

* Create LOCALIZING.md

* Update LOCALIZING.md
 2024-01-05 20:20:40 +00:00
Max Goedjen c80a6f1b0b
Add strings catalog and update strings to be keyed (#500) 
* Set up and start main content view

* Continue

* Setup flow

* No secure storage view

* Delete

* Detail

* Rename

* More create

* Empty.

* List

* Main app

* Agent and bump

* .
 2024-01-05 02:45:55 +00:00
Max Goedjen 8c67ea7c73
Update GitHub actions (#498) 2023-12-12 22:30:06 +00:00
Max Goedjen 171981de9f
Turn on strict concurrency (#497) 
* WIP

* Add concurrency warnings.
 2023-12-11 02:13:08 -08:00
Max Goedjen cf58630065
Handle concurrent requests to socket (#495) 
* Socket updates

* Sendable.

* Update tests.
 2023-12-11 00:59:30 -08:00
Max Goedjen 7b0ccbcc16
Update to Xcode 15 (#496) 2023-12-11 08:56:41 +00:00
Max Goedjen dbaa57a05a
Fix EC384 value (#485) 2023-09-13 05:12:17 +00:00
Ricky Burgin 6248ecc9db
Added FAQ item for generating RSA keys (#482) 2023-08-27 22:20:53 +00:00
Max Goedjen d82bb80e14
Fix #478 (#479) 2023-08-13 22:02:45 +00:00
42 changed files with 5065 additions and 253 deletions
Show Stats Expand all files Collapse all files

BIN
.github/readme/localize_add.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 MiB

BIN
.github/readme/localize_sidebar.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 162 KiB

BIN
.github/readme/localize_translate.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 MiB

6
.github/workflows/nightly.yml vendored
View File

@ -9,7 +9,7 @@ jobs:
runs-on: macos-13
timeout-minutes: 10
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Setup Signing
env:
SIGNING_DATA: ${{ secrets.SIGNING_DATA }}
@ -20,7 +20,7 @@ jobs:
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
run: ./.github/scripts/signing.sh
- name: Set Environment
run: sudo xcrun xcode-select -s /Applications/Xcode_14.3.app
run: sudo xcrun xcode-select -s /Applications/Xcode_15.2.app
- name: Update Build Number
env:
RUN_ID: ${{ github.run_id }}
@ -48,7 +48,7 @@ jobs:
shasum -a 256 Secretive.zip
shasum -a 256 Archive.zip
- name: Upload App to Artifacts
uses: actions/upload-artifact@v1
uses: actions/upload-artifact@v3
with:
name: Secretive.zip
path: Secretive.zip

8
.github/workflows/release.yml vendored
View File

@ -10,7 +10,7 @@ jobs:
runs-on: macos-13
timeout-minutes: 10
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v4
- name: Setup Signing
env:
SIGNING_DATA: ${{ secrets.SIGNING_DATA }}
@ -21,7 +21,7 @@ jobs:
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
run: ./.github/scripts/signing.sh
- name: Set Environment
run: sudo xcrun xcode-select -s /Applications/Xcode_14.3.app
run: sudo xcrun xcode-select -s /Applications/Xcode_15.2.app
- name: Test
run: |
pushd Sources/Packages
@ -32,7 +32,7 @@ jobs:
runs-on: macos-13
timeout-minutes: 10
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Setup Signing
env:
SIGNING_DATA: ${{ secrets.SIGNING_DATA }}
@ -43,7 +43,7 @@ jobs:
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
run: ./.github/scripts/signing.sh
- name: Set Environment
run: sudo xcrun xcode-select -s /Applications/Xcode_14.3.app
run: sudo xcrun xcode-select -s /Applications/Xcode_15.2.app
- name: Update Build Number
env:
TAG_NAME: ${{ github.ref }}

4
.github/workflows/test.yml vendored
View File

@ -7,9 +7,9 @@ jobs:
runs-on: macos-13
timeout-minutes: 10
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Set Environment
run: sudo xcrun xcode-select -s /Applications/Xcode_14.3.app
run: sudo xcrun xcode-select -s /Applications/Xcode_15.2.app
- name: Test
run: |
pushd Sources/Packages

4
CONTRIBUTING.md
View File

@ -14,6 +14,10 @@ Secretive is designed to be easily auditable by people who are considering using
All contributors must abide by the [Code of Conduct](CODE_OF_CONDUCT.md)
## Localization
If you'd like to contribute a translation, please see [Localizing](LOCALIZING.md) to get started.
## Credits
If you make a material contribution to the app, please add yourself to the end of the [credits](https://github.com/maxgoedjen/secretive/blob/main/Secretive/Credits.rtf).

4
FAQ.md
View File

@ -32,6 +32,10 @@ Try running the "Setup Secretive" process by clicking on "Help", then "Setup Sec
Beginning with Secretive 2.2, every secret has an automatically generated public key file representation on disk, and the path to it is listed under "Public Key Path" in Secretive. You can specify that you want to use that key in your `~/.ssh/config`. [This ServerFault answer](https://serverfault.com/a/295771) has more details on setting that up.
### How can I generate an RSA key?
The Mac's Secure Enclave only supports 256-bit EC keys, so inherently Secretive cannot support generating RSA keys.
### Can I use Secretive for SSH Agent Forwarding?
Yes, you can! Once you've set up Secretive, just add `ForwardAgent yes` to the hosts you want to forward to in your SSH config file. Afterwards, any use of one of your SSH keys on the remote host must be authenticated through Secretive.

37
LOCALIZING.md Normal file
View File

@ -0,0 +1,37 @@
# Localizing Secretive
If you speak another language, and would like to help translate Secretive to support that language, we'd love your help!
## Getting Started
### Download Xcode
Download the latest version of Xcode (at minimum, Xcode 15) from [Apple](http://developer.apple.com/download/applications/).
### Clone Secretive
Clone Secretive using [these instructions from GitHub](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository).
### Open Secretive
Open [Sources/Secretive.xcodeproj](Sources/Secretive.xcodeproj) in Xcode.
### Translate
Navigate to [Secretive/Localizable](Sources/Secretive/Localizable.xcstrings).
<img src="/.github/readme/localize_sidebar.png" alt="Screenshot of Xcode navigating to the Localizable file" width="300">
If your language already has an in-progress localization, select it from the list. If it isn't there, hit the "+" button and choose your language from the list.
<img src="/.github/readme/localize_add.png" alt="Screenshot of Xcode adding a new language" width="600">
Start translating! You'll see a list of english phrases, and a space to add a translation of your language.
### Create a Pull Request
Push your changes and open a pull request.
### Questions
Please open an issue if you have a question about translating the app. I'm more than happy to clarify any terms that are ambiguous or confusing. Thanks for contributing!

19
Sources/Packages/Package.swift
View File

@ -1,4 +1,4 @@
// swift-tools-version:5.5
// swift-tools-version:5.9
// The swift-tools-version declares the minimum version of Swift required to build this package.
import PackageDescription
@ -6,7 +6,7 @@ import PackageDescription
let package = Package(
name: "SecretivePackages",
platforms: [
.macOS(.v11)
.macOS(.v12)
],
products: [
.library(
@ -33,23 +33,28 @@ let package = Package(
targets: [
.target(
name: "SecretKit",
dependencies: []
dependencies: [],
swiftSettings: [.enableExperimentalFeature("StrictConcurrency"), .unsafeFlags(["-warnings-as-errors"])]
),
.testTarget(
name: "SecretKitTests",
dependencies: ["SecretKit", "SecureEnclaveSecretKit", "SmartCardSecretKit"]
dependencies: ["SecretKit", "SecureEnclaveSecretKit", "SmartCardSecretKit"],
swiftSettings: [.enableExperimentalFeature("StrictConcurrency"), .unsafeFlags(["-warnings-as-errors"])]
),
.target(
name: "SecureEnclaveSecretKit",
dependencies: ["SecretKit"]
dependencies: ["SecretKit"],
swiftSettings: [.enableExperimentalFeature("StrictConcurrency"), .unsafeFlags(["-warnings-as-errors"])]
),
.target(
name: "SmartCardSecretKit",
dependencies: ["SecretKit"]
dependencies: ["SecretKit"],
swiftSettings: [.enableExperimentalFeature("StrictConcurrency"), .unsafeFlags(["-warnings-as-errors"])]
),
.target(
name: "SecretAgentKit",
dependencies: ["SecretKit", "SecretAgentKitHeaders"]
dependencies: ["SecretKit", "SecretAgentKitHeaders"],
swiftSettings: [.enableExperimentalFeature("StrictConcurrency"), .unsafeFlags(["-warnings-as-errors"])]
),
.systemLibrary(
name: "SecretAgentKitHeaders"

2
Sources/Packages/Sources/Brief/Updater.swift
View File

@ -2,7 +2,7 @@ import Foundation
import Combine
/// A concrete implementation of ``UpdaterProtocol`` which considers the current release and OS version.
public class Updater: ObservableObject, UpdaterProtocol {
public final class Updater: ObservableObject, UpdaterProtocol {
@Published public var update: Release?
public let testBuild: Bool

10
Sources/Packages/Sources/SecretAgentKit/Agent.swift
View File

@ -5,14 +5,14 @@ import SecretKit
import AppKit
/// The `Agent` is an implementation of an SSH agent. It manages coordination and access between a socket, traces requests, notifies witnesses and passes requests to stores.
public class Agent {
public final class Agent {
private let storeList: SecretStoreList
private let witness: SigningWitness?
private let writer = OpenSSHKeyWriter()
private let requestTracer = SigningRequestTracer()
private let certificateHandler = OpenSSHCertificateHandler()
private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent.agent", category: "")
private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "Agent")
/// Initializes an agent with a store list and a witness.
/// - Parameters:
@ -35,7 +35,7 @@ extension Agent {
/// - writer: A ``FileHandleWriter`` to write the response to.
/// - Return value:
/// - Boolean if data could be read
@discardableResult public func handle(reader: FileHandleReader, writer: FileHandleWriter) -> Bool {
@discardableResult @Sendable public func handle(reader: FileHandleReader, writer: FileHandleWriter) async -> Bool {
logger.debug("Agent handling new data")
let data = Data(reader.availableData)
guard data.count > 4 else { return false}
@ -47,12 +47,12 @@ extension Agent {
}
logger.debug("Agent handling request of type \(requestType.debugDescription)")
let subData = Data(data[5...])
let response = handle(requestType: requestType, data: subData, reader: reader)
let response = await handle(requestType: requestType, data: subData, reader: reader)
writer.write(response)
return true
}
func handle(requestType: SSHAgent.RequestType, data: Data, reader: FileHandleReader) -> Data {
func handle(requestType: SSHAgent.RequestType, data: Data, reader: FileHandleReader) async -> Data {
// Depending on the launch context (such as after macOS update), the agent may need to reload secrets before acting
reloadSecretsIfNeccessary()
var response = Data()

4
Sources/Packages/Sources/SecretAgentKit/FileHandleProtocols.swift
View File

@ -1,7 +1,7 @@
import Foundation
/// Protocol abstraction of the reading aspects of FileHandle.
public protocol FileHandleReader {
public protocol FileHandleReader: Sendable {
/// Gets data that is available for reading.
var availableData: Data { get }
@ -13,7 +13,7 @@ public protocol FileHandleReader {
}
/// Protocol abstraction of the writing aspects of FileHandle.
public protocol FileHandleWriter {
public protocol FileHandleWriter: Sendable {
/// Writes data to the handle.
func write(_ data: Data)

11
Sources/Packages/Sources/SecretAgentKit/Sendability.swift Normal file
View File

@ -0,0 +1,11 @@
import Foundation
struct UncheckedSendable<T>: @unchecked Sendable {
let value: T
init(_ value: T) {
self.value = value
}
}

5
Sources/Packages/Sources/SecretAgentKit/SigningRequestTracer.swift
View File

@ -60,7 +60,10 @@ extension SigningRequestTracer {
func iconURL(for pid: Int32) -> URL? {
do {
if let app = NSRunningApplication(processIdentifier: pid), let icon = app.icon?.tiffRepresentation {
let temporaryURL = URL(fileURLWithPath: (NSTemporaryDirectory() as NSString).appendingPathComponent("\(UUID().uuidString).png"))
let temporaryURL = URL(fileURLWithPath: (NSTemporaryDirectory() as NSString).appendingPathComponent("\(app.bundleIdentifier ?? UUID().uuidString).png"))
if FileManager.default.fileExists(atPath: temporaryURL.path) {
return temporaryURL
}
let bitmap = NSBitmapImageRep(data: icon)
try bitmap?.representation(using: .png, properties: [:])?.write(to: temporaryURL)
return temporaryURL

58
Sources/Packages/Sources/SecretAgentKit/SocketController.swift
View File

@ -2,7 +2,7 @@ import Foundation
import OSLog
/// A controller that manages socket configuration and request dispatching.
public class SocketController {
public final class SocketController {
/// The active FileHandle.
private var fileHandle: FileHandle?
@ -10,22 +10,24 @@ public class SocketController {
private var port: SocketPort?
/// A handler that will be notified when a new read/write handle is available.
/// False if no data could be read
public var handler: ((FileHandleReader, FileHandleWriter) -> Bool)?
public var handler: (@Sendable (FileHandleReader, FileHandleWriter) async -> Bool)?
/// Logger.
private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "SocketController")
/// Initializes a socket controller with a specified path.
/// - Parameter path: The path to use as a socket.
public init(path: String) {
Logger().debug("Socket controller setting up at \(path)")
logger.debug("Socket controller setting up at \(path)")
if let _ = try? FileManager.default.removeItem(atPath: path) {
Logger().debug("Socket controller removed existing socket")
logger.debug("Socket controller removed existing socket")
}
let exists = FileManager.default.fileExists(atPath: path)
assert(!exists)
Logger().debug("Socket controller path is clear")
logger.debug("Socket controller path is clear")
port = socketPort(at: path)
configureSocket(at: path)
Logger().debug("Socket listening at \(path)")
logger.debug("Socket listening at \(path)")
}
/// Configures the socket and a corresponding FileHandle.
@ -35,7 +37,7 @@ public class SocketController {
fileHandle = FileHandle(fileDescriptor: port.socket, closeOnDealloc: true)
NotificationCenter.default.addObserver(self, selector: #selector(handleConnectionAccept(notification:)), name: .NSFileHandleConnectionAccepted, object: nil)
NotificationCenter.default.addObserver(self, selector: #selector(handleConnectionDataAvailable(notification:)), name: .NSFileHandleDataAvailable, object: nil)
fileHandle?.acceptConnectionInBackgroundAndNotify(forModes: [RunLoop.current.currentMode!])
fileHandle?.acceptConnectionInBackgroundAndNotify(forModes: [RunLoop.Mode.common])
}
/// Creates a SocketPort for a path.
@ -65,25 +67,45 @@ public class SocketController {
/// Handles a new connection being accepted, invokes the handler, and prepares to accept new connections.
/// - Parameter notification: A `Notification` that triggered the call.
@objc func handleConnectionAccept(notification: Notification) {
Logger().debug("Socket controller accepted connection")
logger.debug("Socket controller accepted connection")
guard let new = notification.userInfo?[NSFileHandleNotificationFileHandleItem] as? FileHandle else { return }
_ = handler?(new, new)
new.waitForDataInBackgroundAndNotify()
fileHandle?.acceptConnectionInBackgroundAndNotify(forModes: [RunLoop.current.currentMode!])
Task { [handler, fileHandle] in
_ = await handler?(new, new)
await new.waitForDataInBackgroundAndNotifyOnMainActor()
await fileHandle?.acceptConnectionInBackgroundAndNotifyOnMainActor()
}
}
/// Handles a new connection providing data and invokes the handler callback.
/// - Parameter notification: A `Notification` that triggered the call.
@objc func handleConnectionDataAvailable(notification: Notification) {
Logger().debug("Socket controller has new data available")
logger.debug("Socket controller has new data available")
guard let new = notification.object as? FileHandle else { return }
Logger().debug("Socket controller received new file handle")
if((handler?(new, new)) == true) {
Logger().debug("Socket controller handled data, wait for more data")
new.waitForDataInBackgroundAndNotify()
} else {
Logger().debug("Socket controller called with empty data, socked closed")
logger.debug("Socket controller received new file handle")
Task { [handler, logger = UncheckedSendable(logger)] in
if((await handler?(new, new)) == true) {
logger.value.debug("Socket controller handled data, wait for more data")
await new.waitForDataInBackgroundAndNotifyOnMainActor()
} else {
logger.value.debug("Socket controller called with empty data, socked closed")
}
}
}
}
extension FileHandle {
/// Ensures waitForDataInBackgroundAndNotify will be called on the main actor.
@MainActor func waitForDataInBackgroundAndNotifyOnMainActor() {
waitForDataInBackgroundAndNotify()
}
/// Ensures acceptConnectionInBackgroundAndNotify will be called on the main actor.
/// - Parameter modes: the runloop modes to use.
@MainActor func acceptConnectionInBackgroundAndNotifyOnMainActor(forModes modes: [RunLoop.Mode]? = [RunLoop.Mode.common]) {
acceptConnectionInBackgroundAndNotify(forModes: modes)
}
}

2
Sources/Packages/Sources/SecretKit/Erasers/AnySecretStore.swift
View File

@ -71,7 +71,7 @@ public class AnySecretStore: SecretStore {
}
public class AnySecretStoreModifiable: AnySecretStore, SecretStoreModifiable {
public final class AnySecretStoreModifiable: AnySecretStore, SecretStoreModifiable {
private let _create: (String, Bool) throws -> Void
private let _delete: (AnySecret) throws -> Void

4
Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHCertificateHandler.swift
View File

@ -2,10 +2,10 @@ import Foundation
import OSLog
/// Manages storage and lookup for OpenSSH certificates.
public class OpenSSHCertificateHandler {
public final class OpenSSHCertificateHandler {
private let publicKeyFileStoreController = PublicKeyFileStoreController(homeDirectory: NSHomeDirectory())
private let logger = Logger()
private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "OpenSSHCertificateHandler")
private let writer = OpenSSHKeyWriter()
private var keyBlobsAndNames: [AnySecret: (Data, Data)] = [:]

2
Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHReader.swift
View File

@ -1,7 +1,7 @@
import Foundation
/// Reads OpenSSH protocol data.
public class OpenSSHReader {
public final class OpenSSHReader {
var remaining: Data

4
Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift
View File

@ -2,9 +2,9 @@ import Foundation
import OSLog
/// Controller responsible for writing public keys to disk, so that they're easily accessible by scripts.
public class PublicKeyFileStoreController {
public final class PublicKeyFileStoreController {
private let logger = Logger()
private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "PublicKeyFileStoreController")
private let directory: String
private let keyWriter = OpenSSHKeyWriter()

2
Sources/Packages/Sources/SecretKit/SecretStoreList.swift
View File

@ -2,7 +2,7 @@ import Foundation
import Combine
/// A "Store Store," which holds a list of type-erased stores.
public class SecretStoreList: ObservableObject {
public final class SecretStoreList: ObservableObject {
/// The Stores managed by the SecretStoreList.
@Published public var stores: [AnySecretStore] = []

26
Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
View File

@ -8,7 +8,7 @@ import SecretKit
extension SecureEnclave {
/// An implementation of Store backed by the Secure Enclave.
public class Store: SecretStoreModifiable {
public final class Store: SecretStoreModifiable {
public var isAvailable: Bool {
// For some reason, as of build time, CryptoKit.SecureEnclave.isAvailable always returns false
@ -17,15 +17,15 @@ extension SecureEnclave {
TKTokenWatcher().tokenIDs.contains("com.apple.setoken")
}
public let id = UUID()
public let name = NSLocalizedString("Secure Enclave", comment: "Secure Enclave")
public let name = String(localized: "secure_enclave")
@Published public private(set) var secrets: [Secret] = []
private var persistedAuthenticationContexts: [Secret: PersistentAuthenticationContext] = [:]
/// Initializes a Store.
public init() {
DistributedNotificationCenter.default().addObserver(forName: .secretStoreUpdated, object: nil, queue: .main) { _ in
self.reloadSecretsInternal(notifyAgent: false)
DistributedNotificationCenter.default().addObserver(forName: .secretStoreUpdated, object: nil, queue: .main) { [reload = reloadSecretsInternal(notifyAgent:)] _ in
reload(false)
}
loadSecrets()
}
@ -107,10 +107,10 @@ extension SecureEnclave {
context = existing.context
} else {
let newContext = LAContext()
newContext.localizedCancelTitle = "Deny"
newContext.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
context = newContext
}
context.localizedReason = "sign a request from \"\(provenance.origin.displayName)\" using secret \"\(secret.name)\""
context.localizedReason = String(localized: "auth_context_request_signature_description_\(provenance.origin.displayName)_\(secret.name)")
let attributes = KeychainDictionary([
kSecClass: kSecClassKey,
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
@ -140,8 +140,8 @@ extension SecureEnclave {
public func verify(signature: Data, for data: Data, with secret: Secret) throws -> Bool {
let context = LAContext()
context.localizedReason = "verify a signature using secret \"\(secret.name)\""
context.localizedCancelTitle = "Deny"
context.localizedReason = String(localized: "auth_context_request_verify_description_\(secret.name)")
context.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
let attributes = KeychainDictionary([
kSecClass: kSecClassKey,
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
@ -181,16 +181,16 @@ extension SecureEnclave {
public func persistAuthentication(secret: Secret, forDuration duration: TimeInterval) throws {
let newContext = LAContext()
newContext.touchIDAuthenticationAllowableReuseDuration = duration
newContext.localizedCancelTitle = "Deny"
newContext.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
let formatter = DateComponentsFormatter()
formatter.unitsStyle = .spellOut
formatter.allowedUnits = [.hour, .minute, .day]
if let durationString = formatter.string(from: duration) {
newContext.localizedReason = "unlock secret \"\(secret.name)\" for \(durationString)"
newContext.localizedReason = String(localized: "auth_context_persist_for_duration_\(secret.name)_\(durationString)")
} else {
newContext.localizedReason = "unlock secret \"\(secret.name)\""
newContext.localizedReason = String(localized: "auth_context_persist_for_duration_unknown_\(secret.name)")
}
newContext.evaluatePolicy(LAPolicy.deviceOwnerAuthentication, localizedReason: newContext.localizedReason) { [weak self] success, _ in
guard success else { return }
@ -211,7 +211,7 @@ extension SecureEnclave.Store {
/// Reloads all secrets from the store.
/// - Parameter notifyAgent: A boolean indicating whether a distributed notification should be posted, notifying other processes (ie, the SecretAgent) to reload their stores as well.
private func reloadSecretsInternal(notifyAgent: Bool = true) {
@Sendable private func reloadSecretsInternal(notifyAgent: Bool = true) {
let before = secrets
secrets.removeAll()
loadSecrets()
@ -260,7 +260,7 @@ extension SecureEnclave.Store {
nil)!
let wrapped: [SecureEnclave.Secret] = publicTyped.map {
let name = $0[kSecAttrLabel] as? String ?? "Unnamed"
let name = $0[kSecAttrLabel] as? String ?? String(localized: "unnamed_secret")
let id = $0[kSecAttrApplicationLabel] as! Data
let publicKeyRef = $0[kSecValueRef] as! SecKey
let publicKeyAttributes = SecKeyCopyAttributes(publicKeyRef) as! [CFString: Any]

64
Sources/Packages/Sources/SmartCardSecretKit/SmartCardStore.swift
View File

@ -8,11 +8,11 @@ import SecretKit
extension SmartCard {
/// An implementation of Store backed by a Smart Card.
public class Store: SecretStore {
public final class Store: SecretStore {
@Published public var isAvailable: Bool = false
public let id = UUID()
public private(set) var name = NSLocalizedString("Smart Card", comment: "Smart Card")
public private(set) var name = String(localized: "smart_card")
@Published public private(set) var secrets: [Secret] = []
private let watcher = TKTokenWatcher()
private var tokenID: String?
@ -20,12 +20,14 @@ extension SmartCard {
/// Initializes a Store.
public init() {
tokenID = watcher.nonSecureEnclaveTokens.first
watcher.setInsertionHandler { string in
watcher.setInsertionHandler { [reload = reloadSecretsInternal] string in
guard self.tokenID == nil else { return }
guard !string.contains("setoken") else { return }
self.tokenID = string
self.reloadSecrets()
DispatchQueue.main.async {
reload()
}
self.watcher.addRemovalHandler(self.smartcardRemoved, forTokenID: string)
}
if let tokenID = tokenID {
@ -48,8 +50,8 @@ extension SmartCard {
public func sign(data: Data, with secret: Secret, for provenance: SigningRequestProvenance) throws -> Data {
guard let tokenID = tokenID else { fatalError() }
let context = LAContext()
context.localizedReason = "sign a request from \"\(provenance.origin.displayName)\" using secret \"\(secret.name)\""
context.localizedCancelTitle = "Deny"
context.localizedReason = String(localized: "auth_context_request_signature_description_\(provenance.origin.displayName)_\(secret.name)")
context.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
let attributes = KeychainDictionary([
kSecClass: kSecClassKey,
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
@ -106,15 +108,7 @@ extension SmartCard {
/// Reloads all secrets from the store.
public func reloadSecrets() {
DispatchQueue.main.async {
self.isAvailable = self.tokenID != nil
let before = self.secrets
self.secrets.removeAll()
self.loadSecrets()
if self.secrets != before {
NotificationCenter.default.post(name: .secretStoreReloaded, object: self)
}
}
reloadSecretsInternal()
}
}
@ -123,6 +117,16 @@ extension SmartCard {
extension SmartCard.Store {
@Sendable private func reloadSecretsInternal() {
self.isAvailable = self.tokenID != nil
let before = self.secrets
self.secrets.removeAll()
self.loadSecrets()
if self.secrets != before {
NotificationCenter.default.post(name: .secretStoreReloaded, object: self)
}
}
/// Resets the token ID and reloads secrets.
/// - Parameter tokenID: The ID of the token that was removed.
private func smartcardRemoved(for tokenID: String? = nil) {
@ -134,21 +138,11 @@ extension SmartCard.Store {
private func loadSecrets() {
guard let tokenID = tokenID else { return }
let fallbackName = NSLocalizedString("Smart Card", comment: "Smart Card")
if #available(macOS 12.0, *) {
if let driverName = watcher.tokenInfo(forTokenID: tokenID)?.driverName {
name = driverName
} else {
name = fallbackName
}
let fallbackName = String(localized: "smart_card")
if let driverName = watcher.tokenInfo(forTokenID: tokenID)?.driverName {
name = driverName
} else {
// Hack to read name if there's only one smart card
let slotNames = TKSmartCardSlotManager().slotNames
if watcher.nonSecureEnclaveTokens.count == 1 && slotNames.count == 1 {
name = slotNames.first!
} else {
name = fallbackName
}
name = fallbackName
}
let attributes = KeychainDictionary([
@ -162,7 +156,7 @@ extension SmartCard.Store {
SecItemCopyMatching(attributes, &untyped)
guard let typed = untyped as? [[CFString: Any]] else { return }
let wrapped = typed.map {
let name = $0[kSecAttrLabel] as? String ?? "Unnamed"
let name = $0[kSecAttrLabel] as? String ?? String(localized: "unnamed_secret")
let tokenID = $0[kSecAttrApplicationLabel] as! Data
let algorithm = Algorithm(secAttr: $0[kSecAttrKeyType] as! NSNumber)
let keySize = $0[kSecAttrKeySizeInBits] as! Int
@ -189,8 +183,8 @@ extension SmartCard.Store {
/// - Warning: Encryption functions are deliberately only exposed on a library level, and are not exposed in Secretive itself to prevent users from data loss. Any pull requests which expose this functionality in the app will not be merged.
public func encrypt(data: Data, with secret: SecretType) throws -> Data {
let context = LAContext()
context.localizedReason = "encrypt data using secret \"\(secret.name)\""
context.localizedCancelTitle = "Deny"
context.localizedReason = String(localized: "auth_context_request_encrypt_description_\(secret.name)")
context.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
let attributes = KeychainDictionary([
kSecAttrKeyType: secret.algorithm.secAttrKeyType,
kSecAttrKeySizeInBits: secret.keySize,
@ -218,8 +212,8 @@ extension SmartCard.Store {
public func decrypt(data: Data, with secret: SecretType) throws -> Data {
guard let tokenID = tokenID else { fatalError() }
let context = LAContext()
context.localizedReason = "decrypt data using secret \"\(secret.name)\""
context.localizedCancelTitle = "Deny"
context.localizedReason = String(localized: "auth_context_request_decrypt_description_\(secret.name)")
context.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
let attributes = KeychainDictionary([
kSecClass: kSecClassKey,
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
@ -249,7 +243,7 @@ extension SmartCard.Store {
case (.ellipticCurve, 256):
return .eciesEncryptionCofactorVariableIVX963SHA256AESGCM
case (.ellipticCurve, 384):
return .eciesEncryptionCofactorVariableIVX963SHA256AESGCM
return .eciesEncryptionCofactorVariableIVX963SHA384AESGCM
case (.rsa, 1024), (.rsa, 2048):
return .rsaEncryptionOAEPSHA512AESGCM
default:

36
Sources/Packages/Tests/SecretAgentKitTests/AgentTests.swift
View File

@ -10,39 +10,39 @@ class AgentTests: XCTestCase {
// MARK: Identity Listing
func testEmptyStores() {
func testEmptyStores() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestIdentities)
let agent = Agent(storeList: SecretStoreList())
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
XCTAssertEqual(stubWriter.data, Constants.Responses.requestIdentitiesEmpty)
}
func testIdentitiesList() {
func testIdentitiesList() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestIdentities)
let list = storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
let agent = Agent(storeList: list)
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
XCTAssertEqual(stubWriter.data, Constants.Responses.requestIdentitiesMultiple)
}
// MARK: Signatures
func testNoMatchingIdentities() {
func testNoMatchingIdentities() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignatureWithNoneMatching)
let list = storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
let agent = Agent(storeList: list)
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
// XCTAssertEqual(stubWriter.data, Constants.Responses.requestFailure)
}
func testSignature() {
func testSignature() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
let requestReader = OpenSSHReader(data: Constants.Requests.requestSignature[5...])
_ = requestReader.readNextChunk()
let dataToSign = requestReader.readNextChunk()
let list = storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
let agent = Agent(storeList: list)
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
let outer = OpenSSHReader(data: stubWriter.data[5...])
let payload = outer.readNextChunk()
let inner = OpenSSHReader(data: payload)
@ -76,18 +76,18 @@ class AgentTests: XCTestCase {
// MARK: Witness protocol
func testWitnessObjectionStopsRequest() {
func testWitnessObjectionStopsRequest() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
let list = storeList(with: [Constants.Secrets.ecdsa256Secret])
let witness = StubWitness(speakNow: { _,_ in
return true
}, witness: { _, _ in })
let agent = Agent(storeList: list, witness: witness)
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
XCTAssertEqual(stubWriter.data, Constants.Responses.requestFailure)
}
func testWitnessSignature() {
func testWitnessSignature() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
let list = storeList(with: [Constants.Secrets.ecdsa256Secret])
var witnessed = false
@ -97,11 +97,11 @@ class AgentTests: XCTestCase {
witnessed = true
})
let agent = Agent(storeList: list, witness: witness)
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
XCTAssertTrue(witnessed)
}
func testRequestTracing() {
func testRequestTracing() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
let list = storeList(with: [Constants.Secrets.ecdsa256Secret])
var speakNowTrace: SigningRequestProvenance! = nil
@ -113,7 +113,7 @@ class AgentTests: XCTestCase {
witnessTrace = trace
})
let agent = Agent(storeList: list, witness: witness)
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
XCTAssertEqual(witnessTrace, speakNowTrace)
XCTAssertEqual(witnessTrace.origin.displayName, "Finder")
XCTAssertEqual(witnessTrace.origin.validSignature, true)
@ -122,22 +122,22 @@ class AgentTests: XCTestCase {
// MARK: Exception Handling
func testSignatureException() {
func testSignatureException() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
let list = storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
let store = list.stores.first?.base as! Stub.Store
store.shouldThrow = true
let agent = Agent(storeList: list)
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
XCTAssertEqual(stubWriter.data, Constants.Responses.requestFailure)
}
// MARK: Unsupported
func testUnhandledAdd() {
func testUnhandledAdd() async {
let stubReader = StubFileHandleReader(availableData: Constants.Requests.addIdentity)
let agent = Agent(storeList: SecretStoreList())
agent.handle(reader: stubReader, writer: stubWriter)
await agent.handle(reader: stubReader, writer: stubWriter)
XCTAssertEqual(stubWriter.data, Constants.Responses.requestFailure)
}

2
Sources/Packages/Tests/SecretAgentKitTests/StubStore.swift
View File

@ -6,7 +6,7 @@ struct Stub {}
extension Stub {
public class Store: SecretStore {
public final class Store: SecretStore {
public let isAvailable = true
public let id = UUID()

3
Sources/SecretAgent/AppDelegate.swift
View File

@ -27,9 +27,10 @@ class AppDelegate: NSObject, NSApplicationDelegate {
return SocketController(path: path)
}()
private var updateSink: AnyCancellable?
private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "AppDelegate")
func applicationDidFinishLaunching(_ aNotification: Notification) {
Logger().debug("SecretAgent finished launching")
logger.debug("SecretAgent finished launching")
DispatchQueue.main.async {
self.socketController.handler = self.agent.handle(reader:writer:)
}

26
Sources/SecretAgent/Notifier.swift
View File

@ -10,8 +10,8 @@ class Notifier {
private let notificationDelegate = NotificationDelegate()
init() {
let updateAction = UNNotificationAction(identifier: Constants.updateActionIdentitifier, title: "Update", options: [])
let ignoreAction = UNNotificationAction(identifier: Constants.ignoreActionIdentitifier, title: "Ignore", options: [])
let updateAction = UNNotificationAction(identifier: Constants.updateActionIdentitifier, title: String(localized: "update_notification_update_button"), options: [])
let ignoreAction = UNNotificationAction(identifier: Constants.ignoreActionIdentitifier, title: String(localized: "update_notification_ignore_button"), options: [])
let updateCategory = UNNotificationCategory(identifier: Constants.updateCategoryIdentitifier, actions: [updateAction, ignoreAction], intentIdentifiers: [], options: [])
let criticalUpdateCategory = UNNotificationCategory(identifier: Constants.criticalUpdateCategoryIdentitifier, actions: [updateAction], intentIdentifiers: [], options: [])
@ -22,7 +22,7 @@ class Notifier {
Measurement(value: 24, unit: UnitDuration.hours)
]
let doNotPersistAction = UNNotificationAction(identifier: Constants.doNotPersistActionIdentitifier, title: "Do Not Unlock", options: [])
let doNotPersistAction = UNNotificationAction(identifier: Constants.doNotPersistActionIdentitifier, title: String(localized: "persist_authentication_decline_button"), options: [])
var allPersistenceActions = [doNotPersistAction]
let formatter = DateComponentsFormatter()
@ -40,7 +40,7 @@ class Notifier {
let persistAuthenticationCategory = UNNotificationCategory(identifier: Constants.persistAuthenticationCategoryIdentitifier, actions: allPersistenceActions, intentIdentifiers: [], options: [])
if persistAuthenticationCategory.responds(to: Selector(("actionsMenuTitle"))) {
persistAuthenticationCategory.setValue("Leave Unlocked", forKey: "_actionsMenuTitle")
persistAuthenticationCategory.setValue(String(localized: "persist_authentication_accept_button"), forKey: "_actionsMenuTitle")
}
UNUserNotificationCenter.current().setNotificationCategories([updateCategory, criticalUpdateCategory, persistAuthenticationCategory])
UNUserNotificationCenter.current().delegate = notificationDelegate
@ -62,13 +62,11 @@ class Notifier {
notificationDelegate.pendingPersistableStores[store.id.description] = store
let notificationCenter = UNUserNotificationCenter.current()
let notificationContent = UNMutableNotificationContent()
notificationContent.title = "Signed Request from \(provenance.origin.displayName)"
notificationContent.subtitle = "Using secret \"\(secret.name)\""
notificationContent.title = String(localized: "signed_notification_title_\(provenance.origin.displayName)")
notificationContent.subtitle = String(localized: "signed_notification_description_\(secret.name)")
notificationContent.userInfo[Constants.persistSecretIDKey] = secret.id.description
notificationContent.userInfo[Constants.persistStoreIDKey] = store.id.description
if #available(macOS 12.0, *) {
notificationContent.interruptionLevel = .timeSensitive
}
notificationContent.interruptionLevel = .timeSensitive
if secret.requiresAuthentication && store.existingPersistedAuthenticationContext(secret: secret) == nil {
notificationContent.categoryIdentifier = Constants.persistAuthenticationCategoryIdentitifier
}
@ -85,14 +83,12 @@ class Notifier {
let notificationCenter = UNUserNotificationCenter.current()
let notificationContent = UNMutableNotificationContent()
if update.critical {
if #available(macOS 12.0, *) {
notificationContent.interruptionLevel = .critical
}
notificationContent.title = "Critical Security Update - \(update.name)"
notificationContent.interruptionLevel = .critical
notificationContent.title = String(localized: "update_notification_update_critical_title_\(update.name)")
} else {
notificationContent.title = "Update Available - \(update.name)"
notificationContent.title = String(localized: "update_notification_update_normal_title_\(update.name)")
}
notificationContent.subtitle = "Click to Update"
notificationContent.subtitle = String(localized: "update_notification_update_description")
notificationContent.body = update.body
notificationContent.categoryIdentifier = update.critical ? Constants.criticalUpdateCategoryIdentitifier : Constants.updateCategoryIdentitifier
let request = UNNotificationRequest(identifier: UUID().uuidString, content: notificationContent, trigger: nil)

29
Sources/Secretive.xcodeproj/project.pbxproj
View File

@ -3,7 +3,7 @@
archiveVersion = 1;
classes = {
};
objectVersion = 52;
objectVersion = 54;
objects = {
/* Begin PBXBuildFile section */
@ -18,6 +18,7 @@
5003EF612780081600DF2006 /* SmartCardSecretKit in Frameworks */ = {isa = PBXBuildFile; productRef = 5003EF602780081600DF2006 /* SmartCardSecretKit */; };
5003EF632780081B00DF2006 /* SecureEnclaveSecretKit in Frameworks */ = {isa = PBXBuildFile; productRef = 5003EF622780081B00DF2006 /* SecureEnclaveSecretKit */; };
5003EF652780081B00DF2006 /* SmartCardSecretKit in Frameworks */ = {isa = PBXBuildFile; productRef = 5003EF642780081B00DF2006 /* SmartCardSecretKit */; };
500B93C32B478D8400E157DE /* Localizable.xcstrings in Resources */ = {isa = PBXBuildFile; fileRef = 500B93C22B478D8400E157DE /* Localizable.xcstrings */; };
501421622781262300BBAA70 /* Brief in Frameworks */ = {isa = PBXBuildFile; productRef = 501421612781262300BBAA70 /* Brief */; };
501421652781268000BBAA70 /* SecretAgent.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 50A3B78A24026B7500D209EA /* SecretAgent.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; };
50153E20250AFCB200525160 /* UpdateView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50153E1F250AFCB200525160 /* UpdateView.swift */; };
@ -51,6 +52,7 @@
50B8550D24138C4F009958AC /* DeleteSecretView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50B8550C24138C4F009958AC /* DeleteSecretView.swift */; };
50BB046B2418AAAE00D6E079 /* EmptyStoreView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50BB046A2418AAAE00D6E079 /* EmptyStoreView.swift */; };
50C385A52407A76D00AF2719 /* SecretDetailView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50C385A42407A76D00AF2719 /* SecretDetailView.swift */; };
50E9CF422B51D596004AB36D /* Localizable.xcstrings in Resources */ = {isa = PBXBuildFile; fileRef = 500B93C22B478D8400E157DE /* Localizable.xcstrings */; };
/* End PBXBuildFile section */
/* Begin PBXContainerItemProxy section */
@ -108,6 +110,7 @@
50020BAF24064869003D4025 /* AppDelegate.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = "<group>"; };
50033AC227813F1700253856 /* BundleIDs.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BundleIDs.swift; sourceTree = "<group>"; };
5003EF39278005C800DF2006 /* Packages */ = {isa = PBXFileReference; lastKnownFileType = wrapper; path = Packages; sourceTree = "<group>"; };
500B93C22B478D8400E157DE /* Localizable.xcstrings */ = {isa = PBXFileReference; lastKnownFileType = text.json.xcstrings; path = Localizable.xcstrings; sourceTree = "<group>"; };
50153E1F250AFCB200525160 /* UpdateView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = UpdateView.swift; sourceTree = "<group>"; };
50153E21250DECA300525160 /* SecretListItemView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecretListItemView.swift; sourceTree = "<group>"; };
5018F54E24064786002EB505 /* Notifier.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Notifier.swift; sourceTree = "<group>"; };
@ -228,6 +231,7 @@
508BF28D25B4F005009EFB7E /* InternetAccessPolicy.plist */,
50617D8F23FCE48E0099B055 /* Secretive.entitlements */,
506772C62424784600034DED /* Credits.rtf */,
500B93C22B478D8400E157DE /* Localizable.xcstrings */,
50617D8823FCE48E0099B055 /* Preview Content */,
);
path = Secretive;
@ -425,6 +429,12 @@
knownRegions = (
en,
Base,
it,
fr,
de,
"pt-BR",
fi,
ko,
);
mainGroup = 50617D7623FCE48D0099B055;
productRefGroup = 50617D8023FCE48E0099B055 /* Products */;
@ -444,6 +454,7 @@
buildActionMask = 2147483647;
files = (
50617D8A23FCE48E0099B055 /* Preview Assets.xcassets in Resources */,
500B93C32B478D8400E157DE /* Localizable.xcstrings in Resources */,
50617D8723FCE48E0099B055 /* Assets.xcassets in Resources */,
506772C72424784600034DED /* Credits.rtf in Resources */,
508BF28E25B4F005009EFB7E /* InternetAccessPolicy.plist in Resources */,
@ -462,6 +473,7 @@
buildActionMask = 2147483647;
files = (
50A3B79724026B7600D209EA /* Main.storyboard in Resources */,
50E9CF422B51D596004AB36D /* Localizable.xcstrings in Resources */,
50A3B79424026B7600D209EA /* Preview Assets.xcassets in Resources */,
50A3B79124026B7600D209EA /* Assets.xcassets in Resources */,
508BF2AA25B4F1CB009EFB7E /* InternetAccessPolicy.plist in Resources */,
@ -606,6 +618,7 @@
STRIP_INSTALLED_PRODUCT = NO;
STRIP_SWIFT_SYMBOLS = NO;
SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG;
SWIFT_EMIT_LOC_STRINGS = YES;
SWIFT_OPTIMIZATION_LEVEL = "-Onone";
};
name = Debug;
@ -664,6 +677,7 @@
STRIP_INSTALLED_PRODUCT = NO;
STRIP_SWIFT_SYMBOLS = NO;
SWIFT_COMPILATION_MODE = wholemodule;
SWIFT_EMIT_LOC_STRINGS = YES;
SWIFT_OPTIMIZATION_LEVEL = "-O";
};
name = Release;
@ -687,10 +701,12 @@
"$(inherited)",
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 12.0;
MARKETING_VERSION = 1;
PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "";
SWIFT_STRICT_CONCURRENCY = complete;
SWIFT_VERSION = 5.0;
};
name = Debug;
@ -714,10 +730,12 @@
"$(inherited)",
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 12.0;
MARKETING_VERSION = 1;
PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "Secretive - Host";
SWIFT_STRICT_CONCURRENCY = complete;
SWIFT_VERSION = 5.0;
};
name = Release;
@ -825,6 +843,7 @@
STRIP_INSTALLED_PRODUCT = NO;
STRIP_SWIFT_SYMBOLS = NO;
SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG;
SWIFT_EMIT_LOC_STRINGS = YES;
SWIFT_OPTIMIZATION_LEVEL = "-Onone";
};
name = Test;
@ -845,9 +864,11 @@
"$(inherited)",
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 12.0;
MARKETING_VERSION = 1;
PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
PRODUCT_NAME = "$(TARGET_NAME)";
SWIFT_STRICT_CONCURRENCY = complete;
SWIFT_VERSION = 5.0;
};
name = Test;
@ -888,9 +909,11 @@
"$(inherited)",
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 12.0;
MARKETING_VERSION = 1;
PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
PRODUCT_NAME = "$(TARGET_NAME)";
SWIFT_STRICT_CONCURRENCY = complete;
SWIFT_VERSION = 5.0;
};
name = Test;
@ -911,9 +934,11 @@
"$(inherited)",
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 12.0;
MARKETING_VERSION = 1;
PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
PRODUCT_NAME = "$(TARGET_NAME)";
SWIFT_STRICT_CONCURRENCY = complete;
SWIFT_VERSION = 5.0;
};
name = Debug;
@ -935,10 +960,12 @@
"$(inherited)",
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 12.0;
MARKETING_VERSION = 1;
PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "Secretive - Secret Agent";
SWIFT_STRICT_CONCURRENCY = complete;
SWIFT_VERSION = 5.0;
};
name = Release;

6
Sources/Secretive/App.swift
View File

@ -45,18 +45,18 @@ struct Secretive: App {
}
.commands {
CommandGroup(after: CommandGroupPlacement.newItem) {
Button("New Secret") {
Button("app_menu_new_secret_button") {
showingCreation = true
}
.keyboardShortcut(KeyboardShortcut(KeyEquivalent("N"), modifiers: [.command, .shift]))
}
CommandGroup(replacing: .help) {
Button("Help") {
Button("app_menu_help_button") {
NSWorkspace.shared.open(Constants.helpURL)
}
}
CommandGroup(after: .help) {
Button("Setup Secretive") {
Button("app_menu_setup_button") {
showingSetup = true
}
}

10
Sources/Secretive/Controllers/LaunchAgentController.swift
View File

@ -6,8 +6,10 @@ import SecretKit
struct LaunchAgentController {
private let logger = Logger(subsystem: "com.maxgoedjen.secretive", category: "LaunchAgentController")
func install(completion: (() -> Void)? = nil) {
Logger().debug("Installing agent")
logger.debug("Installing agent")
_ = setEnabled(false)
// This is definitely a bit of a "seems to work better" thing but:
// Seems to more reliably hit if these are on separate runloops, otherwise it seems like it sometimes doesn't kill old
@ -20,7 +22,7 @@ struct LaunchAgentController {
}
func forceLaunch(completion: ((Bool) -> Void)?) {
Logger().debug("Agent is not running, attempting to force launch")
logger.debug("Agent is not running, attempting to force launch")
let url = Bundle.main.bundleURL.appendingPathComponent("Contents/Library/LoginItems/SecretAgent.app")
let config = NSWorkspace.OpenConfiguration()
config.activates = false
@ -29,9 +31,9 @@ struct LaunchAgentController {
completion?(error == nil)
}
if let error = error {
Logger().error("Error force launching \(error.localizedDescription)")
logger.error("Error force launching \(error.localizedDescription)")
} else {
Logger().debug("Agent force launched")
logger.debug("Agent force launched")
}
}
}

4725
Sources/Secretive/Localizable.xcstrings Normal file
View File

File diff suppressed because it is too large Load Diff

22
Sources/Secretive/Views/ContentView.swift
View File

@ -64,15 +64,15 @@ extension ContentView {
}
}
var updateNoticeContent: (String, Color)? {
var updateNoticeContent: (LocalizedStringKey, Color)? {
guard let update = updater.update else { return nil }
if update.critical {
return ("Critical Security Update Required", .red)
return ("update_critical_notice_title", .red)
} else {
if updater.testBuild {
return ("Test Build", .blue)
return ("update_test_notice_title", .blue)
} else {
return ("Update Available", .orange)
return ("update_normal_notice_title", .orange)
}
}
}
@ -121,9 +121,9 @@ extension ContentView {
}, label: {
Group {
if hasRunSetup && !agentStatusChecker.running {
Text("Secret Agent Is Not Running")
Text("agent_not_running_notice_title")
} else {
Text("Setup Secretive")
Text("agent_setup_notice_title")
}
}
.font(.headline)
@ -138,7 +138,7 @@ extension ContentView {
showingAgentInfo = true
}, label: {
HStack {
Text("Agent is Running")
Text("agent_running_notice_title")
.font(.headline)
.foregroundColor(colorScheme == .light ? Color(white: 0.3) : .white)
Circle()
@ -149,10 +149,10 @@ extension ContentView {
.buttonStyle(ToolbarButtonStyle(lightColor: .black.opacity(0.05), darkColor: .white.opacity(0.05)))
.popover(isPresented: $showingAgentInfo, attachmentAnchor: attachmentAnchor, arrowEdge: .bottom) {
VStack {
Text("SecretAgent is Running")
Text("agent_running_notice_detail_title")
.font(.title)
.padding(5)
Text("SecretAgent is a process that runs in the background to sign requests, so you don't need to keep Secretive open all the time.\n\n**You can close Secretive, and everything will still keep working.**")
Text("agent_running_notice_detail_description")
.frame(width: 300)
}
.padding()
@ -166,7 +166,7 @@ extension ContentView {
showingAppPathNotice = true
}, label: {
Group {
Text("Secretive Is Not in Applications Folder")
Text("app_not_in_applications_notice_title")
}
.font(.headline)
.foregroundColor(.white)
@ -178,7 +178,7 @@ extension ContentView {
.resizable()
.aspectRatio(contentMode: .fit)
.frame(width: 64)
Text("Secretive needs to be in your Applications folder to work properly. Please move it and relaunch.")
Text("app_not_in_applications_notice_detail_description")
.frame(maxWidth: 300)
}
.padding()

12
Sources/Secretive/Views/CopyableView.swift
View File

@ -3,7 +3,7 @@ import UniformTypeIdentifiers
struct CopyableView: View {
var title: String
var title: LocalizedStringKey
var image: Image
var text: String
@ -66,12 +66,12 @@ struct CopyableView: View {
)
}
var hoverText: String {
var hoverText: LocalizedStringKey {
switch interactionState {
case .hovering:
return "Click to Copy"
return "copyable_click_to_copy_button"
case .clicking:
return "Copied"
return "copyable_copied"
case .normal:
fatalError()
}
@ -122,9 +122,9 @@ struct CopyableView: View {
struct CopyableView_Previews: PreviewProvider {
static var previews: some View {
Group {
CopyableView(title: "Title", image: Image(systemName: "figure.wave"), text: "Hello world.")
CopyableView(title: "secret_detail_sha256_fingerprint_label", image: Image(systemName: "figure.wave"), text: "Hello world.")
.padding()
CopyableView(title: "Title", image: Image(systemName: "figure.wave"), text: "Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. ")
CopyableView(title: "secret_detail_sha256_fingerprint_label", image: Image(systemName: "figure.wave"), text: "Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. Long text. ")
.padding()
}
}

58
Sources/Secretive/Views/CreateSecretView.swift
View File

@ -14,43 +14,30 @@ struct CreateSecretView<StoreType: SecretStoreModifiable>: View {
HStack {
VStack {
HStack {
Text("Create a New Secret")
Text("create_secret_title")
.font(.largeTitle)
Spacer()
}
HStack {
Text("Name:")
TextField("Shhhhh", text: $name)
Text("create_secret_name_label")
TextField("create_secret_name_placeholder", text: $name)
.focusable()
}
if #available(macOS 12.0, *) {
ThumbnailPickerView(items: [
ThumbnailPickerView.Item(value: true, name: "Require Authentication", description: "You will be required to authenticate using Touch ID, Apple Watch, or password before each use.", thumbnail: AuthenticationView()),
ThumbnailPickerView.Item(value: false, name: "Notify",
description: "No authentication is required while your Mac is unlocked, but you will be notified when a secret is used.",
thumbnail: NotificationView())
], selection: $requiresAuthentication)
} else {
HStack {
VStack(spacing: 20) {
Picker("", selection: $requiresAuthentication) {
Text("Requires Authentication (Biometrics or Password) before each use").tag(true)
Text("Authentication not required when Mac is unlocked").tag(false)
}
.pickerStyle(RadioGroupPickerStyle())
Spacer(minLength: 10)
}
}
}
ThumbnailPickerView(items: [
ThumbnailPickerView.Item(value: true, name: "create_secret_require_authentication_title", description: "create_secret_require_authentication_description", thumbnail: AuthenticationView()),
ThumbnailPickerView.Item(value: false, name: "create_secret_notify_title",
description: "create_secret_notify_description",
thumbnail: NotificationView())
], selection: $requiresAuthentication)
}
}
HStack {
Spacer()
Button("Cancel") {
Button("create_secret_cancel_button") {
showing = false
}
.keyboardShortcut(.cancelAction)
Button("Create", action: save)
Button("create_secret_create_button", action: save)
.disabled(name.isEmpty)
.keyboardShortcut(.defaultAction)
}
@ -109,11 +96,11 @@ extension ThumbnailPickerView {
struct Item<ValueType: Hashable>: Identifiable {
let id = UUID()
let value: ValueType
let name: String
let description: String
let name: LocalizedStringKey
let description: LocalizedStringKey
let thumbnail: AnyView
init<ViewType: View>(value: ValueType, name: String, description: String, thumbnail: ViewType) {
init<ViewType: View>(value: ValueType, name: LocalizedStringKey, description: LocalizedStringKey, thumbnail: ViewType) {
self.value = value
self.name = name
self.description = description
@ -138,7 +125,6 @@ extension ThumbnailPickerView {
}
@available(macOS 12.0, *)
struct SystemBackgroundView: View {
let anchor: UnitPoint
@ -157,7 +143,6 @@ struct SystemBackgroundView: View {
}
}
@available(macOS 12.0, *)
struct AuthenticationView: View {
var body: some View {
@ -169,15 +154,15 @@ struct AuthenticationView: View {
.resizable()
.aspectRatio(contentMode: .fit)
.foregroundColor(Color(.systemRed))
Text("Touch ID Prompt")
Text(verbatim: "Touch ID Prompt")
.font(.headline)
.foregroundColor(.primary)
.redacted(reason: .placeholder)
VStack {
Text("Touch ID Detail prompt.Detail two.")
Text(verbatim: "Touch ID Detail prompt.Detail two.")
.font(.caption2)
.foregroundColor(.primary)
Text("Touch ID Detail prompt.Detail two.")
Text(verbatim: "Touch ID Detail prompt.Detail two.")
.font(.caption2)
.foregroundColor(.primary)
}
@ -203,7 +188,6 @@ struct AuthenticationView: View {
}
@available(macOS 12.0, *)
struct NotificationView: View {
var body: some View {
@ -223,10 +207,10 @@ struct NotificationView: View {
.frame(width: 64, height: 64)
.foregroundColor(.primary)
VStack(alignment: .leading) {
Text("Secretive")
Text(verbatim: "Secretive")
.font(.title)
.foregroundColor(.primary)
Text("Secretive wants to sign")
Text(verbatim: "Secretive wants to sign")
.font(.body)
.foregroundColor(.primary)
}
@ -253,14 +237,10 @@ struct CreateSecretView_Previews: PreviewProvider {
static var previews: some View {
Group {
CreateSecretView(store: Preview.StoreModifiable(), showing: .constant(true))
if #available(macOS 12.0, *) {
AuthenticationView().environment(\.colorScheme, .dark)
AuthenticationView().environment(\.colorScheme, .light)
NotificationView().environment(\.colorScheme, .dark)
NotificationView().environment(\.colorScheme, .light)
} else {
// Fallback on earlier versions
}
}
}
}

10
Sources/Secretive/Views/DeleteSecretView.swift
View File

@ -18,24 +18,24 @@ struct DeleteSecretView<StoreType: SecretStoreModifiable>: View {
.padding()
VStack {
HStack {
Text("Delete \(secret.name)?").bold()
Text("delete_confirmation_title_\(secret.name)").bold()
Spacer()
}
HStack {
Text("If you delete \(secret.name), you will not be able to recover it. Type \"\(secret.name)\" to confirm.")
Text("delete_confirmation_description_\(secret.name)_\(secret.name)")
Spacer()
}
HStack {
Text("Confirm Name:")
Text("delete_confirmation_confirm_name_label")
TextField(secret.name, text: $confirm)
}
}
}
HStack {
Spacer()
Button("Delete", action: delete)
Button("delete_confirmation_delete_button", action: delete)
.disabled(confirm != secret.name)
Button("Don't Delete") {
Button("delete_confirmation_cancel_button") {
dismissalBlock(false)
}
.keyboardShortcut(.cancelAction)

16
Sources/Secretive/Views/EmptyStoreView.swift
View File

@ -9,11 +9,11 @@ struct EmptyStoreView: View {
var body: some View {
if store is AnySecretStoreModifiable {
NavigationLink(destination: EmptyStoreModifiableView(), tag: Constants.emptyStoreModifiableTag, selection: $activeSecret) {
Text("No Secrets")
Text("empty_store_modifiable_title")
}
} else {
NavigationLink(destination: EmptyStoreImmutableView(), tag: Constants.emptyStoreTag, selection: $activeSecret) {
Text("No Secrets")
Text("empty_store_nonmodifiable_title")
}
}
}
@ -23,7 +23,7 @@ extension EmptyStoreView {
enum Constants {
static let emptyStoreModifiableTag: AnyHashable = "emptyStoreModifiableTag"
static let emptyStoreTag: AnyHashable = "emptyStoreModifiableTag"
static let emptyStoreTag: AnyHashable = "emptyStoreTag"
}
}
@ -32,9 +32,9 @@ struct EmptyStoreImmutableView: View {
var body: some View {
VStack {
Text("No Secrets").bold()
Text("Use your Smart Card's management tool to create a secret.")
Text("Secretive supports EC256, EC384, RSA1024, and RSA2048 keys.")
Text("empty_store_nonmodifiable_title").bold()
Text("empty_store_nonmodifiable_description")
Text("empty_store_nonmodifiable_supported_key_types")
}.frame(maxWidth: .infinity, maxHeight: .infinity)
}
@ -63,8 +63,8 @@ struct EmptyStoreModifiableView: View {
path.addLine(to: CGPoint(x: g.size.width - 3, y: 0))
}.fill()
}.frame(height: (windowGeometry.size.height/2) - 20).padding()
Text("No Secrets").bold()
Text("Create a new one by clicking here.")
Text("empty_store_modifiable_click_here_title").bold()
Text("empty_store_modifiable_click_here_description")
Spacer()
}.frame(maxWidth: .infinity, maxHeight: .infinity)
}

7
Sources/Secretive/Views/NoStoresView.swift
View File

@ -4,9 +4,10 @@ struct NoStoresView: View {
var body: some View {
VStack {
Text("No Secure Storage Available").bold()
Text("Your Mac doesn't have a Secure Enclave, and there's not a compatible Smart Card inserted.")
Link("If you're looking to add one to your Mac, the YubiKey 5 Series are great.", destination: URL(string: "https://www.yubico.com/products/compare-yubikey-5-series/")!)
Text("no_secure_storage_title")
.bold()
Text("no_secure_storage_description")
Link("no_secure_storage_yubico_link", destination: URL(string: "https://www.yubico.com/products/compare-yubikey-5-series/")!)
}.padding()
}

6
Sources/Secretive/Views/RenameSecretView.swift
View File

@ -18,7 +18,7 @@ struct RenameSecretView<StoreType: SecretStoreModifiable>: View {
.padding()
VStack {
HStack {
Text("Type your new name for \"\(secret.name)\" below.")
Text("rename_title_\(secret.name)")
Spacer()
}
HStack {
@ -28,10 +28,10 @@ struct RenameSecretView<StoreType: SecretStoreModifiable>: View {
}
HStack {
Spacer()
Button("Rename", action: rename)
Button("rename_rename_button", action: rename)
.disabled(newName.count == 0)
.keyboardShortcut(.return)
Button("Cancel") {
Button("rename_cancel_button") {
dismissalBlock(false)
}.keyboardShortcut(.cancelAction)
}

8
Sources/Secretive/Views/SecretDetailView.swift
View File

@ -12,16 +12,16 @@ struct SecretDetailView<SecretType: Secret>: View {
ScrollView {
Form {
Section {
CopyableView(title: "SHA256 Fingerprint", image: Image(systemName: "touchid"), text: keyWriter.openSSHSHA256Fingerprint(secret: secret))
CopyableView(title: "secret_detail_sha256_fingerprint_label", image: Image(systemName: "touchid"), text: keyWriter.openSSHSHA256Fingerprint(secret: secret))
Spacer()
.frame(height: 20)
CopyableView(title: "MD5 Fingerprint", image: Image(systemName: "touchid"), text: keyWriter.openSSHMD5Fingerprint(secret: secret))
CopyableView(title: "secret_detail_md5_fingerprint_label", image: Image(systemName: "touchid"), text: keyWriter.openSSHMD5Fingerprint(secret: secret))
Spacer()
.frame(height: 20)
CopyableView(title: "Public Key", image: Image(systemName: "key"), text: keyString)
CopyableView(title: "secret_detail_public_key_label", image: Image(systemName: "key"), text: keyString)
Spacer()
.frame(height: 20)
CopyableView(title: "Public Key Path", image: Image(systemName: "lock.doc"), text: publicKeyFileStoreController.publicKeyPath(for: secret))
CopyableView(title: "secret_detail_public_key_path_label", image: Image(systemName: "lock.doc"), text: publicKeyFileStoreController.publicKeyPath(for: secret))
Spacer()
}
}

4
Sources/Secretive/Views/SecretListItemView.swift
View File

@ -33,10 +33,10 @@ struct SecretListItemView: View {
.contextMenu {
if store is AnySecretStoreModifiable {
Button(action: { isRenaming = true }) {
Text("Rename")
Text("secret_list_rename_button")
}
Button(action: { isDeleting = true }) {
Text("Delete")
Text("secret_list_delete_button")
}
}
}

40
Sources/Secretive/Views/SetupView.swift
View File

@ -26,7 +26,7 @@ struct SetupView: View {
}
}
}
.frame(idealWidth: 500, idealHeight: 500)
.frame(minWidth: 500, idealWidth: 500, minHeight: 500, idealHeight: 500)
}
@ -61,7 +61,7 @@ struct StepView: View {
Circle()
.foregroundColor(.green)
.frame(width: Constants.circleWidth, height: Constants.circleWidth)
Text("")
Text("setup_step_complete_symbol")
.foregroundColor(.white)
.bold()
} else {
@ -101,14 +101,14 @@ extension StepView {
struct SetupStepView<Content> : View where Content : View {
let title: String
let title: LocalizedStringKey
let image: Image
let bodyText: String
let buttonTitle: String
let bodyText: LocalizedStringKey
let buttonTitle: LocalizedStringKey
let buttonAction: () -> Void
let content: Content
init(title: String, image: Image, bodyText: String, buttonTitle: String, buttonAction: @escaping () -> Void = {}, @ViewBuilder content: () -> Content) {
init(title: LocalizedStringKey, image: Image, bodyText: LocalizedStringKey, buttonTitle: LocalizedStringKey, buttonAction: @escaping () -> Void = {}, @ViewBuilder content: () -> Content) {
self.title = title
self.image = image
self.bodyText = bodyText
@ -145,12 +145,12 @@ struct SecretAgentSetupView: View {
let buttonAction: () -> Void
var body: some View {
SetupStepView(title: "Setup Secret Agent",
SetupStepView(title: "setup_agent_title",
image: Image(nsImage: NSApplication.shared.applicationIconImage),
bodyText: "Secretive needs to set up a helper app to work properly. It will sign requests from SSH clients in the background, so you don't need to keep the main Secretive app open.",
buttonTitle: "Install",
bodyText: "setup_agent_description",
buttonTitle: "setup_agent_install_button",
buttonAction: install) {
(Text("This helper app is called ") + Text("Secret Agent").bold().underline() + Text(" and you may see it in Activity Manager from time to time."))
Text("setup_agent_activity_monitor_description")
.multilineTextAlignment(.center)
}
}
@ -170,12 +170,12 @@ struct SSHAgentSetupView: View {
@State private var selectedShellInstruction: ShellConfigInstruction = controller.shellInstructions.first!
var body: some View {
SetupStepView(title: "Configure your SSH Agent",
SetupStepView(title: "setup_ssh_title",
image: Image(systemName: "terminal"),
bodyText: "Add this line to your shell config telling SSH to talk to Secret Agent when it wants to authenticate. Secretive can either do this for you automatically, or you can copy and paste this into your config file.",
buttonTitle: "I Added it Manually",
bodyText: "setup_ssh_description",
buttonTitle: "setup_ssh_added_manually_button",
buttonAction: buttonAction) {
Link("If you're trying to set up a third party app, check out the FAQ.", destination: URL(string: "https://github.com/maxgoedjen/secretive/blob/main/APP_CONFIG.md")!)
Link("setup_third_party_faq_link", destination: URL(string: "https://github.com/maxgoedjen/secretive/blob/main/APP_CONFIG.md")!)
Picker(selection: $selectedShellInstruction, label: EmptyView()) {
ForEach(SSHAgentSetupView.controller.shellInstructions) { instruction in
Text(instruction.shell)
@ -183,8 +183,8 @@ struct SSHAgentSetupView: View {
.padding()
}
}.pickerStyle(SegmentedPickerStyle())
CopyableView(title: "Add to \(selectedShellInstruction.shellConfigPath)", image: Image(systemName: "greaterthan.square"), text: selectedShellInstruction.text)
Button("Add it For Me") {
CopyableView(title: "setup_ssh_add_to_config_button_\(selectedShellInstruction.shellConfigPath)", image: Image(systemName: "greaterthan.square"), text: selectedShellInstruction.text)
Button("setup_ssh_add_for_me_button") {
let controller = ShellConfigurationController()
if controller.addToShell(shellInstructions: selectedShellInstruction) {
buttonAction()
@ -214,12 +214,12 @@ struct UpdaterExplainerView: View {
let buttonAction: () -> Void
var body: some View {
SetupStepView(title: "Updates",
SetupStepView(title: "setup_updates_title",
image: Image(systemName: "dot.radiowaves.left.and.right"),
bodyText: "Secretive will periodically check with GitHub to see if there's a new release. If you see any network requests to GitHub, that's why.",
buttonTitle: "Okay",
bodyText: "setup_updates_description",
buttonTitle: "setup_updates_ok",
buttonAction: buttonAction) {
Link("Read more about this here.", destination: SetupView.Constants.updaterFAQURL)
Link("setup_updates_readmore", destination: SetupView.Constants.updaterFAQURL)
}
}

22
Sources/Secretive/Views/UpdateView.swift
View File

@ -9,20 +9,20 @@ struct UpdateDetailView<UpdaterType: Updater>: View {
var body: some View {
VStack {
Text("Secretive \(update.name)").font(.title)
GroupBox(label: Text("Release Notes")) {
Text("update_version_name_\(update.name)").font(.title)
GroupBox(label: Text("update_release_notes_title")) {
ScrollView {
attributedBody
}
}
HStack {
if !update.critical {
Button("Ignore") {
Button("update_ignore_button") {
updater.ignore(release: update)
}
Spacer()
}
Button("Update") {
Button("update_update_button") {
NSWorkspace.shared.open(update.html_url)
}
.keyboardShortcut(.defaultAction)
@ -34,24 +34,24 @@ struct UpdateDetailView<UpdaterType: Updater>: View {
}
var attributedBody: Text {
var text = Text("")
var text = Text(verbatim: "")
for line in update.body.split(whereSeparator: \.isNewline) {
let attributed: Text
let split = line.split(separator: " ")
let unprefixed = split.dropFirst().joined()
let unprefixed = split.dropFirst().joined(separator: " ")
if let prefix = split.first {
switch prefix {
case "#":
attributed = Text(unprefixed).font(.title) + Text("\n")
attributed = Text(unprefixed).font(.title) + Text(verbatim: "\n")
case "##":
attributed = Text(unprefixed).font(.title2) + Text("\n")
attributed = Text(unprefixed).font(.title2) + Text(verbatim: "\n")
case "###":
attributed = Text(unprefixed).font(.title3) + Text("\n")
attributed = Text(unprefixed).font(.title3) + Text(verbatim: "\n")
default:
attributed = Text(line) + Text("\n\n")
attributed = Text(line) + Text(verbatim: "\n\n")
}
} else {
attributed = Text(line) + Text("\n\n")
attributed = Text(line) + Text(verbatim: "\n\n")
}
text = text + attributed
}