forked from blinksh/blink
-
Notifications
You must be signed in to change notification settings - Fork 0
/
BKPubKey.swift
134 lines (112 loc) · 3.66 KB
/
BKPubKey.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
//////////////////////////////////////////////////////////////////////////////////
//
// B L I N K
//
// Copyright (C) 2016-2019 Blink Mobile Shell Project
//
// This file is part of Blink.
//
// Blink is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Blink is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Blink. If not, see <http://www.gnu.org/licenses/>.
//
// In addition, Blink is also subject to certain additional terms under
// GNU GPL version 3 section 7.
//
// You should have received a copy of these additional terms immediately
// following the terms and conditions of the GNU General Public License
// which accompanied the Blink Source Code. If not, see
// <http://www.github.com/blinksh/blink>.
//
////////////////////////////////////////////////////////////////////////////////
import Foundation
import SSH
public extension BKPubKey {
@objc static func saveDefaultKey() -> Bool {
do {
let key = try SSHKey(type: .rsa, bits: 4096)
try addKeychainKey(id: "id_rsa", key: key, comment: "blink")
} catch {
debugPrint(error)
return false
}
return true
}
static func addKeychainKey(id: String, key: SSHKey, comment: String) throws {
let tag = ProcessInfo().globallyUniqueString
let publicKey = try key.authorizedKey(withComment: comment)
guard
let card = BKPubKey(
id: id,
tag: tag,
publicKey: publicKey,
keyType: key.sshKeyType.shortName,
certType: nil,
storageType: BKPubKeyStorageTypeKeyChain
),
let privateKey = String(data: try key.privateKeyFileBlob(), encoding: .utf8)
else {
return
}
card.storePrivateKey(inKeychain: privateKey)
BKPubKey.addCard(card);
}
static func addSEKey(id: String, comment: String) throws {
let tag = ProcessInfo().globallyUniqueString
let key = try SEKey.create(tagged: tag)
let keyType = key.sshKeyType
let publicKey = try key.publicKey.authorizedKey(withComment: comment)
guard
let card = BKPubKey(
id: id,
tag: tag,
publicKey: publicKey,
keyType: keyType.shortName,
certType: nil,
storageType: BKPubKeyStorageTypeSecureEnclave
)
else {
return
}
BKPubKey.addCard(card);
}
static func removeCard(card: BKPubKey) {
if card.storageType == BKPubKeyStorageTypeSecureEnclave {
try? SEKey.delete(tag: card.tag)
}
card.removeCard()
}
}
extension Collection where Element == BKPubKey {
public func signerWithID(_ id: String) -> Signer? {
guard
let card = self.first(where: { $0.id == id }) //BKPubKey.withID(id)
else {
return nil
}
if card.storageType == BKPubKeyStorageTypeKeyChain {
guard
let privateKey = card.loadPrivateKey(),
let privateKeyBlob = SSHKey.sanitize(key: privateKey).data(using: .utf8)
else {
return nil
}
let certBlob = card.loadCertificate()?.data(using: .utf8)
return try? SSHKey(fromFileBlob: privateKeyBlob, withPublicFileCertBlob: certBlob)
}
if card.storageType == BKPubKeyStorageTypeSecureEnclave {
// TODO: Certs fro SEKey?
return SEKey(tagged: card.tag)
}
return nil
}
}