Fixignoring bugs

This reverts commit c306801149.

.github/FUNDING.yml

@@ -0,0 +1 @@
+github: maxgoedjen

Brief/Updater.swift

@@ -4,7 +4,8 @@ import Combine
 public protocol UpdaterProtocol: ObservableObject {
 
     var update: Release? { get }
-
+    func ignore(release: Release)
+    
 }
 
 public class Updater: ObservableObject, UpdaterProtocol {
@@ -41,26 +42,15 @@ extension Updater {
 
     func evaluate(release: Release) {
         guard !userIgnored(release: release) else { return }
-        let latestVersion = semVer(from: release.name)
-        let currentVersion = semVer(from: Bundle.main.infoDictionary!["CFBundleShortVersionString"] as! String)
-        for (latest, current) in zip(latestVersion, currentVersion) {
-            if latest > current {
-                DispatchQueue.main.async {
-                    self.update = release
-                }
-                return
+        let latestVersion = SemVer(release.name)
+        let currentVersion = SemVer(Bundle.main.infoDictionary!["CFBundleShortVersionString"] as! String)
+        if latestVersion > currentVersion {
+            DispatchQueue.main.async {
+                self.update = release
             }
         }
     }
 
-    func semVer(from stringVersion: String) -> [Int] {
-        var split = stringVersion.split(separator: ".").compactMap { Int($0) }
-        while split.count < 3 {
-            split.append(0)
-        }
-        return split
-    }
-
     func userIgnored(release: Release) -> Bool {
         guard !release.critical else { return false }
         return defaults.bool(forKey: release.name)
@@ -71,6 +61,38 @@ extension Updater {
     }
 }
 
+struct SemVer {
+
+    let versionNumbers: [Int]
+
+    init(_ version: String) {
+        // Betas have the format 1.2.3_beta1
+        let strippedBeta = version.split(separator: "_").first!
+        var split = strippedBeta.split(separator: ".").compactMap { Int($0) }
+        while split.count < 3 {
+            split.append(0)
+        }
+        versionNumbers = split
+    }
+
+}
+
+extension SemVer: Comparable {
+
+    static func < (lhs: SemVer, rhs: SemVer) -> Bool {
+        for (latest, current) in zip(lhs.versionNumbers, rhs.versionNumbers) {
+            if latest < current {
+                return true
+            } else if latest > current {
+                return false
+            }
+        }
+        return false
+    }
+
+
+}
+
 extension Updater {
 
     enum Constants {
@@ -93,11 +115,18 @@ public struct Release: Codable {
 
 }
 
+extension Release: Identifiable {
+
+    public var id: String {
+        html_url.absoluteString
+    }
+
+}
 
 extension Release {
 
     public var critical: Bool {
-        return body.contains(Constants.securityContent)
+        body.contains(Constants.securityContent)
     }
 
 }

FAQ.md

@@ -0,0 +1,37 @@
+# FAQ
+
+### How do I import my current SSH keys, or export my Secretive Keys?
+
+The secure enclave doesn't allow import or export of private keys. For any new computer, you should just create a new set of keys. If you're using a smart card, you _might_ be able to export your private key from the vendor's software.
+
+### Secretive doesn't work with my git client
+
+Secretive relies on the `SSH_AUTH_SOCK` environment variable being respected. The `git` and `ssh` command line tools natively respect this, but third party apps may require some configuration to work. A non-exhaustive list of clients is provided here:
+
+Tower - [Instructions](https://www.git-tower.com/help/mac/integration/environment)
+
+GitHub Desktop: Should just work, no configuration needed
+
+### Secretive isn't working for me
+
+Please run `ssh -Tv git@github.com` in your terminal and paste the output in a [new GitHub issue](https://github.com/maxgoedjen/secretive/issues/new) with a description of your issue.
+
+### Why should I trust you?
+
+You shouldn't, for a piece of software like this. Secretive, by design, has an auditable build process. Each build has a fully auditable build log, showing the source it was built from and a SHA of the build product. You can check the SHA of the zip you download against the SHA output in the build log (which is linked in the About window).
+
+### I want to build Secretive from source
+
+Awesome! Just bear in mind that because an app only has access to the keychain items that it created, if you have secrets that you created with the prebuilt version of Secretive, you'll be unable to access them using your own custom build (since you'll have changed the bundled ID).
+
+### I have a security issue
+
+Please contact [max.goedjen@gmail.com](mailto:max.goedjen@gmail.com) with a subject containing "SECRETIVE SECURITY" immediately with details, and I'll address the issue and credit you ASAP.
+
+### I have a non-security related bug
+
+Please file a [GitHub issue](https://github.com/maxgoedjen/secretive/issues/new) for it. I will not provide email support with the exception of the critical security issues mentioned above.
+
+### I want to contribute to Secretive
+
+Sweet! Please check out the [contributing guidelines](CONTRIBUTING.md) and go from there.

README.md

@@ -14,7 +14,7 @@ The most common setup for SSH keys is just keeping them on disk, guarded by prop
 
 ### Access Control
 
-If your Mac has a Secure Enclave, it also has support for strong biometric access controls like Touch ID. You can configure your key so that they require Touch ID (or Watch) authentication before they're accessed.
+If your Mac has a Secure Enclave, it also has support for strong access controls like Touch ID, or authentication with Apple Watch. You can configure your key so that they require Touch ID (or Watch) authentication before they're accessed.
 
 <img src="/.github/readme/touchid.png" alt="Screenshot of Secretive authenticating with Touch ID">
 
@@ -30,15 +30,11 @@ For Macs without Secure Enclaves, you can configure a Smart Card (such as a Yubi
 
 ## Getting Started
 
-### Setup for Third Party Apps
+### FAQ
 
-When you first launch Secretive, you'll be prompted to set up your command line environment. You can redisplay this prompt at any time by going to `Menu > Help -> Set Up Helper App`.
-For non-command-line based apps, like GUI Git clients, you may need to go through app-specific setup.
+There's a [FAQ here](FAQ.md).
 
-[Tower](https://www.git-tower.com/help/mac/integration/environment)
-
-
-### Security Considerations
+### Auditable Build Process
 
 Builds are produced by GitHub Actions with an auditable build and release generation process. Each build has a "Document SHAs" step, which will output SHA checksums for the build produced by the GitHub Action, so you can verify that the source code for a given build corresponds to any given release.
 
@@ -52,4 +48,4 @@ Beacuse secrets in the Secure Enclave are not exportable, they are not able to b
 
 ## Security
 
-If you discover any vulnerabilities in this project, please notify max.goedjen@gmail.com
+If you discover any vulnerabilities in this project, please notify [max.goedjen@gmail.com](mailto:max.goedjen@gmail.com) with the subject containing "SECRETIVE SECURITY."

SecretAgent/Notifier.swift

@@ -13,7 +13,7 @@ class Notifier {
         let updateAction = UNNotificationAction(identifier: Constants.updateActionIdentitifier, title: "Update", options: [])
         let ignoreAction = UNNotificationAction(identifier: Constants.ignoreActionIdentitifier, title: "Ignore", options: [])
         let updateCategory = UNNotificationCategory(identifier: Constants.updateCategoryIdentitifier, actions: [updateAction, ignoreAction], intentIdentifiers: [], options: [])
-        let criticalUpdateCategory = UNNotificationCategory(identifier: Constants.updateCategoryIdentitifier, actions: [updateAction], intentIdentifiers: [], options: [])
+        let criticalUpdateCategory = UNNotificationCategory(identifier: Constants.criticalUpdateCategoryIdentitifier, actions: [updateAction], intentIdentifiers: [], options: [])
         UNUserNotificationCenter.current().setNotificationCategories([updateCategory, criticalUpdateCategory])
         UNUserNotificationCenter.current().delegate = notificationDelegate
     }

SecretAgentKit/Agent.swift

@@ -113,8 +113,17 @@ extension Agent {
 
 
         let rawLength = rawRepresentation.count/2
-        let r = rawRepresentation[0..<rawLength]
-        let s = rawRepresentation[rawLength...]
+        // Check if we need to pad with 0x00 to prevent certain
+        // ssh servers from thinking r or s is negative
+        let paddingRange: ClosedRange<UInt8> = 0x80...0xFF
+        var r = Data(rawRepresentation[0..<rawLength])
+        if paddingRange ~= r.first! {
+            r.insert(0x00, at: 0)
+        }
+        var s = Data(rawRepresentation[rawLength...])
+        if paddingRange ~= s.first! {
+            s.insert(0x00, at: 0)
+        }
 
         var signatureChunk = Data()
         signatureChunk.append(writer.lengthAndData(of: r))

SecretAgentKitTests/AgentTests.swift

@@ -49,8 +49,15 @@ class AgentTests: XCTestCase {
         _ = inner.readNextChunk()
         let signedData = inner.readNextChunk()
         let rsData = OpenSSHReader(data: signedData)
-        let r = rsData.readNextChunk()
-        let s = rsData.readNextChunk()
+        var r = rsData.readNextChunk()
+        var s = rsData.readNextChunk()
+        // This is fine IRL, but it freaks out CryptoKit
+        if r[0] == 0 {
+            r.removeFirst()
+        }
+        if s[0] == 0 {
+            s.removeFirst()
+        }
         var rs = r
         rs.append(s)
         let signature = try! P256.Signing.ECDSASignature(rawRepresentation: rs)

Secretive.xcodeproj/project.pbxproj

@@ -10,6 +10,8 @@
 		50020BB024064869003D4025 /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50020BAF24064869003D4025 /* AppDelegate.swift */; };
 		5018F54F24064786002EB505 /* Notifier.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5018F54E24064786002EB505 /* Notifier.swift */; };
 		50524B442420969E008DBD97 /* OpenSSHWriterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50524B432420969D008DBD97 /* OpenSSHWriterTests.swift */; };
+		50571E0324393C2600F76F6C /* JustUpdatedChecker.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50571E0224393C2600F76F6C /* JustUpdatedChecker.swift */; };
+		50571E0524393D1500F76F6C /* LaunchAgentController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50571E0424393D1500F76F6C /* LaunchAgentController.swift */; };
 		50617D8323FCE48E0099B055 /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50617D8223FCE48E0099B055 /* AppDelegate.swift */; };
 		50617D8523FCE48E0099B055 /* ContentView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50617D8423FCE48E0099B055 /* ContentView.swift */; };
 		50617D8723FCE48E0099B055 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 50617D8623FCE48E0099B055 /* Assets.xcassets */; };
@@ -206,6 +208,8 @@
 		50020BAF24064869003D4025 /* AppDelegate.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = "<group>"; };
 		5018F54E24064786002EB505 /* Notifier.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Notifier.swift; sourceTree = "<group>"; };
 		50524B432420969D008DBD97 /* OpenSSHWriterTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OpenSSHWriterTests.swift; sourceTree = "<group>"; };
+		50571E0224393C2600F76F6C /* JustUpdatedChecker.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = JustUpdatedChecker.swift; sourceTree = "<group>"; };
+		50571E0424393D1500F76F6C /* LaunchAgentController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LaunchAgentController.swift; sourceTree = "<group>"; };
 		50617D7F23FCE48E0099B055 /* Secretive.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = Secretive.app; sourceTree = BUILT_PRODUCTS_DIR; };
 		50617D8223FCE48E0099B055 /* AppDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = "<group>"; };
 		50617D8423FCE48E0099B055 /* ContentView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContentView.swift; sourceTree = "<group>"; };
@@ -346,6 +350,15 @@
 /* End PBXFrameworksBuildPhase section */
 
 /* Begin PBXGroup section */
+		504BA92D243171F20064740E /* Types */ = {
+			isa = PBXGroup;
+			children = (
+				50617DCA23FCECA10099B055 /* Secret.swift */,
+				50617DC623FCE4EA0099B055 /* SecretStore.swift */,
+			);
+			path = Types;
+			sourceTree = "<group>";
+		};
 		50617D7623FCE48D0099B055 = {
 			isa = PBXGroup;
 			children = (
@@ -418,8 +431,6 @@
 			isa = PBXGroup;
 			children = (
 				50617DAA23FCE4AB0099B055 /* SecretKit.h */,
-				50617DCA23FCECA10099B055 /* Secret.swift */,
-				50617DC623FCE4EA0099B055 /* SecretStore.swift */,
 				5099A02C23FE56D70062B6F2 /* Common */,
 				50617DCC23FCECEE0099B055 /* SecureEnclave */,
 				5099A02523FE34DE0062B6F2 /* SmartCard */,
@@ -505,6 +516,8 @@
 			isa = PBXGroup;
 			children = (
 				508A58B2241ED2180069DC07 /* AgentStatusChecker.swift */,
+				50571E0224393C2600F76F6C /* JustUpdatedChecker.swift */,
+				50571E0424393D1500F76F6C /* LaunchAgentController.swift */,
 			);
 			path = Controllers;
 			sourceTree = "<group>";
@@ -522,6 +535,7 @@
 		5099A02C23FE56D70062B6F2 /* Common */ = {
 			isa = PBXGroup;
 			children = (
+				504BA92D243171F20064740E /* Types */,
 				5068389F2415EA4F00F55094 /* Erasers */,
 				506838A42415EA6800F55094 /* OpenSSH */,
 				5068389D241471CD00F55094 /* SecretStoreList.swift */,
@@ -908,10 +922,12 @@
 			files = (
 				50C385A9240B636500AF2719 /* SetupView.swift in Sources */,
 				50617D8523FCE48E0099B055 /* ContentView.swift in Sources */,
+				50571E0324393C2600F76F6C /* JustUpdatedChecker.swift in Sources */,
 				50617DD223FCEFA90099B055 /* PreviewStore.swift in Sources */,
 				508A58B3241ED2180069DC07 /* AgentStatusChecker.swift in Sources */,
 				50C385A52407A76D00AF2719 /* SecretDetailView.swift in Sources */,
 				5099A02423FD2AAA0062B6F2 /* CreateSecretView.swift in Sources */,
+				50571E0524393D1500F76F6C /* LaunchAgentController.swift in Sources */,
 				50B8550D24138C4F009958AC /* DeleteSecretView.swift in Sources */,
 				50BB046B2418AAAE00D6E079 /* EmptyStoreView.swift in Sources */,
 				50731669241E00C20023809E /* NoticeView.swift in Sources */,

Secretive/AppDelegate.swift

@@ -17,6 +17,7 @@ class AppDelegate: NSObject, NSApplicationDelegate {
     }()
     let updater = Updater()
     let agentStatusChecker = AgentStatusChecker()
+    let justUpdatedChecker = JustUpdatedChecker()
 
     func applicationDidFinishLaunching(_ aNotification: Notification) {
         let contentView = ContentView(storeList: storeList, updater: updater, agentStatusChecker: agentStatusChecker, runSetupBlock: { self.runSetup(sender: nil) })
@@ -40,6 +41,7 @@ class AppDelegate: NSObject, NSApplicationDelegate {
             newMenuItem.isEnabled = true
         }
         runSetupIfNeeded()
+        relaunchAgentIfNeeded()
     }
 
     func applicationDidBecomeActive(_ notification: Notification) {
@@ -89,6 +91,12 @@ extension AppDelegate {
         }
     }
 
+    func relaunchAgentIfNeeded() {
+        if agentStatusChecker.running && justUpdatedChecker.justUpdated {
+            LaunchAgentController().relaunch()
+        }
+    }
+
 }
 
 extension AppDelegate {

Secretive/Controllers/JustUpdatedChecker.swift

@@ -0,0 +1,36 @@
+import Foundation
+import Combine
+import AppKit
+
+protocol JustUpdatedCheckerProtocol: ObservableObject {
+    var justUpdated: Bool { get }
+}
+
+class JustUpdatedChecker: ObservableObject, JustUpdatedCheckerProtocol {
+
+    @Published var justUpdated: Bool = false
+
+    init() {
+        check()
+    }
+
+    func check() {
+        let lastBuild = UserDefaults.standard.object(forKey: Constants.previousVersionUserDefaultsKey) as? String ?? "None"
+        let currentBuild = Bundle.main.infoDictionary!["CFBundleShortVersionString"] as! String
+        UserDefaults.standard.set(currentBuild, forKey: Constants.previousVersionUserDefaultsKey)
+        if lastBuild != currentBuild {
+            justUpdated = true
+        }
+    }
+
+
+
+}
+
+extension JustUpdatedChecker {
+
+    enum Constants {
+        static let previousVersionUserDefaultsKey = "com.maxgoedjen.Secretive.lastBuild"
+    }
+
+}

Secretive/Controllers/LaunchAgentController.swift

@@ -0,0 +1,19 @@
+import Foundation
+import ServiceManagement
+
+struct LaunchAgentController {
+
+    func install() -> Bool {
+        setEnabled(true)
+    }
+
+    func relaunch() {
+        _ = setEnabled(false)
+        _ = setEnabled(true)
+    }
+
+    private func setEnabled(_ enabled: Bool) -> Bool {
+        SMLoginItemSetEnabled("com.maxgoedjen.Secretive.SecretAgent" as CFString, enabled)
+    }
+
+}

Secretive/Preview Content/PreviewUpdater.swift

@@ -16,7 +16,9 @@ class PreviewUpdater: UpdaterProtocol {
             self.update = Release(name: "10.10.10", html_url: URL(string: "https://example.com")!, body: "Critical Security Update")
         }
     }
-
+    
+    func ignore(release: Release) {
+    }
 }
 
 extension PreviewUpdater {

Secretive/Views/ContentView.swift

@@ -87,9 +87,13 @@ struct ContentView<UpdaterType: UpdaterProtocol, AgentStatusCheckerType: AgentSt
             severity = .advisory
             text = "Update Available"
         }
-        return AnyView(NoticeView(text: text, severity: severity, actionTitle: "Update") {
-            NSWorkspace.shared.open(update.html_url)
-        })
+        let action = {
+            _ = NSWorkspace.shared.open(update.html_url)
+        }
+        let ignoreAction = {
+            updater.ignore(release: update)
+        }
+        return AnyView(NoticeView(text: text, severity: severity, actionTitle: "Update", action: action, secondaryActionTitle: "Ignore", secondaryAction: ignoreAction))
     }
 
     func agentNotice() -> some View {

Secretive/Views/NoticeView.swift

@@ -7,12 +7,28 @@ struct NoticeView: View {
     let severity: Severity
     let actionTitle: String?
     let action: (() -> Void)?
+    let secondaryActionTitle: String?
+    let secondaryAction: (() -> Void)?
+
+    public init(text: String, severity: NoticeView.Severity, actionTitle: String?, action: (() -> Void)?, secondaryActionTitle: String? = nil, secondaryAction: (() -> Void)? = nil) {
+        self.text = text
+        self.severity = severity
+        self.actionTitle = actionTitle
+        self.action = action
+        self.secondaryActionTitle = secondaryActionTitle
+        self.secondaryAction = secondaryAction
+    }
 
     var body: some View {
         HStack {
             Text(text).bold()
             Spacer()
             if action != nil {
+                if secondaryAction != nil {
+                    Button(action: secondaryAction!) {
+                        Text(secondaryActionTitle!)
+                    }
+                }
                 Button(action: action!) {
                     Text(actionTitle!)
                 }

Secretive/Views/SetupView.swift

@@ -1,6 +1,5 @@
 import Foundation
 import SwiftUI
-import ServiceManagement
 
 struct SetupView: View {
     
@@ -117,7 +116,7 @@ struct SetupStepCommandView: View {
 extension SetupView {
     
     func installLaunchAgent() -> Bool {
-        SMLoginItemSetEnabled("com.maxgoedjen.Secretive.SecretAgent" as CFString, true)
+        LaunchAgentController().install()
     }
     
     func markAsDone() -> Bool {