Fix local generation by ensuring generation happens only after local store reload (#351 )

Specify immediate delivery (#350 )
Switch key reps to an md5 based name (#349 )
2025-07-01 09:43:37 +00:00 · 2022-02-17 07:05:24 +00:00 · 2022-02-17 06:50:48 +00:00 · 2022-02-17 06:15:47 +00:00 · 2022-02-12 06:34:24 +00:00
5 changed files with 15 additions and 9 deletions
--- a/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift
+++ b/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift
@ -6,6 +6,7 @@ public class PublicKeyFileStoreController {
    private let logger = Logger()
    private let directory: String
    private let keyWriter = OpenSSHKeyWriter()
    /// Initializes a PublicKeyFileStoreController.
    public init(homeDirectory: String) {
@ -21,7 +22,6 @@ public class PublicKeyFileStoreController {
            try? FileManager.default.removeItem(at: URL(fileURLWithPath: directory))
        }
        try? FileManager.default.createDirectory(at: URL(fileURLWithPath: directory), withIntermediateDirectories: false, attributes: nil)
        let keyWriter = OpenSSHKeyWriter()
        for secret in secrets {
            let path = path(for: secret)
            guard let data = keyWriter.openSSHString(secret: secret).data(using: .utf8) else { continue }
@ -35,7 +35,8 @@ public class PublicKeyFileStoreController {
    /// - Returns: The path to the Secret's public key.
    /// - Warning: This method returning a path does not imply that a key has been written to disk already. This method only describes where it will be written to.
    public func path<SecretType: Secret>(for secret: SecretType) -> String {
-        directory.appending("/").appending("\(secret.name.replacingOccurrences(of: " ", with: "-")).pub")
+        let minimalHex = keyWriter.openSSHMD5Fingerprint(secret: secret).replacingOccurrences(of: ":", with: "")
        return directory.appending("/").appending("\(minimalHex).pub")
    }
 }
--- a/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift
+++ b/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift
@ -56,6 +56,9 @@ public protocol SecretStoreModifiable: SecretStore {
 extension NSNotification.Name {
    // Distributed notification that keys were modified out of process (ie, that the management tool added/removed secrets)
    public static let secretStoreUpdated = NSNotification.Name("com.maxgoedjen.Secretive.secretStore.updated")
    // Internal notification that keys were reloaded from the backing store.
    public static let secretStoreReloaded = NSNotification.Name("com.maxgoedjen.Secretive.secretStore.reloaded")
 }
--- a/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
+++ b/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
@ -24,7 +24,7 @@ extension SecureEnclave {
        /// Initializes a Store.
        public init() {
            DistributedNotificationCenter.default().addObserver(forName: .secretStoreUpdated, object: nil, queue: .main) { _ in
-                self.reloadSecrets(notify: false)
+                self.reloadSecrets(notifyAgent: false)
            }
            loadSecrets()
        }
@ -171,12 +171,13 @@ extension SecureEnclave {
 extension SecureEnclave.Store {
    /// Reloads all secrets from the store.
-    /// - Parameter notify: A boolean indicating whether a distributed notification should be posted, notifying other processes (ie, the SecretAgent) to reload their stores as well.
+    /// - Parameter notifyAgent: A boolean indicating whether a distributed notification should be posted, notifying other processes (ie, the SecretAgent) to reload their stores as well.
-    private func reloadSecrets(notify: Bool = true) {
+    private func reloadSecrets(notifyAgent: Bool = true) {
        secrets.removeAll()
        loadSecrets()
-        if notify {
+        NotificationCenter.default.post(name: .secretStoreReloaded, object: self)
-            DistributedNotificationCenter.default().post(name: .secretStoreUpdated, object: nil)
+        if notifyAgent {
            DistributedNotificationCenter.default().postNotificationName(.secretStoreUpdated, object: nil, deliverImmediately: true)
        }
    }
--- a/Sources/SecretAgent/AppDelegate.swift
+++ b/Sources/SecretAgent/AppDelegate.swift
@ -33,7 +33,7 @@ class AppDelegate: NSObject, NSApplicationDelegate {
        DispatchQueue.main.async {
            self.socketController.handler = self.agent.handle(reader:writer:)
        }
-        DistributedNotificationCenter.default().addObserver(forName: .secretStoreUpdated, object: nil, queue: .main) { [self] _ in
+        NotificationCenter.default.addObserver(forName: .secretStoreReloaded, object: nil, queue: .main) { [self] _ in
            try? publicKeyFileStoreController.generatePublicKeys(for: storeList.stores.flatMap({ $0.secrets }), clear: true)
        }
        try? publicKeyFileStoreController.generatePublicKeys(for: storeList.stores.flatMap({ $0.secrets }), clear: true)
--- a/Sources/SecretAgent/Notifier.swift
+++ b/Sources/SecretAgent/Notifier.swift
@ -18,7 +18,8 @@ class Notifier {
        let rawDurations = [
            Measurement(value: 1, unit: UnitDuration.minutes),
            Measurement(value: 5, unit: UnitDuration.minutes),
-            Measurement(value: 1, unit: UnitDuration.hours)
+            Measurement(value: 1, unit: UnitDuration.hours),
            Measurement(value: 24, unit: UnitDuration.hours)
        ]
        let doNotPersistAction = UNNotificationAction(identifier: Constants.doNotPersistActionIdentitifier, title: "Do Not Unlock", options: [])
Author	SHA1	Message	Date
Max Goedjen	067f1526b0	Fix local generation by ensuring generation happens only after local store reload (#351 )	2022-02-17 07:05:24 +00:00
Max Goedjen	f43dea0d0d	Specify immediate delivery (#350 )	2022-02-17 06:50:48 +00:00
Max Goedjen	db8833fa25	Switch key reps to an md5 based name (#349 )	2022-02-17 06:15:47 +00:00
Max Goedjen	1409e9ac31	Revert "Remove 24h unlock duration (#342 )" (#346 ) This reverts commit `19f9494492`.	2022-02-12 06:34:24 +00:00