use keychain to store pgp passphrase and git password
This commit is contained in:
Bob Sun
parent
ceb52a5b33
commit
90709675a3
10 changed files with 86 additions and 19 deletions
|
|
@ -13,10 +13,8 @@ class GitServerSettingTableViewController: UITableViewController {
|
|||
|
||||
@IBOutlet weak var gitRepositoryURLTextField: UITextField!
|
||||
@IBOutlet weak var usernameTextField: UITextField!
|
||||
// @IBOutlet weak var passwordTextField: UITextField!
|
||||
@IBOutlet weak var authenticationTableViewCell: UITableViewCell!
|
||||
|
||||
// var password: String?
|
||||
var password: String?
|
||||
|
||||
var authenticationMethod = Defaults[.gitRepositoryAuthenticationMethod]
|
||||
|
||||
|
|
@ -27,8 +25,8 @@ class GitServerSettingTableViewController: UITableViewController {
|
|||
gitRepositoryURLTextField.text = url.absoluteString
|
||||
}
|
||||
usernameTextField.text = Defaults[.gitRepositoryUsername]
|
||||
// passwordTextField.text = Defaults[.gitRepositoryPassword]
|
||||
authenticationTableViewCell.detailTextLabel?.text = authenticationMethod
|
||||
password = PasswordStore.shared.gitRepositoryPassword
|
||||
}
|
||||
|
||||
override func viewDidAppear(_ animated: Bool) {
|
||||
|
|
@ -74,13 +72,13 @@ class GitServerSettingTableViewController: UITableViewController {
|
|||
if authenticationMethod == "Password" {
|
||||
let alert = UIAlertController(title: "Password", message: "Please fill in the password of your Git account.", preferredStyle: UIAlertControllerStyle.alert)
|
||||
alert.addAction(UIAlertAction(title: "OK", style: UIAlertActionStyle.default, handler: {_ in
|
||||
Defaults[.gitRepositoryPassword] = alert.textFields?.first?.text
|
||||
self.password = alert.textFields!.first!.text
|
||||
if self.shouldPerformSegue(withIdentifier: "saveGitServerSettingSegue", sender: self) {
|
||||
self.performSegue(withIdentifier: "saveGitServerSettingSegue", sender: self)
|
||||
}
|
||||
}))
|
||||
alert.addTextField(configurationHandler: {(textField: UITextField!) in
|
||||
textField.text = Defaults[.gitRepositoryPassword]
|
||||
textField.text = self.password
|
||||
textField.isSecureTextEntry = true
|
||||
})
|
||||
self.present(alert, animated: true, completion: nil)
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class PGPKeyArmorSettingTableViewController: UITableViewController {
|
|||
super.viewDidLoad()
|
||||
armorPublicKeyTextView.text = Defaults[.pgpPublicKeyArmor]
|
||||
armorPrivateKeyTextView.text = Defaults[.pgpPrivateKeyArmor]
|
||||
pgpPassphrase = Defaults[.pgpKeyPassphrase]
|
||||
pgpPassphrase = PasswordStore.shared.pgpKeyPassphrase
|
||||
}
|
||||
|
||||
@IBAction func save(_ sender: Any) {
|
||||
|
|
|
|||
|
|
@ -17,9 +17,10 @@ class PGPKeySettingTableViewController: UITableViewController {
|
|||
|
||||
override func viewDidLoad() {
|
||||
super.viewDidLoad()
|
||||
tableView.rowHeight = UITableViewAutomaticDimension
|
||||
pgpPublicKeyURLTextField.text = Defaults[.pgpPublicKeyURL]?.absoluteString
|
||||
pgpPrivateKeyURLTextField.text = Defaults[.pgpPrivateKeyURL]?.absoluteString
|
||||
pgpPassphrase = Defaults[.pgpKeyPassphrase]
|
||||
pgpPassphrase = PasswordStore.shared.pgpKeyPassphrase
|
||||
}
|
||||
|
||||
override func shouldPerformSegue(withIdentifier identifier: String, sender: Any?) -> Bool {
|
||||
|
|
|
|||
|
|
@ -43,14 +43,14 @@ class PasswordRepositorySettingsTableViewController: BasicStaticTableViewControl
|
|||
if let controller = segue.source as? GitServerSettingTableViewController {
|
||||
let gitRepostiroyURL = controller.gitRepositoryURLTextField.text!
|
||||
let username = controller.usernameTextField.text!
|
||||
let password = Defaults[.gitRepositoryPassword]
|
||||
let password = controller.password
|
||||
let auth = controller.authenticationMethod
|
||||
|
||||
if Defaults[.gitRepositoryURL] == nil ||
|
||||
Defaults[.gitRepositoryURL]!.absoluteString != gitRepostiroyURL ||
|
||||
auth != Defaults[.gitRepositoryAuthenticationMethod] ||
|
||||
username != Defaults[.gitRepositoryUsername] ||
|
||||
password != Defaults[.gitRepositoryPassword] {
|
||||
password != PasswordStore.shared.gitRepositoryPassword {
|
||||
|
||||
SVProgressHUD.setDefaultMaskType(.black)
|
||||
SVProgressHUD.setDefaultStyle(.light)
|
||||
|
|
@ -82,7 +82,7 @@ class PasswordRepositorySettingsTableViewController: BasicStaticTableViewControl
|
|||
NotificationCenter.default.post(Notification(name: Notification.Name("passwordUpdated")))
|
||||
Defaults[.gitRepositoryURL] = URL(string: gitRepostiroyURL)
|
||||
Defaults[.gitRepositoryUsername] = username
|
||||
Defaults[.gitRepositoryPassword] = password
|
||||
PasswordStore.shared.gitRepositoryPassword = password
|
||||
Defaults[.gitRepositoryAuthenticationMethod] = auth
|
||||
Defaults[.gitRepositoryPasswordAttempts] = 0
|
||||
SVProgressHUD.showSuccess(withStatus: "Done")
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ class SettingsTableViewController: UITableViewController {
|
|||
if let controller = segue.source as? PGPKeySettingTableViewController {
|
||||
Defaults[.pgpPrivateKeyURL] = URL(string: controller.pgpPrivateKeyURLTextField.text!)
|
||||
Defaults[.pgpPublicKeyURL] = URL(string: controller.pgpPublicKeyURLTextField.text!)
|
||||
Defaults[.pgpKeyPassphrase] = controller.pgpPassphrase
|
||||
PasswordStore.shared.pgpKeyPassphrase = controller.pgpPassphrase
|
||||
Defaults[.pgpKeySource] = "url"
|
||||
|
||||
SVProgressHUD.setDefaultMaskType(.black)
|
||||
|
|
@ -57,7 +57,9 @@ class SettingsTableViewController: UITableViewController {
|
|||
|
||||
} else if let controller = segue.source as? PGPKeyArmorSettingTableViewController {
|
||||
Defaults[.pgpKeySource] = "armor"
|
||||
Defaults[.pgpKeyPassphrase] = controller.pgpPassphrase
|
||||
PasswordStore.shared.pgpKeyPassphrase = controller.pgpPassphrase
|
||||
Utils.addPasswrodToKeychain(name: "pgpKeyPassphrase", password: controller.pgpPassphrase!)
|
||||
|
||||
Defaults[.pgpPublicKeyArmor] = controller.armorPublicKeyTextView.text!
|
||||
Defaults[.pgpPrivateKeyArmor] = controller.armorPrivateKeyTextView.text!
|
||||
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@
|
|||
|
||||
import Foundation
|
||||
import SwiftyUserDefaults
|
||||
import KeychainAccess
|
||||
import UIKit
|
||||
|
||||
class Utils {
|
||||
|
|
@ -70,6 +71,37 @@ class Utils {
|
|||
Defaults.remove(.pgpPublicKeyURL)
|
||||
Defaults.remove(.pgpKeyID)
|
||||
}
|
||||
|
||||
static func getPasswordFromKeychain(name: String) -> String? {
|
||||
let keychain = Keychain(service: "me.mssun.passforios")
|
||||
do {
|
||||
return try keychain.getString(name)
|
||||
} catch {
|
||||
print(error)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
static func addPasswrodToKeychain(name: String, password: String) {
|
||||
let keychain = Keychain(service: "me.mssun.passforios")
|
||||
keychain[name] = password
|
||||
}
|
||||
static func removeKeychain(name: String) {
|
||||
let keychain = Keychain(service: "me.mssun.passforios")
|
||||
do {
|
||||
try keychain.remove(name)
|
||||
} catch {
|
||||
print(error)
|
||||
}
|
||||
}
|
||||
static func removeAllKeychain() {
|
||||
let keychain = Keychain(service: "me.mssun.passforios")
|
||||
do {
|
||||
try keychain.removeAll()
|
||||
} catch {
|
||||
print(error)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// https://gist.github.com/NikolaiRuhe/eeb135d20c84a7097516
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ extension PasswordEntity {
|
|||
var password: Password?
|
||||
let encryptedDataPath = URL(fileURLWithPath: "\(Globals.repositoryPath)/\(rawPath!)")
|
||||
let encryptedData = try Data(contentsOf: encryptedDataPath)
|
||||
let decryptedData = try PasswordStore.shared.pgp.decryptData(encryptedData, passphrase: Defaults[.pgpKeyPassphrase])
|
||||
let decryptedData = try PasswordStore.shared.pgp.decryptData(encryptedData, passphrase: PasswordStore.shared.pgpKeyPassphrase!)
|
||||
let plainText = String(data: decryptedData, encoding: .ascii) ?? ""
|
||||
password = Password(name: name!, plainText: plainText)
|
||||
return password
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ struct GitCredential {
|
|||
let alert = UIAlertController(title: "Password", message: "Please fill in the password of your Git account.", preferredStyle: UIAlertControllerStyle.alert)
|
||||
alert.addAction(UIAlertAction(title: "OK", style: UIAlertActionStyle.default, handler: {_ in
|
||||
newPassword = alert.textFields!.first!.text!
|
||||
Defaults[.gitRepositoryPassword] = newPassword
|
||||
PasswordStore.shared.gitRepositoryPassword = newPassword
|
||||
sem.signal()
|
||||
}))
|
||||
if Defaults[.gitRepositoryPasswordAttempts] == 3 {
|
||||
|
|
@ -51,7 +51,7 @@ struct GitCredential {
|
|||
})
|
||||
}
|
||||
alert.addTextField(configurationHandler: {(textField: UITextField!) in
|
||||
textField.text = Defaults[.gitRepositoryPassword]
|
||||
textField.text = PasswordStore.shared.gitRepositoryPassword
|
||||
textField.isSecureTextEntry = true
|
||||
})
|
||||
topController.present(alert, animated: true, completion: nil)
|
||||
|
|
@ -83,6 +83,25 @@ class PasswordStore {
|
|||
|
||||
let pgp: ObjectivePGP = ObjectivePGP()
|
||||
|
||||
var pgpKeyPassphrase: String? {
|
||||
didSet {
|
||||
if pgpKeyPassphrase != nil {
|
||||
Utils.addPasswrodToKeychain(name: "pgpKeyPassphrase", password: pgpKeyPassphrase!)
|
||||
} else {
|
||||
Utils.removeKeychain(name: "pgpKeyPassphrase")
|
||||
}
|
||||
}
|
||||
}
|
||||
var gitRepositoryPassword: String? {
|
||||
didSet {
|
||||
if gitRepositoryPassword != nil {
|
||||
Utils.addPasswrodToKeychain(name: "gitRepositoryPassword", password: gitRepositoryPassword!)
|
||||
} else {
|
||||
Utils.removeKeychain(name: "gitRepositoryPassword")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
let context = (UIApplication.shared.delegate as! AppDelegate).persistentContainer.viewContext
|
||||
|
||||
|
||||
|
|
@ -100,14 +119,17 @@ class PasswordStore {
|
|||
|
||||
}
|
||||
if Defaults[.gitRepositoryAuthenticationMethod] == "Password" {
|
||||
gitCredential = GitCredential(credential: GitCredential.Credential.http(userName: Defaults[.gitRepositoryUsername]!, password: Defaults[.gitRepositoryPassword]!))
|
||||
gitCredential = GitCredential(credential: GitCredential.Credential.http(userName: Defaults[.gitRepositoryUsername]!, password: PasswordStore.shared.gitRepositoryPassword!))
|
||||
} else if Defaults[.gitRepositoryAuthenticationMethod] == "SSH Key"{
|
||||
gitCredential = GitCredential(credential: GitCredential.Credential.ssh(userName: Defaults[.gitRepositoryUsername]!, password: Defaults[.gitRepositorySSHPrivateKeyPassphrase]!, publicKeyFile: Globals.sshPublicKeyURL, privateKeyFile: Globals.sshPrivateKeyURL))
|
||||
} else {
|
||||
gitCredential = nil
|
||||
}
|
||||
pgpKeyPassphrase = Utils.getPasswordFromKeychain(name: "pgpKeyPassphrase")
|
||||
gitRepositoryPassword = Utils.getPasswordFromKeychain(name: "gitRepositoryPassword")
|
||||
|
||||
}
|
||||
|
||||
func initPGP(pgpPublicKeyLocalPath: String, pgpPrivateKeyLocalPath: String) throws {
|
||||
pgp.importKeys(fromFile: pgpPublicKeyLocalPath, allowDuplicates: false)
|
||||
if pgp.getKeysOf(.public).count == 0 {
|
||||
|
|
@ -442,6 +464,10 @@ class PasswordStore {
|
|||
Utils.removeFileIfExists(at: Globals.sshPrivateKeyURL)
|
||||
Utils.removeFileIfExists(at: Globals.sshPublicKeyURL)
|
||||
|
||||
Utils.removeAllKeychain()
|
||||
pgpKeyPassphrase = nil
|
||||
gitRepositoryPassword = nil
|
||||
|
||||
deleteCoreData(entityName: "PasswordEntity")
|
||||
deleteCoreData(entityName: "PasswordCategoryEntity")
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue