Support ASCII-armored and iTunes uploaded SSH key

2017-04-02 11:21:24 -07:00 · 2017-04-02 11:21:24 -07:00 · 97d66a8acc
commit 97d66a8acc
parent 894a6cc54c
11 changed files with 487 additions and 113 deletions
--- a/pass/Controllers/GitSSHKeyArmorSettingTableViewController.swift
+++ b/pass/Controllers/GitSSHKeyArmorSettingTableViewController.swift
@ -0,0 +1,72 @@
+//
+//  GitSSHKeyArmorSettingTableViewController.swift
+//  pass
+//
+//  Created by Mingshen Sun on 2/4/2017.
+//  Copyright © 2017 Bob Sun. All rights reserved.
+//
+
+import UIKit
+import SwiftyUserDefaults
+
+class GitSSHKeyArmorSettingTableViewController: UITableViewController {
+    @IBOutlet weak var armorPublicKeyTextView: UITextView!
+    @IBOutlet weak var armorPrivateKeyTextView: UITextView!
+    var gitSSHPrivateKeyPassphrase: String?
+    let passwordStore = PasswordStore.shared
+    var doneBarButtonItem: UIBarButtonItem?
+    
+    override func viewDidLoad() {
+        super.viewDidLoad()
+        armorPublicKeyTextView.text = Defaults[.gitSSHPublicKeyArmor]
+        armorPrivateKeyTextView.text = Defaults[.gitSSHPrivateKeyArmor]
+        gitSSHPrivateKeyPassphrase = passwordStore.gitSSHPrivateKeyPassphrase
+        
+        doneBarButtonItem = UIBarButtonItem(title: "Done",
+                                            style: UIBarButtonItemStyle.done,
+                                            target: self,
+                                            action: #selector(doneButtonTapped(_:)))
+        navigationItem.rightBarButtonItem = doneBarButtonItem
+        navigationItem.title = "SSH Key"
+    }
+    
+    private func createSavePassphraseAlert() -> UIAlertController {
+        let savePassphraseAlert = UIAlertController(title: "Passphrase", message: "Do you want to save the passphrase for later sync?", preferredStyle: UIAlertControllerStyle.alert)
+        savePassphraseAlert.addAction(UIAlertAction(title: "No", style: UIAlertActionStyle.default) { _ in
+            Defaults[.isRememberPassphraseOn] = false
+            Defaults[.gitSSHKeySource] = "armor"
+            self.navigationController!.popViewController(animated: true)
+        })
+        savePassphraseAlert.addAction(UIAlertAction(title: "Save", style: UIAlertActionStyle.destructive) {_ in
+            Defaults[.isRememberPassphraseOn] = true
+            self.passwordStore.gitSSHPrivateKeyPassphrase = self.gitSSHPrivateKeyPassphrase
+            Defaults[.gitSSHKeySource] = "armor"
+            self.navigationController!.popViewController(animated: true)
+        })
+        return savePassphraseAlert
+    }
+    
+    func doneButtonTapped(_ sender: Any) {
+        Defaults[.gitSSHPublicKeyArmor] = armorPublicKeyTextView.text
+        Defaults[.gitSSHPrivateKeyArmor] = armorPrivateKeyTextView.text
+        do {
+            try passwordStore.initGitSSHKey(with: armorPublicKeyTextView.text, .public)
+            try passwordStore.initGitSSHKey(with: armorPrivateKeyTextView.text, .secret)
+        } catch {
+            Utils.alert(title: "Cannot Save", message: "Cannot Save SSH Key", controller: self, completion: nil)
+        }
+        let alert = UIAlertController(title: "Passphrase", message: "Please fill in the passphrase of your SSH secret key.", preferredStyle: UIAlertControllerStyle.alert)
+        alert.addAction(UIAlertAction(title: "OK", style: UIAlertActionStyle.default, handler: {_ in
+            self.gitSSHPrivateKeyPassphrase = alert.textFields?.first?.text
+            let savePassphraseAlert = self.createSavePassphraseAlert()
+            self.present(savePassphraseAlert, animated: true, completion: nil)
+        }))
+        alert.addTextField(configurationHandler: {(textField: UITextField!) in
+            textField.text = self.gitSSHPrivateKeyPassphrase
+            textField.isSecureTextEntry = true
+        })
+        self.present(alert, animated: true, completion: nil)
+    }
+    
+    
+}
--- a/pass/Controllers/GitServerSettingTableViewController.swift
+++ b/pass/Controllers/GitServerSettingTableViewController.swift
@ -8,17 +8,18 @@

 import UIKit
 import SwiftyUserDefaults
+import SVProgressHUD

 class GitServerSettingTableViewController: UITableViewController {

-    @IBOutlet weak var gitRepositoryURLTextField: UITextField!
+    @IBOutlet weak var gitURLTextField: UITextField!
    @IBOutlet weak var usernameTextField: UITextField!
    @IBOutlet weak var authSSHKeyCell: UITableViewCell!
    @IBOutlet weak var authPasswordCell: UITableViewCell!
    let passwordStore = PasswordStore.shared
    var password: String?
    
-    var authenticationMethod = Defaults[.gitRepositoryAuthenticationMethod]
+    var authenticationMethod = Defaults[.gitAuthenticationMethod]

    private func checkAuthenticationMethod(method: String) {
        let passwordCheckView = authPasswordCell.viewWithTag(1001)!
@ -38,17 +39,17 @@ class GitServerSettingTableViewController: UITableViewController {
    }
    override func viewDidLoad() {
        super.viewDidLoad()
-        if let url = Defaults[.gitRepositoryURL] {
-            gitRepositoryURLTextField.text = url.absoluteString
+        if let url = Defaults[.gitURL] {
+            gitURLTextField.text = url.absoluteString
        }
-        usernameTextField.text = Defaults[.gitRepositoryUsername]
-        password = passwordStore.gitRepositoryPassword
-        authenticationMethod = Defaults[.gitRepositoryAuthenticationMethod]
+        usernameTextField.text = Defaults[.gitUsername]
+        password = passwordStore.gitPassword
+        authenticationMethod = Defaults[.gitAuthenticationMethod]

        // Grey out ssh option if ssh_key and ssh_key.pub are not present
        let sshLabel = authSSHKeyCell.subviews[0].subviews[0] as! UILabel

-        sshLabel.isEnabled = sshKeyExists()
+        sshLabel.isEnabled = gitSSHKeyExists()

        if authenticationMethod == nil || !sshLabel.isEnabled {
            authenticationMethod = "Password"
@ -61,7 +62,7 @@ class GitServerSettingTableViewController: UITableViewController {
    override func tableView(_ tableView: UITableView, accessoryButtonTappedForRowWith indexPath: IndexPath) {
        let cell = tableView.cellForRow(at: indexPath)
        if cell == authSSHKeyCell {
-            performSegue(withIdentifier: "showSSHKeySettingSegue", sender: self)
+            showSSHKeyActionSheet()
        }
    }
    
@ -77,7 +78,7 @@ class GitServerSettingTableViewController: UITableViewController {
    
    override func shouldPerformSegue(withIdentifier identifier: String, sender: Any?) -> Bool {
        if identifier == "saveGitServerSettingSegue" {
-            guard let _ = URL(string: gitRepositoryURLTextField.text!) else {
+            guard let _ = URL(string: gitURLTextField.text!) else {
                Utils.alert(title: "Cannot Save", message: "Git Server is not set.", controller: self, completion: nil)
                return false
            }
@ -89,18 +90,13 @@ class GitServerSettingTableViewController: UITableViewController {
        return true
    }

-    func sshKeyExists() -> Bool {
-        return FileManager.default.fileExists(atPath: Globals.sshPublicKeyURL.path) &&
-            FileManager.default.fileExists(atPath: Globals.sshPrivateKeyURL.path)
-    }
-
    override func tableView(_ tableView: UITableView, didSelectRowAt indexPath: IndexPath) {
        let cell = tableView.cellForRow(at: indexPath)
        if cell == authPasswordCell {
            authenticationMethod = "Password"
        } else if cell == authSSHKeyCell {

-            if !sshKeyExists() {
+            if !gitSSHKeyExists() {
                Utils.alert(title: "Cannot Select SSH Key", message: "Please setup SSH key first.", controller: self, completion: nil)
                authenticationMethod = "Password"
            } else {
@ -131,4 +127,74 @@ class GitServerSettingTableViewController: UITableViewController {
            }
        }
    }
+    
+    private func gitSSHKeyExists() -> Bool {
+        return FileManager.default.fileExists(atPath: Globals.gitSSHPublicKeyPath) &&
+            FileManager.default.fileExists(atPath: Globals.gitSSHPrivateKeyPath)
+    }
+    
+    func showSSHKeyActionSheet() {
+        let optionMenu = UIAlertController(title: nil, message: nil, preferredStyle: .actionSheet)
+        var urlActionTitle = "Download from URL"
+        var armorActionTitle = "ASCII-Armor Encrypted Key"
+        var fileActionTitle = "Use Uploaded Keys"
+        
+        if Defaults[.gitSSHKeySource] == "url" {
+            urlActionTitle = "✓ \(urlActionTitle)"
+        } else if Defaults[.gitSSHKeySource] == "armor" {
+            armorActionTitle = "✓ \(armorActionTitle)"
+        } else if Defaults[.gitSSHKeySource] == "file" {
+            fileActionTitle = "✓ \(fileActionTitle)"
+        }
+        let urlAction = UIAlertAction(title: urlActionTitle, style: .default) { _ in
+            self.performSegue(withIdentifier: "setGitSSHKeyByURLSegue", sender: self)
+        }
+        let armorAction = UIAlertAction(title: armorActionTitle, style: .default) { _ in
+            self.performSegue(withIdentifier: "setGitSSHKeyByArmorSegue", sender: self)
+        }
+        let cancelAction = UIAlertAction(title: "Cancel", style: .cancel, handler: nil)
+        optionMenu.addAction(urlAction)
+        optionMenu.addAction(armorAction)
+        
+        if (gitSSHKeyExists()) {
+            let fileAction = UIAlertAction(title: fileActionTitle, style: .default) { _ in
+                let alert = UIAlertController(
+                    title: "SSH Key Passphrase",
+                    message: "Please fill in the passphrase for your Git Repository SSH key.",
+                    preferredStyle: UIAlertControllerStyle.alert
+                )
+                
+                alert.addAction(
+                    UIAlertAction(
+                        title: "OK",
+                        style: UIAlertActionStyle.default,
+                        handler: {_ in
+                            self.passwordStore.gitSSHPrivateKeyPassphrase = alert.textFields!.first!.text!
+                    }
+                    )
+                )
+                
+                alert.addTextField(
+                    configurationHandler: {(textField: UITextField!) in
+                        textField.text = self.passwordStore.gitSSHPrivateKeyPassphrase
+                        textField.isSecureTextEntry = true
+                }
+                )
+            }
+            Defaults[.gitSSHKeySource] = "file"
+            optionMenu.addAction(fileAction)
+        }
+        
+        if Defaults[.gitSSHKeySource] != nil {
+            let deleteAction = UIAlertAction(title: "Remove Git SSH Keys", style: .destructive) { _ in
+                Utils.removeGitSSHKeys()
+                Defaults[.gitSSHKeySource] = nil
+            }
+            optionMenu.addAction(deleteAction)
+        }
+        optionMenu.addAction(cancelAction)
+        optionMenu.popoverPresentationController?.sourceView = authSSHKeyCell
+        optionMenu.popoverPresentationController?.sourceRect = authSSHKeyCell.bounds
+        self.present(optionMenu, animated: true, completion: nil)
+    }
 }
--- a/pass/Controllers/PasswordsViewController.swift
+++ b/pass/Controllers/PasswordsViewController.swift
@ -143,7 +143,7 @@ class PasswordsViewController: UIViewController, UITableViewDataSource, UITableV
                }
                DispatchQueue.main.async {
                    self.reloadTableView(parent: nil)
-                    Defaults[.gitRepositoryPasswordAttempts] = 0
+                    Defaults[.gitPasswordAttempts] = 0
                    SVProgressHUD.showSuccess(withStatus: "Done")
                    SVProgressHUD.dismiss(withDelay: 1)
                }
--- a/pass/Controllers/SSHKeySettingTableViewController.swift
+++ b/pass/Controllers/SSHKeySettingTableViewController.swift
@ -12,15 +12,14 @@ import SVProgressHUD

 class SSHKeySettingTableViewController: UITableViewController {

-    @IBOutlet weak var passphraseTextField: UITextField!
    @IBOutlet weak var privateKeyURLTextField: UITextField!
    @IBOutlet weak var publicKeyURLTextField: UITextField!
+    let passwordStore = PasswordStore.shared
    
    override func viewDidLoad() {
        super.viewDidLoad()
-        passphraseTextField.text = Utils.getPasswordFromKeychain(name: "gitRepositorySSHPrivateKeyPassphrase") ?? ""
-        privateKeyURLTextField.text = Defaults[.gitRepositorySSHPrivateKeyURL]?.absoluteString
-        publicKeyURLTextField.text = Defaults[.gitRepositorySSHPublicKeyURL]?.absoluteString
+        privateKeyURLTextField.text = Defaults[.gitSSHPrivateKeyURL]?.absoluteString
+        publicKeyURLTextField.text = Defaults[.gitSSHPublicKeyURL]?.absoluteString
        var doneBarButtonItem: UIBarButtonItem?

        doneBarButtonItem = UIBarButtonItem(title: "Done",
@ -41,18 +40,42 @@ class SSHKeySettingTableViewController: UITableViewController {
            return
        }
        
-        Defaults[.gitRepositorySSHPublicKeyURL] = publicKeyURL
-        Defaults[.gitRepositorySSHPrivateKeyURL] = privateKeyURL
-        Utils.addPasswordToKeychain(name: "gitRepositorySSHPrivateKeyPassphrase", password: passphraseTextField.text!)
+        Defaults[.gitSSHPublicKeyURL] = publicKeyURL
+        Defaults[.gitSSHPrivateKeyURL] = privateKeyURL
        
        do {
-            try Data(contentsOf: publicKeyURL).write(to: Globals.sshPublicKeyURL, options: .atomic)
-            try Data(contentsOf: privateKeyURL).write(to: Globals.sshPrivateKeyURL, options: .atomic)
+            try Data(contentsOf: publicKeyURL).write(to: URL(fileURLWithPath: Globals.gitSSHPublicKeyPath), options: .atomic)
+            try Data(contentsOf: privateKeyURL).write(to: URL(fileURLWithPath: Globals.gitSSHPrivateKeyPath), options: .atomic)
        } catch {
            Utils.alert(title: "Error", message: error.localizedDescription, controller: self, completion: nil)
        }
-
-        navigationController!.popViewController(animated: true)
+        Defaults[.gitSSHKeySource] = "url"
+        let alert = UIAlertController(
+            title: "PGP Passphrase",
+            message: "Please fill in the passphrase for your Git Repository SSH key.",
+            preferredStyle: UIAlertControllerStyle.alert
+        )
+        
+        alert.addAction(
+            UIAlertAction(
+                title: "OK",
+                style: UIAlertActionStyle.default,
+                handler: {_ in
+                    Utils.addPasswordToKeychain(
+                        name: "gitSSHPrivateKeyPassphrase",
+                        password: alert.textFields!.first!.text!
+                    )
+                    self.navigationController!.popViewController(animated: true)
+            }
+            )
+        )
+        
+        alert.addTextField(
+            configurationHandler: {(textField: UITextField!) in
+                textField.text = self.passwordStore.gitSSHPrivateKeyPassphrase
+                textField.isSecureTextEntry = true
+        })
+        self.present(alert, animated: true, completion: nil)
    }

 }
--- a/pass/Controllers/SettingsTableViewController.swift
+++ b/pass/Controllers/SettingsTableViewController.swift
@ -95,16 +95,16 @@ class SettingsTableViewController: UITableViewController {
    
    @IBAction func saveGitServerSetting(segue: UIStoryboardSegue) {
        if let controller = segue.source as? GitServerSettingTableViewController {
-            let gitRepostiroyURL = controller.gitRepositoryURLTextField.text!
+            let gitRepostiroyURL = controller.gitURLTextField.text!
            let username = controller.usernameTextField.text!
            let password = controller.password
            let auth = controller.authenticationMethod
            
-            if Defaults[.gitRepositoryURL] == nil ||
-                Defaults[.gitRepositoryURL]!.absoluteString != gitRepostiroyURL ||
-                auth != Defaults[.gitRepositoryAuthenticationMethod] ||
-                username != Defaults[.gitRepositoryUsername] ||
-                password != self.passwordStore.gitRepositoryPassword ||
+            if Defaults[.gitURL] == nil ||
+                Defaults[.gitURL]!.absoluteString != gitRepostiroyURL ||
+                auth != Defaults[.gitAuthenticationMethod] ||
+                username != Defaults[.gitUsername] ||
+                password != self.passwordStore.gitPassword ||
                self.passwordStore.repositoryExisted() == false {
                
                SVProgressHUD.setDefaultMaskType(.black)
@ -117,9 +117,9 @@ class SettingsTableViewController: UITableViewController {
                    gitCredential = GitCredential(
                        credential: GitCredential.Credential.ssh(
                            userName: username,
-                            password: Utils.getPasswordFromKeychain(name: "gitRepositorySSHPrivateKeyPassphrase") ?? "",
-                            publicKeyFile: Globals.sshPublicKeyURL,
-                            privateKeyFile: Globals.sshPrivateKeyURL,
+                            password: Utils.getPasswordFromKeychain(name: "gitSSHPrivateKeyPassphrase") ?? "",
+                            publicKeyFile: Globals.gitSSHPublicKeyURL,
+                            privateKeyFile: Globals.gitSSHPrivateKeyURL,
                            passwordNotSetCallback: self.requestSshKeyPassword
                        )
                    )
@ -140,11 +140,11 @@ class SettingsTableViewController: UITableViewController {
                                                                    }
                        })
                        DispatchQueue.main.async {
-                            Defaults[.gitRepositoryURL] = URL(string: gitRepostiroyURL)
-                            Defaults[.gitRepositoryUsername] = username
-                            Defaults[.gitRepositoryAuthenticationMethod] = auth
-                            Defaults[.gitRepositoryPasswordAttempts] = 0
-                            self.passwordRepositoryTableViewCell.detailTextLabel?.text = Defaults[.gitRepositoryURL]?.host
+                            Defaults[.gitURL] = URL(string: gitRepostiroyURL)
+                            Defaults[.gitUsername] = username
+                            Defaults[.gitAuthenticationMethod] = auth
+                            Defaults[.gitPasswordAttempts] = 0
+                            self.passwordRepositoryTableViewCell.detailTextLabel?.text = Defaults[.gitURL]?.host
                            SVProgressHUD.showSuccess(withStatus: "Done")
                            SVProgressHUD.dismiss(withDelay: 1)
                        }
@ -162,7 +162,7 @@ class SettingsTableViewController: UITableViewController {
    override func viewDidLoad() {
        super.viewDidLoad()
        NotificationCenter.default.addObserver(self, selector: #selector(SettingsTableViewController.actOnPasswordStoreErasedNotification), name: .passwordStoreErased, object: nil)
-        self.passwordRepositoryTableViewCell.detailTextLabel?.text = Defaults[.gitRepositoryURL]?.host
+        self.passwordRepositoryTableViewCell.detailTextLabel?.text = Defaults[.gitURL]?.host
        touchIDTableViewCell.accessoryView = touchIDSwitch
        setPGPKeyTableViewCellDetailText()
        setPasswordRepositoryTableViewCellDetailText()
@ -189,10 +189,10 @@ class SettingsTableViewController: UITableViewController {
    }
    
    private func setPasswordRepositoryTableViewCellDetailText() {
-        if Defaults[.gitRepositoryURL] == nil {
+        if Defaults[.gitURL] == nil {
            passwordRepositoryTableViewCell.detailTextLabel?.text = "Not Set"
        } else {
-            passwordRepositoryTableViewCell.detailTextLabel?.text = Defaults[.gitRepositoryURL]!.host
+            passwordRepositoryTableViewCell.detailTextLabel?.text = Defaults[.gitURL]!.host
        }
    }
    
@ -218,7 +218,7 @@ class SettingsTableViewController: UITableViewController {
            }))

            alert.addTextField(configurationHandler: {(textField: UITextField!) in
-                textField.text = self.passwordStore.gitRepositoryPassword
+                textField.text = self.passwordStore.gitPassword
                textField.isSecureTextEntry = true
            })