Encryption support for multi keys

2020-04-13 10:25:01 -07:00 · 2020-04-13 10:25:01 -07:00 · e62f4714e8
commit e62f4714e8
parent b7ee00815c
3 changed files with 11 additions and 4 deletions
--- a/passKit/Models/PasswordStore.swift
+++ b/passKit/Models/PasswordStore.swift
@ -711,7 +711,9 @@ public class PasswordStore {
    }
    
    public func encrypt(password: Password) throws -> Data {
-        return try PGPAgent.shared.encrypt(plainData: password.plainData, keyID: "")
+        let encryptedDataPath = storeURL.appendingPathComponent(password.url.path)
+        let keyID = findGPGID(from: encryptedDataPath)
+        return try PGPAgent.shared.encrypt(plainData: password.plainData, keyID: keyID)
    }
    
    public func removeGitSSHKeys() {
--- a/passKitTests/Crypto/PGPAgentTest.swift
+++ b/passKitTests/Crypto/PGPAgentTest.swift
@ -31,11 +31,11 @@ class PGPAgentTest: XCTestCase {
        super.tearDown()
    }

-    func basicEncryptDecrypt(using pgpAgent: PGPAgent, keyID: String, requestPassphrase: () -> String = requestPGPKeyPassphrase, encryptInArmored: Bool = true, encryptInArmoredNow: Bool = true) throws -> Data? {
+    func basicEncryptDecrypt(using pgpAgent: PGPAgent, keyID: String, encryptKeyID: String? = nil, requestPassphrase: () -> String = requestPGPKeyPassphrase, encryptInArmored: Bool = true, encryptInArmoredNow: Bool = true) throws -> Data? {
        passKit.Defaults.encryptInArmored = encryptInArmored
        let encryptedData = try pgpAgent.encrypt(plainData: testData, keyID: keyID)
        passKit.Defaults.encryptInArmored = encryptInArmoredNow
-        return try pgpAgent.decrypt(encryptedData: encryptedData, keyID: keyID, requestPGPKeyPassphrase: requestPassphrase)
+        return try pgpAgent.decrypt(encryptedData: encryptedData, keyID: encryptKeyID ?? keyID, requestPGPKeyPassphrase: requestPassphrase)
    }

    func testMultiKeys() throws {
@ -104,7 +104,7 @@ class PGPAgentTest: XCTestCase {
    func testIncompatibleKeyTypes() throws {
        try importKeys(ED25519.publicKey, RSA2048.privateKey)
        XCTAssert(pgpAgent.isPrepared)
-        XCTAssertThrowsError(try basicEncryptDecrypt(using: pgpAgent, keyID: RSA2048.fingerprint)) {
+        XCTAssertThrowsError(try basicEncryptDecrypt(using: pgpAgent, keyID: ED25519.fingerprint, encryptKeyID: RSA2048.fingerprint)) {
            XCTAssertEqual($0 as! AppError, AppError.KeyExpiredOrIncompatible)
        }
    }
--- a/passKitTests/Models/PasswordStoreTest.swift
+++ b/passKitTests/Models/PasswordStoreTest.swift
@ -55,6 +55,11 @@ class PasswordStoreTest: XCTestCase {
        let work = try decrypt(passwordStore: passwordStore, path: "work/github.com.gpg", passphrase: "passforios")
        XCTAssertEqual(work.plainText, "passwordforwork\n")

+        let testPassword = Password(name: "test", url: URL(string: "test.gpg")!, plainText: "testpassword")
+        let testPasswordEntity = try passwordStore.add(password: testPassword)!
+        let testPasswordPlain = try passwordStore.decrypt(passwordEntity: testPasswordEntity, requestPGPKeyPassphrase: { "passforios" } )!
+        XCTAssertEqual(testPasswordPlain.plainText, "testpassword")
+
        passwordStore.erase()
    }