fix: make ssh-add -l print something sensible

smlx · Aug 15, 2021 · 8c828c4 · 8c828c4
1 parent 66fe955
commit 8c828c4
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 15 deletions.
diff --git a/internal/keyservice/piv/list.go b/internal/keyservice/piv/list.go
@@ -19,8 +19,8 @@ type SecurityKey interface {
 	AttestationCertificate() (*x509.Certificate, error)
 	Card() string
 	Close() error
-	PrivateKey(s *securitykey.SigningKey) (crypto.PrivateKey, error)
-	Serial() uint32
+	Comment(*securitykey.SlotSpec) string
+	PrivateKey(*securitykey.SigningKey) (crypto.PrivateKey, error)
 	SigningKeys() []securitykey.SigningKey
 	StringsGPG(string, string) ([]string, error)
 	StringsSSH() []string

diff --git a/internal/mock/mock_pivservice.go b/internal/mock/mock_pivservice.go
diff --git a/internal/securitykey/string.go b/internal/securitykey/string.go
@@ -29,14 +29,19 @@ type Entity struct {
 	SigningKey
 }
 
+// Comment returns a comment suitable for e.g. the SSH public key format
+func (k *SecurityKey) Comment(ss *SlotSpec) string {
+	return fmt.Sprintf("%v #%v, touch policy: %s", k.card, k.serial,
+		touchStringMap[ss.TouchPolicy])
+}
+
 // StringsSSH returns an array of commonly formatted SSH keys as strings.
 func (k *SecurityKey) StringsSSH() []string {
 	var ss []string
 	for _, s := range k.SigningKeys() {
 		ss = append(ss, fmt.Sprintf("%s %s\n",
 			strings.TrimSuffix(string(ssh.MarshalAuthorizedKey(s.PubSSH)), "\n"),
-			fmt.Sprintf("%v #%v, touch policy: %s", k.card, k.serial,
-				touchStringMap[s.SlotSpec.TouchPolicy])))
+			k.Comment(s.SlotSpec)))
 	}
 	return ss
 }

diff --git a/internal/ssh/agent.go b/internal/ssh/agent.go
@@ -71,13 +71,9 @@ func (a *Agent) securityKeyIDs() ([]*agent.Key, error) {
 	for _, k := range securityKeys {
 		for _, s := range k.SigningKeys() {
 			keys = append(keys, &agent.Key{
-				Format: s.PubSSH.Type(),
-				Blob:   s.PubSSH.Marshal(),
-				Comment: fmt.Sprintf(
-					`Security Key "%s" #%d PIV Slot %x`,
-					s.PubSSH,
-					k.Serial(),
-					s.SlotSpec.Slot.Key),
+				Format:  s.PubSSH.Type(),
+				Blob:    s.PubSSH.Marshal(),
+				Comment: k.Comment(s.SlotSpec),
 			})
 		}
 	}