morgan/bitwarden-desktop-agent
1
0
Fork 0
mirror of https://github.com/morgan9e/bitwarden-desktop-agent synced 2026-04-14 00:04:06 +09:00
Code Issues Packages Projects Releases Wiki Activity

remove SEP backend, requires Xcode provisioning profile

Browse Source
This commit is contained in:
Morgan
2026-03-22 18:27:43 +09:00
parent 8422e5eae7
commit f2c25da1aa
7 changed files with 3 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored Normal file
View File

Binary file not shown.

17
Makefile
View File

@@ -1,6 +1,4 @@
PREFIX ?= $(HOME)/.local/bin PREFIX ?= $(HOME)/.local/bin
IDENTITY ?= -
TEAM_ID ?= NONE
all: all:
cargo build --release cargo build --release
@@ -10,18 +8,8 @@ install: all
install -m 755 target/release/bw-agent $(PREFIX)/bw-agent install -m 755 target/release/bw-agent $(PREFIX)/bw-agent
install -m 755 target/release/bw-proxy $(PREFIX)/bw-proxy install -m 755 target/release/bw-proxy $(PREFIX)/bw-proxy
sep:
@if [ "$(TEAM_ID)" = "NONE" ]; then echo "error: TEAM_ID required (make sep TEAM_ID=... IDENTITY=...)"; exit 1; fi
mkdir -p target/release
sed 's/TEAM_ID/$(TEAM_ID)/' src/sep/sep-helper.entitlements > target/release/sep-helper.entitlements
swiftc -O -o target/release/sep-helper src/sep/sep-helper.swift
codesign --force --sign "$(IDENTITY)" --entitlements target/release/sep-helper.entitlements target/release/sep-helper
install-sep: sep
install -m 755 target/release/sep-helper $(PREFIX)/sep-helper
uninstall: uninstall:
rm -f $(PREFIX)/bw-agent $(PREFIX)/bw-proxy $(PREFIX)/sep-helper rm -f $(PREFIX)/bw-agent $(PREFIX)/bw-proxy
launchd: launchd:
mkdir -p $(HOME)/Library/LaunchAgents mkdir -p $(HOME)/Library/LaunchAgents
@@ -48,6 +36,5 @@ systemd-unload:
clean: clean:
cargo clean cargo clean
rm -f target/release/sep-helper
.PHONY: all install sep install-sep uninstall launchd launchd-unload systemd systemd-unload clean .PHONY: all install uninstall launchd launchd-unload systemd systemd-unload clean

BIN
src/.DS_Store vendored Normal file
View File

Binary file not shown.

0
src/sep/sep-helper.swift → src/sep-helper.swift
View File

10
src/sep/sep-helper.entitlements
View File

@@ -1,10 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>keychain-access-groups</key>
<array>
<string>TEAM_ID.com.bitwarden.agent</string>
</array>
</dict>
</plist>

11
src/storage/mod.rs
View File

@@ -1,5 +1,4 @@
pub mod pin; pub mod pin;
pub mod sep;
pub trait KeyStore { pub trait KeyStore {
fn name(&self) -> &str; fn name(&self) -> &str;
@@ -13,15 +12,7 @@ pub trait KeyStore {
pub fn get_backend(preferred: Option<&str>) -> Box<dyn KeyStore> { pub fn get_backend(preferred: Option<&str>) -> Box<dyn KeyStore> {
match preferred { match preferred {
Some("pin") => Box::new(pin::PinKeyStore::new(None)), Some("pin") | None => Box::new(pin::PinKeyStore::new(None)),
Some("sep") => Box::new(sep::SEPKeyStore::new()),
None => {
let s = sep::SEPKeyStore::new();
if s.is_available() {
return Box::new(s);
}
Box::new(pin::PinKeyStore::new(None))
}
Some(other) => crate::log::fatal(&format!("unknown backend: {other}")), Some(other) => crate::log::fatal(&format!("unknown backend: {other}")),
} }
} }

84
src/storage/sep.rs
View File

@@ -1,84 +0,0 @@
use std::path::PathBuf;
use std::process::Command;
use base64::{engine::general_purpose::STANDARD as B64, Engine};
use super::KeyStore;
fn helper_path() -> PathBuf {
let exe = std::env::current_exe().unwrap_or_default();
let dir = exe.parent().unwrap_or(std::path::Path::new("."));
dir.join("sep-helper")
}
pub struct SEPKeyStore;
impl SEPKeyStore {
pub fn new() -> Self {
Self
}
}
impl KeyStore for SEPKeyStore {
fn name(&self) -> &str {
"sep"
}
fn is_available(&self) -> bool {
helper_path().exists()
}
fn has_key(&self, uid: &str) -> bool {
Command::new(helper_path())
.args(["has", uid])
.output()
.map(|o| o.status.success())
.unwrap_or(false)
}
fn store(&self, uid: &str, data: &[u8], auth: &str) -> Result<(), String> {
let b64 = B64.encode(data);
let out = Command::new(helper_path())
.args(["store", uid, auth])
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.stderr(std::process::Stdio::piped())
.spawn()
.and_then(|mut child| {
use std::io::Write;
child.stdin.take().unwrap().write_all(b64.as_bytes())?;
child.wait_with_output()
})
.map_err(|e| e.to_string())?;
if !out.status.success() {
return Err(String::from_utf8_lossy(&out.stderr).trim().to_string());
}
Ok(())
}
fn load(&self, uid: &str, auth: &str) -> Result<Vec<u8>, String> {
let out = Command::new(helper_path())
.args(["load", uid, auth])
.output()
.map_err(|e| e.to_string())?;
if !out.status.success() {
return Err(String::from_utf8_lossy(&out.stderr).trim().to_string());
}
let b64 = String::from_utf8_lossy(&out.stdout).trim().to_string();
B64.decode(&b64).map_err(|e| e.to_string())
}
fn remove(&self, uid: &str) {
Command::new(helper_path())
.args(["remove", uid])
.output()
.ok();
}
fn find_key(&self) -> Option<String> {
None
}
}