Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Swift 5 #45

Merged
merged 6 commits into from
Apr 11, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .swift-version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
4.2.3
5.0
14 changes: 9 additions & 5 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,30 +25,34 @@ matrix:
dist: xenial
sudo: required
services: docker
env: DOCKER_IMAGE=swift:4.2.3
env: DOCKER_IMAGE=swift:4.2.4 SWIFT_SNAPSHOT=4.2.4
- os: linux
dist: xenial
sudo: required
services: docker
env: DOCKER_IMAGE=swift:4.2.3 SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT
env: DOCKER_IMAGE=swift:5.0-xenial
- os: linux
dist: xenial
sudo: required
services: docker
env: DOCKER_IMAGE=ubuntu:18.04
env: DOCKER_IMAGE=swift:5.0 SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT
- os: osx
osx_image: xcode9.2
sudo: required
env: SWIFT_SNAPSHOT=4.0.3
- os: osx
osx_image: xcode9.4
sudo: required
env: SWIFT_SNAPSHOT=4.1.2
env: SWIFT_SNAPSHOT=4.1.2 JAZZY_ELIGIBLE=true
- os: osx
osx_image: xcode10.1
sudo: required
env: SWIFT_SNAPSHOT=4.2.1
- os: osx
osx_image: xcode10.1
osx_image: xcode10.2
sudo: required
- os: osx
osx_image: xcode10.2
sudo: required
env: SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT

Expand Down
2 changes: 1 addition & 1 deletion Package.swift
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// swift-tools-version:4.2
// swift-tools-version:5.0
// The swift-tools-version declares the minimum version of Swift required to build this package.

//
Expand Down
58 changes: 58 additions & 0 deletions [email protected]
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
// swift-tools-version:4.2
// The swift-tools-version declares the minimum version of Swift required to build this package.

//
// Package.swift
// CryptorRSA
//
// Copyright © 2017,2018 IBM. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

import PackageDescription

var dependencies: [Package.Dependency] = []
var targetDependencies: [Target.Dependency] = []


#if os(Linux)

dependencies.append(.package(url: "https://github.com/IBM-Swift/OpenSSL.git", from: "2.2.0"))
targetDependencies.append(.byName(name: "OpenSSL"))

#endif

let package = Package(
name: "CryptorRSA",
products: [
// Products define the executables and libraries produced by a package, and make them visible to other packages.
.library(
name: "CryptorRSA",
targets: ["CryptorRSA"]
)
],
dependencies: dependencies,
targets: [
// Targets are the basic building blocks of a package. A target can define a module or a test suite.
// Targets can depend on other targets in this package, and on products in packages which this package depends on.
.target(
name: "CryptorRSA",
dependencies: targetDependencies
),
.testTarget(
name: "CryptorRSATests",
dependencies: ["CryptorRSA"]
)
]
)
48 changes: 24 additions & 24 deletions Sources/CryptorRSA/CryptorRSA.swift
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ public class CryptorRSA {

return PlaintextData(with: data)
}

///
/// Creates a message from a plaintext string, with the specified encoding.
///
Expand Down Expand Up @@ -329,7 +329,7 @@ public class CryptorRSA {
defer {
RSA_free(rsaKey)
}

// Set the additional authenticated data (aad) as the RSA key modulus and publicExponent in an ASN1 sequence.
guard let aad = key.publicKeyBytes else {
let source = "Encryption failed"
Expand Down Expand Up @@ -404,8 +404,8 @@ public class CryptorRSA {
}

// Encrypt the plaintext into encrypted using gcmAlgorithm with the random aes key and all 0 iv.
guard(self.data.withUnsafeBytes({ (plaintext: UnsafePointer<UInt8>) -> Int32 in
return EVP_EncryptUpdate(rsaEncryptCtx, encrypted, &processedLength, plaintext, Int32(data.count))
guard(self.data.withUnsafeBytes({ (plaintext: UnsafeRawBufferPointer) -> Int32 in
return EVP_EncryptUpdate(rsaEncryptCtx, encrypted, &processedLength, plaintext.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(data.count))
})) == 1 else {
let source = "Encryption failed"
if let reason = CryptorRSA.getLastError(source: source) {
Expand Down Expand Up @@ -515,8 +515,8 @@ public class CryptorRSA {

// EVP_SealUpdate is a complex macros and therefore the compiler doesnt
// convert it directly to swift. From /usr/local/opt/openssl/include/openssl/evp.h:
_ = self.data.withUnsafeBytes({ (plaintext: UnsafePointer<UInt8>) -> Int32 in
return EVP_EncryptUpdate(rsaEncryptCtx, encrypted, &processedLength, plaintext, Int32(self.data.count))
_ = self.data.withUnsafeBytes({ (plaintext: UnsafeRawBufferPointer) -> Int32 in
return EVP_EncryptUpdate(rsaEncryptCtx, encrypted, &processedLength, plaintext.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(self.data.count))
})
encLength = processedLength

Expand Down Expand Up @@ -547,7 +547,7 @@ public class CryptorRSA {
/// - Returns: Decrypted data object.
///
func decryptedGCM(with key: PrivateKey) throws -> PlaintextData? {

// Initialize the decryption context.
let rsaDecryptCtx = EVP_CIPHER_CTX_new()
EVP_CIPHER_CTX_init_wrapper(rsaDecryptCtx)
Expand Down Expand Up @@ -624,7 +624,7 @@ public class CryptorRSA {
var decMsgLen: Int32 = 0
// Use a 16-byte all zero initialization vector (IV) to match Apple Security.
let iv = [UInt8](repeating: 0, count: 16)

// Decrypt the encryptedKey into the aeskey using the RSA private key
guard RSA_private_decrypt(Int32(encryptedKey.count), [UInt8](encryptedKey), aeskey, rsaKey, RSA_PKCS1_OAEP_PADDING) != 0,
// Set the IV length to be 16 bytes.
Expand All @@ -643,8 +643,8 @@ public class CryptorRSA {
throw Error(code: ERR_DECRYPTION_FAILED, reason: source + ": No OpenSSL error reported.")
}
// Decrypt the encrypted data using the symmetric key.
guard encryptedData.withUnsafeBytes({ (enc: UnsafePointer<UInt8>) -> Int32 in
return EVP_DecryptUpdate(rsaDecryptCtx, decrypted, &processedLen, enc, Int32(encryptedData.count))
guard encryptedData.withUnsafeBytes({ (enc: UnsafeRawBufferPointer) -> Int32 in
return EVP_DecryptUpdate(rsaDecryptCtx, decrypted, &processedLen, enc.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(encryptedData.count))
}) != 0 else {
let source = "Decryption failed"
if let reason = CryptorRSA.getLastError(source: source) {
Expand All @@ -655,8 +655,8 @@ public class CryptorRSA {
decMsgLen += processedLen

// Verify the provided GCM tag.
guard tagData.withUnsafeMutableBytes({ (tag: UnsafeMutablePointer<UInt8>) -> Int32 in
return EVP_CIPHER_CTX_ctrl(rsaDecryptCtx, EVP_CTRL_GCM_SET_TAG, 16, tag)
guard tagData.withUnsafeMutableBytes({ (tag: UnsafeMutableRawBufferPointer) -> Int32 in
return EVP_CIPHER_CTX_ctrl(rsaDecryptCtx, EVP_CTRL_GCM_SET_TAG, 16, tag.baseAddress)
}) == 1,
EVP_DecryptFinal_ex(rsaDecryptCtx, decrypted.advanced(by: Int(decMsgLen)), &processedLen) == 1
else {
Expand Down Expand Up @@ -690,7 +690,7 @@ public class CryptorRSA {
let encIVLength = Int(EVP_CIPHER_iv_length(.make(optional: encType)))
// Size of encryptedKey
let encryptedDataLength = Int(self.data.count) - encKeyLength - encIVLength

// Extract encryptedKey, encryptedData, encryptedIV from data
// self.data = encryptedKey + encryptedData + encryptedIV
let encryptedKey = self.data.subdata(in: 0..<encKeyLength)
Expand Down Expand Up @@ -720,9 +720,9 @@ public class CryptorRSA {
#endif
}
// EVP_OpenInit returns 0 on error or the recovered secret key size if successful
var status = encryptedKey.withUnsafeBytes({ (ek: UnsafePointer<UInt8>) -> Int32 in
return encryptedIV.withUnsafeBytes({ (iv: UnsafePointer<UInt8>) -> Int32 in
return EVP_OpenInit(rsaDecryptCtx, .make(optional: encType), ek, Int32(encryptedKey.count), iv, .make(optional: key.reference))
var status = encryptedKey.withUnsafeBytes({ (ek: UnsafeRawBufferPointer) -> Int32 in
return encryptedIV.withUnsafeBytes({ (iv: UnsafeRawBufferPointer) -> Int32 in
return EVP_OpenInit(rsaDecryptCtx, .make(optional: encType), ek.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(encryptedKey.count), iv.baseAddress?.assumingMemoryBound(to: UInt8.self), .make(optional: key.reference))
})
})
guard status != 0 else {
Expand All @@ -736,8 +736,8 @@ public class CryptorRSA {

// EVP_OpenUpdate is a complex macros and therefore the compiler doesnt
// convert it directly to Swift. From /usr/local/opt/openssl/include/openssl/evp.h:
_ = encryptedData.withUnsafeBytes({ (enc: UnsafePointer<UInt8>) -> Int32 in
return EVP_DecryptUpdate(rsaDecryptCtx, decrypted, &processedLen, enc, Int32(encryptedData.count))
_ = encryptedData.withUnsafeBytes({ (enc: UnsafeRawBufferPointer) -> Int32 in
return EVP_DecryptUpdate(rsaDecryptCtx, decrypted, &processedLen, enc.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(encryptedData.count))
})
decMsgLen = processedLen

Expand Down Expand Up @@ -798,8 +798,8 @@ public class CryptorRSA {
EVP_DigestSignInit(md_ctx, nil, .make(optional: md), nil, .make(optional: key.reference))

// Convert Data to UnsafeRawPointer!
_ = self.data.withUnsafeBytes({ (message: UnsafePointer<UInt8>) -> Int32 in
return EVP_DigestUpdate(md_ctx, message, self.data.count)
_ = self.data.withUnsafeBytes({ (message: UnsafeRawBufferPointer) -> Int32 in
return EVP_DigestUpdate(md_ctx, message.baseAddress?.assumingMemoryBound(to: UInt8.self), self.data.count)
})

// Determine the size of the actual signature
Expand Down Expand Up @@ -891,8 +891,8 @@ public class CryptorRSA {
EVP_DigestVerifyInit(md_ctx, nil, .make(optional: md), nil, .make(optional: key.reference))


var rc = self.data.withUnsafeBytes({ (message: UnsafePointer<UInt8>) -> Int32 in
return EVP_DigestUpdate(md_ctx, message, self.data.count)
var rc = self.data.withUnsafeBytes({ (message: UnsafeRawBufferPointer) -> Int32 in
return EVP_DigestUpdate(md_ctx, message.baseAddress?.assumingMemoryBound(to: UInt8.self), self.data.count)
})
guard rc == 1 else {
let source = "Signature verification failed."
Expand All @@ -904,11 +904,11 @@ public class CryptorRSA {
}

// Unlike other return values above, this return indicates if signature verifies or not
rc = signature.data.withUnsafeBytes({ (sig: UnsafePointer<UInt8>) -> Int32 in
rc = signature.data.withUnsafeBytes({ (sig: UnsafeRawBufferPointer) -> Int32 in
// Wrapper for OpenSSL EVP_DigestVerifyFinal function defined in
// IBM-Swift/OpenSSL/shim.h, to provide compatibility with OpenSSL
// 1.0.1 and 1.0.2 on Ubuntu 14.04 and 16.04, respectively.
return SSL_EVP_digestVerifyFinal_wrapper(md_ctx, sig, signature.data.count)
return SSL_EVP_digestVerifyFinal_wrapper(md_ctx, sig.baseAddress?.assumingMemoryBound(to: UInt8.self), signature.data.count)
})

return (rc == 1) ? true : false
Expand Down
12 changes: 6 additions & 6 deletions Sources/CryptorRSA/CryptorRSADigest.swift
Original file line number Diff line number Diff line change
Expand Up @@ -226,7 +226,7 @@ extension Data {
#if os(Linux)

public var engine: (_ data: UnsafePointer<UInt8>, _ len: CC_LONG, _ md: UnsafeMutablePointer<UInt8>) -> UnsafeMutablePointer<UInt8>? {

switch self {

case .sha1:
Expand Down Expand Up @@ -293,12 +293,12 @@ extension Data {
public func digest(using alogorithm: Algorithm) throws -> Data {

var hash = [UInt8](repeating: 0, count: Int(alogorithm.length))
self.withUnsafeBytes {

_ = alogorithm.engine($0, CC_LONG(self.count), &hash)

self.withUnsafeBytes { ptr in
guard let baseAddress = ptr.baseAddress else { return }
_ = alogorithm.engine(baseAddress.assumingMemoryBound(to: UInt8.self), CC_LONG(self.count), &hash)
}

return Data(bytes: hash)
return Data(hash)
}
}
4 changes: 2 additions & 2 deletions Sources/CryptorRSA/CryptorRSAKey.swift
Original file line number Diff line number Diff line change
Expand Up @@ -281,9 +281,9 @@ extension CryptorRSA {
}

// Move the key data to BIO
try data.withUnsafeBytes() { (buffer: UnsafePointer<UInt8>) in
try data.withUnsafeBytes() { (buffer: UnsafeRawBufferPointer) in

let len = BIO_write(certbio, buffer, Int32(data.count))
let len = BIO_write(certbio, buffer.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(data.count))
guard len != 0 else {
let source = "Couldn't create BIO reference from key data"
if let reason = CryptorRSA.getLastError(source: source) {
Expand Down
48 changes: 24 additions & 24 deletions Sources/CryptorRSA/CryptorRSAUtilities.swift
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ public extension CryptorRSA {
/// - Returns: `RSA` representation of the key.
///
static func createKey(from keyData: Data, type: CryptorRSA.RSAKey.KeyType) throws -> NativeKey {

var keyData = keyData

// If data is a PEM String, strip the headers and convert to der.
Expand All @@ -66,9 +66,9 @@ public extension CryptorRSA {
BIO_free(bio)
}
// Create a BIO object with the key data...
try headerKey.withUnsafeBytes() { (buffer: UnsafePointer<UInt8>) in
let len = BIO_write(bio, buffer, Int32(headerKey.count))
try headerKey.withUnsafeBytes() { (buffer: UnsafeRawBufferPointer) in

let len = BIO_write(bio, buffer.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(headerKey.count))
guard len != 0 else {
let source = "Couldn't create BIO reference from key data"
if let reason = CryptorRSA.getLastError(source: source) {
Expand Down Expand Up @@ -296,28 +296,28 @@ public extension CryptorRSA {
static func addX509CertificateHeader(for keyData: Data) -> Data {

if keyData.count == 140 {
return Data(bytes: [0x30, 0x81, 0x9F,
0x30, 0x0D,
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
0x05, 0x00,
0x03, 0x81, 0x8D, 0x00]) + keyData
return Data([0x30, 0x81, 0x9F,
0x30, 0x0D,
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
0x05, 0x00,
0x03, 0x81, 0x8D, 0x00]) + keyData
} else if keyData.count == 270 {
return Data(bytes: [0x30, 0x82, 0x01, 0x22,
0x30, 0x0D,
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
0x05, 0x00,
0x03, 0x82, 0x01, 0x0F, 0x00]) + keyData
} else if keyData.count == 398 {
return Data(bytes: [0x30, 0x82, 0x01, 0xA2,
0x30, 0x0D,
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
0x05, 0x00,
0x03, 0x82, 0x01, 0x8F, 0x00]) + keyData
return Data([0x30, 0x82, 0x01, 0x22,
0x30, 0x0D,
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
0x05, 0x00,
0x03, 0x82, 0x01, 0x0F, 0x00]) + keyData
} else if keyData.count == 398 {
return Data([0x30, 0x82, 0x01, 0xA2,
0x30, 0x0D,
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
0x05, 0x00,
0x03, 0x82, 0x01, 0x8F, 0x00]) + keyData
} else if keyData.count == 526 {
return Data(bytes: [0x30, 0x82, 0x02, 0x22,
0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
0x05, 0x00,
0x03, 0x82, 0x02, 0x0F, 0x00]) + keyData
return Data([0x30, 0x82, 0x02, 0x22,
0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
0x05, 0x00,
0x03, 0x82, 0x02, 0x0F, 0x00]) + keyData
} else {
return keyData
}
Expand Down
Loading