From a67f26496557ac2cd138b81cb42ec49e14a2829f Mon Sep 17 00:00:00 2001 From: Kris Kline Date: Thu, 21 Nov 2024 12:45:00 -0600 Subject: [PATCH] [Issue #77] Obsolete cryptographically broken algorithms MD2, MD4, MD5 for iOS Rework md5 into md5_insecure Provide a SHA1_insecure Update travis.yml --- .gitmodules | 0 .travis.yml | 23 +- BlueCryptor.podspec | 12 +- Cryptor-iOS/Cryptor-iOS.h | 19 - Cryptor-iOS/Info.plist | 24 - Cryptor.xcodeproj/project.pbxproj | 747 ------------------ .../contents.xcworkspacedata | 7 - .../xcschemes/Cryptor-iOS.xcscheme | 76 -- .../xcshareddata/xcschemes/Cryptor.xcscheme | 95 --- .../xcschemes/CryptorTests.xcscheme | 52 -- .../xcschemes/xcschememanagement.plist | 12 - README.md | 23 +- Sources/Cryptor/Crypto.swift | 20 +- Sources/Cryptor/Digest.swift | 167 +++- Sources/Cryptor/HMAC.swift | 186 ++--- Sources/Cryptor/KeyDerivation.swift | 96 +-- Sources/Cryptor/Random.swift | 22 +- Sources/Cryptor/Status.swift | 222 +++--- Sources/Cryptor/StreamCryptor.swift | 316 ++++---- Tests/CryptorTests/CryptorTests.swift | 119 ++- Tests/CryptorTests/Info.plist | 24 - 21 files changed, 687 insertions(+), 1575 deletions(-) delete mode 100644 .gitmodules delete mode 100644 Cryptor-iOS/Cryptor-iOS.h delete mode 100644 Cryptor-iOS/Info.plist delete mode 100644 Cryptor.xcodeproj/project.pbxproj delete mode 100644 Cryptor.xcodeproj/project.xcworkspace/contents.xcworkspacedata delete mode 100644 Cryptor.xcodeproj/xcshareddata/xcschemes/Cryptor-iOS.xcscheme delete mode 100644 Cryptor.xcodeproj/xcshareddata/xcschemes/Cryptor.xcscheme delete mode 100644 Cryptor.xcodeproj/xcshareddata/xcschemes/CryptorTests.xcscheme delete mode 100644 Cryptor.xcodeproj/xcshareddata/xcschemes/xcschememanagement.plist delete mode 100644 Tests/CryptorTests/Info.plist diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index e69de29..0000000 diff --git a/.travis.yml b/.travis.yml index 50be303..2a744ac 100644 --- a/.travis.yml +++ b/.travis.yml @@ -11,31 +11,30 @@ branches: # by .swift-version, unless SWIFT_SNAPSHOT is specified. matrix: include: - - os: linux - dist: xenial - sudo: required - services: docker - env: DOCKER_IMAGE=docker.kitura.net/kitura/swift-ci-ubuntu16.04:5.1.5 SWIFT_SNAPSHOT=5.1.5 - os: linux dist: bionic sudo: required services: docker - env: DOCKER_IMAGE=docker.kitura.net/kitura/swift-ci-ubuntu18.04:5.4 SWIFT_SNAPSHOT=5.4 + env: DOCKER_IMAGE=docker.kitura.net/kitura/swift-ci-ubuntu18.04:5.4 SWIFT_TEST_ARGS="" - os: linux dist: xenial sudo: required services: docker - env: DOCKER_IMAGE=docker.kitura.net/kitura/swift-ci-ubuntu18.04:latest SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT + env: DOCKER_IMAGE=docker.kitura.net/kitura/swift-ci-ubuntu18.04:latest USE_SWIFT_DEVELOPMENT_SNAPSHOT=1 SWIFT_TEST_ARGS="" - os: osx - osx_image: xcode11 + osx_image: xcode12.2 sudo: required - env: SWIFT_SNAPSHOT=5.1.5 JAZZY_ELIGIBLE=true + env: JAZZY_ELIGIBLE=true SWIFT_TEST_ARGS="" - os: osx - osx_image: xcode12.2 + osx_image: xcode13.4 + sudo: required + env: USE_SWIFT_DEVELOPMENT_SNAPSHOT=1 SWIFT_TEST_ARGS="" + - os: osx + osx_image: xcode14.2 sudo: required - #env: SWIFT_SNAPSHOT=5.1.5 + env: SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT - os: osx - osx_image: xcode12.5 + osx_image: xcode15.4 sudo: required env: SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT diff --git a/BlueCryptor.podspec b/BlueCryptor.podspec index 672a062..fde3cbb 100644 --- a/BlueCryptor.podspec +++ b/BlueCryptor.podspec @@ -1,6 +1,6 @@ Pod::Spec.new do |s| s.name = "BlueCryptor" -s.version = "2.0.1" +s.version = "2.0.2" s.summary = "Swift cross-platform crypto library using CommonCrypto/libcrypto via Package Manager." s.homepage = "https://github.com/Kitura/BlueCryptor" s.license = { :type => "Apache License, Version 2.0" } @@ -8,11 +8,11 @@ s.author = "IBM & Kitura Project Authors" s.module_name = 'Cryptor' s.requires_arc = true -s.swift_version = '5.1' -s.osx.deployment_target = "10.11" -s.ios.deployment_target = "10.0" -s.tvos.deployment_target = "10.0" -s.watchos.deployment_target = "2.0" +s.swift_version = '5.2' +s.osx.deployment_target = "11.5" +s.ios.deployment_target = "14.5" +s.tvos.deployment_target = "14.5" +s.watchos.deployment_target = "7.5" s.source = { :git => "https://github.com/Kitura/BlueCryptor.git", :tag => s.version } s.source_files = "Sources/Cryptor/*.swift" s.pod_target_xcconfig = { diff --git a/Cryptor-iOS/Cryptor-iOS.h b/Cryptor-iOS/Cryptor-iOS.h deleted file mode 100644 index 325e1fe..0000000 --- a/Cryptor-iOS/Cryptor-iOS.h +++ /dev/null @@ -1,19 +0,0 @@ -// -// Cryptor-iOS.h -// Cryptor-iOS -// -// Created by Bill Abt on 5/7/17. -// -// - -#import - -//! Project version number for Cryptor-iOS. -FOUNDATION_EXPORT double Cryptor_iOSVersionNumber; - -//! Project version string for Cryptor-iOS. -FOUNDATION_EXPORT const unsigned char Cryptor_iOSVersionString[]; - -// In this header, you should import all the public headers of your framework using statements like #import - - diff --git a/Cryptor-iOS/Info.plist b/Cryptor-iOS/Info.plist deleted file mode 100644 index fbe1e6b..0000000 --- a/Cryptor-iOS/Info.plist +++ /dev/null @@ -1,24 +0,0 @@ - - - - - CFBundleDevelopmentRegion - en - CFBundleExecutable - $(EXECUTABLE_NAME) - CFBundleIdentifier - $(PRODUCT_BUNDLE_IDENTIFIER) - CFBundleInfoDictionaryVersion - 6.0 - CFBundleName - $(PRODUCT_NAME) - CFBundlePackageType - FMWK - CFBundleShortVersionString - 1.0 - CFBundleVersion - $(CURRENT_PROJECT_VERSION) - NSPrincipalClass - - - diff --git a/Cryptor.xcodeproj/project.pbxproj b/Cryptor.xcodeproj/project.pbxproj deleted file mode 100644 index 41dc682..0000000 --- a/Cryptor.xcodeproj/project.pbxproj +++ /dev/null @@ -1,747 +0,0 @@ -// !$*UTF8*$! -{ - archiveVersion = 1; - classes = { - }; - objectVersion = 46; - objects = { - -/* Begin PBXBuildFile section */ - 8C7111EE2195B09A003CF4B3 /* SSLPointerTricks.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8C7111ED2195B09A003CF4B3 /* SSLPointerTricks.swift */; }; - 8C7111EF2195B09A003CF4B3 /* SSLPointerTricks.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8C7111ED2195B09A003CF4B3 /* SSLPointerTricks.swift */; }; - 8C9590301CC80A2300A2C2B4 /* libCryptor.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = "_____Product_Cryptor" /* libCryptor.dylib */; }; - 8C97EE131EBF75DD000E795B /* Cryptor-iOS.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C97EE111EBF75DD000E795B /* Cryptor-iOS.h */; settings = {ATTRIBUTES = (Public, ); }; }; - 8C97EE181EBF76F0000E795B /* Crypto.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Crypto.swift /* Crypto.swift */; }; - 8C97EE191EBF76F0000E795B /* Cryptor.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Cryptor.swift /* Cryptor.swift */; }; - 8C97EE1A1EBF76F0000E795B /* Digest.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Digest.swift /* Digest.swift */; }; - 8C97EE1B1EBF76F0000E795B /* HMAC.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/HMAC.swift /* HMAC.swift */; }; - 8C97EE1C1EBF76F0000E795B /* KeyDerivation.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/KeyDerivation.swift /* KeyDerivation.swift */; }; - 8C97EE1D1EBF76F0000E795B /* Random.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Random.swift /* Random.swift */; }; - 8C97EE1E1EBF76F0000E795B /* Status.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Status.swift /* Status.swift */; }; - 8C97EE1F1EBF76F0000E795B /* StreamCryptor.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/StreamCryptor.swift /* StreamCryptor.swift */; }; - 8C97EE201EBF76F0000E795B /* Updatable.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Updateable.swift /* Updatable.swift */; }; - 8C97EE211EBF76F0000E795B /* Utilities.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Utilities.swift /* Utilities.swift */; }; - 8CF04E2A1D4FCECC00C27814 /* CryptorTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8C9590241CC807D400A2C2B4 /* CryptorTests.swift */; }; - __src_cc_ref_Sources/Crypto.swift /* Crypto.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Crypto.swift /* Crypto.swift */; }; - __src_cc_ref_Sources/Cryptor.swift /* Cryptor.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Cryptor.swift /* Cryptor.swift */; }; - __src_cc_ref_Sources/Digest.swift /* Digest.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Digest.swift /* Digest.swift */; }; - __src_cc_ref_Sources/HMAC.swift /* HMAC.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/HMAC.swift /* HMAC.swift */; }; - __src_cc_ref_Sources/KeyDerivation.swift /* KeyDerivation.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/KeyDerivation.swift /* KeyDerivation.swift */; }; - __src_cc_ref_Sources/Random.swift /* Random.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Random.swift /* Random.swift */; }; - __src_cc_ref_Sources/Status.swift /* Status.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Status.swift /* Status.swift */; }; - __src_cc_ref_Sources/StreamCryptor.swift /* StreamCryptor.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/StreamCryptor.swift /* StreamCryptor.swift */; }; - __src_cc_ref_Sources/Updateable.swift /* Updatable.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Updateable.swift /* Updatable.swift */; }; - __src_cc_ref_Sources/Utilities.swift /* Utilities.swift in Sources */ = {isa = PBXBuildFile; fileRef = __PBXFileRef_Sources/Utilities.swift /* Utilities.swift */; }; -/* End PBXBuildFile section */ - -/* Begin PBXContainerItemProxy section */ - 8C9590311CC80A2300A2C2B4 /* PBXContainerItemProxy */ = { - isa = PBXContainerItemProxy; - containerPortal = __RootObject_ /* Project object */; - proxyType = 1; - remoteGlobalIDString = "______Target_Cryptor"; - remoteInfo = Cryptor; - }; -/* End PBXContainerItemProxy section */ - -/* Begin PBXFileReference section */ - 8C7111ED2195B09A003CF4B3 /* SSLPointerTricks.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; name = SSLPointerTricks.swift; path = Sources/Cryptor/SSLPointerTricks.swift; sourceTree = ""; }; - 8C9590241CC807D400A2C2B4 /* CryptorTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; name = CryptorTests.swift; path = Tests/CryptorTests/CryptorTests.swift; sourceTree = ""; }; - 8C95902B1CC80A2300A2C2B4 /* CryptorTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = CryptorTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; }; - 8C97EE0F1EBF75DD000E795B /* Cryptor.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Cryptor.framework; sourceTree = BUILT_PRODUCTS_DIR; }; - 8C97EE111EBF75DD000E795B /* Cryptor-iOS.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "Cryptor-iOS.h"; sourceTree = ""; }; - 8C97EE121EBF75DD000E795B /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; - 8C9B7E631FEC01D90038D9C6 /* BlueCryptor.podspec */ = {isa = PBXFileReference; lastKnownFileType = text; path = BlueCryptor.podspec; sourceTree = ""; }; - 8C9C42F01CD7881000045CFB /* LinuxMain.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = LinuxMain.swift; path = Tests/LinuxMain.swift; sourceTree = ""; }; - 8CD16C6C1CC81DE5007296B5 /* LICENSE */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = LICENSE; sourceTree = ""; }; - 8CD16C6D1CC81DE5007296B5 /* README.md */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = net.daringfireball.markdown; path = README.md; sourceTree = ""; }; - __PBXFileRef_Package.swift /* Package.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Package.swift; sourceTree = ""; }; - __PBXFileRef_Sources/Crypto.swift /* Crypto.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = Crypto.swift; path = Sources/Cryptor/Crypto.swift; sourceTree = ""; }; - __PBXFileRef_Sources/Cryptor.swift /* Cryptor.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = Cryptor.swift; path = Sources/Cryptor/Cryptor.swift; sourceTree = ""; }; - __PBXFileRef_Sources/Digest.swift /* Digest.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = Digest.swift; path = Sources/Cryptor/Digest.swift; sourceTree = ""; }; - __PBXFileRef_Sources/HMAC.swift /* HMAC.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = HMAC.swift; path = Sources/Cryptor/HMAC.swift; sourceTree = ""; }; - __PBXFileRef_Sources/KeyDerivation.swift /* KeyDerivation.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = KeyDerivation.swift; path = Sources/Cryptor/KeyDerivation.swift; sourceTree = ""; }; - __PBXFileRef_Sources/Random.swift /* Random.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = Random.swift; path = Sources/Cryptor/Random.swift; sourceTree = ""; }; - __PBXFileRef_Sources/Status.swift /* Status.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = Status.swift; path = Sources/Cryptor/Status.swift; sourceTree = ""; }; - __PBXFileRef_Sources/StreamCryptor.swift /* StreamCryptor.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = StreamCryptor.swift; path = Sources/Cryptor/StreamCryptor.swift; sourceTree = ""; }; - __PBXFileRef_Sources/Updateable.swift /* Updatable.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = Updatable.swift; path = Sources/Cryptor/Updatable.swift; sourceTree = ""; }; - __PBXFileRef_Sources/Utilities.swift /* Utilities.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = Utilities.swift; path = Sources/Cryptor/Utilities.swift; sourceTree = ""; }; - "_____Product_Cryptor" /* libCryptor.dylib */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.dylib"; path = libCryptor.dylib; sourceTree = BUILT_PRODUCTS_DIR; }; -/* End PBXFileReference section */ - -/* Begin PBXFrameworksBuildPhase section */ - 8C9590281CC80A2300A2C2B4 /* Frameworks */ = { - isa = PBXFrameworksBuildPhase; - buildActionMask = 2147483647; - files = ( - 8C9590301CC80A2300A2C2B4 /* libCryptor.dylib in Frameworks */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; - 8C97EE0B1EBF75DD000E795B /* Frameworks */ = { - isa = PBXFrameworksBuildPhase; - buildActionMask = 2147483647; - files = ( - ); - runOnlyForDeploymentPostprocessing = 0; - }; - "___LinkPhase_Cryptor" /* Frameworks */ = { - isa = PBXFrameworksBuildPhase; - buildActionMask = 0; - files = ( - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXFrameworksBuildPhase section */ - -/* Begin PBXGroup section */ - 8C9590261CC807EA00A2C2B4 /* Tests */ = { - isa = PBXGroup; - children = ( - 8C9C42F11CD7904000045CFB /* CryptorTests */, - 8C9C42F01CD7881000045CFB /* LinuxMain.swift */, - ); - name = Tests; - sourceTree = ""; - }; - 8C97EE101EBF75DD000E795B /* Cryptor-iOS */ = { - isa = PBXGroup; - children = ( - 8C97EE111EBF75DD000E795B /* Cryptor-iOS.h */, - 8C97EE121EBF75DD000E795B /* Info.plist */, - ); - path = "Cryptor-iOS"; - sourceTree = ""; - }; - 8C9C42F11CD7904000045CFB /* CryptorTests */ = { - isa = PBXGroup; - children = ( - 8C9590241CC807D400A2C2B4 /* CryptorTests.swift */, - ); - name = CryptorTests; - sourceTree = ""; - }; - Dependencies_ /* Dependencies */ = { - isa = PBXGroup; - children = ( - ); - name = Dependencies; - sourceTree = ""; - }; - "___RootGroup_" = { - isa = PBXGroup; - children = ( - 8C9B7E631FEC01D90038D9C6 /* BlueCryptor.podspec */, - 8CD16C6C1CC81DE5007296B5 /* LICENSE */, - __PBXFileRef_Package.swift /* Package.swift */, - 8CD16C6D1CC81DE5007296B5 /* README.md */, - "_____Sources_" /* Sources */, - 8C9590261CC807EA00A2C2B4 /* Tests */, - Dependencies_ /* Dependencies */, - 8C97EE101EBF75DD000E795B /* Cryptor-iOS */, - "____Products_" /* Products */, - ); - sourceTree = ""; - }; - "____Products_" /* Products */ = { - isa = PBXGroup; - children = ( - "_____Product_Cryptor" /* libCryptor.dylib */, - 8C95902B1CC80A2300A2C2B4 /* CryptorTests.xctest */, - 8C97EE0F1EBF75DD000E795B /* Cryptor.framework */, - ); - name = Products; - sourceTree = ""; - }; - "_____Sources_" /* Sources */ = { - isa = PBXGroup; - children = ( - __PBXFileRef_Sources/Crypto.swift /* Crypto.swift */, - __PBXFileRef_Sources/Cryptor.swift /* Cryptor.swift */, - __PBXFileRef_Sources/Digest.swift /* Digest.swift */, - __PBXFileRef_Sources/HMAC.swift /* HMAC.swift */, - __PBXFileRef_Sources/KeyDerivation.swift /* KeyDerivation.swift */, - __PBXFileRef_Sources/Random.swift /* Random.swift */, - 8C7111ED2195B09A003CF4B3 /* SSLPointerTricks.swift */, - __PBXFileRef_Sources/Status.swift /* Status.swift */, - __PBXFileRef_Sources/StreamCryptor.swift /* StreamCryptor.swift */, - __PBXFileRef_Sources/Updateable.swift /* Updatable.swift */, - __PBXFileRef_Sources/Utilities.swift /* Utilities.swift */, - ); - name = Sources; - sourceTree = ""; - }; -/* End PBXGroup section */ - -/* Begin PBXHeadersBuildPhase section */ - 8C97EE0C1EBF75DD000E795B /* Headers */ = { - isa = PBXHeadersBuildPhase; - buildActionMask = 2147483647; - files = ( - 8C97EE131EBF75DD000E795B /* Cryptor-iOS.h in Headers */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXHeadersBuildPhase section */ - -/* Begin PBXNativeTarget section */ - 8C95902A1CC80A2300A2C2B4 /* CryptorTests */ = { - isa = PBXNativeTarget; - buildConfigurationList = 8C9590331CC80A2300A2C2B4 /* Build configuration list for PBXNativeTarget "CryptorTests" */; - buildPhases = ( - 8C9590271CC80A2300A2C2B4 /* Sources */, - 8C9590281CC80A2300A2C2B4 /* Frameworks */, - 8C9590291CC80A2300A2C2B4 /* Resources */, - ); - buildRules = ( - ); - dependencies = ( - 8C9590321CC80A2300A2C2B4 /* PBXTargetDependency */, - ); - name = CryptorTests; - productName = CryptorTests; - productReference = 8C95902B1CC80A2300A2C2B4 /* CryptorTests.xctest */; - productType = "com.apple.product-type.bundle.unit-test"; - }; - 8C97EE0E1EBF75DD000E795B /* Cryptor-iOS */ = { - isa = PBXNativeTarget; - buildConfigurationList = 8C97EE161EBF75DD000E795B /* Build configuration list for PBXNativeTarget "Cryptor-iOS" */; - buildPhases = ( - 8C97EE171EBF76BC000E795B /* ShellScript */, - 8C97EE0A1EBF75DD000E795B /* Sources */, - 8C97EE0B1EBF75DD000E795B /* Frameworks */, - 8C97EE0C1EBF75DD000E795B /* Headers */, - 8C97EE0D1EBF75DD000E795B /* Resources */, - ); - buildRules = ( - ); - dependencies = ( - ); - name = "Cryptor-iOS"; - productName = "Cryptor-iOS"; - productReference = 8C97EE0F1EBF75DD000E795B /* Cryptor.framework */; - productType = "com.apple.product-type.framework"; - }; - "______Target_Cryptor" /* Cryptor */ = { - isa = PBXNativeTarget; - buildConfigurationList = "_______Confs_Cryptor" /* Build configuration list for PBXNativeTarget "Cryptor" */; - buildPhases = ( - 8C95901E1CC7D85000A2C2B4 /* ShellScript */, - CompilePhase_Cryptor /* Sources */, - "___LinkPhase_Cryptor" /* Frameworks */, - ); - buildRules = ( - ); - dependencies = ( - ); - name = Cryptor; - productName = Cryptor; - productReference = "_____Product_Cryptor" /* libCryptor.dylib */; - productType = "com.apple.product-type.library.dynamic"; - }; -/* End PBXNativeTarget section */ - -/* Begin PBXProject section */ - __RootObject_ /* Project object */ = { - isa = PBXProject; - attributes = { - LastSwiftUpdateCheck = 0730; - LastUpgradeCheck = 1020; - TargetAttributes = { - 8C95902A1CC80A2300A2C2B4 = { - CreatedOnToolsVersion = 7.3; - LastSwiftMigration = 1000; - }; - 8C97EE0E1EBF75DD000E795B = { - CreatedOnToolsVersion = 8.3.2; - LastSwiftMigration = 1000; - ProvisioningStyle = Automatic; - }; - "______Target_Cryptor" = { - LastSwiftMigration = 1000; - }; - }; - }; - buildConfigurationList = "___RootConfs_" /* Build configuration list for PBXProject "Cryptor" */; - compatibilityVersion = "Xcode 3.2"; - developmentRegion = en; - hasScannedForEncodings = 0; - knownRegions = ( - en, - Base, - ); - mainGroup = "___RootGroup_"; - productRefGroup = "____Products_" /* Products */; - projectDirPath = ""; - projectRoot = ""; - targets = ( - "______Target_Cryptor" /* Cryptor */, - 8C95902A1CC80A2300A2C2B4 /* CryptorTests */, - 8C97EE0E1EBF75DD000E795B /* Cryptor-iOS */, - ); - }; -/* End PBXProject section */ - -/* Begin PBXResourcesBuildPhase section */ - 8C9590291CC80A2300A2C2B4 /* Resources */ = { - isa = PBXResourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - ); - runOnlyForDeploymentPostprocessing = 0; - }; - 8C97EE0D1EBF75DD000E795B /* Resources */ = { - isa = PBXResourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXResourcesBuildPhase section */ - -/* Begin PBXShellScriptBuildPhase section */ - 8C95901E1CC7D85000A2C2B4 /* ShellScript */ = { - isa = PBXShellScriptBuildPhase; - buildActionMask = 2147483647; - files = ( - ); - inputPaths = ( - ); - outputPaths = ( - ); - runOnlyForDeploymentPostprocessing = 0; - shellPath = /bin/sh; - shellScript = "#!/bin/bash\nCC_PATH=\"$SRCROOT/CommonCrypto\"\necho \"$CC_PATH\"\n\nCCMODMAP=$SDKROOT/usr/include/CommonCrypto/module.modulemap\nif [ -e \"$CCMODMAP\" ] ; then\nif [ -e \"$CC_PATH\" ] ; then\nrm -rf \"$CC_PATH\"\nfi\necho \"Modulemap already exists. Skipping generation...\"\nexit 0\nfi\n\nHEADER_FILE1=$SDKROOT/usr/include/CommonCrypto/CommonCrypto.h\nif [ ! -e $HEADER_FILE1 ] ; then\necho \"ERROR: The CommonCrypto.h header file could not be found.\"\nexit 1\nfi\n\nHEADER_FILE2=$SDKROOT/usr/include/CommonCrypto/CommonRandom.h\nif [ ! -e $HEADER_FILE2 ] ; then\necho \"ERROR: The CommonRandom.h header file could not be found.\"\nexit 1\nfi\n\nif [ -e \"$CC_PATH\" ] ; then\necho \"$CC_PATH exists...\"\nelse\nmkdir -p \"$CC_PATH\"\nfi\n\n# Write the module.map file\ncat <<_EOF_ > \"$CC_PATH/module.map\"\nmodule CommonCrypto [system] {\nheader \"$HEADER_FILE1\"\nheader \"$HEADER_FILE2\"\nexport *\n}\n\nmodule OpenSSL [system] {\nheader \"/usr/local/opt/openssl/include/openssl/conf.h\"\nheader \"/usr/local/opt/openssl/include/openssl/evp.h\"\nheader \"/usr/local/opt/openssl/include/openssl/err.h\"\nheader \"/usr/local/opt/openssl/include/openssl/bio.h\"\nheader \"/usr/local/opt/openssl/include/openssl/ssl.h\"\nheader \"/usr/local/opt/openssl/include/openssl/md4.h\"\nheader \"/usr/local/opt/openssl/include/openssl/md5.h\"\nheader \"/usr/local/opt/openssl/include/openssl/sha.h\"\nheader \"/usr/local/opt/openssl/include/openssl/hmac.h\"\nheader \"/usr/local/opt/openssl/include/openssl/rand.h\"\nlink \"ssl\"\nlink \"crypto\"\n}\n_EOF_\necho \"Created CommonCrypto Module Map. CommonCrypto Framework now available.\"\n"; - }; - 8C97EE171EBF76BC000E795B /* ShellScript */ = { - isa = PBXShellScriptBuildPhase; - buildActionMask = 2147483647; - files = ( - ); - inputPaths = ( - ); - outputPaths = ( - ); - runOnlyForDeploymentPostprocessing = 0; - shellPath = /bin/sh; - shellScript = "#!/bin/bash\nCC_PATH=\"$SRCROOT/CommonCrypto\"\necho \"$CC_PATH\"\n\nCCMODMAP=$SDKROOT/usr/include/CommonCrypto/module.modulemap\nif [ -e \"$CCMODMAP\" ] ; then\nif [ -e \"$CC_PATH\" ] ; then\nrm -rf \"$CC_PATH\"\nfi\necho \"Modulemap already exists. Skipping generation...\"\nexit 0\nfi\n\nHEADER_FILE1=$SDKROOT/usr/include/CommonCrypto/CommonCrypto.h\nif [ ! -e $HEADER_FILE1 ] ; then\necho \"ERROR: The CommonCrypto.h header file could not be found.\"\nexit 1\nfi\n\nHEADER_FILE2=$SDKROOT/usr/include/CommonCrypto/CommonRandom.h\nif [ ! -e $HEADER_FILE2 ] ; then\necho \"ERROR: The CommonRandom.h header file could not be found.\"\nexit 1\nfi\n\nif [ -e \"$CC_PATH\" ] ; then\necho \"$CC_PATH exists...\"\nelse\nmkdir -p \"$CC_PATH\"\nfi\n\n# Write the module.map file\ncat <<_EOF_ > \"$CC_PATH/module.map\"\nmodule CommonCrypto [system] {\nheader \"$HEADER_FILE1\"\nheader \"$HEADER_FILE2\"\nexport *\n}\n\nmodule OpenSSL [system] {\nheader \"/usr/local/opt/openssl/include/openssl/conf.h\"\nheader \"/usr/local/opt/openssl/include/openssl/evp.h\"\nheader \"/usr/local/opt/openssl/include/openssl/err.h\"\nheader \"/usr/local/opt/openssl/include/openssl/bio.h\"\nheader \"/usr/local/opt/openssl/include/openssl/ssl.h\"\nheader \"/usr/local/opt/openssl/include/openssl/md4.h\"\nheader \"/usr/local/opt/openssl/include/openssl/md5.h\"\nheader \"/usr/local/opt/openssl/include/openssl/sha.h\"\nheader \"/usr/local/opt/openssl/include/openssl/hmac.h\"\nheader \"/usr/local/opt/openssl/include/openssl/rand.h\"\nlink \"ssl\"\nlink \"crypto\"\n}\n_EOF_\necho \"Created CommonCrypto Module Map. CommonCrypto Framework now available.\"\n"; - }; -/* End PBXShellScriptBuildPhase section */ - -/* Begin PBXSourcesBuildPhase section */ - 8C9590271CC80A2300A2C2B4 /* Sources */ = { - isa = PBXSourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - 8CF04E2A1D4FCECC00C27814 /* CryptorTests.swift in Sources */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; - 8C97EE0A1EBF75DD000E795B /* Sources */ = { - isa = PBXSourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - 8C97EE181EBF76F0000E795B /* Crypto.swift in Sources */, - 8C97EE191EBF76F0000E795B /* Cryptor.swift in Sources */, - 8C7111EF2195B09A003CF4B3 /* SSLPointerTricks.swift in Sources */, - 8C97EE1A1EBF76F0000E795B /* Digest.swift in Sources */, - 8C97EE1B1EBF76F0000E795B /* HMAC.swift in Sources */, - 8C97EE1C1EBF76F0000E795B /* KeyDerivation.swift in Sources */, - 8C97EE1D1EBF76F0000E795B /* Random.swift in Sources */, - 8C97EE1E1EBF76F0000E795B /* Status.swift in Sources */, - 8C97EE1F1EBF76F0000E795B /* StreamCryptor.swift in Sources */, - 8C97EE201EBF76F0000E795B /* Updatable.swift in Sources */, - 8C97EE211EBF76F0000E795B /* Utilities.swift in Sources */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; - CompilePhase_Cryptor /* Sources */ = { - isa = PBXSourcesBuildPhase; - buildActionMask = 0; - files = ( - __src_cc_ref_Sources/Crypto.swift /* Crypto.swift in Sources */, - __src_cc_ref_Sources/Cryptor.swift /* Cryptor.swift in Sources */, - 8C7111EE2195B09A003CF4B3 /* SSLPointerTricks.swift in Sources */, - __src_cc_ref_Sources/Digest.swift /* Digest.swift in Sources */, - __src_cc_ref_Sources/HMAC.swift /* HMAC.swift in Sources */, - __src_cc_ref_Sources/KeyDerivation.swift /* KeyDerivation.swift in Sources */, - __src_cc_ref_Sources/Random.swift /* Random.swift in Sources */, - __src_cc_ref_Sources/Status.swift /* Status.swift in Sources */, - __src_cc_ref_Sources/StreamCryptor.swift /* StreamCryptor.swift in Sources */, - __src_cc_ref_Sources/Updateable.swift /* Updatable.swift in Sources */, - __src_cc_ref_Sources/Utilities.swift /* Utilities.swift in Sources */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXSourcesBuildPhase section */ - -/* Begin PBXTargetDependency section */ - 8C9590321CC80A2300A2C2B4 /* PBXTargetDependency */ = { - isa = PBXTargetDependency; - target = "______Target_Cryptor" /* Cryptor */; - targetProxy = 8C9590311CC80A2300A2C2B4 /* PBXContainerItemProxy */; - }; -/* End PBXTargetDependency section */ - -/* Begin XCBuildConfiguration section */ - 8C9590341CC80A2300A2C2B4 /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ANALYZER_NONNULL = YES; - CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; - CLANG_CXX_LIBRARY = "libc++"; - CLANG_ENABLE_MODULES = YES; - CLANG_ENABLE_OBJC_ARC = YES; - CLANG_WARN_BOOL_CONVERSION = YES; - CLANG_WARN_CONSTANT_CONVERSION = YES; - CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; - CLANG_WARN_EMPTY_BODY = YES; - CLANG_WARN_ENUM_CONVERSION = YES; - CLANG_WARN_INT_CONVERSION = YES; - CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; - CLANG_WARN_UNREACHABLE_CODE = YES; - CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; - CODE_SIGN_IDENTITY = "-"; - COMBINE_HIDPI_IMAGES = YES; - COPY_PHASE_STRIP = NO; - DEBUG_INFORMATION_FORMAT = dwarf; - ENABLE_STRICT_OBJC_MSGSEND = YES; - ENABLE_TESTABILITY = YES; - GCC_C_LANGUAGE_STANDARD = gnu99; - GCC_DYNAMIC_NO_PIC = NO; - GCC_NO_COMMON_BLOCKS = YES; - GCC_OPTIMIZATION_LEVEL = 0; - GCC_PREPROCESSOR_DEFINITIONS = ( - "DEBUG=1", - "$(inherited)", - ); - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; - GCC_WARN_UNDECLARED_SELECTOR = YES; - GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; - GCC_WARN_UNUSED_FUNCTION = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - HEADER_SEARCH_PATHS = /usr/local/opt/openssl/include; - INFOPLIST_FILE = Tests/CryptorTests/Info.plist; - LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks @loader_path/../Frameworks"; - LIBRARY_SEARCH_PATHS = /usr/local/opt/openssl/lib; - MACOSX_DEPLOYMENT_TARGET = 10.11; - MTL_ENABLE_DEBUG_INFO = YES; - ONLY_ACTIVE_ARCH = YES; - OTHER_CFLAGS = "-I/usr/local/opt/openssl/include"; - PRODUCT_BUNDLE_IDENTIFIER = com.ibm.oss.CryptorTests; - PRODUCT_NAME = "$(TARGET_NAME)"; - SDKROOT = macosx; - SWIFT_OPTIMIZATION_LEVEL = "-Onone"; - SWIFT_VERSION = 5.0; - USER_HEADER_SEARCH_PATHS = /usr/local/opt/openssl/include; - }; - name = Debug; - }; - 8C9590351CC80A2300A2C2B4 /* Release */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ANALYZER_NONNULL = YES; - CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; - CLANG_CXX_LIBRARY = "libc++"; - CLANG_ENABLE_MODULES = YES; - CLANG_ENABLE_OBJC_ARC = YES; - CLANG_WARN_BOOL_CONVERSION = YES; - CLANG_WARN_CONSTANT_CONVERSION = YES; - CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; - CLANG_WARN_EMPTY_BODY = YES; - CLANG_WARN_ENUM_CONVERSION = YES; - CLANG_WARN_INT_CONVERSION = YES; - CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; - CLANG_WARN_UNREACHABLE_CODE = YES; - CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; - CODE_SIGN_IDENTITY = "-"; - COMBINE_HIDPI_IMAGES = YES; - COPY_PHASE_STRIP = NO; - DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; - ENABLE_NS_ASSERTIONS = NO; - ENABLE_STRICT_OBJC_MSGSEND = YES; - GCC_C_LANGUAGE_STANDARD = gnu99; - GCC_NO_COMMON_BLOCKS = YES; - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; - GCC_WARN_UNDECLARED_SELECTOR = YES; - GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; - GCC_WARN_UNUSED_FUNCTION = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - HEADER_SEARCH_PATHS = /usr/local/opt/openssl/include; - INFOPLIST_FILE = Tests/CryptorTests/Info.plist; - LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks @loader_path/../Frameworks"; - LIBRARY_SEARCH_PATHS = /usr/local/opt/openssl/lib; - MACOSX_DEPLOYMENT_TARGET = 10.11; - MTL_ENABLE_DEBUG_INFO = NO; - OTHER_CFLAGS = "-I/usr/local/opt/openssl/include"; - PRODUCT_BUNDLE_IDENTIFIER = com.ibm.oss.CryptorTests; - PRODUCT_NAME = "$(TARGET_NAME)"; - SDKROOT = macosx; - SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule"; - SWIFT_VERSION = 5.0; - USER_HEADER_SEARCH_PATHS = /usr/local/opt/openssl/include; - }; - name = Release; - }; - 8C97EE141EBF75DD000E795B /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ANALYZER_NONNULL = YES; - CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; - CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; - CLANG_CXX_LIBRARY = "libc++"; - CLANG_ENABLE_MODULES = YES; - CLANG_ENABLE_OBJC_ARC = YES; - CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; - CLANG_WARN_DOCUMENTATION_COMMENTS = YES; - CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; - CODE_SIGN_IDENTITY = ""; - "CODE_SIGN_IDENTITY[sdk=iphoneos*]" = ""; - COPY_PHASE_STRIP = NO; - CURRENT_PROJECT_VERSION = 1; - DEBUG_INFORMATION_FORMAT = dwarf; - DEFINES_MODULE = YES; - DEVELOPMENT_TEAM = ""; - DYLIB_COMPATIBILITY_VERSION = 1; - DYLIB_CURRENT_VERSION = 1; - DYLIB_INSTALL_NAME_BASE = "@rpath"; - GCC_C_LANGUAGE_STANDARD = gnu99; - GCC_DYNAMIC_NO_PIC = NO; - GCC_OPTIMIZATION_LEVEL = 0; - GCC_PREPROCESSOR_DEFINITIONS = ( - "DEBUG=1", - "$(inherited)", - ); - GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; - GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; - INFOPLIST_FILE = "Cryptor-iOS/Info.plist"; - INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; - LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; - MTL_ENABLE_DEBUG_INFO = YES; - PRODUCT_BUNDLE_IDENTIFIER = com.ibm.oss.Cryptor; - PRODUCT_NAME = Cryptor; - SDKROOT = iphoneos; - SKIP_INSTALL = YES; - SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG; - SWIFT_INCLUDE_PATHS = "\"$SRCROOT/CommonCrypto\""; - SWIFT_OPTIMIZATION_LEVEL = "-Onone"; - SWIFT_VERSION = 5.0; - TARGETED_DEVICE_FAMILY = "1,2"; - VERSIONING_SYSTEM = "apple-generic"; - VERSION_INFO_PREFIX = ""; - }; - name = Debug; - }; - 8C97EE151EBF75DD000E795B /* Release */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ANALYZER_NONNULL = YES; - CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; - CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; - CLANG_CXX_LIBRARY = "libc++"; - CLANG_ENABLE_MODULES = YES; - CLANG_ENABLE_OBJC_ARC = YES; - CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; - CLANG_WARN_DOCUMENTATION_COMMENTS = YES; - CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; - CODE_SIGN_IDENTITY = ""; - "CODE_SIGN_IDENTITY[sdk=iphoneos*]" = ""; - COPY_PHASE_STRIP = NO; - CURRENT_PROJECT_VERSION = 1; - DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; - DEFINES_MODULE = YES; - DEVELOPMENT_TEAM = ""; - DYLIB_COMPATIBILITY_VERSION = 1; - DYLIB_CURRENT_VERSION = 1; - DYLIB_INSTALL_NAME_BASE = "@rpath"; - ENABLE_NS_ASSERTIONS = NO; - GCC_C_LANGUAGE_STANDARD = gnu99; - GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; - GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; - INFOPLIST_FILE = "Cryptor-iOS/Info.plist"; - INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; - LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; - MTL_ENABLE_DEBUG_INFO = NO; - PRODUCT_BUNDLE_IDENTIFIER = com.ibm.oss.Cryptor; - PRODUCT_NAME = Cryptor; - SDKROOT = iphoneos; - SKIP_INSTALL = YES; - SWIFT_INCLUDE_PATHS = "\"$SRCROOT/CommonCrypto\""; - SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule"; - SWIFT_VERSION = 5.0; - TARGETED_DEVICE_FAMILY = "1,2"; - VALIDATE_PRODUCT = YES; - VERSIONING_SYSTEM = "apple-generic"; - VERSION_INFO_PREFIX = ""; - }; - name = Release; - }; - _ReleaseConf_Cryptor /* Release */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ENABLE_OBJC_WEAK = YES; - COMBINE_HIDPI_IMAGES = YES; - DYLIB_INSTALL_NAME_BASE = "$(CONFIGURATION_BUILD_DIR)"; - ENABLE_TESTABILITY = YES; - FRAMEWORK_SEARCH_PATHS = /usr/local/opt/openssl/include; - HEADER_SEARCH_PATHS = /usr/local/opt/openssl/include; - LD_RUNPATH_SEARCH_PATHS = "$(TOOLCHAIN_DIR)/usr/lib/swift/macosx"; - LIBRARY_SEARCH_PATHS = /usr/local/opt/openssl/lib; - MACOSX_DEPLOYMENT_TARGET = 10.10; - OTHER_CFLAGS = "-I/usr/local/opt/openssl/include"; - OTHER_LDFLAGS = ""; - OTHER_SWIFT_FLAGS = "-DXcode"; - PRODUCT_MODULE_NAME = Cryptor; - PRODUCT_NAME = "lib$(TARGET_NAME)"; - SWIFT_INCLUDE_PATHS = "\"$SRCROOT/CommonCrypto\""; - SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule"; - SWIFT_VERSION = 5.0; - USER_HEADER_SEARCH_PATHS = /usr/local/opt/openssl/include; - }; - name = Release; - }; - "___DebugConf_Cryptor" /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ENABLE_OBJC_WEAK = YES; - COMBINE_HIDPI_IMAGES = YES; - DYLIB_INSTALL_NAME_BASE = "$(CONFIGURATION_BUILD_DIR)"; - ENABLE_TESTABILITY = YES; - FRAMEWORK_SEARCH_PATHS = /usr/local/opt/openssl/include; - HEADER_SEARCH_PATHS = /usr/local/opt/openssl/include; - LD_RUNPATH_SEARCH_PATHS = "$(TOOLCHAIN_DIR)/usr/lib/swift/macosx"; - LIBRARY_SEARCH_PATHS = /usr/local/opt/openssl/lib; - MACOSX_DEPLOYMENT_TARGET = 10.10; - OTHER_CFLAGS = "-I/usr/local/opt/openssl/include"; - OTHER_LDFLAGS = ""; - OTHER_SWIFT_FLAGS = "-DXcode"; - PRODUCT_MODULE_NAME = Cryptor; - PRODUCT_NAME = "lib$(TARGET_NAME)"; - SWIFT_INCLUDE_PATHS = "\"$SRCROOT/CommonCrypto\""; - SWIFT_OPTIMIZATION_LEVEL = "-Onone"; - SWIFT_VERSION = 5.0; - USER_HEADER_SEARCH_PATHS = /usr/local/opt/openssl/include; - }; - name = Debug; - }; - "_____Release_" /* Release */ = { - isa = XCBuildConfiguration; - buildSettings = { - CLANG_ANALYZER_LOCALIZABILITY_NONLOCALIZED = YES; - CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; - CLANG_WARN_BOOL_CONVERSION = YES; - CLANG_WARN_COMMA = YES; - CLANG_WARN_CONSTANT_CONVERSION = YES; - CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; - CLANG_WARN_EMPTY_BODY = YES; - CLANG_WARN_ENUM_CONVERSION = YES; - CLANG_WARN_INFINITE_RECURSION = YES; - CLANG_WARN_INT_CONVERSION = YES; - CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; - CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; - CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; - CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; - CLANG_WARN_STRICT_PROTOTYPES = YES; - CLANG_WARN_SUSPICIOUS_MOVE = YES; - CLANG_WARN_UNREACHABLE_CODE = YES; - CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; - ENABLE_STRICT_OBJC_MSGSEND = YES; - GCC_NO_COMMON_BLOCKS = YES; - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES; - GCC_WARN_UNDECLARED_SELECTOR = YES; - GCC_WARN_UNINITIALIZED_AUTOS = YES; - GCC_WARN_UNUSED_FUNCTION = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - SWIFT_VERSION = 3.0; - }; - name = Release; - }; - "_______Debug_" /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - CLANG_ANALYZER_LOCALIZABILITY_NONLOCALIZED = YES; - CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; - CLANG_WARN_BOOL_CONVERSION = YES; - CLANG_WARN_COMMA = YES; - CLANG_WARN_CONSTANT_CONVERSION = YES; - CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; - CLANG_WARN_EMPTY_BODY = YES; - CLANG_WARN_ENUM_CONVERSION = YES; - CLANG_WARN_INFINITE_RECURSION = YES; - CLANG_WARN_INT_CONVERSION = YES; - CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; - CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; - CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; - CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; - CLANG_WARN_STRICT_PROTOTYPES = YES; - CLANG_WARN_SUSPICIOUS_MOVE = YES; - CLANG_WARN_UNREACHABLE_CODE = YES; - CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; - ENABLE_STRICT_OBJC_MSGSEND = YES; - ENABLE_TESTABILITY = YES; - GCC_NO_COMMON_BLOCKS = YES; - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES; - GCC_WARN_UNDECLARED_SELECTOR = YES; - GCC_WARN_UNINITIALIZED_AUTOS = YES; - GCC_WARN_UNUSED_FUNCTION = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - ONLY_ACTIVE_ARCH = YES; - SWIFT_VERSION = 3.0; - }; - name = Debug; - }; -/* End XCBuildConfiguration section */ - -/* Begin XCConfigurationList section */ - 8C9590331CC80A2300A2C2B4 /* Build configuration list for PBXNativeTarget "CryptorTests" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - 8C9590341CC80A2300A2C2B4 /* Debug */, - 8C9590351CC80A2300A2C2B4 /* Release */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Debug; - }; - 8C97EE161EBF75DD000E795B /* Build configuration list for PBXNativeTarget "Cryptor-iOS" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - 8C97EE141EBF75DD000E795B /* Debug */, - 8C97EE151EBF75DD000E795B /* Release */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Debug; - }; - "___RootConfs_" /* Build configuration list for PBXProject "Cryptor" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - "_______Debug_" /* Debug */, - "_____Release_" /* Release */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Debug; - }; - "_______Confs_Cryptor" /* Build configuration list for PBXNativeTarget "Cryptor" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - "___DebugConf_Cryptor" /* Debug */, - _ReleaseConf_Cryptor /* Release */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Debug; - }; -/* End XCConfigurationList section */ - }; - rootObject = __RootObject_ /* Project object */; -} diff --git a/Cryptor.xcodeproj/project.xcworkspace/contents.xcworkspacedata b/Cryptor.xcodeproj/project.xcworkspace/contents.xcworkspacedata deleted file mode 100644 index 919434a..0000000 --- a/Cryptor.xcodeproj/project.xcworkspace/contents.xcworkspacedata +++ /dev/null @@ -1,7 +0,0 @@ - - - - - diff --git a/Cryptor.xcodeproj/xcshareddata/xcschemes/Cryptor-iOS.xcscheme b/Cryptor.xcodeproj/xcshareddata/xcschemes/Cryptor-iOS.xcscheme deleted file mode 100644 index f6a307d..0000000 --- a/Cryptor.xcodeproj/xcshareddata/xcschemes/Cryptor-iOS.xcscheme +++ /dev/null @@ -1,76 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/Cryptor.xcodeproj/xcshareddata/xcschemes/Cryptor.xcscheme b/Cryptor.xcodeproj/xcshareddata/xcschemes/Cryptor.xcscheme deleted file mode 100644 index cf915bf..0000000 --- a/Cryptor.xcodeproj/xcshareddata/xcschemes/Cryptor.xcscheme +++ /dev/null @@ -1,95 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/Cryptor.xcodeproj/xcshareddata/xcschemes/CryptorTests.xcscheme b/Cryptor.xcodeproj/xcshareddata/xcschemes/CryptorTests.xcscheme deleted file mode 100644 index 02c6ba3..0000000 --- a/Cryptor.xcodeproj/xcshareddata/xcschemes/CryptorTests.xcscheme +++ /dev/null @@ -1,52 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - diff --git a/Cryptor.xcodeproj/xcshareddata/xcschemes/xcschememanagement.plist b/Cryptor.xcodeproj/xcshareddata/xcschemes/xcschememanagement.plist deleted file mode 100644 index 864b769..0000000 --- a/Cryptor.xcodeproj/xcshareddata/xcschemes/xcschememanagement.plist +++ /dev/null @@ -1,12 +0,0 @@ - - - - SchemeUserState - - Cryptor.xcscheme - - - SuppressBuildableAutocreation - - - diff --git a/README.md b/README.md index 54dd70c..946e68f 100644 --- a/README.md +++ b/README.md @@ -21,16 +21,16 @@ Swift cross-platform crypto library derived from [IDZSwiftCommonCrypto](https:// ### macOS -* macOS 10.14.6 (*Mojave*) or higher. +* macOS 11.5 (*Big Sur*) or higher. * Xcode Version 11.0 or higher using one of the above toolchains. -* Xcode Version 12.5 or higher using the included toolchain (*Recommended*). +* Xcode Version 13.4 or higher using the included toolchain (*Recommended*). * CommonCrypto is provided by macOS. ### iOS -* iOS 10.0 or higher +* iOS 14.5 or higher * Xcode Version 11.0 or higher using one of the above toolchains. -* Xcode Version 12.5 or higher using the included toolchain (*Recommended*). +* Xcode Version 13.4 or higher using the included toolchain (*Recommended*). * CommonCrypto is provided by iOS. ### Linux @@ -81,7 +81,7 @@ To include BlueCryptor in a project using Carthage, add a line to your `Cartfile #### CocoaPods To include BlueCryptor in a project using CocoaPods, you just add `BlueCryptor` to your `Podfile`, for example: ``` - platform :ios, '10.0' + platform :ios, '14.5' target 'MyApp' do use_frameworks! @@ -129,19 +129,19 @@ do { ### Digest -The following example illustrates generating an `MD5` digest from both a `String` and an instance of `NSData`. +The following example illustrates generating an `SHA1` digest from both a `String` and an instance of `NSData`. ```swift let qbfBytes : [UInt8] = [0x54,0x68,0x65,0x20,0x71,0x75,0x69,0x63,0x6b,0x20,0x62,0x72,0x6f,0x77,0x6e,0x20,0x66,0x6f,0x78,0x20,0x6a,0x75,0x6d,0x70,0x73,0x20,0x6f,0x76,0x65,0x72,0x20,0x74,0x68,0x65,0x20,0x6c,0x61,0x7a,0x79,0x20,0x64,0x6f,0x67,0x2e] let qbfString = "The quick brown fox jumps over the lazy dog." // String... -let md5 = Digest(using: .md5) -md5.update(string: qfbString) -let digest = md5.final() +let sha1 = Digest(using: .sha1) +sha1.update(string: qfbString) +let digest = sha1.final() // NSData using optional chaining... let qbfData = CryptoUtils.data(from: qbfBytes) -let digest = Digest(using: .md5).update(data: qbfData)?.final() +let digest = Digest(using: .sha1).update(data: qbfData)?.final() ``` ### HMAC @@ -211,9 +211,6 @@ Also provided are an API to pad a byte array (`[UInt8]`) such that it is an inte ## Restrictions -The following algorithm is not available on Linux since it is not supported by *OpenSSL*. -- Digest: MD2 - In all cases, use of unsupported APIs or algorithms will result in a Swift `fatalError()`, terminating the program and should be treated as a programming error. ## Community diff --git a/Sources/Cryptor/Crypto.swift b/Sources/Cryptor/Crypto.swift index f41e453..ff42dec 100755 --- a/Sources/Cryptor/Crypto.swift +++ b/Sources/Cryptor/Crypto.swift @@ -31,10 +31,11 @@ public protocol CryptoDigest { /// extension CryptoDigest { + #if !os(iOS) /// An MD2 digest of this object public var md2: Self { - return self.digest(using: .md2) - } + return self.digest(using: .md2) + } /// An MD4 digest of this object public var md4: Self { @@ -45,12 +46,23 @@ extension CryptoDigest { public var md5: Self { return self.digest(using: .md5) } - + #endif + + /// An MD5 digest of this object. Called out as "insecure" as it should not be used for cryptographic purposes + public var md5_insecure: Self { + return self.digest(using: .md5_insecure) + } + /// An SHA1 digest of this object public var sha1: Self { return self.digest(using: .sha1) } - + + /// An SHA1 digest of this object. Called out as "insecure" as it should not be used for cryptographic purposes + public var sha1_insecure: Self { + return self.digest(using: .sha1_insecure) + } + /// An SHA224 digest of this object public var sha224: Self { return self.digest(using: .sha224) diff --git a/Sources/Cryptor/Digest.swift b/Sources/Cryptor/Digest.swift index 5411256..1f71744 100755 --- a/Sources/Cryptor/Digest.swift +++ b/Sources/Cryptor/Digest.swift @@ -17,11 +17,14 @@ import Foundation -#if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - import CommonCrypto -#elseif os(Linux) +#if os(Linux) import OpenSSL typealias CC_LONG = size_t +#else + import CommonCrypto + #if canImport(CryptoKit) + import CryptoKit + #endif #endif /// @@ -51,17 +54,28 @@ public class Digest: Updatable { public enum Algorithm { /// Message Digest 2 See: http://en.wikipedia.org/wiki/MD2_(cryptography) + @available(iOS, introduced: 2.0, obsoleted: 13.0, message: "This function is cryptographically broken and should not be used in security contexts. Clients should migrate to SHA256 (or stronger).") case md2 /// Message Digest 4 + @available(iOS, introduced: 2.0, obsoleted: 13.0, message: "This function is cryptographically broken and should not be used in security contexts. Clients should migrate to SHA256 (or stronger).") case md4 /// Message Digest 5 + @available(iOS, introduced: 2.0, obsoleted: 13.0, message: "This function is cryptographically broken and should not be used in security contexts. Clients should migrate to SHA256 (or stronger).") case md5 + /// Message Digest 5 + /// - NOTE: Do NOT use for cryptography, considered insecure + case md5_insecure + /// Secure Hash Algorithm 1 case sha1 - + + /// Secure Hash Algorithm 1 + /// - NOTE: Do NOT use for cryptography, considered insecure + case sha1_insecure + /// Secure Hash Algorithm 2 224-bit case sha224 @@ -87,59 +101,79 @@ public class Digest: Updatable { switch algorithm { case .md2: - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - engine = DigestEngineCC(initializer:CC_MD2_Init, updater:CC_MD2_Update, finalizer:CC_MD2_Final, length:CC_MD2_DIGEST_LENGTH) - #elseif os(Linux) + #if os(Linux) fatalError("MD2 digest not supported by OpenSSL") + #elseif os(iOS) + if #available(iOS 13, *) { + fatalError("MD2 digest is cryptographically broken") + } else { + self.engine = DigestEngineCC(initializer:CC_MD2_Init, updater:CC_MD2_Update, finalizer:CC_MD2_Final, length:CC_MD2_DIGEST_LENGTH) + } + #else + self.engine = DigestEngineCC(initializer:CC_MD2_Init, updater:CC_MD2_Update, finalizer:CC_MD2_Final, length:CC_MD2_DIGEST_LENGTH) #endif case .md4: - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - engine = DigestEngineCC(initializer:CC_MD4_Init, updater:CC_MD4_Update, finalizer:CC_MD4_Final, length:CC_MD4_DIGEST_LENGTH) - #elseif os(Linux) - engine = DigestEngineCC(initializer:MD4_Init, updater:MD4_Update, finalizer:MD4_Final, length:MD4_DIGEST_LENGTH) + #if os(Linux) + self.engine = DigestEngineCC(initializer:MD4_Init, updater:MD4_Update, finalizer:MD4_Final, length:MD4_DIGEST_LENGTH) + #elseif os(iOS) + if #available(iOS 13, *) { + fatalError("MD4 digest is cryptographically broken") + } else { + self.engine = DigestEngineCC(initializer:CC_MD4_Init, updater:CC_MD4_Update, finalizer:CC_MD4_Final, length:CC_MD4_DIGEST_LENGTH) + } + #else + self.engine = DigestEngineCC(initializer:CC_MD4_Init, updater:CC_MD4_Update, finalizer:CC_MD4_Final, length:CC_MD4_DIGEST_LENGTH) #endif - case .md5: - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - engine = DigestEngineCC(initializer:CC_MD5_Init, updater:CC_MD5_Update, finalizer:CC_MD5_Final, length:CC_MD5_DIGEST_LENGTH) - #elseif os(Linux) - engine = DigestEngineCC(initializer:MD5_Init, updater:MD5_Update, finalizer:MD5_Final, length:MD5_DIGEST_LENGTH) + case .md5, .md5_insecure: + #if os(Linux) + self.engine = DigestEngineCC(initializer:MD5_Init, updater:MD5_Update, finalizer:MD5_Final, length:MD5_DIGEST_LENGTH) + #else + if #available(iOS 13, *), #available(macOS 10.15, *), #available(watchOS 6.0, *), #available(tvOS 13.0, *) { + self.engine = DigestEngineMD5Insecure() + } else { + self.engine = DigestEngineCC(initializer:CC_MD5_Init, updater:CC_MD5_Update, finalizer:CC_MD5_Final, length:CC_MD5_DIGEST_LENGTH) + } #endif - - case .sha1: - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - engine = DigestEngineCC(initializer:CC_SHA1_Init, updater:CC_SHA1_Update, finalizer:CC_SHA1_Final, length:CC_SHA1_DIGEST_LENGTH) - #elseif os(Linux) - engine = DigestEngineCC(initializer:SHA1_Init, updater:SHA1_Update, finalizer:SHA1_Final, length:SHA_DIGEST_LENGTH) + + case .sha1, .sha1_insecure: + #if os(Linux) + self.engine = DigestEngineCC(initializer:SHA1_Init, updater:SHA1_Update, finalizer:SHA1_Final, length:SHA_DIGEST_LENGTH) + #else + if #available(iOS 13, *), #available(macOS 10.15, *), #available(watchOS 6.0, *), #available(tvOS 13.0, *) { + self.engine = DigestEngineSHA1Insecure() + } else { + self.engine = DigestEngineCC(initializer:CC_SHA1_Init, updater:CC_SHA1_Update, finalizer:CC_SHA1_Final, length:CC_SHA1_DIGEST_LENGTH) + } #endif case .sha224: - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - engine = DigestEngineCC(initializer:CC_SHA224_Init, updater:CC_SHA224_Update, finalizer:CC_SHA224_Final, length:CC_SHA224_DIGEST_LENGTH) - #elseif os(Linux) - engine = DigestEngineCC(initializer:SHA224_Init, updater:SHA224_Update, finalizer:SHA224_Final, length:SHA224_DIGEST_LENGTH) + #if os(Linux) + self.engine = DigestEngineCC(initializer:SHA224_Init, updater:SHA224_Update, finalizer:SHA224_Final, length:SHA224_DIGEST_LENGTH) + #else + self.engine = DigestEngineCC(initializer:CC_SHA224_Init, updater:CC_SHA224_Update, finalizer:CC_SHA224_Final, length:CC_SHA224_DIGEST_LENGTH) #endif case .sha256: - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - engine = DigestEngineCC(initializer:CC_SHA256_Init, updater:CC_SHA256_Update, finalizer:CC_SHA256_Final, length:CC_SHA256_DIGEST_LENGTH) - #elseif os(Linux) - engine = DigestEngineCC(initializer: SHA256_Init, updater:SHA256_Update, finalizer:SHA256_Final, length:SHA256_DIGEST_LENGTH) + #if os(Linux) + self.engine = DigestEngineCC(initializer: SHA256_Init, updater:SHA256_Update, finalizer:SHA256_Final, length:SHA256_DIGEST_LENGTH) + #else + self.engine = DigestEngineCC(initializer:CC_SHA256_Init, updater:CC_SHA256_Update, finalizer:CC_SHA256_Final, length:CC_SHA256_DIGEST_LENGTH) #endif case .sha384: - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - engine = DigestEngineCC(initializer:CC_SHA384_Init, updater:CC_SHA384_Update, finalizer:CC_SHA384_Final, length:CC_SHA384_DIGEST_LENGTH) - #elseif os(Linux) - engine = DigestEngineCC(initializer:SHA384_Init, updater:SHA384_Update, finalizer:SHA384_Final, length:SHA384_DIGEST_LENGTH) + #if os(Linux) + self.engine = DigestEngineCC(initializer:SHA384_Init, updater:SHA384_Update, finalizer:SHA384_Final, length:SHA384_DIGEST_LENGTH) + #else + self.engine = DigestEngineCC(initializer:CC_SHA384_Init, updater:CC_SHA384_Update, finalizer:CC_SHA384_Final, length:CC_SHA384_DIGEST_LENGTH) #endif case .sha512: - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - engine = DigestEngineCC(initializer:CC_SHA512_Init, updater:CC_SHA512_Update, finalizer:CC_SHA512_Final, length:CC_SHA512_DIGEST_LENGTH) - #elseif os(Linux) - engine = DigestEngineCC(initializer:SHA512_Init, updater:SHA512_Update, finalizer:SHA512_Final, length:SHA512_DIGEST_LENGTH) + #if os(Linux) + self.engine = DigestEngineCC(initializer:SHA512_Init, updater:SHA512_Update, finalizer:SHA512_Final, length:SHA512_DIGEST_LENGTH) + #else + self.engine = DigestEngineCC(initializer:CC_SHA512_Init, updater:CC_SHA512_Update, finalizer:CC_SHA512_Final, length:CC_SHA512_DIGEST_LENGTH) #endif } } @@ -273,7 +307,62 @@ private class DigestEngineCC: DigestEngine { } } +/** + Wraps the Insecure.MD5 engine as a DigestEngine + */ +@available(iOS 13.0, macOS 10.15, watchOS 6.0, tvOS 13.0, *) +private class DigestEngineMD5Insecure: DigestEngine { + var engine = Insecure.MD5() + + func update(buffer: UnsafeRawPointer, byteCount: CC_LONG) { + guard byteCount<=Int.max else { + fatalError("Cannot support byte count of size: \(byteCount)") + } + let count = Int(byteCount) + let bufferPointer = UnsafeRawBufferPointer(start: buffer, count: count) + engine.update(bufferPointer: bufferPointer) + } + + func final() -> [UInt8] { + let digest: Insecure.MD5Digest = self.engine.finalize() + let digestLength = Int(Insecure.MD5Digest.byteCount) + var buffer = Array(repeating: 0, count:digestLength) + digest.withUnsafeBytes { (rawBuffer: UnsafeRawBufferPointer) in + for (index, val) in rawBuffer.enumerated() { + buffer[index] = val + } + } + return buffer + } +} - +/** + Wraps the Insecure.SHA1 engine as a DigestEngine + */ +@available(iOS 13.0, macOS 10.15, watchOS 6.0, tvOS 13.0, *) +private class DigestEngineSHA1Insecure: DigestEngine { + var engine = Insecure.SHA1() + + func update(buffer: UnsafeRawPointer, byteCount: CC_LONG) { + guard byteCount<=Int.max else { + fatalError("Cannot support byte count of size: \(byteCount)") + } + let count = Int(byteCount) + let bufferPointer = UnsafeRawBufferPointer(start: buffer, count: count) + engine.update(bufferPointer: bufferPointer) + } + + func final() -> [UInt8] { + let digest: Insecure.SHA1Digest = self.engine.finalize() + let digestLength = Int(Insecure.SHA1Digest.byteCount) + var buffer = Array(repeating: 0, count:digestLength) + digest.withUnsafeBytes { (rawBuffer: UnsafeRawBufferPointer) in + for (index, val) in rawBuffer.enumerated() { + buffer[index] = val + } + } + return buffer + } +} diff --git a/Sources/Cryptor/HMAC.swift b/Sources/Cryptor/HMAC.swift index 086cd62..1545c13 100755 --- a/Sources/Cryptor/HMAC.swift +++ b/Sources/Cryptor/HMAC.swift @@ -17,10 +17,10 @@ import Foundation -#if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - import CommonCrypto -#elseif os(Linux) +#if os(Linux) import OpenSSL +#else + import CommonCrypto #endif /// @@ -51,42 +51,7 @@ public class HMAC: Updatable { /// Secure Hash Algorithm 2 512-bit case sha512 - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - static let fromNative: [CCHmacAlgorithm: Algorithm] = [ - CCHmacAlgorithm(kCCHmacAlgSHA1): .sha1, - CCHmacAlgorithm(kCCHmacAlgSHA1): .md5, - CCHmacAlgorithm(kCCHmacAlgSHA256): .sha256, - CCHmacAlgorithm(kCCHmacAlgSHA384): .sha384, - CCHmacAlgorithm(kCCHmacAlgSHA512): .sha512, - CCHmacAlgorithm(kCCHmacAlgSHA224): .sha224 - ] - - static func fromNativeValue(nativeAlg: CCHmacAlgorithm) -> Algorithm? { - - return fromNative[nativeAlg] - } - - func nativeValue() -> CCHmacAlgorithm { - - switch self { - - case .sha1: - return CCHmacAlgorithm(kCCHmacAlgSHA1) - case .md5: - return CCHmacAlgorithm(kCCHmacAlgMD5) - case .sha224: - return CCHmacAlgorithm(kCCHmacAlgSHA224) - case .sha256: - return CCHmacAlgorithm(kCCHmacAlgSHA256) - case .sha384: - return CCHmacAlgorithm(kCCHmacAlgSHA384) - case .sha512: - return CCHmacAlgorithm(kCCHmacAlgSHA512) - } - } - - #elseif os(Linux) + #if os(Linux) func nativeValue() -> OpaquePointer? { @@ -106,7 +71,42 @@ public class HMAC: Updatable { return .init(EVP_sha512()) } } - + + #else + + static let fromNative: [CCHmacAlgorithm: Algorithm] = [ + CCHmacAlgorithm(kCCHmacAlgSHA1): .sha1, + CCHmacAlgorithm(kCCHmacAlgSHA1): .md5, + CCHmacAlgorithm(kCCHmacAlgSHA256): .sha256, + CCHmacAlgorithm(kCCHmacAlgSHA384): .sha384, + CCHmacAlgorithm(kCCHmacAlgSHA512): .sha512, + CCHmacAlgorithm(kCCHmacAlgSHA224): .sha224 + ] + + static func fromNativeValue(nativeAlg: CCHmacAlgorithm) -> Algorithm? { + + return fromNative[nativeAlg] + } + + func nativeValue() -> CCHmacAlgorithm { + + switch self { + + case .sha1: + return CCHmacAlgorithm(kCCHmacAlgSHA1) + case .md5: + return CCHmacAlgorithm(kCCHmacAlgMD5) + case .sha224: + return CCHmacAlgorithm(kCCHmacAlgSHA224) + case .sha256: + return CCHmacAlgorithm(kCCHmacAlgSHA256) + case .sha384: + return CCHmacAlgorithm(kCCHmacAlgSHA384) + case .sha512: + return CCHmacAlgorithm(kCCHmacAlgSHA512) + } + } + #endif /// @@ -114,25 +114,7 @@ public class HMAC: Updatable { /// public func digestLength() -> Int { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - switch self { - - case .sha1: - return Int(CC_SHA1_DIGEST_LENGTH) - case .md5: - return Int(CC_MD5_DIGEST_LENGTH) - case .sha224: - return Int(CC_SHA224_DIGEST_LENGTH) - case .sha256: - return Int(CC_SHA256_DIGEST_LENGTH) - case .sha384: - return Int(CC_SHA384_DIGEST_LENGTH) - case .sha512: - return Int(CC_SHA512_DIGEST_LENGTH) - } - - #elseif os(Linux) + #if os(Linux) switch self { @@ -149,21 +131,39 @@ public class HMAC: Updatable { case .sha512: return Int(SHA512_DIGEST_LENGTH) } - + + #else + + switch self { + + case .sha1: + return Int(CC_SHA1_DIGEST_LENGTH) + case .md5: + return Int(CC_MD5_DIGEST_LENGTH) + case .sha224: + return Int(CC_SHA224_DIGEST_LENGTH) + case .sha256: + return Int(CC_SHA256_DIGEST_LENGTH) + case .sha384: + return Int(CC_SHA384_DIGEST_LENGTH) + case .sha512: + return Int(CC_SHA512_DIGEST_LENGTH) + } + #endif } } /// Context - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - typealias Context = UnsafeMutablePointer - - #elseif os(Linux) + #if os(Linux) typealias Context = OpaquePointer? + #else + + typealias Context = UnsafeMutablePointer + #endif /// Status of the calculation @@ -189,10 +189,10 @@ public class HMAC: Updatable { init(using algorithm: Algorithm, keyBuffer: UnsafeRawPointer, keyByteCount: Int) { self.algorithm = algorithm - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - CCHmacInit(context, algorithm.nativeValue(), keyBuffer, size_t(keyByteCount)) - #elseif os(Linux) + #if os(Linux) HMAC_Init_wrapper(context, keyBuffer, Int32(keyByteCount), .make(optional: algorithm.nativeValue())) + #else + CCHmacInit(context, algorithm.nativeValue(), keyBuffer, size_t(keyByteCount)) #endif } @@ -207,24 +207,24 @@ public class HMAC: Updatable { self.algorithm = algorithm #if swift(>=5.0) - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - key.withUnsafeBytes() { - CCHmacInit(context, algorithm.nativeValue(), $0.baseAddress, size_t(key.count)) - } - #elseif os(Linux) + #if os(Linux) _ = key.withUnsafeBytes() { HMAC_Init_wrapper(context, $0.baseAddress, Int32(key.count), .make(optional: algorithm.nativeValue())) } + #else + key.withUnsafeBytes() { + CCHmacInit(context, algorithm.nativeValue(), $0.baseAddress, size_t(key.count)) + } #endif #else - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - key.withUnsafeBytes() { (buffer: UnsafePointer) in - CCHmacInit(context, algorithm.nativeValue(), buffer, size_t(key.count)) - } - #elseif os(Linux) + #if os(Linux) _ = key.withUnsafeBytes() { (buffer: UnsafePointer) in HMAC_Init_wrapper(context, buffer, Int32(key.count), .make(optional: algorithm.nativeValue())) } + #else + key.withUnsafeBytes() { (buffer: UnsafePointer) in + CCHmacInit(context, algorithm.nativeValue(), buffer, size_t(key.count)) + } #endif #endif } @@ -239,10 +239,10 @@ public class HMAC: Updatable { public init(using algorithm: Algorithm, key: NSData) { self.algorithm = algorithm - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - CCHmacInit(context, algorithm.nativeValue(), key.bytes, size_t(key.length)) - #elseif os(Linux) + #if os(Linux) HMAC_Init_wrapper(context, key.bytes, Int32(key.length), .make(optional: algorithm.nativeValue())) + #else + CCHmacInit(context, algorithm.nativeValue(), key.bytes, size_t(key.length)) #endif } @@ -256,10 +256,10 @@ public class HMAC: Updatable { public init(using algorithm: Algorithm, key: [UInt8]) { self.algorithm = algorithm - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - CCHmacInit(context, algorithm.nativeValue(), key, size_t(key.count)) - #elseif os(Linux) + #if os(Linux) HMAC_Init_wrapper(context, key, Int32(key.count), .make(optional: algorithm.nativeValue())) + #else + CCHmacInit(context, algorithm.nativeValue(), key, size_t(key.count)) #endif } @@ -274,10 +274,10 @@ public class HMAC: Updatable { public init(using algorithm: Algorithm, key: String) { self.algorithm = algorithm - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - CCHmacInit(context, algorithm.nativeValue(), key, size_t(key.lengthOfBytes(using: String.Encoding.utf8))) - #elseif os(Linux) + #if os(Linux) HMAC_Init_wrapper(context, key, Int32(key.utf8.count), .make(optional: algorithm.nativeValue())) + #else + CCHmacInit(context, algorithm.nativeValue(), key, size_t(key.lengthOfBytes(using: String.Encoding.utf8))) #endif } @@ -307,10 +307,10 @@ public class HMAC: Updatable { /// public func update(from buffer: UnsafeRawPointer, byteCount: size_t) -> Self? { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - CCHmacUpdate(context, buffer, byteCount) - #elseif os(Linux) + #if os(Linux) HMAC_Update(context, buffer.assumingMemoryBound(to: UInt8.self), byteCount) + #else + CCHmacUpdate(context, buffer, byteCount) #endif return self } @@ -323,11 +323,11 @@ public class HMAC: Updatable { public func final() -> [UInt8] { var hmac = Array(repeating: 0, count:algorithm.digestLength()) - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - CCHmacFinal(context, &hmac) - #elseif os(Linux) + #if os(Linux) var length: UInt32 = 0 HMAC_Final(context, &hmac, &length) + #else + CCHmacFinal(context, &hmac) #endif return hmac } diff --git a/Sources/Cryptor/KeyDerivation.swift b/Sources/Cryptor/KeyDerivation.swift index 7fa04d5..2c92618 100755 --- a/Sources/Cryptor/KeyDerivation.swift +++ b/Sources/Cryptor/KeyDerivation.swift @@ -17,10 +17,10 @@ import Foundation -#if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - import CommonCrypto -#elseif os(Linux) +#if os(Linux) import OpenSSL +#else + import CommonCrypto #endif /// @@ -46,26 +46,7 @@ public class PBKDF { /// Secure Hash Algorithm 2 512-bit case sha512 - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - /// Return the OS native value - func nativeValue() -> CCPseudoRandomAlgorithm { - - switch self { - - case .sha1: - return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA1) - case .sha224: - return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA224) - case .sha256: - return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA256) - case .sha384: - return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA384) - case .sha512: - return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA512) - } - } - - #elseif os(Linux) + #if os(Linux) /// Return the OS native value func nativeValue() -> OpaquePointer? { @@ -84,7 +65,26 @@ public class PBKDF { return .init(EVP_sha512()) } } - + + #else + /// Return the OS native value + func nativeValue() -> CCPseudoRandomAlgorithm { + + switch self { + + case .sha1: + return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA1) + case .sha224: + return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA224) + case .sha256: + return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA256) + case .sha384: + return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA384) + case .sha512: + return CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA512) + } + } + #endif } @@ -103,11 +103,11 @@ public class PBKDF { /// public class func calibrate(passwordLength: Int, saltLength: Int, algorithm: PseudoRandomAlgorithm, derivedKeyLength: Int, msec: UInt32) -> UInt { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - return UInt(CCCalibratePBKDF(CCPBKDFAlgorithm(kCCPBKDF2), passwordLength, saltLength, algorithm.nativeValue(), derivedKeyLength, msec)) - #elseif os(Linux) + #if os(Linux) // Value as per RFC 2898. return UInt(1000 * UInt(msec)) + #else + return UInt(CCCalibratePBKDF(CCPBKDFAlgorithm(kCCPBKDF2), passwordLength, saltLength, algorithm.nativeValue(), derivedKeyLength, msec)) #endif } @@ -127,19 +127,19 @@ public class PBKDF { public class func deriveKey(fromPassword password: String, salt: String, prf: PseudoRandomAlgorithm, rounds: uint, derivedKeyLength: UInt) throws -> [UInt8] { var derivedKey = Array(repeating: 0, count:Int(derivedKeyLength)) - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - let status: Int32 = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2), password, password.utf8.count, salt, salt.utf8.count, prf.nativeValue(), rounds, &derivedKey, derivedKey.count) - if status != Int32(kCCSuccess) { - - throw CryptorError.fail(status, "ERROR: CCKeyDerivationPBDK failed with status \(status).") - } - #elseif os(Linux) + #if os(Linux) let status = PKCS5_PBKDF2_HMAC(password, Int32(password.utf8.count), salt, Int32(salt.utf8.count), Int32(rounds), .make(optional: prf.nativeValue()), Int32(derivedKey.count), &derivedKey) if status != 1 { let error = ERR_get_error() throw CryptorError.fail(Int32(error), "ERROR: PKCS5_PBKDF2_HMAC failed, reason: \(errToString(ERR_error_string(error, nil)))") } + #else + let status: Int32 = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2), password, password.utf8.count, salt, salt.utf8.count, prf.nativeValue(), rounds, &derivedKey, derivedKey.count) + if status != Int32(kCCSuccess) { + + throw CryptorError.fail(status, "ERROR: CCKeyDerivationPBDK failed with status \(status).") + } #endif return derivedKey } @@ -159,19 +159,19 @@ public class PBKDF { public class func deriveKey(fromPassword password: String, salt: [UInt8], prf: PseudoRandomAlgorithm, rounds: uint, derivedKeyLength: UInt) throws -> [UInt8] { var derivedKey = Array(repeating: 0, count:Int(derivedKeyLength)) - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - let status: Int32 = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2), password, password.utf8.count, salt, salt.count, prf.nativeValue(), rounds, &derivedKey, derivedKey.count) - if status != Int32(kCCSuccess) { - - throw CryptorError.fail(status, "ERROR: CCKeyDerivationPBDK failed with status \(status).") - } - #elseif os(Linux) + #if os(Linux) let status = PKCS5_PBKDF2_HMAC(password, Int32(password.utf8.count), salt, Int32(salt.count), Int32(rounds), .make(optional: prf.nativeValue()), Int32(derivedKey.count), &derivedKey) if status != 1 { let error = ERR_get_error() throw CryptorError.fail(Int32(error), "ERROR: PKCS5_PBKDF2_HMAC failed, reason: \(errToString(ERR_error_string(error, nil)))") } + #else + let status: Int32 = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2), password, password.utf8.count, salt, salt.count, prf.nativeValue(), rounds, &derivedKey, derivedKey.count) + if status != Int32(kCCSuccess) { + + throw CryptorError.fail(status, "ERROR: CCKeyDerivationPBDK failed with status \(status).") + } #endif return derivedKey } @@ -193,19 +193,19 @@ public class PBKDF { /// public class func deriveKey(fromPassword password: UnsafePointer, passwordLen: Int, salt: UnsafePointer, saltLen: Int, prf: PseudoRandomAlgorithm, rounds: uint, derivedKey: UnsafeMutablePointer, derivedKeyLen: Int) throws { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - let status: Int32 = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2), password, passwordLen, salt, saltLen, prf.nativeValue(), rounds, derivedKey, derivedKeyLen) - if status != Int32(kCCSuccess) { - - throw CryptorError.fail(status, "ERROR: CCKeyDerivationPBDK failed with status \(status).") - } - #elseif os(Linux) + #if os(Linux) let status = PKCS5_PBKDF2_HMAC(password, Int32(passwordLen), salt, Int32(saltLen), Int32(rounds), .make(optional: prf.nativeValue()), Int32(derivedKeyLen), derivedKey) if status != 1 { let error = ERR_get_error() throw CryptorError.fail(Int32(error), "ERROR: PKCS5_PBKDF2_HMAC failed, reason: \(errToString(ERR_error_string(error, nil)))") } + #else + let status: Int32 = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2), password, passwordLen, salt, saltLen, prf.nativeValue(), rounds, derivedKey, derivedKeyLen) + if status != Int32(kCCSuccess) { + + throw CryptorError.fail(status, "ERROR: CCKeyDerivationPBDK failed with status \(status).") + } #endif } } diff --git a/Sources/Cryptor/Random.swift b/Sources/Cryptor/Random.swift index 33266c6..2442c79 100755 --- a/Sources/Cryptor/Random.swift +++ b/Sources/Cryptor/Random.swift @@ -17,10 +17,10 @@ import Foundation -#if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - import CommonCrypto -#elseif os(Linux) - import OpenSSL +#if os(Linux) + import OpenSSL +#else + import CommonCrypto #endif public typealias RNGStatus = Status @@ -41,13 +41,7 @@ public class Random { /// public class func generate(bytes: UnsafeMutablePointer, byteCount: Int) -> RNGStatus { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - let statusCode = CCRandomGenerateBytes(bytes, byteCount) - guard let status = Status(rawValue: statusCode) else { - fatalError("CCRandomGenerateBytes returned unexpected status code: \(statusCode)") - } - return status - #elseif os(Linux) + #if os(Linux) let statusCode = RAND_bytes(bytes, Int32(byteCount)) if statusCode != 1 { @@ -55,6 +49,12 @@ public class Random { return Status.rngFailure(errCode) } return Status.success + #else + let statusCode = CCRandomGenerateBytes(bytes, byteCount) + guard let status = Status(rawValue: statusCode) else { + fatalError("CCRandomGenerateBytes returned unexpected status code: \(statusCode)") + } + return status #endif } diff --git a/Sources/Cryptor/Status.swift b/Sources/Cryptor/Status.swift index be87926..7e9fb6e 100755 --- a/Sources/Cryptor/Status.swift +++ b/Sources/Cryptor/Status.swift @@ -17,119 +17,13 @@ import Foundation -#if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - import CommonCrypto -#elseif os(Linux) - import OpenSSL +#if os(Linux) + import OpenSSL +#else + import CommonCrypto #endif -#if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) -/// -/// Links the native CommonCryptoStatus enumeration to Swift versions. -/// -public enum Status: CCCryptorStatus, Swift.Error, CustomStringConvertible { - - /// Successful - case success - - /// Parameter Error - case paramError - - /// Buffer too Small - case bufferTooSmall - - /// Memory Failure - case memoryFailure - - /// Alignment Error - case alignmentError - - /// Decode Error - case decodeError - - /// Unimplemented - case unimplemented - - /// Overflow - case overflow - - /// Random Number Generator Err - case rngFailure - - /// - /// Converts this value to a native `CCCryptorStatus` value. - /// - public func toRaw() -> CCCryptorStatus { - - switch self { - - case .success: - return CCCryptorStatus(kCCSuccess) - case .paramError: - return CCCryptorStatus(kCCParamError) - case .bufferTooSmall: - return CCCryptorStatus(kCCBufferTooSmall) - case .memoryFailure: - return CCCryptorStatus(kCCMemoryFailure) - case .alignmentError: - return CCCryptorStatus(kCCAlignmentError) - case .decodeError: - return CCCryptorStatus(kCCDecodeError) - case .unimplemented: - return CCCryptorStatus(kCCUnimplemented) - case .overflow: - return CCCryptorStatus(kCCOverflow) - case .rngFailure: - return CCCryptorStatus(kCCRNGFailure) - } - } - - /// - /// Human readable descriptions of the values. (Not needed in Swift 2.0?) - /// - static let descriptions = [ - success: "Success", - paramError: "ParamError", - bufferTooSmall: "BufferTooSmall", - memoryFailure: "MemoryFailure", - alignmentError: "AlignmentError", - decodeError: "DecodeError", - unimplemented: "Unimplemented", - overflow: "Overflow", - rngFailure: "RNGFailure" - ] - - /// - /// Obtain human-readable string from enum value. - /// - public var description: String { - - return (Status.descriptions[self] != nil) ? Status.descriptions[self]! : "" - } - - /// - /// Create enum value from raw `CCCryptorStatus` value. - /// - public static func fromRaw(status: CCCryptorStatus) -> Status? { - - let from = [ - kCCSuccess: success, - kCCParamError: paramError, - kCCBufferTooSmall: bufferTooSmall, - kCCMemoryFailure: memoryFailure, - kCCAlignmentError: alignmentError, - kCCDecodeError: decodeError, - kCCUnimplemented: unimplemented, - kCCOverflow: overflow, - kCCRNGFailure: rngFailure - ] - - return from[Int(status)] - - } -} - -#elseif os(Linux) +#if os(Linux) /// /// Error status @@ -227,6 +121,112 @@ func != (lhs: Status, rhs: Status) -> Bool { return lhs.code != rhs.code } +#else +/// +/// Links the native CommonCryptoStatus enumeration to Swift versions. +/// +public enum Status: CCCryptorStatus, Swift.Error, CustomStringConvertible { + + /// Successful + case success + + /// Parameter Error + case paramError + + /// Buffer too Small + case bufferTooSmall + + /// Memory Failure + case memoryFailure + + /// Alignment Error + case alignmentError + + /// Decode Error + case decodeError + + /// Unimplemented + case unimplemented + + /// Overflow + case overflow + + /// Random Number Generator Err + case rngFailure + + /// + /// Converts this value to a native `CCCryptorStatus` value. + /// + public func toRaw() -> CCCryptorStatus { + + switch self { + + case .success: + return CCCryptorStatus(kCCSuccess) + case .paramError: + return CCCryptorStatus(kCCParamError) + case .bufferTooSmall: + return CCCryptorStatus(kCCBufferTooSmall) + case .memoryFailure: + return CCCryptorStatus(kCCMemoryFailure) + case .alignmentError: + return CCCryptorStatus(kCCAlignmentError) + case .decodeError: + return CCCryptorStatus(kCCDecodeError) + case .unimplemented: + return CCCryptorStatus(kCCUnimplemented) + case .overflow: + return CCCryptorStatus(kCCOverflow) + case .rngFailure: + return CCCryptorStatus(kCCRNGFailure) + } + } + + /// + /// Human readable descriptions of the values. (Not needed in Swift 2.0?) + /// + static let descriptions = [ + success: "Success", + paramError: "ParamError", + bufferTooSmall: "BufferTooSmall", + memoryFailure: "MemoryFailure", + alignmentError: "AlignmentError", + decodeError: "DecodeError", + unimplemented: "Unimplemented", + overflow: "Overflow", + rngFailure: "RNGFailure" + ] + + /// + /// Obtain human-readable string from enum value. + /// + public var description: String { + + return (Status.descriptions[self] != nil) ? Status.descriptions[self]! : "" + } + + /// + /// Create enum value from raw `CCCryptorStatus` value. + /// + public static func fromRaw(status: CCCryptorStatus) -> Status? { + + let from = [ + kCCSuccess: success, + kCCParamError: paramError, + kCCBufferTooSmall: bufferTooSmall, + kCCMemoryFailure: memoryFailure, + kCCAlignmentError: alignmentError, + kCCDecodeError: decodeError, + kCCUnimplemented: unimplemented, + kCCOverflow: overflow, + kCCRNGFailure: rngFailure + ] + + return from[Int(status)] + + } +} + #endif /// diff --git a/Sources/Cryptor/StreamCryptor.swift b/Sources/Cryptor/StreamCryptor.swift index f951d36..bdd1efb 100755 --- a/Sources/Cryptor/StreamCryptor.swift +++ b/Sources/Cryptor/StreamCryptor.swift @@ -17,10 +17,10 @@ import Foundation -#if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - import CommonCrypto -#elseif os(Linux) - import OpenSSL +#if os(Linux) + import OpenSSL +#else + import CommonCrypto #endif /// @@ -74,22 +74,7 @@ public class StreamCryptor { /// Decrypting case decrypt - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - /// Convert to native `CCOperation` - func nativeValue() -> CCOperation { - - switch self { - - case .encrypt: - return CCOperation(kCCEncrypt) - - case .decrypt: - return CCOperation(kCCDecrypt) - } - } - - #elseif os(Linux) + #if os(Linux) /// Convert to native value func nativeValue() -> UInt32 { @@ -104,6 +89,21 @@ public class StreamCryptor { } } + #else + + /// Convert to native `CCOperation` + func nativeValue() -> CCOperation { + + switch self { + + case .encrypt: + return CCOperation(kCCEncrypt) + + case .decrypt: + return CCOperation(kCCDecrypt) + } + } + #endif } @@ -187,15 +187,7 @@ public class StreamCryptor { /// No options public static let none = Options([]) - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - /// Use padding. Needed unless the input is a integral number of blocks long. - public static var pkcs7Padding = Options(rawValue:kCCOptionPKCS7Padding) - - /// Electronic Code Book Mode. Don't use this. - public static var ecbMode = Options(rawValue:kCCOptionECBMode) - - #elseif os(Linux) + #if os(Linux) /// Use padding. Needed unless the input is a integral number of blocks long. public static var pkcs7Padding = Options(rawValue:0x0001) @@ -203,6 +195,14 @@ public class StreamCryptor { /// Electronic Code Book Mode. Don't use this. public static var ecbMode = Options(rawValue:0x0002) + #else + + /// Use padding. Needed unless the input is a integral number of blocks long. + public static var pkcs7Padding = Options(rawValue:kCCOptionPKCS7Padding) + + /// Electronic Code Book Mode. Don't use this. + public static var ecbMode = Options(rawValue:kCCOptionECBMode) + #endif } @@ -284,35 +284,8 @@ public class StreamCryptor { return kCCKeySizeMinBlowfish } } - - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - /// Native, CommonCrypto constant for algorithm. - func nativeValue() -> CCAlgorithm { - - switch self { - - case .aes, .aes128, .aes192, .aes256: - return CCAlgorithm(kCCAlgorithmAES) - - case .des: - return CCAlgorithm(kCCAlgorithmDES) - - case .tripleDes: - return CCAlgorithm(kCCAlgorithm3DES) - - case .cast: - return CCAlgorithm(kCCAlgorithmCAST) - - case .rc2: - return CCAlgorithm(kCCAlgorithmRC2) - - case .blowfish: - return CCAlgorithm(kCCAlgorithmBlowfish) - } - } - #elseif os(Linux) + #if os(Linux) /// Native, OpenSSL function for algorithm. func nativeValue(options: Options) -> OpaquePointer? { @@ -379,7 +352,34 @@ public class StreamCryptor { fatalError("Unsupported options and/or algorithm.") } - + + #else + + /// Native, CommonCrypto constant for algorithm. + func nativeValue() -> CCAlgorithm { + + switch self { + + case .aes, .aes128, .aes192, .aes256: + return CCAlgorithm(kCCAlgorithmAES) + + case .des: + return CCAlgorithm(kCCAlgorithmDES) + + case .tripleDes: + return CCAlgorithm(kCCAlgorithm3DES) + + case .cast: + return CCAlgorithm(kCCAlgorithmCAST) + + case .rc2: + return CCAlgorithm(kCCAlgorithmRC2) + + case .blowfish: + return CCAlgorithm(kCCAlgorithmBlowfish) + } + } + #endif /// @@ -389,30 +389,7 @@ public class StreamCryptor { /// func validKeySize() -> ValidKeySize { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - switch self { - - case .aes, .aes128, .aes192, .aes256: - return .discrete([kCCKeySizeAES128, kCCKeySizeAES192, kCCKeySizeAES256]) - - case .des: - return .fixed(kCCKeySizeDES) - - case .tripleDes: - return .fixed(kCCKeySize3DES) - - case .cast: - return .range(kCCKeySizeMinCAST, kCCKeySizeMaxCAST) - - case .rc2: - return .range(kCCKeySizeMinRC2, kCCKeySizeMaxRC2) - - case .blowfish: - return .range(kCCKeySizeMinBlowfish, kCCKeySizeMaxBlowfish) - } - - #elseif os(Linux) + #if os(Linux) switch self { @@ -441,6 +418,29 @@ public class StreamCryptor { return .range(kCCKeySizeMinBlowfish, kCCKeySizeMaxBlowfish) } + #else + + switch self { + + case .aes, .aes128, .aes192, .aes256: + return .discrete([kCCKeySizeAES128, kCCKeySizeAES192, kCCKeySizeAES256]) + + case .des: + return .fixed(kCCKeySizeDES) + + case .tripleDes: + return .fixed(kCCKeySize3DES) + + case .cast: + return .range(kCCKeySizeMinCAST, kCCKeySizeMaxCAST) + + case .rc2: + return .range(kCCKeySizeMinRC2, kCCKeySizeMaxRC2) + + case .blowfish: + return .range(kCCKeySizeMinBlowfish, kCCKeySizeMaxBlowfish) + } + #endif } @@ -478,12 +478,7 @@ public class StreamCryptor { /// private var haveContext: Bool = false - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - /// CommonCrypto Context - private var context = UnsafeMutablePointer.allocate(capacity: 1) - - #elseif os(Linux) + #if os(Linux) /// OpenSSL Cipher Context private let context: OpaquePointer? = .init(EVP_CIPHER_CTX_new()) @@ -494,6 +489,11 @@ public class StreamCryptor { /// The algorithm private var algorithm: Algorithm + #else + + /// CommonCrypto Context + private var context = UnsafeMutablePointer.allocate(capacity: 1) + #endif @@ -522,22 +522,7 @@ public class StreamCryptor { throw CryptorError.invalidIVSizeOrLength } - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - let rawStatus = CCCryptorCreate(operation.nativeValue(), algorithm.nativeValue(), CCOptions(options.rawValue), keyBuffer, keyByteCount, ivBuffer, self.context) - - if let status = Status.fromRaw(status: rawStatus) { - - self.status = status - - } else { - - throw CryptorError.fail(rawStatus, "Cryptor init returned unexpected status.") - } - - self.haveContext = true - - #elseif os(Linux) + #if os(Linux) self.algorithm = algorithm self.operation = operation @@ -577,6 +562,21 @@ public class StreamCryptor { self.status = Status.success + #else + + let rawStatus = CCCryptorCreate(operation.nativeValue(), algorithm.nativeValue(), CCOptions(options.rawValue), keyBuffer, keyByteCount, ivBuffer, self.context) + + if let status = Status.fromRaw(status: rawStatus) { + + self.status = status + + } else { + + throw CryptorError.fail(rawStatus, "Cryptor init returned unexpected status.") + } + + self.haveContext = true + #endif } @@ -644,39 +644,39 @@ public class StreamCryptor { return } - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - // Ensure we've got a context before attempting to get rid of it... - if self.context.pointee == nil { - return - } - - let rawStatus = CCCryptorRelease(self.context.pointee) - if let status = Status.fromRaw(status: rawStatus) { - - if status != .success { - - NSLog("WARNING: CCCryptoRelease failed with status \(rawStatus).") - } - - } else { - - fatalError("CCCryptorUpdate returned unexpected status.") - } - - #if swift(>=4.1) - context.deallocate() - #else - context.deallocate(capacity: 1) - #endif - - self.haveContext = false - - #elseif os(Linux) + #if os(Linux) EVP_CIPHER_CTX_free(.make(optional: self.context)) self.haveContext = false + #else + + // Ensure we've got a context before attempting to get rid of it... + if self.context.pointee == nil { + return + } + + let rawStatus = CCCryptorRelease(self.context.pointee) + if let status = Status.fromRaw(status: rawStatus) { + + if status != .success { + + NSLog("WARNING: CCCryptoRelease failed with status \(rawStatus).") + } + + } else { + + fatalError("CCCryptorUpdate returned unexpected status.") + } + + #if swift(>=4.1) + context.deallocate() + #else + context.deallocate(capacity: 1) + #endif + + self.haveContext = false + #endif } @@ -798,16 +798,7 @@ public class StreamCryptor { if self.status == .success { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - let rawStatus = CCCryptorUpdate(self.context.pointee, bufferIn, byteCountIn, bufferOut, byteCapacityOut, &byteCountOut) - if let status = Status.fromRaw(status: rawStatus) { - self.status = status - } else { - fatalError("CCCryptorUpdate returned unexpected status.") - } - - #elseif os(Linux) + #if os(Linux) var rawStatus: Int32 var outLength: Int32 = 0 @@ -837,6 +828,15 @@ public class StreamCryptor { self.status = Status.success } + #else + + let rawStatus = CCCryptorUpdate(self.context.pointee, bufferIn, byteCountIn, bufferOut, byteCapacityOut, &byteCountOut) + if let status = Status.fromRaw(status: rawStatus) { + self.status = status + } else { + fatalError("CCCryptorUpdate returned unexpected status.") + } + #endif } @@ -864,16 +864,7 @@ public class StreamCryptor { if self.status == Status.success { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - let rawStatus = CCCryptorFinal(self.context.pointee, bufferOut, byteCapacityOut, &byteCountOut) - if let status = Status.fromRaw(status: rawStatus) { - self.status = status - } else { - fatalError("CCCryptorUpdate returned unexpected status.") - } - - #elseif os(Linux) + #if os(Linux) var rawStatus: Int32 var outLength: Int32 = Int32(byteCapacityOut) @@ -903,6 +894,15 @@ public class StreamCryptor { self.status = Status.success } + #else + + let rawStatus = CCCryptorFinal(self.context.pointee, bufferOut, byteCapacityOut, &byteCountOut) + if let status = Status.fromRaw(status: rawStatus) { + self.status = status + } else { + fatalError("CCCryptorUpdate returned unexpected status.") + } + #endif } @@ -921,11 +921,7 @@ public class StreamCryptor { /// public func getOutputLength(inputByteCount: Int, isFinal: Bool = false) -> Int { - #if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - - return CCCryptorGetOutputLength(self.context.pointee, inputByteCount, isFinal) - - #elseif os(Linux) + #if os(Linux) if inputByteCount == 0 { return self.algorithm.blockSize @@ -933,6 +929,10 @@ public class StreamCryptor { return (inputByteCount + self.algorithm.blockSize - (inputByteCount % self.algorithm.blockSize)) + #else + + return CCCryptorGetOutputLength(self.context.pointee, inputByteCount, isFinal) + #endif } diff --git a/Tests/CryptorTests/CryptorTests.swift b/Tests/CryptorTests/CryptorTests.swift index f63743d..c0fa9bf 100644 --- a/Tests/CryptorTests/CryptorTests.swift +++ b/Tests/CryptorTests/CryptorTests.swift @@ -19,10 +19,10 @@ import XCTest import Foundation @testable import Cryptor -#if os(macOS) || os(iOS) || os(tvOS) || os(watchOS) - import CommonCrypto -#elseif os(Linux) - import OpenSSL +#if os(Linux) + import OpenSSL +#else + import CommonCrypto #endif import Dispatch @@ -30,8 +30,7 @@ import Dispatch class CryptorTests: XCTestCase { static var allTests: [(String, (CryptorTests) -> () throws -> Void)] { - - return [ + var tests = [ ("test_fatalError_keySize", test_fatalError_keySize), ("test_fatalError_AES_CBC_ivSize", test_fatalError_AES_CBC_ivSize), ("test_Cryptor_AES_ECB", test_Cryptor_AES_ECB), @@ -40,20 +39,20 @@ class CryptorTests: XCTestCase { ("test_Cryptor_AES_ECB_Short", test_Cryptor_AES_ECB_Short), ("test_Cryptor_AES_CBC_1", test_Cryptor_AES_CBC_1), ("test_Cryptor_DES_EBC_1", test_Cryptor_DES_EBC_1), - ("testMD2", testMD2), - ("testMD5_1", testMD5_1), - ("test_Digest_MD5_NSData", test_Digest_MD5_Data), - ("test_Digest_MD5_NSData", test_Digest_MD5_NSData), - ("test_Digest_MD5_Composition_String", test_Digest_MD5_Composition_String), - ("test_Digest_MD5_Composition_String_2", test_Digest_MD5_Composition_String_2), - ("test_Digest_MD5_Composition_Bytes", test_Digest_MD5_Composition_Bytes), + ("testMD5_Insecure_1", testMD5_Insecure_1), + ("test_Digest_MD5_Insecure_NSData", test_Digest_MD5_Insecure_Data), + ("test_Digest_MD5_Insecure_NSData", test_Digest_MD5_Insecure_NSData), + ("test_Digest_MD5_Insecure_Composition_String", test_Digest_MD5_Insecure_Composition_String), + ("test_Digest_MD5_Insecure_Composition_String_2", test_Digest_MD5_Insecure_Composition_String_2), + ("test_Digest_MD5_Insecure_Composition_Bytes", test_Digest_MD5_Insecure_Composition_Bytes), ("test_Crypto_API", test_Crypto_API), - ("test_Digest_SHA1_String", test_Digest_SHA1_String), + ("test_Digest_SHA1_String", test_Digest_SHA1_String), + ("test_Digest_SHA1_insecure_String", test_Digest_SHA1_insecure_String), ("test_Digest_SHA224_String", test_Digest_SHA224_String), ("test_Digest_SHA256_String", test_Digest_SHA256_String), ("test_Digest_SHA384_String", test_Digest_SHA384_String), ("test_Digest_SHA512_String", test_Digest_SHA512_String), - ("test_HMAC_MD5", test_HMAC_MD5), + ("test_HMAC_MD5", test_HMAC_MD5), ("test_HMAC_SHA1", test_HMAC_SHA1), ("test_HMAC_SHA1_NSData", test_HMAC_SHA1_NSData), ("test_HMAC_SHA1_Data", test_HMAC_SHA1_Data), @@ -77,6 +76,22 @@ class CryptorTests: XCTestCase { ("testGitHubIssue9StringCanary", testGitHubIssue9StringCanary), ("testGitHubIssue9ArrayCanary", testGitHubIssue9ArrayCanary) ] + + #if !os(Linux) && !os(iOS) + tests.append(("testMD2", testMD2)) + #endif + + #if !os(iOS) + tests.append(contentsOf: [ + ("testMD5_1", testMD5_1), + ("test_Digest_MD5_NSData", test_Digest_MD5_Data), + ("test_Digest_MD5_NSData", test_Digest_MD5_NSData), + ("test_Digest_MD5_Composition_String", test_Digest_MD5_Composition_String), + ("test_Digest_MD5_Composition_String_2", test_Digest_MD5_Composition_String_2), + ("test_Digest_MD5_Composition_Bytes", test_Digest_MD5_Composition_Bytes)]) + #endif + + return tests } #if os(Linux) @@ -440,6 +455,7 @@ class CryptorTests: XCTestCase { let md2outputs = ["8350e5a3e24c153df2275c9f80692773", "32ec01ec4a6dac72c0ab96fb34c0b5d1", "da853b0d3f88d99b30283a69e6ded6bb", "ab4f496bfb2a530b219ff33031fe06b0", "4e8ddff3650292ab5a4108c3aa47940b", "da33def2a42df13975352846c30338cd", "d5976f79d83d3a0dc9806c3c66f3efd8"] + #if !os(Linux) && !os(iOS) func testMD2() { if usingOpenSSL { return @@ -453,7 +469,9 @@ class CryptorTests: XCTestCase { XCTAssertEqual(output, expectedOutput) } } + #endif + #if !os(iOS) // MARK: MD5 func testMD5_1() { let md5: Digest = Digest(using:.md5) @@ -498,7 +516,53 @@ class CryptorTests: XCTestCase { XCTAssertEqual(digest!, qbfMD5, "PASS") } - + #endif + + // MARK: MD5_Insecure + func testMD5_Insecure_1() { + let md5: Digest = Digest(using:.md5_insecure) + _ = md5.update(string: qbfString) + let digest = md5.final() + + XCTAssertEqual(digest, qbfMD5, "PASS") + } + + func test_Digest_MD5_Insecure_NSData() { + let qbfData: NSData = CryptoUtils.data(from: self.qbfBytes) + let digest = Digest(using: .md5_insecure).update(data: qbfData)?.final() + + XCTAssertEqual(digest!, qbfMD5, "PASS") + } + + func test_Digest_MD5_Insecure_Data() { + let qbfData: Data = CryptoUtils.data(from: self.qbfBytes) + let digest = Digest(using: .md5_insecure).update(data: qbfData)?.final() + + XCTAssertEqual(digest!, qbfMD5, "PASS") + } + + /// Test MD5 with string input and optional chaining. + func test_Digest_MD5_Insecure_Composition_String() { + let digest = Digest(using: .md5_insecure).update(string: qbfString)?.final() + XCTAssertEqual(digest!, qbfMD5, "PASS") + } + + /// Test MD5 with optional chaining, string input and 2 updates + func test_Digest_MD5_Insecure_Composition_String_2() { + let s1 = "The quick brown fox" + let s2 = " jumps over the lazy dog." + let digest = Digest(using: .md5_insecure).update(string: s1)?.update(string: s2)?.final() + + XCTAssertEqual(digest!, qbfMD5, "PASS") + } + + /// Test MD5 with optional chaining and byte array input + func test_Digest_MD5_Insecure_Composition_Bytes() { + let digest = Digest(using: .md5_insecure).update(byteArray: qbfBytes)?.final() + + XCTAssertEqual(digest!, qbfMD5, "PASS") + } + /// See: http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/SHA_All.pdf let shaShortBlock = "abc" let sha1ShortBlockOutput = "a9993e364706816aba3e25717850c26c9cd0d89d" @@ -519,14 +583,21 @@ class CryptorTests: XCTestCase { XCTAssertEqual(theData.sha384, CryptoUtils.data(fromHex: sha384BlockOutput)) XCTAssertEqual(theData.sha512, CryptoUtils.data(fromHex: sha512BlockOutput)) } - - func test_Digest_SHA1_String() { - let digest = Digest(using: .sha1).update(string: shaShortBlock)?.final() - print(CryptoUtils.hexString(from: digest!)) - XCTAssertEqual(CryptoUtils.hexString(from: digest!), sha1ShortBlockOutput) - - } - + + func test_Digest_SHA1_String() { + let digest = Digest(using: .sha1).update(string: shaShortBlock)?.final() + print(CryptoUtils.hexString(from: digest!)) + XCTAssertEqual(CryptoUtils.hexString(from: digest!), sha1ShortBlockOutput) + + } + + func test_Digest_SHA1_insecure_String() { + let digest = Digest(using: .sha1_insecure).update(string: shaShortBlock)?.final() + print(CryptoUtils.hexString(from: digest!)) + XCTAssertEqual(CryptoUtils.hexString(from: digest!), sha1ShortBlockOutput) + + } + func test_Digest_SHA224_String() { let digest = Digest(using: .sha224).update(string: shaShortBlock)?.final() print(CryptoUtils.hexString(from: digest!)) diff --git a/Tests/CryptorTests/Info.plist b/Tests/CryptorTests/Info.plist deleted file mode 100644 index ba72822..0000000 --- a/Tests/CryptorTests/Info.plist +++ /dev/null @@ -1,24 +0,0 @@ - - - - - CFBundleDevelopmentRegion - en - CFBundleExecutable - $(EXECUTABLE_NAME) - CFBundleIdentifier - $(PRODUCT_BUNDLE_IDENTIFIER) - CFBundleInfoDictionaryVersion - 6.0 - CFBundleName - $(PRODUCT_NAME) - CFBundlePackageType - BNDL - CFBundleShortVersionString - 1.0 - CFBundleSignature - ???? - CFBundleVersion - 1 - -