From 605f027e24c51cd9ed3e939373a1485151a08bef Mon Sep 17 00:00:00 2001 From: Kyle Fuller Date: Sat, 9 Jan 2021 14:08:39 +0000 Subject: [PATCH 1/2] refactor: use crypto-kit for HMAC on non Apple platforms --- Package.swift | 6 ++--- Sources/JWA/HMAC/HMACCrypto.swift | 34 ++++++++++++++++++++++++++ Sources/JWA/HMAC/HMACCryptoSwift.swift | 32 ------------------------ 3 files changed, 37 insertions(+), 35 deletions(-) create mode 100644 Sources/JWA/HMAC/HMACCrypto.swift delete mode 100644 Sources/JWA/HMAC/HMACCryptoSwift.swift diff --git a/Package.swift b/Package.swift index 01b5e95..0771ad9 100644 --- a/Package.swift +++ b/Package.swift @@ -11,14 +11,14 @@ let dependencies = [ Package.Dependency.package(url: "https://github.com/kylef-archive/CommonCrypto.git", from: "1.0.0"), ] #endif -let excludes = ["HMAC/HMACCryptoSwift.swift"] +let excludes = ["HMAC/HMACCrypto.swift"] let targetDependencies: [Target.Dependency] = [] #else let dependencies = [ - Package.Dependency.package(url: "https://github.com/krzyzanowskim/CryptoSwift.git", from: "0.10.0"), + Package.Dependency.package(url: "https://github.com/apple/swift-crypto", from: "1.1.3"), ] let excludes = ["HMAC/HMACCommonCrypto.swift"] -let targetDependencies: [Target.Dependency] = ["CryptoSwift"] +let targetDependencies: [Target.Dependency] = ["Crypto"] #endif diff --git a/Sources/JWA/HMAC/HMACCrypto.swift b/Sources/JWA/HMAC/HMACCrypto.swift new file mode 100644 index 0000000..20f4261 --- /dev/null +++ b/Sources/JWA/HMAC/HMACCrypto.swift @@ -0,0 +1,34 @@ +import Foundation +import Crypto + + +extension HMACAlgorithm: SignAlgorithm, VerifyAlgorithm { + var symmetricKey: SymmetricKey { + return SymmetricKey(data: key) + } + + public func sign(_ message: Data) -> Data { + switch hash { + case .sha256: + let code = HMAC.authenticationCode(for: message, using: symmetricKey) + return Data(code) + case .sha384: + let code = HMAC.authenticationCode(for: message, using: symmetricKey) + return Data(code) + case .sha512: + let code = HMAC.authenticationCode(for: message, using: symmetricKey) + return Data(code) + } + } + + public func verify(_ message: Data, signature: Data) -> Bool { + switch hash { + case .sha256: + return HMAC.isValidAuthenticationCode(signature, authenticating: message, using: symmetricKey) + case .sha384: + return HMAC.isValidAuthenticationCode(signature, authenticating: message, using: symmetricKey) + case .sha512: + return HMAC.isValidAuthenticationCode(signature, authenticating: message, using: symmetricKey) + } + } +} diff --git a/Sources/JWA/HMAC/HMACCryptoSwift.swift b/Sources/JWA/HMAC/HMACCryptoSwift.swift deleted file mode 100644 index 6153049..0000000 --- a/Sources/JWA/HMAC/HMACCryptoSwift.swift +++ /dev/null @@ -1,32 +0,0 @@ -import Foundation -import CryptoSwift - - -extension HMACAlgorithm: SignAlgorithm, VerifyAlgorithm { - public func sign(_ message: Data) -> Data { - let mac = HMAC(key: key.bytes, variant: hash.cryptoSwiftVariant) - - let result: [UInt8] - do { - result = try mac.authenticate(message.bytes) - } catch { - result = [] - } - - return Data(bytes: result) - } -} - - -extension HMACAlgorithm.Hash { - var cryptoSwiftVariant: HMAC.Variant { - switch self { - case .sha256: - return .sha256 - case .sha384: - return .sha384 - case .sha512: - return .sha512 - } - } -} From 9d28518841b3e5ef0840588b1d4f75af3bd815d9 Mon Sep 17 00:00:00 2001 From: Kyle Fuller Date: Sat, 9 Jan 2021 14:09:49 +0000 Subject: [PATCH 2/2] chore: add GitHub actions --- .github/workflows/main.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .github/workflows/main.yaml diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml new file mode 100644 index 0000000..b7fa851 --- /dev/null +++ b/.github/workflows/main.yaml @@ -0,0 +1,10 @@ +on: [push, pull_request] +jobs: + test: + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest] + steps: + - uses: actions/checkout@v2 + - run: swift test