diff --git a/Examples/CommonCode/Helpers.swift b/Examples/CommonCode/Helpers.swift index c3b8292..fc22db1 100644 --- a/Examples/CommonCode/Helpers.swift +++ b/Examples/CommonCode/Helpers.swift @@ -9,23 +9,23 @@ import Foundation extension String { - func toData() -> NSData? { - return self.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false) + func toData() -> Data? { + return self.data(using: .utf8, allowLossyConversion: false) } } extension Dictionary { - func toData() -> NSData? { - return NSKeyedArchiver.archivedDataWithRootObject(self as! AnyObject) + func toData() -> Data? { + return NSKeyedArchiver.archivedData(withRootObject: self) as Data? } } -extension NSData { +extension Data { func toString() -> String? { - return (NSString(data: self, encoding: NSUTF8StringEncoding) as! String) + return String(data: self, encoding: .utf8) } func toDictionary() -> [String: AnyObject]? { - return NSKeyedUnarchiver.unarchiveObjectWithData(self) as? [String: AnyObject] + return NSKeyedUnarchiver.unarchiveObject(with: self) as? [String: AnyObject] } } diff --git a/Examples/OSX/AppDelegate.swift b/Examples/OSX/AppDelegate.swift index 34f72fe..c3c3427 100644 --- a/Examples/OSX/AppDelegate.swift +++ b/Examples/OSX/AppDelegate.swift @@ -21,23 +21,25 @@ class AppDelegate: NSObject, NSApplicationDelegate { let sodium = Sodium()! let aliceKeyPair = sodium.box.keyPair()! let bobKeyPair = sodium.box.keyPair()! - let message: NSData = "My Test Message".toData()! + let message = "My Test Message".toData()! - println("Original Message:\(message.toString())") + print("Original Message:\(message.toString())") - let encryptedMessageFromAliceToBob: NSData = - sodium.box.seal(message, - recipientPublicKey: bobKeyPair.publicKey, - senderSecretKey: aliceKeyPair.secretKey)! + let encryptedMessageFromAliceToBob: Data = + sodium.box.seal( + message: message, + recipientPublicKey: bobKeyPair.publicKey, + senderSecretKey: aliceKeyPair.secretKey)! - println("Encrypted Message:\(encryptedMessageFromAliceToBob)") + print("Encrypted Message:\(encryptedMessageFromAliceToBob)") let messageVerifiedAndDecryptedByBob = - sodium.box.open(encryptedMessageFromAliceToBob, - senderPublicKey: bobKeyPair.publicKey, - recipientSecretKey: aliceKeyPair.secretKey) + sodium.box.open( + nonceAndAuthenticatedCipherText: encryptedMessageFromAliceToBob, + senderPublicKey: bobKeyPair.publicKey, + recipientSecretKey: aliceKeyPair.secretKey) - println("Decrypted Message:\(messageVerifiedAndDecryptedByBob!.toString())") + print("Decrypted Message:\(messageVerifiedAndDecryptedByBob!.toString())") } diff --git a/Examples/iOS/ViewController.swift b/Examples/iOS/ViewController.swift index ea09c16..dd7f179 100644 --- a/Examples/iOS/ViewController.swift +++ b/Examples/iOS/ViewController.swift @@ -18,23 +18,25 @@ class ViewController: UIViewController { let sodium = Sodium()! let aliceKeyPair = sodium.box.keyPair()! let bobKeyPair = sodium.box.keyPair()! - let message: NSData = "My Test Message".toData()! + let message = "My Test Message".toData()! - println("Original Message:\(message.toString())") + print("Original Message:\(message.toString())") - let encryptedMessageFromAliceToBob: NSData = - sodium.box.seal(message, - recipientPublicKey: bobKeyPair.publicKey, - senderSecretKey: aliceKeyPair.secretKey)! + let encryptedMessageFromAliceToBob: Data = + sodium.box.seal( + message: message, + recipientPublicKey: bobKeyPair.publicKey, + senderSecretKey: aliceKeyPair.secretKey)! - println("Encrypted Message:\(encryptedMessageFromAliceToBob)") + print("Encrypted Message:\(encryptedMessageFromAliceToBob)") let messageVerifiedAndDecryptedByBob = - sodium.box.open(encryptedMessageFromAliceToBob, - senderPublicKey: bobKeyPair.publicKey, - recipientSecretKey: aliceKeyPair.secretKey) + sodium.box.open( + nonceAndAuthenticatedCipherText: encryptedMessageFromAliceToBob, + senderPublicKey: bobKeyPair.publicKey, + recipientSecretKey: aliceKeyPair.secretKey) - println("Decrypted Message:\(messageVerifiedAndDecryptedByBob!.toString())") + print("Decrypted Message:\(messageVerifiedAndDecryptedByBob!.toString())") } diff --git a/Sodium.xcodeproj/project.pbxproj b/Sodium.xcodeproj/project.pbxproj index c9b6e41..bc1e668 100644 --- a/Sodium.xcodeproj/project.pbxproj +++ b/Sodium.xcodeproj/project.pbxproj @@ -16,7 +16,6 @@ 091782551CA164C70022765D /* crypto_pwhash.h in Headers */ = {isa = PBXBuildFile; fileRef = 0917824F1CA164970022765D /* crypto_pwhash.h */; settings = {ATTRIBUTES = (Public, ); }; }; 091C7CDA1A507E95002E5351 /* ShortHash.swift in Sources */ = {isa = PBXBuildFile; fileRef = 091C7CD91A507E95002E5351 /* ShortHash.swift */; }; 091C7CDC1A50839D002E5351 /* Sign.swift in Sources */ = {isa = PBXBuildFile; fileRef = 091C7CDB1A50839D002E5351 /* Sign.swift */; }; - 092D181A1A5BF5A700972F77 /* NSData+Extensions.swift in Sources */ = {isa = PBXBuildFile; fileRef = 092D18191A5BF5A700972F77 /* NSData+Extensions.swift */; }; 094E49401BE6C7760053AC01 /* crypto_aead_aes256gcm.h in Headers */ = {isa = PBXBuildFile; fileRef = 094E493F1BE6C7760053AC01 /* crypto_aead_aes256gcm.h */; settings = {ATTRIBUTES = (Private, ); }; }; 094E49411BE6C7D00053AC01 /* crypto_aead_aes256gcm.h in Headers */ = {isa = PBXBuildFile; fileRef = 094E493F1BE6C7760053AC01 /* crypto_aead_aes256gcm.h */; settings = {ATTRIBUTES = (Public, ); }; }; 094F21EA1A5017CA001C3141 /* Box.swift in Sources */ = {isa = PBXBuildFile; fileRef = 094F21E91A5017CA001C3141 /* Box.swift */; }; @@ -152,7 +151,6 @@ 90C75EE51AE3583E00F1E749 /* Box.swift in Sources */ = {isa = PBXBuildFile; fileRef = 094F21E91A5017CA001C3141 /* Box.swift */; }; 90C75EE61AE3583E00F1E749 /* SecretBox.swift in Sources */ = {isa = PBXBuildFile; fileRef = 038365141A5A51D20081136D /* SecretBox.swift */; }; 90C75EE71AE3583E00F1E749 /* GenericHash.swift in Sources */ = {isa = PBXBuildFile; fileRef = 095D80561A4ED0B4000B83F9 /* GenericHash.swift */; }; - 90C75EE81AE3583E00F1E749 /* NSData+Extensions.swift in Sources */ = {isa = PBXBuildFile; fileRef = 092D18191A5BF5A700972F77 /* NSData+Extensions.swift */; }; 90C75EE91AE3583E00F1E749 /* RandomBytes.swift in Sources */ = {isa = PBXBuildFile; fileRef = 095D805A1A4F35CA000B83F9 /* RandomBytes.swift */; }; 90C75EEA1AE3583E00F1E749 /* ShortHash.swift in Sources */ = {isa = PBXBuildFile; fileRef = 091C7CD91A507E95002E5351 /* ShortHash.swift */; }; 90C75EEB1AE3583E00F1E749 /* Sign.swift in Sources */ = {isa = PBXBuildFile; fileRef = 091C7CDB1A50839D002E5351 /* Sign.swift */; }; @@ -179,7 +177,6 @@ 0917824F1CA164970022765D /* crypto_pwhash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_pwhash.h; sourceTree = ""; }; 091C7CD91A507E95002E5351 /* ShortHash.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ShortHash.swift; sourceTree = ""; }; 091C7CDB1A50839D002E5351 /* Sign.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Sign.swift; sourceTree = ""; }; - 092D18191A5BF5A700972F77 /* NSData+Extensions.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "NSData+Extensions.swift"; sourceTree = ""; }; 094E493F1BE6C7760053AC01 /* crypto_aead_aes256gcm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_aead_aes256gcm.h; sourceTree = ""; }; 094F21E91A5017CA001C3141 /* Box.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Box.swift; sourceTree = ""; }; 095D80541A4ECCD7000B83F9 /* Sodium.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Sodium.swift; sourceTree = ""; }; @@ -344,7 +341,6 @@ 038365141A5A51D20081136D /* SecretBox.swift */, 095D80561A4ED0B4000B83F9 /* GenericHash.swift */, 097F20D91AF127480088C2FE /* PWHash.swift */, - 092D18191A5BF5A700972F77 /* NSData+Extensions.swift */, 095D805A1A4F35CA000B83F9 /* RandomBytes.swift */, 091C7CD91A507E95002E5351 /* ShortHash.swift */, 091C7CDB1A50839D002E5351 /* Sign.swift */, @@ -830,7 +826,6 @@ buildActionMask = 2147483647; files = ( 095D80551A4ECCD7000B83F9 /* Sodium.swift in Sources */, - 092D181A1A5BF5A700972F77 /* NSData+Extensions.swift in Sources */, 097F20DA1AF127480088C2FE /* PWHash.swift in Sources */, 038365151A5A51D20081136D /* SecretBox.swift in Sources */, 095D805D1A4F4F72000B83F9 /* Utils.swift in Sources */, @@ -878,7 +873,6 @@ 90C75EE61AE3583E00F1E749 /* SecretBox.swift in Sources */, CFD847281BA8120900B1260F /* PWHash.swift in Sources */, 90C75EE71AE3583E00F1E749 /* GenericHash.swift in Sources */, - 90C75EE81AE3583E00F1E749 /* NSData+Extensions.swift in Sources */, 90C75EE91AE3583E00F1E749 /* RandomBytes.swift in Sources */, 90C75EEA1AE3583E00F1E749 /* ShortHash.swift in Sources */, 90C75EEB1AE3583E00F1E749 /* Sign.swift in Sources */, @@ -1139,6 +1133,7 @@ CODE_SIGN_IDENTITY = "-"; COMBINE_HIDPI_IMAGES = YES; DEBUG_INFORMATION_FORMAT = dwarf; + ENABLE_BITCODE = NO; GCC_NO_COMMON_BLOCKS = YES; GCC_PREPROCESSOR_DEFINITIONS = ( "DEBUG=1", @@ -1161,6 +1156,7 @@ COMBINE_HIDPI_IMAGES = YES; COPY_PHASE_STRIP = NO; DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + ENABLE_BITCODE = NO; GCC_NO_COMMON_BLOCKS = YES; INFOPLIST_FILE = Examples/OSX/Info.plist; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks"; @@ -1180,6 +1176,7 @@ DYLIB_COMPATIBILITY_VERSION = 1; DYLIB_CURRENT_VERSION = 1; DYLIB_INSTALL_NAME_BASE = "@rpath"; + ENABLE_BITCODE = NO; FRAMEWORK_VERSION = A; GCC_NO_COMMON_BLOCKS = YES; GCC_PREPROCESSOR_DEFINITIONS = ( @@ -1211,6 +1208,7 @@ DYLIB_COMPATIBILITY_VERSION = 1; DYLIB_CURRENT_VERSION = 1; DYLIB_INSTALL_NAME_BASE = "@rpath"; + ENABLE_BITCODE = NO; FRAMEWORK_VERSION = A; GCC_NO_COMMON_BLOCKS = YES; INFOPLIST_FILE = "$(SRCROOT)/Sodium/Info.plist"; diff --git a/Sodium/Box.swift b/Sodium/Box.swift index 41a80a3..18df53c 100644 --- a/Sodium/Box.swift +++ b/Sodium/Box.swift @@ -18,11 +18,11 @@ public class Box { public let BeforenmBytes = Int(crypto_box_beforenmbytes()) public let SealBytes = Int(crypto_box_sealbytes()) - public typealias PublicKey = NSData - public typealias SecretKey = NSData - public typealias Nonce = NSData - public typealias MAC = NSData - public typealias Beforenm = NSData + public typealias PublicKey = Data + public typealias SecretKey = Data + public typealias Nonce = Data + public typealias MAC = Data + public typealias Beforenm = Data public struct KeyPair { public let publicKey: PublicKey @@ -35,209 +35,358 @@ public class Box { } public func keyPair() -> KeyPair? { - guard let pk = NSMutableData(length: PublicKeyBytes) else { + var pk = Data(count: PublicKeyBytes) + var sk = Data(count: SecretKeyBytes) + let result = pk.withUnsafeMutableBytes { pkPtr in + return sk.withUnsafeMutableBytes { skPtr in + return crypto_box_keypair(pkPtr, skPtr) + } + } + + if result != 0 { return nil } - guard let sk = NSMutableData(length: SecretKeyBytes) else { - return nil - } - if crypto_box_keypair(pk.mutableBytesPtr(), sk.mutableBytesPtr()) != 0 { - return nil - } - return KeyPair(publicKey: PublicKey(data: pk as Data), secretKey: SecretKey(data: sk as Data)) + + return KeyPair(publicKey: pk, secretKey: sk) } - public func keyPair(seed: NSData) -> KeyPair? { - if seed.length != SeedBytes { + public func keyPair(seed: Data) -> KeyPair? { + if seed.count != SeedBytes { return nil } - guard let pk = NSMutableData(length: PublicKeyBytes) else { + + var pk = Data(count: PublicKeyBytes) + var sk = Data(count: SecretKeyBytes) + + let result = pk.withUnsafeMutableBytes { pkPtr in + return sk.withUnsafeMutableBytes { skPtr in + return seed.withUnsafeBytes { seedPtr in + return crypto_box_seed_keypair(pkPtr, skPtr, seedPtr) + } + } + } + + if result != 0 { return nil } - guard let sk = NSMutableData(length: SecretKeyBytes) else { - return nil - } - if crypto_box_seed_keypair(pk.mutableBytesPtr(), sk.mutableBytesPtr(), seed.bytesPtr()) != 0 { - return nil - } - return KeyPair(publicKey: PublicKey(data: pk as Data), secretKey: SecretKey(data: sk as Data)) + + return KeyPair(publicKey: pk, secretKey: sk) } - public func nonce() -> Nonce? { - guard let nonce = NSMutableData(length: NonceBytes) else { - return nil + public func nonce() -> Nonce { + var nonce = Data(count: NonceBytes) + nonce.withUnsafeMutableBytes { noncePtr in + randombytes_buf(noncePtr, nonce.count) } - randombytes_buf(nonce.mutableBytesPtr(), nonce.length) - return nonce as Nonce + return nonce } - public func seal(message: NSData, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> NSData? { - guard let (authenticatedCipherText, nonce): (NSData, Nonce) = seal(message: message, recipientPublicKey: recipientPublicKey, senderSecretKey: senderSecretKey) else { + public func seal(message: Data, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> Data? { + guard let (authenticatedCipherText, nonce): (Data, Nonce) = seal(message: message, recipientPublicKey: recipientPublicKey, senderSecretKey: senderSecretKey) else { return nil } - let nonceAndAuthenticatedCipherText = NSMutableData(data: nonce as Data) - nonceAndAuthenticatedCipherText.append(authenticatedCipherText as Data) + var nonceAndAuthenticatedCipherText = nonce + nonceAndAuthenticatedCipherText.append(authenticatedCipherText) return nonceAndAuthenticatedCipherText } - public func seal(message: NSData, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> (authenticatedCipherText: NSData, nonce: Nonce)? { - if recipientPublicKey.length != PublicKeyBytes || senderSecretKey.length != SecretKeyBytes { + public func seal(message: Data, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> (authenticatedCipherText: Data, nonce: Nonce)? { + if recipientPublicKey.count != PublicKeyBytes || senderSecretKey.count != SecretKeyBytes { return nil } - guard let authenticatedCipherText = NSMutableData(length: message.length + MacBytes) else { - return nil - } - guard let nonce = self.nonce() else { - return nil - } - if crypto_box_easy(authenticatedCipherText.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), nonce.bytesPtr(), recipientPublicKey.bytesPtr(), senderSecretKey.bytesPtr()) != 0 { + var authenticatedCipherText = Data(count: message.count + MacBytes) + let nonce = self.nonce() + + let result = authenticatedCipherText.withUnsafeMutableBytes { authenticatedCipherTextPtr in + return message.withUnsafeBytes { messagePtr in + return nonce.withUnsafeBytes { noncePtr in + return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in + return senderSecretKey.withUnsafeBytes { senderSecretKeyPtr in + return crypto_box_easy( + authenticatedCipherTextPtr, + messagePtr, + CUnsignedLongLong(message.count), + noncePtr, + recipientPublicKeyPtr, + senderSecretKeyPtr) + } + } + } + } + } + + if result != 0 { return nil } + return (authenticatedCipherText: authenticatedCipherText, nonce: nonce) } - public func seal(message: NSData, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> (authenticatedCipherText: NSData, nonce: Nonce, mac: MAC)? { - if recipientPublicKey.length != PublicKeyBytes || senderSecretKey.length != SecretKeyBytes { + public func seal(message: Data, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> (authenticatedCipherText: Data, nonce: Nonce, mac: MAC)? { + if recipientPublicKey.count != PublicKeyBytes || senderSecretKey.count != SecretKeyBytes { return nil } - guard let authenticatedCipherText = NSMutableData(length: message.length) else { - return nil - } - guard let mac = NSMutableData(length: MacBytes) else { - return nil - } - guard let nonce = self.nonce() else { - return nil - } - if crypto_box_detached(authenticatedCipherText.mutableBytesPtr(), mac.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), nonce.bytesPtr(), recipientPublicKey.bytesPtr(), senderSecretKey.bytesPtr()) != 0 { + var authenticatedCipherText = Data(count: message.count) + var mac = Data(count: MacBytes) + let nonce = self.nonce() + let result = authenticatedCipherText.withUnsafeMutableBytes { authenticatedCipherTextPtr in + return mac.withUnsafeMutableBytes { macPtr in + return message.withUnsafeBytes { messagePtr in + return nonce.withUnsafeBytes { noncePtr in + return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in + return senderSecretKey.withUnsafeBytes { senderSecretKeyPtr in + return crypto_box_detached( + authenticatedCipherTextPtr, + macPtr, + messagePtr, + CUnsignedLongLong(message.count), + noncePtr, + recipientPublicKeyPtr, + senderSecretKeyPtr) + } + } + } + } + } + } + + if result != 0 { return nil } + return (authenticatedCipherText: authenticatedCipherText, nonce: nonce as Nonce, mac: mac as MAC) } - public func open(nonceAndAuthenticatedCipherText: NSData, senderPublicKey: PublicKey, recipientSecretKey: SecretKey) -> NSData? { - if nonceAndAuthenticatedCipherText.length < NonceBytes + MacBytes { + public func open(nonceAndAuthenticatedCipherText: Data, senderPublicKey: PublicKey, recipientSecretKey: SecretKey) -> Data? { + if nonceAndAuthenticatedCipherText.count < NonceBytes + MacBytes { return nil } - let nonce = nonceAndAuthenticatedCipherText.subdata(with: NSRange(0.. NSData? { - if nonce.length != NonceBytes || authenticatedCipherText.length < MacBytes { + public func open(authenticatedCipherText: Data, senderPublicKey: PublicKey, recipientSecretKey: SecretKey, nonce: Nonce) -> Data? { + if nonce.count != NonceBytes || authenticatedCipherText.count < MacBytes { return nil } - if senderPublicKey.length != PublicKeyBytes || recipientSecretKey.length != SecretKeyBytes { + + if senderPublicKey.count != PublicKeyBytes || recipientSecretKey.count != SecretKeyBytes { return nil } - guard let message = NSMutableData(length: authenticatedCipherText.length - MacBytes) else { - return nil - } - if crypto_box_open_easy(message.mutableBytesPtr(), authenticatedCipherText.bytesPtr(), CUnsignedLongLong(authenticatedCipherText.length), nonce.bytesPtr(), senderPublicKey.bytesPtr(), recipientSecretKey.bytesPtr()) != 0 { + + var message = Data(count: authenticatedCipherText.count - MacBytes) + let result = message.withUnsafeMutableBytes { messagePtr in + return authenticatedCipherText.withUnsafeBytes { authenticatedCipherTextPtr in + return nonce.withUnsafeBytes { noncePtr in + return senderPublicKey.withUnsafeBytes { senderPublicKeyPtr in + return recipientSecretKey.withUnsafeBytes { recipientSecretKeyPtr in + return crypto_box_open_easy( + messagePtr, + authenticatedCipherTextPtr, + CUnsignedLongLong(authenticatedCipherText.count), + noncePtr, + senderPublicKeyPtr, + recipientSecretKeyPtr) + } + } + } + } + } + + if result != 0 { return nil } + return message } - public func open(authenticatedCipherText: NSData, senderPublicKey: PublicKey, recipientSecretKey: SecretKey, nonce: Nonce, mac: MAC) -> NSData? { - if nonce.length != NonceBytes || mac.length != MacBytes { + public func open(authenticatedCipherText: Data, senderPublicKey: PublicKey, recipientSecretKey: SecretKey, nonce: Nonce, mac: MAC) -> Data? { + if nonce.count != NonceBytes || mac.count != MacBytes { return nil } - if senderPublicKey.length != PublicKeyBytes || recipientSecretKey.length != SecretKeyBytes { + if senderPublicKey.count != PublicKeyBytes || recipientSecretKey.count != SecretKeyBytes { return nil } - guard let message = NSMutableData(length: authenticatedCipherText.length) else { - return nil - } - if crypto_box_open_detached(message.mutableBytesPtr(), authenticatedCipherText.bytesPtr(), mac.bytesPtr(), CUnsignedLongLong(authenticatedCipherText.length), nonce.bytesPtr(), senderPublicKey.bytesPtr(), recipientSecretKey.bytesPtr()) != 0 { + var message = Data(count: authenticatedCipherText.count) + + let result = message.withUnsafeMutableBytes { messagePtr in + return authenticatedCipherText.withUnsafeBytes { authenticatedCipherTextPtr in + return mac.withUnsafeBytes { macPtr in + return nonce.withUnsafeBytes { noncePtr in + return senderPublicKey.withUnsafeBytes { senderPublicKeyPtr in + return recipientSecretKey.withUnsafeBytes { recipientSecretKeyPtr in + return crypto_box_open_detached( + messagePtr, + authenticatedCipherTextPtr, + macPtr, + CUnsignedLongLong(authenticatedCipherText.count), + noncePtr, + senderPublicKeyPtr, + recipientSecretKeyPtr) + } + } + } + } + } + } + + if result != 0 { return nil } + return message } - public func beforenm(recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> NSData? { - let key = NSMutableData(length: BeforenmBytes) - if crypto_box_beforenm(key!.mutableBytesPtr(), recipientPublicKey.bytesPtr(), senderSecretKey.bytesPtr()) != 0 { + public func beforenm(recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> Data? { + var key = Data(count: BeforenmBytes) + let result = key.withUnsafeMutableBytes { keyPtr in + return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in + return senderSecretKey.withUnsafeBytes { senderSecretKeyPtr in + return crypto_box_beforenm(keyPtr, recipientPublicKeyPtr, senderSecretKeyPtr) + } + } + } + + if result != 0 { return nil } + return key } - public func seal(message: NSData, beforenm: Beforenm) -> (authenticatedCipherText: NSData, nonce: Nonce)? { - if beforenm.length != BeforenmBytes { + public func seal(message: Data, beforenm: Beforenm) -> (authenticatedCipherText: Data, nonce: Nonce)? { + if beforenm.count != BeforenmBytes { return nil } - guard let authenticatedCipherText = NSMutableData(length: message.length + MacBytes) else { - return nil - } - guard let nonce = self.nonce() else { - return nil - } - if crypto_box_easy_afternm(authenticatedCipherText.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), nonce.bytesPtr(), beforenm.bytesPtr()) != 0 { + + var authenticatedCipherText = Data(count: message.count + MacBytes) + let nonce = self.nonce() + + let result = authenticatedCipherText.withUnsafeMutableBytes { authenticatedCipherTextPtr in + return message.withUnsafeBytes { messagePtr in + return nonce.withUnsafeBytes { noncePtr in + return beforenm.withUnsafeBytes { beforenmPtr in + return crypto_box_easy_afternm( + authenticatedCipherTextPtr, + messagePtr, + CUnsignedLongLong(message.count), + noncePtr, + beforenmPtr) + } + } + } + } + + if result != 0 { return nil } + return (authenticatedCipherText: authenticatedCipherText, nonce: nonce) } - public func open(nonceAndAuthenticatedCipherText: NSData, beforenm: Beforenm) -> NSData? { - if nonceAndAuthenticatedCipherText.length < NonceBytes + MacBytes { + public func open(nonceAndAuthenticatedCipherText: Data, beforenm: Beforenm) -> Data? { + if nonceAndAuthenticatedCipherText.count < NonceBytes + MacBytes { return nil } - let nonce = nonceAndAuthenticatedCipherText.subdata(with: NSRange(0.. NSData? { - if nonce.length != NonceBytes || authenticatedCipherText.length < MacBytes { + public func open(authenticatedCipherText: Data, beforenm: Beforenm, nonce: Nonce) -> Data? { + if nonce.count != NonceBytes || authenticatedCipherText.count < MacBytes { return nil } - if beforenm.length != BeforenmBytes { + + if beforenm.count != BeforenmBytes { return nil } - guard let message = NSMutableData(length: authenticatedCipherText.length - MacBytes) else { - return nil - } - if crypto_box_open_easy_afternm(message.mutableBytesPtr(), authenticatedCipherText.bytesPtr(), CUnsignedLongLong(authenticatedCipherText.length), nonce.bytesPtr(), beforenm.bytesPtr()) != 0 { + + var message = Data(count: authenticatedCipherText.count - MacBytes) + let result = message.withUnsafeMutableBytes { messagePtr in + return authenticatedCipherText.withUnsafeBytes { authenticatedCipherTextPtr in + return nonce.withUnsafeBytes { noncePtr in + return beforenm.withUnsafeBytes { beforenmPtr in + return crypto_box_open_easy_afternm( + messagePtr, + authenticatedCipherTextPtr, + CUnsignedLongLong(authenticatedCipherText.count), + noncePtr, + beforenmPtr) + } + } + } + } + + if result != 0 { return nil } + return message } - public func seal(message: NSData, beforenm: Beforenm) -> NSData? { - guard let (authenticatedCipherText, nonce): (NSData, Nonce) = seal(message: message, beforenm: beforenm) else { + public func seal(message: Data, beforenm: Beforenm) -> Data? { + guard let (authenticatedCipherText, nonce): (Data, Nonce) = seal(message: message, beforenm: beforenm) else { return nil } - let nonceAndAuthenticatedCipherText = NSMutableData(data: nonce as Data) - nonceAndAuthenticatedCipherText.append(authenticatedCipherText as Data) + + var nonceAndAuthenticatedCipherText = nonce + nonceAndAuthenticatedCipherText.append(authenticatedCipherText) return nonceAndAuthenticatedCipherText } - public func seal(message: NSData, recipientPublicKey: Box.PublicKey) -> NSData? { - if recipientPublicKey.length != PublicKeyBytes { + public func seal(message: Data, recipientPublicKey: Box.PublicKey) -> Data? { + if recipientPublicKey.count != PublicKeyBytes { return nil } - guard let anonymousCipherText = NSMutableData(length: SealBytes + message.length) else { - return nil - } - if crypto_box_seal(anonymousCipherText.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), recipientPublicKey.bytesPtr()) != 0 { + + var anonymousCipherText = Data(count: SealBytes + message.count) + let result = anonymousCipherText.withUnsafeMutableBytes { anonymousCipherTextPtr in + return message.withUnsafeBytes { messagePtr in + return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in + return crypto_box_seal( + anonymousCipherTextPtr, + messagePtr, + CUnsignedLongLong(message.count), + recipientPublicKeyPtr) + } + } + } + + if result != 0 { return nil } + return anonymousCipherText } - public func open(anonymousCipherText: NSData, recipientPublicKey: PublicKey, recipientSecretKey: SecretKey) -> NSData? { - if recipientPublicKey.length != PublicKeyBytes || recipientSecretKey.length != SecretKeyBytes || anonymousCipherText.length < SealBytes { + public func open(anonymousCipherText: Data, recipientPublicKey: PublicKey, recipientSecretKey: SecretKey) -> Data? { + if recipientPublicKey.count != PublicKeyBytes || recipientSecretKey.count != SecretKeyBytes || anonymousCipherText.count < SealBytes { return nil } - let message = NSMutableData(length: anonymousCipherText.length - SealBytes) - if message == nil { - return nil - } - if crypto_box_seal_open(message!.mutableBytesPtr(), anonymousCipherText.bytesPtr(), CUnsignedLongLong(anonymousCipherText.length), recipientPublicKey.bytesPtr(), recipientSecretKey.bytesPtr()) != 0 { + + var message = Data(count: anonymousCipherText.count - SealBytes) + let result = message.withUnsafeMutableBytes { messagePtr in + return anonymousCipherText.withUnsafeBytes { anonymousCipherTextPtr in + return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in + return recipientSecretKey.withUnsafeBytes { recipientSecretKeyPtr in + return crypto_box_seal_open( + messagePtr, + anonymousCipherTextPtr, + CUnsignedLongLong(anonymousCipherText.count), + recipientPublicKeyPtr, + recipientSecretKeyPtr) + } + } + } + } + + if result != 0 { return nil } + return message } } diff --git a/Sodium/GenericHash.swift b/Sodium/GenericHash.swift index bd459f9..a8fced6 100644 --- a/Sodium/GenericHash.swift +++ b/Sodium/GenericHash.swift @@ -15,37 +15,60 @@ public class GenericHash { public let KeybytesMin = Int(crypto_generichash_keybytes_min()) public let KeybytesMax = Int(crypto_generichash_keybytes_max()) public let Keybytes = Int(crypto_generichash_keybytes()) - public let Primitive = String.init(validatingUTF8:crypto_generichash_primitive()) + public let Primitive = String.init(validatingUTF8: crypto_generichash_primitive()) - public func hash(message: NSData, key: NSData? = nil) -> NSData? { + public func hash(message: Data, key: Data? = nil) -> Data? { return hash(message: message, key: key, outputLength: Bytes) } - public func hash(message: NSData, key: NSData?, outputLength: Int) -> NSData? { - guard let output = NSMutableData(length: outputLength) else { - return nil - } - var ret: CInt; + public func hash(message: Data, key: Data?, outputLength: Int) -> Data? { + var output = Data(count: outputLength) + var result: Int32 = -1 + if let key = key { - ret = crypto_generichash(output.mutableBytesPtr(), output.length, message.bytesPtr(), CUnsignedLongLong(message.length), key.bytesPtr(), key.length) + result = output.withUnsafeMutableBytes { outputPtr in + return message.withUnsafeBytes { messagePtr in + return key.withUnsafeBytes { keyPtr in + return crypto_generichash( + outputPtr, + output.count, + messagePtr, + CUnsignedLongLong(message.count), + keyPtr, + key.count) + } + } + } } else { - ret = crypto_generichash(output.mutableBytesPtr(), output.length, message.bytesPtr(), CUnsignedLongLong(message.length), nil, 0) + result = output.withUnsafeMutableBytes { outputPtr in + return message.withUnsafeBytes { messagePtr in + return crypto_generichash( + outputPtr, + output.count, + messagePtr, + CUnsignedLongLong(message.count), + nil, + 0) + } + } } - if ret != 0 { + + if result != 0 { return nil } + return output } - public func hash(message: NSData, outputLength: Int) -> NSData? { - return hash(message: message, key: NSData(), outputLength: outputLength) + public func hash(message: Data, outputLength: Int) -> Data? { + return hash(message: message, key: nil, outputLength: outputLength) } - public func initStream(key: NSData? = nil) -> Stream? { + public func initStream(key: Data? = nil) -> Stream? { return Stream(key: key, outputLength: Bytes) } - public func initStream(key: NSData?, outputLength: Int) -> Stream? { + public func initStream(key: Data?, outputLength: Int) -> Stream? { return Stream(key: key, outputLength: outputLength) } @@ -57,20 +80,26 @@ public class GenericHash { public var outputLength: Int = 0 private var state: UnsafeMutablePointer? - init?(key: NSData?, outputLength: Int) { + init?(key: Data?, outputLength: Int) { state = UnsafeMutablePointer.allocate(capacity: 1) guard let state = state else { return nil } - var ret: CInt + + var result: Int32 = -1 + if let key = key { - ret = crypto_generichash_init(state, key.bytesPtr(), key.length, outputLength) + result = key.withUnsafeBytes { keyPtr in + crypto_generichash_init(state, keyPtr, key.count, outputLength) + } } else { - ret = crypto_generichash_init(state, nil, 0, outputLength) + result = crypto_generichash_init(state, nil, 0, outputLength) } - if ret != 0 { + + if result != 0 { return nil } + self.outputLength = outputLength; } @@ -78,17 +107,22 @@ public class GenericHash { state?.deallocate(capacity: 1) } - public func update(input: NSData) -> Bool { - return crypto_generichash_update(state!, input.bytesPtr(), CUnsignedLongLong(input.length)) == 0 + public func update(input: Data) -> Bool { + return input.withUnsafeBytes { inputPtr in + return crypto_generichash_update(state!, inputPtr, CUnsignedLongLong(input.count)) == 0 + } } - public func final() -> NSData? { - guard let output = NSMutableData(length: outputLength) else { - return nil - } - if crypto_generichash_final(state!, output.mutableBytesPtr(), output.length) != 0 { + public func final() -> Data? { + var output = Data(count: outputLength) + let result = output.withUnsafeMutableBytes { outputPtr in + crypto_generichash_final(state!, outputPtr, output.count) + } + + if result != 0 { return nil } + return output } } diff --git a/Sodium/NSData+Extensions.swift b/Sodium/NSData+Extensions.swift deleted file mode 100644 index f1b155c..0000000 --- a/Sodium/NSData+Extensions.swift +++ /dev/null @@ -1,23 +0,0 @@ -// -// InternalExtensions.swift -// Sodium -// -// Created by Frank Denis on 1/6/15. -// Copyright (c) 2015 Frank Denis. All rights reserved. -// - -import Foundation - -public extension NSData { - func bytesPtr() -> UnsafePointer{ - let rawBytes = self.bytes - return rawBytes.assumingMemoryBound(to: T.self); - } -} - -public extension NSMutableData { - func mutableBytesPtr() -> UnsafeMutablePointer{ - let rawBytes = self.mutableBytes - return rawBytes.assumingMemoryBound(to: T.self) - } -} diff --git a/Sodium/PWHash.swift b/Sodium/PWHash.swift index 2cba544..62dedff 100644 --- a/Sodium/PWHash.swift +++ b/Sodium/PWHash.swift @@ -19,33 +19,67 @@ public class PWHash { public let MemLimitModerate = Int(crypto_pwhash_memlimit_moderate()) public let MemLimitSensitive = Int(crypto_pwhash_memlimit_sensitive()) - public func str(passwd: NSData, opsLimit: Int, memLimit: Int) -> String? { - guard let output = NSMutableData(length: StrBytes) else { + public func str(passwd: Data, opsLimit: Int, memLimit: Int) -> String? { + var output = Data(count: StrBytes) + let result = output.withUnsafeMutableBytes { outputPtr in + return passwd.withUnsafeBytes { passwdPtr in + return crypto_pwhash_str(outputPtr, + passwdPtr, + CUnsignedLongLong(passwd.count), + CUnsignedLongLong(opsLimit), + size_t(memLimit)) + } + } + + if result != 0 { return nil } - if crypto_pwhash_str(output.mutableBytesPtr(), passwd.bytesPtr(), CUnsignedLongLong(passwd.length), CUnsignedLongLong(opsLimit), size_t(memLimit)) != 0 { - return nil - } - return NSString(data: output as Data, encoding: String.Encoding.utf8.rawValue) as String? + + return String(data: output, encoding: .utf8) } - public func strVerify(hash: String, passwd: NSData) -> Bool { - guard let hashData = (hash + "\0").data(using: String.Encoding.utf8, allowLossyConversion: false) else { + public func strVerify(hash: String, passwd: Data) -> Bool { + guard let hashData = (hash + "\0").data(using: .utf8, allowLossyConversion: false) else { return false } - return crypto_pwhash_str_verify((hashData as NSData).bytesPtr(), passwd.bytesPtr(), CUnsignedLongLong(passwd.length)) == 0 + + return hashData.withUnsafeBytes { hashPtr in + return passwd.withUnsafeBytes { passwdPtr in + return crypto_pwhash_str_verify( + hashPtr, + passwdPtr, + CUnsignedLongLong(passwd.count)) == 0 + } + } } - public func hash(outputLength: Int, passwd: NSData, salt: NSData, opsLimit: Int, memLimit: Int) -> NSData? { - if salt.length != SaltBytes { + public func hash(outputLength: Int, passwd: Data, salt: Data, opsLimit: Int, memLimit: Int) -> Data? { + if salt.count != SaltBytes { return nil } - guard let output = NSMutableData(length: outputLength) else { - return nil - } - if crypto_pwhash(output.mutableBytesPtr(), CUnsignedLongLong(outputLength), passwd.bytesPtr(), CUnsignedLongLong(passwd.length), salt.bytesPtr(), CUnsignedLongLong(opsLimit), size_t(memLimit), crypto_pwhash_ALG_DEFAULT) != 0 { + + var output = Data(count: outputLength) + + let result = passwd.withUnsafeBytes { passwdPtr in + return salt.withUnsafeBytes { saltPtr in + return output.withUnsafeMutableBytes { outputPtr in + return crypto_pwhash( + outputPtr, + CUnsignedLongLong(outputLength), + passwdPtr, + CUnsignedLongLong(passwd.count), + saltPtr, + CUnsignedLongLong(opsLimit), + size_t(memLimit), + crypto_pwhash_ALG_DEFAULT) + } + } + } + + if result != 0 { return nil } + return output } @@ -60,33 +94,69 @@ public class PWHash { public let MemLimitInteractive = Int(crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) public let MemLimitSensitive = Int(crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive()) - public func str(passwd: NSData, opsLimit: Int, memLimit: Int) -> String? { - guard let output = NSMutableData(length: StrBytes) else { + public func str(passwd: Data, opsLimit: Int, memLimit: Int) -> String? { + var output = Data(count: StrBytes) + + let result = output.withUnsafeMutableBytes { outputPtr in + return passwd.withUnsafeBytes { passwdPtr in + crypto_pwhash_scryptsalsa208sha256_str( + outputPtr, + passwdPtr, + CUnsignedLongLong(passwd.count), + CUnsignedLongLong(opsLimit), + size_t(memLimit)) + } + } + + if result != 0 { return nil } - if crypto_pwhash_scryptsalsa208sha256_str(output.mutableBytesPtr(), passwd.bytesPtr(), CUnsignedLongLong(passwd.length), CUnsignedLongLong(opsLimit), size_t(memLimit)) != 0 { - return nil - } - return NSString(data: output as Data, encoding: String.Encoding.utf8.rawValue) as String? + + return String(data: output, encoding: .utf8) } - public func strVerify(hash: String, passwd: NSData) -> Bool { - guard let hashData = (hash + "\0").data(using: String.Encoding.utf8, allowLossyConversion: false) else { + public func strVerify(hash: String, passwd: Data) -> Bool { + guard let hashData = (hash + "\0").data(using: .utf8, allowLossyConversion: false) else { return false } - return crypto_pwhash_scryptsalsa208sha256_str_verify((hashData as NSData).bytesPtr(), passwd.bytesPtr(), CUnsignedLongLong(passwd.length)) == 0 + + return hashData.withUnsafeBytes { hashDataPtr in + return passwd.withUnsafeBytes { passwdPtr in + return crypto_pwhash_scryptsalsa208sha256_str_verify( + hashDataPtr, + passwdPtr, + CUnsignedLongLong(passwd.count)) == 0 + } + } + } - public func hash(outputLength: Int, passwd: NSData, salt: NSData, opsLimit: Int, memLimit: Int) -> NSData? { - if salt.length != SaltBytes { + public func hash(outputLength: Int, passwd: Data, salt: Data, opsLimit: Int, memLimit: Int) -> Data? { + if salt.count != SaltBytes { return nil } - guard let output = NSMutableData(length: outputLength) else { - return nil - } - if crypto_pwhash_scryptsalsa208sha256(output.mutableBytesPtr(), CUnsignedLongLong(outputLength), passwd.bytesPtr(), CUnsignedLongLong(passwd.length), salt.bytesPtr(), CUnsignedLongLong(opsLimit), size_t(memLimit)) != 0 { + + var output = Data(count: outputLength) + + let result = output.withUnsafeMutableBytes { outputPtr in + return passwd.withUnsafeBytes { passwdPtr in + return salt.withUnsafeBytes { saltPtr in + return crypto_pwhash_scryptsalsa208sha256( + outputPtr, + CUnsignedLongLong(outputLength), + passwdPtr, + CUnsignedLongLong(passwd.count), + saltPtr, + CUnsignedLongLong(opsLimit), + size_t(memLimit)) + } + } + } + + if result != 0 { return nil } + return output } } diff --git a/Sodium/RandomBytes.swift b/Sodium/RandomBytes.swift index fa1e3f2..c674d31 100644 --- a/Sodium/RandomBytes.swift +++ b/Sodium/RandomBytes.swift @@ -9,14 +9,14 @@ import Foundation public class RandomBytes { - public func buf(length: Int) -> NSData? { + public func buf(length: Int) -> Data? { if length < 0 { return nil } - guard let output = NSMutableData(length: length) else { - return nil + var output = Data(count: length) + output.withUnsafeMutableBytes { outputPtr in + randombytes_buf(outputPtr, output.count) } - randombytes_buf(output.mutableBytesPtr(), output.length) return output } diff --git a/Sodium/SecretBox.swift b/Sodium/SecretBox.swift index 21c9931..c2396a6 100644 --- a/Sodium/SecretBox.swift +++ b/Sodium/SecretBox.swift @@ -13,108 +13,171 @@ public class SecretBox { public let NonceBytes = Int(crypto_secretbox_noncebytes()) public let MacBytes = Int(crypto_secretbox_macbytes()) - public typealias Key = NSData - public typealias Nonce = NSData - public typealias MAC = NSData + public typealias Key = Data + public typealias Nonce = Data + public typealias MAC = Data public func key() -> Key? { - guard let k = NSMutableData(length: KeyBytes) else { - return nil + var k = Data(count: KeyBytes) + k.withUnsafeMutableBytes { kPtr in + randombytes_buf(kPtr, k.count) } - randombytes_buf(k.mutableBytesPtr(), k.length) return k } - public func nonce() -> Nonce? { - guard let n = NSMutableData(length: NonceBytes) else { - return nil + public func nonce() -> Nonce { + var n = Data(count: NonceBytes) + n.withUnsafeMutableBytes { nPtr in + randombytes_buf(nPtr, n.count) } - randombytes_buf(n.mutableBytesPtr(), n.length) return n } - public func seal(message: NSData, secretKey: Key) -> NSData? { - guard let (authenticatedCipherText, nonce): (NSData, Nonce) = seal(message: message, secretKey: secretKey) else { + public func seal(message: Data, secretKey: Key) -> Data? { + guard let (authenticatedCipherText, nonce): (Data, Nonce) = seal(message: message, secretKey: secretKey) else { return nil } - let nonceAndAuthenticatedCipherText = NSMutableData(data: nonce as Data) - nonceAndAuthenticatedCipherText.append(authenticatedCipherText as Data) + + var nonceAndAuthenticatedCipherText = nonce + nonceAndAuthenticatedCipherText.append(authenticatedCipherText) return nonceAndAuthenticatedCipherText } - public func seal(message: NSData, secretKey: Key) -> (authenticatedCipherText: NSData, nonce: Nonce)? { - if secretKey.length != KeyBytes { + public func seal(message: Data, secretKey: Key) -> (authenticatedCipherText: Data, nonce: Nonce)? { + if secretKey.count != KeyBytes { return nil } - guard let authenticatedCipherText = NSMutableData(length: message.length + MacBytes) else { - return nil - } - guard let nonce = self.nonce() else { - return nil - } - if crypto_secretbox_easy(authenticatedCipherText.mutableBytesPtr(), message.bytesPtr(), UInt64(message.length), nonce.bytesPtr(), secretKey.bytesPtr()) != 0 { + + var authenticatedCipherText = Data(count: message.count + MacBytes) + let nonce = self.nonce() + + let result = authenticatedCipherText.withUnsafeMutableBytes { authenticatedCipherTextPtr in + return message.withUnsafeBytes { messagePtr in + return nonce.withUnsafeBytes { noncePtr in + return secretKey.withUnsafeBytes { secretKeyPtr in + return crypto_secretbox_easy( + authenticatedCipherTextPtr, + messagePtr, + UInt64(message.count), + noncePtr, + secretKeyPtr) + } + } + } + } + + if result != 0 { return nil } + return (authenticatedCipherText: authenticatedCipherText, nonce: nonce) } - public func seal(message: NSData, secretKey: Key) -> (cipherText: NSData, nonce: Nonce, mac: MAC)? { - if secretKey.length != KeyBytes { + public func seal(message: Data, secretKey: Key) -> (cipherText: Data, nonce: Nonce, mac: MAC)? { + if secretKey.count != KeyBytes { return nil } - guard let cipherText = NSMutableData(length: message.length) else { - return nil - } - guard let mac = NSMutableData(length: MacBytes) else { - return nil - } - guard let nonce = self.nonce() else { - return nil - } - if crypto_secretbox_detached(cipherText.mutableBytesPtr(), mac.mutableBytesPtr(), message.bytesPtr(), UInt64(message.length), nonce.bytesPtr(), secretKey.bytesPtr()) != 0 { + + var cipherText = Data(count: message.count) + var mac = Data(count: MacBytes) + let nonce = self.nonce() + + let result = cipherText.withUnsafeMutableBytes { cipherTextPtr in + return mac.withUnsafeMutableBytes { macPtr in + return message.withUnsafeBytes { messagePtr in + return nonce.withUnsafeBytes { noncePtr in + return secretKey.withUnsafeBytes { secretKeyPtr in + return crypto_secretbox_detached( + cipherTextPtr, + macPtr, + messagePtr, + UInt64(message.count), + noncePtr, + secretKeyPtr) + } + } + } + } + } + + if result != 0 { return nil } + return (cipherText: cipherText, nonce: nonce, mac: mac) } - public func open(nonceAndAuthenticatedCipherText: NSData, secretKey: Key) -> NSData? { - if nonceAndAuthenticatedCipherText.length < MacBytes + NonceBytes { + public func open(nonceAndAuthenticatedCipherText: Data, secretKey: Key) -> Data? { + if nonceAndAuthenticatedCipherText.count < MacBytes + NonceBytes { return nil } - guard let _ = NSMutableData(length: nonceAndAuthenticatedCipherText.length - MacBytes - NonceBytes) else { - return nil - } - let nonce = nonceAndAuthenticatedCipherText.subdata(with: NSRange(0.. NSData? { - if authenticatedCipherText.length < MacBytes { + public func open(authenticatedCipherText: Data, secretKey: Key, nonce: Nonce) -> Data? { + if authenticatedCipherText.count < MacBytes { return nil } - guard let message = NSMutableData(length: authenticatedCipherText.length - MacBytes) else { - return nil - } - if crypto_secretbox_open_easy(message.mutableBytesPtr(), authenticatedCipherText.bytesPtr(), UInt64(authenticatedCipherText.length), nonce.bytesPtr(), secretKey.bytesPtr()) != 0 { + + var message = Data(count: authenticatedCipherText.count - MacBytes) + + let result = message.withUnsafeMutableBytes { messagePtr in + return authenticatedCipherText.withUnsafeBytes { authenticatedCipherTextPtr in + return nonce.withUnsafeBytes { noncePtr in + return secretKey.withUnsafeBytes { secretKeyPtr in + return crypto_secretbox_open_easy( + messagePtr, + authenticatedCipherTextPtr, + UInt64(authenticatedCipherText.count), + noncePtr, + secretKeyPtr) + } + } + } + } + + if result != 0 { return nil } + return message } - public func open(cipherText: NSData, secretKey: Key, nonce: Nonce, mac: MAC) -> NSData? { - if nonce.length != NonceBytes || mac.length != MacBytes { + public func open(cipherText: Data, secretKey: Key, nonce: Nonce, mac: MAC) -> Data? { + if nonce.count != NonceBytes || mac.count != MacBytes { return nil } - if secretKey.length != KeyBytes { + + if secretKey.count != KeyBytes { return nil } - guard let message = NSMutableData(length: cipherText.length) else { - return nil - } - if crypto_secretbox_open_detached(message.mutableBytesPtr(), cipherText.bytesPtr(), mac.bytesPtr(), UInt64(cipherText.length), nonce.bytesPtr(), secretKey.bytesPtr()) != 0 { + + var message = Data(count: cipherText.count) + let result = message.withUnsafeMutableBytes { messagePtr in + return cipherText.withUnsafeBytes { cipherTextPtr in + return mac.withUnsafeBytes { macPtr in + return nonce.withUnsafeBytes { noncePtr in + return secretKey.withUnsafeBytes { secretKeyPtr in + return crypto_secretbox_open_detached( + messagePtr, + cipherTextPtr, + macPtr, + UInt64(cipherText.count), + noncePtr, + secretKeyPtr) + } + } + } + } + } + + if result != 0 { return nil } + return message } } diff --git a/Sodium/ShortHash.swift b/Sodium/ShortHash.swift index bab23c4..db72ec7 100644 --- a/Sodium/ShortHash.swift +++ b/Sodium/ShortHash.swift @@ -12,16 +12,25 @@ public class ShortHash { public let Bytes = Int(crypto_shorthash_bytes()) public let KeyBytes = Int(crypto_shorthash_keybytes()) - public func hash(message: NSData, key: NSData) -> NSData? { - if key.length != KeyBytes { + public func hash(message: Data, key: Data) -> Data? { + if key.count != KeyBytes { return nil } - guard let output = NSMutableData(length: Bytes) else { - return nil - } - if crypto_shorthash(output.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), key.bytesPtr()) != 0 { + + var output = Data(count: Bytes) + + let result = output.withUnsafeMutableBytes { outputPtr in + return message.withUnsafeBytes { messagePtr in + return key.withUnsafeBytes { keyPtr in + return crypto_shorthash(outputPtr, messagePtr, CUnsignedLongLong(message.count), keyPtr) + } + } + } + + if result != 0 { return nil } + return output } } diff --git a/Sodium/Sign.swift b/Sodium/Sign.swift index 8440ff7..7667d3a 100644 --- a/Sodium/Sign.swift +++ b/Sodium/Sign.swift @@ -13,10 +13,10 @@ public class Sign { public let PublicKeyBytes = Int(crypto_sign_publickeybytes()) public let SecretKeyBytes = Int(crypto_sign_secretkeybytes()) public let Bytes = Int(crypto_sign_bytes()) - public let Primitive = String.init(validatingUTF8:crypto_sign_primitive()) + public let Primitive = String(validatingUTF8: crypto_sign_primitive()) - public typealias PublicKey = NSData - public typealias SecretKey = NSData + public typealias PublicKey = Data + public typealias SecretKey = Data public struct KeyPair { public let publicKey: PublicKey @@ -29,84 +29,141 @@ public class Sign { } public func keyPair() -> KeyPair? { - guard let pk = NSMutableData(length: PublicKeyBytes) else { + var pk = Data(count: PublicKeyBytes) + var sk = Data(count: SecretKeyBytes) + + let result = pk.withUnsafeMutableBytes { pkPtr in + return sk.withUnsafeMutableBytes { skPtr in + return crypto_sign_keypair(pkPtr, skPtr) + } + } + + if result != 0 { return nil } - guard let sk = NSMutableData(length: SecretKeyBytes) else { - return nil - } - if crypto_sign_keypair(pk.mutableBytesPtr(), sk.mutableBytesPtr()) != 0 { - return nil - } - return KeyPair(publicKey: PublicKey(data: pk as Data), secretKey: SecretKey(data: sk as Data)) + + return KeyPair(publicKey: pk, + secretKey: sk) } - public func keyPair(seed: NSData) -> KeyPair? { - if seed.length != SeedBytes { + public func keyPair(seed: Data) -> KeyPair? { + if seed.count != SeedBytes { return nil } - guard let pk = NSMutableData(length: PublicKeyBytes) else { + + var pk = Data(count: PublicKeyBytes) + var sk = Data(count: SecretKeyBytes) + + let result = pk.withUnsafeMutableBytes { pkPtr in + return sk.withUnsafeMutableBytes { skPtr in + return seed.withUnsafeBytes { seedPtr in + return crypto_sign_seed_keypair(pkPtr, skPtr, seedPtr) + } + } + } + + if result != 0 { return nil } - guard let sk = NSMutableData(length: SecretKeyBytes) else { - return nil - } - if crypto_sign_seed_keypair(pk.mutableBytesPtr(), sk.mutableBytesPtr(), seed.bytesPtr()) != 0 { - return nil - } - return KeyPair(publicKey: PublicKey(data: pk as Data), secretKey: SecretKey(data: sk as Data)) + + return KeyPair(publicKey: pk, + secretKey: sk) } - public func sign(message: NSData, secretKey: SecretKey) -> NSData? { - if secretKey.length != SecretKeyBytes { + public func sign(message: Data, secretKey: SecretKey) -> Data? { + if secretKey.count != SecretKeyBytes { return nil } - guard let signedMessage = NSMutableData(length: message.length + Bytes) else { - return nil - } - if crypto_sign(signedMessage.mutableBytesPtr(), nil, message.bytesPtr(), CUnsignedLongLong(message.length), secretKey.bytesPtr()) != 0 { + + var signedMessage = Data(count: message.count + Bytes) + let result = signedMessage.withUnsafeMutableBytes { signedMessagePtr in + return message.withUnsafeBytes { messagePtr in + return secretKey.withUnsafeBytes { secretKeyPtr in + return crypto_sign( + signedMessagePtr, + nil, + messagePtr, + CUnsignedLongLong(message.count), + secretKeyPtr) + } + } + } + + if result != 0 { return nil } + return signedMessage } - public func signature(message: NSData, secretKey: SecretKey) -> NSData? { - if secretKey.length != SecretKeyBytes { + public func signature(message: Data, secretKey: SecretKey) -> Data? { + if secretKey.count != SecretKeyBytes { return nil } - guard let signature = NSMutableData(length: Bytes) else { - return nil - } - if crypto_sign_detached(signature.mutableBytesPtr(), nil, message.bytesPtr(), CUnsignedLongLong(message.length), secretKey.bytesPtr()) != 0 { + + var signature = Data(count: Bytes) + let result = signature.withUnsafeMutableBytes { signaturePtr in + return message.withUnsafeBytes { messagePtr in + return secretKey.withUnsafeBytes { secretKeyPtr in + return crypto_sign_detached( + signaturePtr, + nil, + messagePtr, + CUnsignedLongLong(message.count), + secretKeyPtr) + } + } + } + + if result != 0 { return nil } + return signature } - public func verify(signedMessage: NSData, publicKey: PublicKey) -> Bool { - let signature = signedMessage.subdata(with: NSRange(0.. Bool { + let signature = signedMessage.subdata(in: 0.. Bool { - if publicKey.length != PublicKeyBytes { + public func verify(message: Data, publicKey: PublicKey, signature: Data) -> Bool { + if publicKey.count != PublicKeyBytes { return false } - return crypto_sign_verify_detached(signature.bytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), publicKey.bytesPtr()) == 0 + + return signature.withUnsafeBytes { signaturePtr in + return message.withUnsafeBytes { messagePtr in + return publicKey.withUnsafeBytes { publicKeyPtr in + return crypto_sign_verify_detached( + signaturePtr, + messagePtr, + CUnsignedLongLong(message.count), publicKeyPtr) == 0 + } + } + } } - public func open(signedMessage: NSData, publicKey: PublicKey) -> NSData? { - if publicKey.length != PublicKeyBytes || signedMessage.length < Bytes { - return nil - } - guard let message = NSMutableData(length: signedMessage.length - Bytes) else { + public func open(signedMessage: Data, publicKey: PublicKey) -> Data? { + if publicKey.count != PublicKeyBytes || signedMessage.count < Bytes { return nil } + + var message = Data(count: signedMessage.count - Bytes) var mlen: CUnsignedLongLong = 0; - if crypto_sign_open(message.mutableBytesPtr(), &mlen, signedMessage.bytesPtr(), CUnsignedLongLong(signedMessage.length), publicKey.bytesPtr()) != 0 { + let result = message.withUnsafeMutableBytes { messagePtr in + return signedMessage.withUnsafeBytes { signedMessagePtr in + return publicKey.withUnsafeBytes { publicKeyPtr in + return crypto_sign_open(messagePtr, &mlen, signedMessagePtr, CUnsignedLongLong(signedMessage.count), publicKeyPtr) + } + } + } + + if result != 0 { return nil } + return message } } diff --git a/Sodium/Utils.swift b/Sodium/Utils.swift index 261783e..6944747 100644 --- a/Sodium/Utils.swift +++ b/Sodium/Utils.swift @@ -9,9 +9,6 @@ import Foundation public class Utils { - public func zero(data: NSMutableData) { - sodium_memzero(UnsafeMutableRawPointer(data.mutableBytes), data.length) - } public func zero(data: inout Data) { let count = data.count @@ -37,10 +34,6 @@ public class Utils { } } - public func equals(_ b1: NSData, _ b2: NSData) -> Bool { - return equals(b1 as Data, b2 as Data) - } - public func compare(_ b1: Data, _ b2: Data) -> Int? { if b1.count != b2.count { return nil @@ -56,10 +49,6 @@ public class Utils { } } - public func compare(_ b1: NSData, _ b2: NSData) -> Int? { - return compare(b1 as Data, b2 as Data) - } - public func bin2hex(bin: Data) -> String? { var hexData = Data(count: bin.count * 2 + 1) return hexData.withUnsafeMutableBytes { (hexPtr: UnsafeMutablePointer) -> String? in @@ -73,25 +62,34 @@ public class Utils { } } - public func bin2hex(bin: NSData) -> String? { - return bin2hex(bin: bin as Data) - } - - public func hex2bin(hex: String, ignore: String? = nil) -> NSData? { - guard let hexData = hex.data(using: String.Encoding.utf8, allowLossyConversion: false) else { + public func hex2bin(hex: String, ignore: String? = nil) -> Data? { + guard var hexData = hex.data(using: .utf8, allowLossyConversion: false) else { return nil } + let hexDataLen = hexData.count let binDataCapacity = hexDataLen / 2 - guard let binData = NSMutableData(length: binDataCapacity) else { - return nil - } + var binData = Data(count: binDataCapacity) var binDataLen: size_t = 0 let ignore_cstr = ignore != nil ? (ignore! as NSString).utf8String : nil - if sodium_hex2bin(binData.mutableBytesPtr(), binDataCapacity,(hexData as NSData).bytesPtr(), hexDataLen, ignore_cstr, &binDataLen, nil) != 0 { + + let result = binData.withUnsafeMutableBytes { binPtr in + return hexData.withUnsafeMutableBytes { hexPtr in + return sodium_hex2bin(binPtr, + binDataCapacity, + hexPtr, + hexDataLen, + ignore_cstr, + &binDataLen, + nil) + } + } + + if result != 0 { return nil } - binData.length = Int(binDataLen) + + binData.count = Int(binDataLen) return binData } } diff --git a/SodiumTests/ReadmeTests.swift b/SodiumTests/ReadmeTests.swift index 8d8da4b..15b3d62 100644 --- a/SodiumTests/ReadmeTests.swift +++ b/SodiumTests/ReadmeTests.swift @@ -15,133 +15,133 @@ class ReadmeTests : XCTestCase { let aliceKeyPair = sodium.box.keyPair()! let bobKeyPair = sodium.box.keyPair()! let message = "My Test Message".data(using:.utf8)! - - let encryptedMessageFromAliceToBob: NSData = - sodium.box.seal(message: message as NSData, + + let encryptedMessageFromAliceToBob: Data = + sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)! - + let messageVerifiedAndDecryptedByBob = sodium.box.open(nonceAndAuthenticatedCipherText: encryptedMessageFromAliceToBob, senderPublicKey: aliceKeyPair.publicKey, recipientSecretKey: bobKeyPair.secretKey) } - + func testAnonymousEncryptionSealedBoxes() { let sodium = Sodium()! let bobKeyPair = sodium.box.keyPair()! let message = "My Test Message".data(using:.utf8)! - + let encryptedMessageToBob = - sodium.box.seal(message: message as NSData, recipientPublicKey: bobKeyPair.publicKey)! - + sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey)! + let messageDecryptedByBob = sodium.box.open(anonymousCipherText: encryptedMessageToBob, recipientPublicKey: bobKeyPair.publicKey, recipientSecretKey: bobKeyPair.secretKey) } - + func testDetachedSignatures() { let sodium = Sodium()! let message = "My Test Message".data(using:.utf8)! let keyPair = sodium.sign.keyPair()! - let signature = sodium.sign.signature(message: message as NSData, secretKey: keyPair.secretKey)! - if sodium.sign.verify(message: message as NSData, + let signature = sodium.sign.signature(message: message, secretKey: keyPair.secretKey)! + if sodium.sign.verify(message: message, publicKey: keyPair.publicKey, signature: signature) { // signature is valid } } - + func testAttachedSignatures() { let sodium = Sodium()! let message = "My Test Message".data(using:.utf8)! let keyPair = sodium.sign.keyPair()! - let signedMessage = sodium.sign.sign(message: message as NSData, secretKey: keyPair.secretKey)! + let signedMessage = sodium.sign.sign(message: message, secretKey: keyPair.secretKey)! if let unsignedMessage = sodium.sign.open(signedMessage: signedMessage, publicKey: keyPair.publicKey) { // signature is valid } } - + func testSecretKeyAuthenticatedEncryption() { let sodium = Sodium()! let message = "My Test Message".data(using:.utf8)! let secretKey = sodium.secretBox.key()! - let encrypted: NSData = sodium.secretBox.seal(message: message as NSData, secretKey: secretKey)! + let encrypted: Data = sodium.secretBox.seal(message: message, secretKey: secretKey)! if let decrypted = sodium.secretBox.open(nonceAndAuthenticatedCipherText: encrypted, secretKey: secretKey) { // authenticator is valid, decrypted contains the original message } } - + func testDeterministicHashing() { let sodium = Sodium()! let message = "My Test Message".data(using:.utf8)! - let h = sodium.genericHash.hash(message: message as NSData) + let h = sodium.genericHash.hash(message: message ) } - + func testKeyedHashing() { let sodium = Sodium()! let message = "My Test Message".data(using:.utf8)! let key = "Secret key".data(using:.utf8)! - let h = sodium.genericHash.hash(message: message as NSData, key: key as NSData) + let h = sodium.genericHash.hash(message: message, key: key ) } - + func testStreaming() { let sodium = Sodium()! let message1 = "My Test ".data(using:.utf8)! let message2 = "Message".data(using:.utf8)! let key = "Secret key".data(using:.utf8)! - let stream = sodium.genericHash.initStream(key: key as NSData)! - stream.update(input: message1 as NSData) - stream.update(input: message2 as NSData) + let stream = sodium.genericHash.initStream(key: key )! + stream.update(input: message1 ) + stream.update(input: message2 ) let h = stream.final() } - + func testShortOutputHashing() { let sodium = Sodium()! let message = "My Test Message".data(using:.utf8)! let key = sodium.randomBytes.buf(length: sodium.shortHash.KeyBytes)! - let h = sodium.shortHash.hash(message: message as NSData, key: key as NSData) + let h = sodium.shortHash.hash(message: message, key: key ) } - + func testRandomNumberGeneration() { let sodium = Sodium()! let randomData = sodium.randomBytes.buf(length: 1000) } - + func testPasswordHashing() { let sodium = Sodium()! let password = "Correct Horse Battery Staple".data(using:.utf8)! - let hashedStr = sodium.pwHash.str(passwd: password as NSData, + let hashedStr = sodium.pwHash.str(passwd: password, opsLimit: sodium.pwHash.OpsLimitInteractive, memLimit: sodium.pwHash.MemLimitInteractive)! - - if sodium.pwHash.strVerify(hash: hashedStr, passwd: password as NSData) { + + if sodium.pwHash.strVerify(hash: hashedStr, passwd: password ) { // Password matches the given hash string } else { // Password doesn't match the given hash string } } - + func testZeroingMemory() { let sodium = Sodium()! - var dataToZero: NSMutableData = NSMutableData(data:"Message".data(using:.utf8)!) - sodium.utils.zero(data: dataToZero) + var dataToZero = "Message".data(using:.utf8)! + sodium.utils.zero(data: &dataToZero) } - + func testConstantTimeComparison() { let sodium = Sodium()! - let secret1: NSData = NSData(data:"Secret key".data(using:.utf8)!) - let secret2: NSData = NSData(data:"Secret key".data(using:.utf8)!) - let equality = sodium.utils.equals(b1: secret1, secret2) + let secret1 = "Secret key".data(using:.utf8)! + let secret2 = "Secret key".data(using:.utf8)! + let equality = sodium.utils.equals(secret1, secret2) } - + func testConstantTimeHexdecimalEncoding() { let sodium = Sodium()! - let data: NSData = NSData(data:"Secret key".data(using:.utf8)!) + let data = "Secret key".data(using:.utf8)! let hex = sodium.utils.bin2hex(bin: data) } - + func testHexDecimalDecoding() { let sodium = Sodium()! let data1 = sodium.utils.hex2bin(hex: "deadbeef") diff --git a/SodiumTests/SodiumTests.swift b/SodiumTests/SodiumTests.swift index e77b348..a4fb9c0 100644 --- a/SodiumTests/SodiumTests.swift +++ b/SodiumTests/SodiumTests.swift @@ -10,14 +10,14 @@ import XCTest import Sodium extension String { - func toData() -> NSData? { - return self.data(using: String.Encoding.utf8, allowLossyConversion: false) as NSData? + func toData() -> Data? { + return self.data(using: .utf8, allowLossyConversion: false) } } -extension NSData { +extension Data { func toString() -> String? { - return (NSString(data: self as Data, encoding: String.Encoding.utf8.rawValue) as! String) + return String(data: self, encoding: .utf8) } } @@ -37,19 +37,19 @@ class SodiumTests: XCTestCase { let aliceKeyPair = sodium.box.keyPair()! let bobKeyPair = sodium.box.keyPair()! - let encryptedMessageFromAliceToBob: NSData = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)! + let encryptedMessageFromAliceToBob: Data = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)! let decrypted = sodium.box.open(nonceAndAuthenticatedCipherText: encryptedMessageFromAliceToBob, senderPublicKey: bobKeyPair.publicKey, recipientSecretKey: aliceKeyPair.secretKey) XCTAssert(decrypted == message) - let (encryptedMessageFromAliceToBob2, nonce): (NSData, Box.Nonce) = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)! + let (encryptedMessageFromAliceToBob2, nonce): (Data, Box.Nonce) = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)! let decrypted2 = sodium.box.open(authenticatedCipherText: encryptedMessageFromAliceToBob2, senderPublicKey: aliceKeyPair.publicKey, recipientSecretKey: bobKeyPair.secretKey, nonce: nonce) XCTAssert(decrypted2 == message) - let (encryptedMessageFromAliceToBob3, nonce2, mac): (NSData, Box.Nonce, Box.MAC) = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)! + let (encryptedMessageFromAliceToBob3, nonce2, mac): (Data, Box.Nonce, Box.MAC) = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)! let decrypted3 = sodium.box.open(authenticatedCipherText: encryptedMessageFromAliceToBob3, senderPublicKey: aliceKeyPair.publicKey, recipientSecretKey: bobKeyPair.secretKey, nonce: nonce2, mac: mac) XCTAssert(decrypted3 == message) - let encryptedMessageToBob: NSData = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey)! + let encryptedMessageToBob: Data = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey)! let decrypted4 = sodium.box.open(anonymousCipherText: encryptedMessageToBob, recipientPublicKey: bobKeyPair.publicKey, recipientSecretKey: bobKeyPair.secretKey) XCTAssert(decrypted4 == message) @@ -61,11 +61,11 @@ class SodiumTests: XCTestCase { XCTAssert(aliceBeforenm == bobBeforenm) // Make sure the encryption using beforenm works - let encryptedMessageBeforenm: NSData = sodium.box.seal(message: message, beforenm: aliceBeforenm)! + let encryptedMessageBeforenm: Data = sodium.box.seal(message: message, beforenm: aliceBeforenm)! let decryptedBeforenm = sodium.box.open(nonceAndAuthenticatedCipherText: encryptedMessageBeforenm, beforenm: aliceBeforenm) XCTAssert(decryptedBeforenm == message) - let (encryptedMessageBeforenm2, nonceBeforenm): (NSData, Box.Nonce) = sodium.box.seal(message: message, beforenm: aliceBeforenm)! + let (encryptedMessageBeforenm2, nonceBeforenm): (Data, Box.Nonce) = sodium.box.seal(message: message, beforenm: aliceBeforenm)! let decryptedBeforenm2 = sodium.box.open(authenticatedCipherText: encryptedMessageBeforenm2, beforenm: aliceBeforenm, nonce: nonceBeforenm) XCTAssert(decryptedBeforenm2 == message) } @@ -75,7 +75,7 @@ class SodiumTests: XCTestCase { let secretKey = sodium.secretBox.key()! // test simple nonce + mac + message box - let encrypted: NSData = sodium.secretBox.seal(message: message, secretKey: secretKey)! + let encrypted: Data = sodium.secretBox.seal(message: message, secretKey: secretKey)! let decrypted = sodium.secretBox.open(nonceAndAuthenticatedCipherText: encrypted, secretKey: secretKey)! XCTAssert(decrypted == message) @@ -88,7 +88,7 @@ class SodiumTests: XCTestCase { let decrypted2 = sodium.secretBox.open(authenticatedCipherText: encrypted2, secretKey: secretKey, nonce: nonce2) XCTAssert(decrypted2 == message) - XCTAssertNil(sodium.secretBox.open(authenticatedCipherText: encrypted2, secretKey: secretKey, nonce: sodium.secretBox.nonce()!), "Shouldn't be able to decrypt with an invalid nonce") + XCTAssertNil(sodium.secretBox.open(authenticatedCipherText: encrypted2, secretKey: secretKey, nonce: sodium.secretBox.nonce()), "Shouldn't be able to decrypt with an invalid nonce") // test (message, nonce, mac) box let (encrypted3, nonce3, mac3) = sodium.secretBox.seal(message: message, secretKey: secretKey)! @@ -132,8 +132,8 @@ class SodiumTests: XCTestCase { let randomLen = 100 + Int(sodium.randomBytes.uniform(upperBound: 100)) let random1 = sodium.randomBytes.buf(length: randomLen)! let random2 = sodium.randomBytes.buf(length: randomLen)! - XCTAssert(random1.length == randomLen) - XCTAssert(random2.length == randomLen) + XCTAssert(random1.count == randomLen) + XCTAssert(random2.count == randomLen) XCTAssert(random1 != random2) var c1 = 0 @@ -179,18 +179,18 @@ class SodiumTests: XCTestCase { } func testUtils() { - let dataToZero = NSMutableData(bytes: [1, 2, 3, 4] as [UInt8], length: 4) - sodium.utils.zero(data: dataToZero) - XCTAssert(dataToZero.isEqual(to: Data(bytes: [0, 0, 0, 0] as [UInt8]))) + var dataToZero = Data(bytes: [1, 2, 3, 4] as [UInt8]) + sodium.utils.zero(data: &dataToZero) + XCTAssert(dataToZero == Data(bytes: [0, 0, 0, 0] as [UInt8])) var dataToZero2 = Data(bytes: [1, 2, 3, 4] as [UInt8]) sodium.utils.zero(data: &dataToZero2) XCTAssert(dataToZero2 == Data(bytes: [0, 0, 0, 0,] as [UInt8])) - let eq1 = NSData(bytes: [1, 2, 3, 4] as [UInt8], length: 4) - let eq2 = NSData(bytes: [1, 2, 3, 4] as [UInt8], length: 4) - let eq3 = NSData(bytes: [1, 2, 3, 5] as [UInt8], length: 4) - let eq4 = NSData(bytes: [1, 2, 3] as [UInt8], length: 3) + let eq1 = Data(bytes: [1, 2, 3, 4] as [UInt8]) + let eq2 = Data(bytes: [1, 2, 3, 4] as [UInt8]) + let eq3 = Data(bytes: [1, 2, 3, 5] as [UInt8]) + let eq4 = Data(bytes: [1, 2, 3] as [UInt8]) XCTAssert(sodium.utils.equals(eq1, eq2)) XCTAssert(!sodium.utils.equals(eq1, eq3)) @@ -202,7 +202,6 @@ class SodiumTests: XCTestCase { XCTAssert(sodium.utils.compare(eq1, eq4) == nil) let bin = sodium.utils.hex2bin(hex: "deadbeef")! - XCTAssert(bin.description == "") let hex = sodium.utils.bin2hex(bin: bin) XCTAssert(hex == "deadbeef") let bin2 = sodium.utils.hex2bin(hex: "de-ad be:ef", ignore: ":- ")! @@ -221,7 +220,7 @@ class SodiumTests: XCTestCase { XCTAssert(verify2 == false) let password3 = "My Test Message".toData()! - let salt = NSData(bytes: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32] as [UInt8], length: 32) + let salt = Data(bytes: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32] as [UInt8]) let hash2 = sodium.pwHash.scrypt.hash(outputLength: 64, passwd: password3, salt: salt, opsLimit: sodium.pwHash.scrypt.OpsLimitInteractive, memLimit: sodium.pwHash.scrypt.MemLimitInteractive) NSLog(sodium.utils.bin2hex(bin: hash2!)!) XCTAssert(sodium.utils.bin2hex(bin: hash2!)! == "6f00c5630b0a113be73721d2bab7800c0fce4b4e7a74451704b53afcded3d9e85fbe1acea7d2aa0fecb3027e35d745547b1041d6c51f731bd0aa934da89f7adf") @@ -239,7 +238,7 @@ class SodiumTests: XCTestCase { XCTAssert(verify2 == false) let password3 = "My Test Message".toData()! - let salt = NSData(bytes: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16] as [UInt8], length: 16) + let salt = Data(bytes: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16] as [UInt8]) let hash2 = sodium.pwHash.hash(outputLength: 64, passwd: password3, salt: salt, opsLimit: sodium.pwHash.OpsLimitInteractive, memLimit: sodium.pwHash.MemLimitInteractive) XCTAssert(sodium.utils.bin2hex(bin: hash2!)! == "51d659ee6f8790042688274c5bc8a6296390cdc786d2341c3553b01a5c3f7ff1190e04b86a878538b17ef10e74baa19295479f3e3ee587ce571f366fc66e2fdc") }