dnrops
/
swift-sodium
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update all interfaces to use the new Data type

This commit is contained in:
Nathan Kot 2017-01-10 20:34:00 +09:00
parent 981b0a7905
commit 3dd326d243
No known key found for this signature in database
GPG Key ID: 20BD11703257E7B9
15 changed files with 779 additions and 421 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Examples/CommonCode/Helpers.swift
View File

@ -9,23 +9,23 @@
import Foundation
extension String {
func toData() -> NSData? {
return self.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)
func toData() -> Data? {
return self.data(using: .utf8, allowLossyConversion: false)
}
}
extension Dictionary {
func toData() -> NSData? {
return NSKeyedArchiver.archivedDataWithRootObject(self as! AnyObject)
func toData() -> Data? {
return NSKeyedArchiver.archivedData(withRootObject: self) as Data?
}
}
extension NSData {
extension Data {
func toString() -> String? {
return (NSString(data: self, encoding: NSUTF8StringEncoding) as! String)
return String(data: self, encoding: .utf8)
}
func toDictionary() -> [String: AnyObject]? {
return NSKeyedUnarchiver.unarchiveObjectWithData(self) as? [String: AnyObject]
return NSKeyedUnarchiver.unarchiveObject(with: self) as? [String: AnyObject]
}
}

24
Examples/OSX/AppDelegate.swift
View File

@ -21,23 +21,25 @@ class AppDelegate: NSObject, NSApplicationDelegate {
let sodium = Sodium()!
let aliceKeyPair = sodium.box.keyPair()!
let bobKeyPair = sodium.box.keyPair()!
let message: NSData = "My Test Message".toData()!
let message = "My Test Message".toData()!
println("Original Message:\(message.toString())")
print("Original Message:\(message.toString())")
let encryptedMessageFromAliceToBob: NSData =
sodium.box.seal(message,
recipientPublicKey: bobKeyPair.publicKey,
senderSecretKey: aliceKeyPair.secretKey)!
let encryptedMessageFromAliceToBob: Data =
sodium.box.seal(
message: message,
recipientPublicKey: bobKeyPair.publicKey,
senderSecretKey: aliceKeyPair.secretKey)!
println("Encrypted Message:\(encryptedMessageFromAliceToBob)")
print("Encrypted Message:\(encryptedMessageFromAliceToBob)")
let messageVerifiedAndDecryptedByBob =
sodium.box.open(encryptedMessageFromAliceToBob,
senderPublicKey: bobKeyPair.publicKey,
recipientSecretKey: aliceKeyPair.secretKey)
sodium.box.open(
nonceAndAuthenticatedCipherText: encryptedMessageFromAliceToBob,
senderPublicKey: bobKeyPair.publicKey,
recipientSecretKey: aliceKeyPair.secretKey)
println("Decrypted Message:\(messageVerifiedAndDecryptedByBob!.toString())")
print("Decrypted Message:\(messageVerifiedAndDecryptedByBob!.toString())")
}

24
Examples/iOS/ViewController.swift
View File

@ -18,23 +18,25 @@ class ViewController: UIViewController {
let sodium = Sodium()!
let aliceKeyPair = sodium.box.keyPair()!
let bobKeyPair = sodium.box.keyPair()!
let message: NSData = "My Test Message".toData()!
let message = "My Test Message".toData()!
println("Original Message:\(message.toString())")
print("Original Message:\(message.toString())")
let encryptedMessageFromAliceToBob: NSData =
sodium.box.seal(message,
recipientPublicKey: bobKeyPair.publicKey,
senderSecretKey: aliceKeyPair.secretKey)!
let encryptedMessageFromAliceToBob: Data =
sodium.box.seal(
message: message,
recipientPublicKey: bobKeyPair.publicKey,
senderSecretKey: aliceKeyPair.secretKey)!
println("Encrypted Message:\(encryptedMessageFromAliceToBob)")
print("Encrypted Message:\(encryptedMessageFromAliceToBob)")
let messageVerifiedAndDecryptedByBob =
sodium.box.open(encryptedMessageFromAliceToBob,
senderPublicKey: bobKeyPair.publicKey,
recipientSecretKey: aliceKeyPair.secretKey)
sodium.box.open(
nonceAndAuthenticatedCipherText: encryptedMessageFromAliceToBob,
senderPublicKey: bobKeyPair.publicKey,
recipientSecretKey: aliceKeyPair.secretKey)
println("Decrypted Message:\(messageVerifiedAndDecryptedByBob!.toString())")
print("Decrypted Message:\(messageVerifiedAndDecryptedByBob!.toString())")
}

10
Sodium.xcodeproj/project.pbxproj
View File

@ -16,7 +16,6 @@
091782551CA164C70022765D /* crypto_pwhash.h in Headers */ = {isa = PBXBuildFile; fileRef = 0917824F1CA164970022765D /* crypto_pwhash.h */; settings = {ATTRIBUTES = (Public, ); }; };
091C7CDA1A507E95002E5351 /* ShortHash.swift in Sources */ = {isa = PBXBuildFile; fileRef = 091C7CD91A507E95002E5351 /* ShortHash.swift */; };
091C7CDC1A50839D002E5351 /* Sign.swift in Sources */ = {isa = PBXBuildFile; fileRef = 091C7CDB1A50839D002E5351 /* Sign.swift */; };
092D181A1A5BF5A700972F77 /* NSData+Extensions.swift in Sources */ = {isa = PBXBuildFile; fileRef = 092D18191A5BF5A700972F77 /* NSData+Extensions.swift */; };
094E49401BE6C7760053AC01 /* crypto_aead_aes256gcm.h in Headers */ = {isa = PBXBuildFile; fileRef = 094E493F1BE6C7760053AC01 /* crypto_aead_aes256gcm.h */; settings = {ATTRIBUTES = (Private, ); }; };
094E49411BE6C7D00053AC01 /* crypto_aead_aes256gcm.h in Headers */ = {isa = PBXBuildFile; fileRef = 094E493F1BE6C7760053AC01 /* crypto_aead_aes256gcm.h */; settings = {ATTRIBUTES = (Public, ); }; };
094F21EA1A5017CA001C3141 /* Box.swift in Sources */ = {isa = PBXBuildFile; fileRef = 094F21E91A5017CA001C3141 /* Box.swift */; };
@ -152,7 +151,6 @@
90C75EE51AE3583E00F1E749 /* Box.swift in Sources */ = {isa = PBXBuildFile; fileRef = 094F21E91A5017CA001C3141 /* Box.swift */; };
90C75EE61AE3583E00F1E749 /* SecretBox.swift in Sources */ = {isa = PBXBuildFile; fileRef = 038365141A5A51D20081136D /* SecretBox.swift */; };
90C75EE71AE3583E00F1E749 /* GenericHash.swift in Sources */ = {isa = PBXBuildFile; fileRef = 095D80561A4ED0B4000B83F9 /* GenericHash.swift */; };
90C75EE81AE3583E00F1E749 /* NSData+Extensions.swift in Sources */ = {isa = PBXBuildFile; fileRef = 092D18191A5BF5A700972F77 /* NSData+Extensions.swift */; };
90C75EE91AE3583E00F1E749 /* RandomBytes.swift in Sources */ = {isa = PBXBuildFile; fileRef = 095D805A1A4F35CA000B83F9 /* RandomBytes.swift */; };
90C75EEA1AE3583E00F1E749 /* ShortHash.swift in Sources */ = {isa = PBXBuildFile; fileRef = 091C7CD91A507E95002E5351 /* ShortHash.swift */; };
90C75EEB1AE3583E00F1E749 /* Sign.swift in Sources */ = {isa = PBXBuildFile; fileRef = 091C7CDB1A50839D002E5351 /* Sign.swift */; };
@ -179,7 +177,6 @@
0917824F1CA164970022765D /* crypto_pwhash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_pwhash.h; sourceTree = "<group>"; };
091C7CD91A507E95002E5351 /* ShortHash.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ShortHash.swift; sourceTree = "<group>"; };
091C7CDB1A50839D002E5351 /* Sign.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Sign.swift; sourceTree = "<group>"; };
092D18191A5BF5A700972F77 /* NSData+Extensions.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "NSData+Extensions.swift"; sourceTree = "<group>"; };
094E493F1BE6C7760053AC01 /* crypto_aead_aes256gcm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_aead_aes256gcm.h; sourceTree = "<group>"; };
094F21E91A5017CA001C3141 /* Box.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Box.swift; sourceTree = "<group>"; };
095D80541A4ECCD7000B83F9 /* Sodium.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Sodium.swift; sourceTree = "<group>"; };
@ -344,7 +341,6 @@
038365141A5A51D20081136D /* SecretBox.swift */,
095D80561A4ED0B4000B83F9 /* GenericHash.swift */,
097F20D91AF127480088C2FE /* PWHash.swift */,
092D18191A5BF5A700972F77 /* NSData+Extensions.swift */,
095D805A1A4F35CA000B83F9 /* RandomBytes.swift */,
091C7CD91A507E95002E5351 /* ShortHash.swift */,
091C7CDB1A50839D002E5351 /* Sign.swift */,
@ -830,7 +826,6 @@
buildActionMask = 2147483647;
files = (
095D80551A4ECCD7000B83F9 /* Sodium.swift in Sources */,
092D181A1A5BF5A700972F77 /* NSData+Extensions.swift in Sources */,
097F20DA1AF127480088C2FE /* PWHash.swift in Sources */,
038365151A5A51D20081136D /* SecretBox.swift in Sources */,
095D805D1A4F4F72000B83F9 /* Utils.swift in Sources */,
@ -878,7 +873,6 @@
90C75EE61AE3583E00F1E749 /* SecretBox.swift in Sources */,
CFD847281BA8120900B1260F /* PWHash.swift in Sources */,
90C75EE71AE3583E00F1E749 /* GenericHash.swift in Sources */,
90C75EE81AE3583E00F1E749 /* NSData+Extensions.swift in Sources */,
90C75EE91AE3583E00F1E749 /* RandomBytes.swift in Sources */,
90C75EEA1AE3583E00F1E749 /* ShortHash.swift in Sources */,
90C75EEB1AE3583E00F1E749 /* Sign.swift in Sources */,
@ -1139,6 +1133,7 @@
CODE_SIGN_IDENTITY = "-";
COMBINE_HIDPI_IMAGES = YES;
DEBUG_INFORMATION_FORMAT = dwarf;
ENABLE_BITCODE = NO;
GCC_NO_COMMON_BLOCKS = YES;
GCC_PREPROCESSOR_DEFINITIONS = (
"DEBUG=1",
@ -1161,6 +1156,7 @@
COMBINE_HIDPI_IMAGES = YES;
COPY_PHASE_STRIP = NO;
DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
ENABLE_BITCODE = NO;
GCC_NO_COMMON_BLOCKS = YES;
INFOPLIST_FILE = Examples/OSX/Info.plist;
LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks";
@ -1180,6 +1176,7 @@
DYLIB_COMPATIBILITY_VERSION = 1;
DYLIB_CURRENT_VERSION = 1;
DYLIB_INSTALL_NAME_BASE = "@rpath";
ENABLE_BITCODE = NO;
FRAMEWORK_VERSION = A;
GCC_NO_COMMON_BLOCKS = YES;
GCC_PREPROCESSOR_DEFINITIONS = (
@ -1211,6 +1208,7 @@
DYLIB_COMPATIBILITY_VERSION = 1;
DYLIB_CURRENT_VERSION = 1;
DYLIB_INSTALL_NAME_BASE = "@rpath";
ENABLE_BITCODE = NO;
FRAMEWORK_VERSION = A;
GCC_NO_COMMON_BLOCKS = YES;
INFOPLIST_FILE = "$(SRCROOT)/Sodium/Info.plist";

371
Sodium/Box.swift
View File

@ -18,11 +18,11 @@ public class Box {
public let BeforenmBytes = Int(crypto_box_beforenmbytes())
public let SealBytes = Int(crypto_box_sealbytes())
public typealias PublicKey = NSData
public typealias SecretKey = NSData
public typealias Nonce = NSData
public typealias MAC = NSData
public typealias Beforenm = NSData
public typealias PublicKey = Data
public typealias SecretKey = Data
public typealias Nonce = Data
public typealias MAC = Data
public typealias Beforenm = Data
public struct KeyPair {
public let publicKey: PublicKey
@ -35,209 +35,358 @@ public class Box {
}
public func keyPair() -> KeyPair? {
guard let pk = NSMutableData(length: PublicKeyBytes) else {
var pk = Data(count: PublicKeyBytes)
var sk = Data(count: SecretKeyBytes)
let result = pk.withUnsafeMutableBytes { pkPtr in
return sk.withUnsafeMutableBytes { skPtr in
return crypto_box_keypair(pkPtr, skPtr)
}
}
if result != 0 {
return nil
}
guard let sk = NSMutableData(length: SecretKeyBytes) else {
return nil
}
if crypto_box_keypair(pk.mutableBytesPtr(), sk.mutableBytesPtr()) != 0 {
return nil
}
return KeyPair(publicKey: PublicKey(data: pk as Data), secretKey: SecretKey(data: sk as Data))
return KeyPair(publicKey: pk, secretKey: sk)
}
public func keyPair(seed: NSData) -> KeyPair? {
if seed.length != SeedBytes {
public func keyPair(seed: Data) -> KeyPair? {
if seed.count != SeedBytes {
return nil
}
guard let pk = NSMutableData(length: PublicKeyBytes) else {
var pk = Data(count: PublicKeyBytes)
var sk = Data(count: SecretKeyBytes)
let result = pk.withUnsafeMutableBytes { pkPtr in
return sk.withUnsafeMutableBytes { skPtr in
return seed.withUnsafeBytes { seedPtr in
return crypto_box_seed_keypair(pkPtr, skPtr, seedPtr)
}
}
}
if result != 0 {
return nil
}
guard let sk = NSMutableData(length: SecretKeyBytes) else {
return nil
}
if crypto_box_seed_keypair(pk.mutableBytesPtr(), sk.mutableBytesPtr(), seed.bytesPtr()) != 0 {
return nil
}
return KeyPair(publicKey: PublicKey(data: pk as Data), secretKey: SecretKey(data: sk as Data))
return KeyPair(publicKey: pk, secretKey: sk)
}
public func nonce() -> Nonce? {
guard let nonce = NSMutableData(length: NonceBytes) else {
return nil
public func nonce() -> Nonce {
var nonce = Data(count: NonceBytes)
nonce.withUnsafeMutableBytes { noncePtr in
randombytes_buf(noncePtr, nonce.count)
}
randombytes_buf(nonce.mutableBytesPtr(), nonce.length)
return nonce as Nonce
return nonce
}
public func seal(message: NSData, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> NSData? {
guard let (authenticatedCipherText, nonce): (NSData, Nonce) = seal(message: message, recipientPublicKey: recipientPublicKey, senderSecretKey: senderSecretKey) else {
public func seal(message: Data, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> Data? {
guard let (authenticatedCipherText, nonce): (Data, Nonce) = seal(message: message, recipientPublicKey: recipientPublicKey, senderSecretKey: senderSecretKey) else {
return nil
}
let nonceAndAuthenticatedCipherText = NSMutableData(data: nonce as Data)
nonceAndAuthenticatedCipherText.append(authenticatedCipherText as Data)
var nonceAndAuthenticatedCipherText = nonce
nonceAndAuthenticatedCipherText.append(authenticatedCipherText)
return nonceAndAuthenticatedCipherText
}
public func seal(message: NSData, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> (authenticatedCipherText: NSData, nonce: Nonce)? {
if recipientPublicKey.length != PublicKeyBytes || senderSecretKey.length != SecretKeyBytes {
public func seal(message: Data, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> (authenticatedCipherText: Data, nonce: Nonce)? {
if recipientPublicKey.count != PublicKeyBytes || senderSecretKey.count != SecretKeyBytes {
return nil
}
guard let authenticatedCipherText = NSMutableData(length: message.length + MacBytes) else {
return nil
}
guard let nonce = self.nonce() else {
return nil
}
if crypto_box_easy(authenticatedCipherText.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), nonce.bytesPtr(), recipientPublicKey.bytesPtr(), senderSecretKey.bytesPtr()) != 0 {
var authenticatedCipherText = Data(count: message.count + MacBytes)
let nonce = self.nonce()
let result = authenticatedCipherText.withUnsafeMutableBytes { authenticatedCipherTextPtr in
return message.withUnsafeBytes { messagePtr in
return nonce.withUnsafeBytes { noncePtr in
return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in
return senderSecretKey.withUnsafeBytes { senderSecretKeyPtr in
return crypto_box_easy(
authenticatedCipherTextPtr,
messagePtr,
CUnsignedLongLong(message.count),
noncePtr,
recipientPublicKeyPtr,
senderSecretKeyPtr)
}
}
}
}
}
if result != 0 {
return nil
}
return (authenticatedCipherText: authenticatedCipherText, nonce: nonce)
}
public func seal(message: NSData, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> (authenticatedCipherText: NSData, nonce: Nonce, mac: MAC)? {
if recipientPublicKey.length != PublicKeyBytes || senderSecretKey.length != SecretKeyBytes {
public func seal(message: Data, recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> (authenticatedCipherText: Data, nonce: Nonce, mac: MAC)? {
if recipientPublicKey.count != PublicKeyBytes || senderSecretKey.count != SecretKeyBytes {
return nil
}
guard let authenticatedCipherText = NSMutableData(length: message.length) else {
return nil
}
guard let mac = NSMutableData(length: MacBytes) else {
return nil
}
guard let nonce = self.nonce() else {
return nil
}
if crypto_box_detached(authenticatedCipherText.mutableBytesPtr(), mac.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), nonce.bytesPtr(), recipientPublicKey.bytesPtr(), senderSecretKey.bytesPtr()) != 0 {
var authenticatedCipherText = Data(count: message.count)
var mac = Data(count: MacBytes)
let nonce = self.nonce()
let result = authenticatedCipherText.withUnsafeMutableBytes { authenticatedCipherTextPtr in
return mac.withUnsafeMutableBytes { macPtr in
return message.withUnsafeBytes { messagePtr in
return nonce.withUnsafeBytes { noncePtr in
return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in
return senderSecretKey.withUnsafeBytes { senderSecretKeyPtr in
return crypto_box_detached(
authenticatedCipherTextPtr,
macPtr,
messagePtr,
CUnsignedLongLong(message.count),
noncePtr,
recipientPublicKeyPtr,
senderSecretKeyPtr)
}
}
}
}
}
}
if result != 0 {
return nil
}
return (authenticatedCipherText: authenticatedCipherText, nonce: nonce as Nonce, mac: mac as MAC)
}
public func open(nonceAndAuthenticatedCipherText: NSData, senderPublicKey: PublicKey, recipientSecretKey: SecretKey) -> NSData? {
if nonceAndAuthenticatedCipherText.length < NonceBytes + MacBytes {
public func open(nonceAndAuthenticatedCipherText: Data, senderPublicKey: PublicKey, recipientSecretKey: SecretKey) -> Data? {
if nonceAndAuthenticatedCipherText.count < NonceBytes + MacBytes {
return nil
}
let nonce = nonceAndAuthenticatedCipherText.subdata(with: NSRange(0..<NonceBytes)) as Nonce
let authenticatedCipherText = nonceAndAuthenticatedCipherText.subdata(with: NSRange(NonceBytes..<nonceAndAuthenticatedCipherText.length)) as NSData
let nonce = nonceAndAuthenticatedCipherText.subdata(in: 0..<NonceBytes) as Nonce
let authenticatedCipherText = nonceAndAuthenticatedCipherText.subdata(in: NonceBytes..<nonceAndAuthenticatedCipherText.count)
return open(authenticatedCipherText: authenticatedCipherText, senderPublicKey: senderPublicKey, recipientSecretKey: recipientSecretKey, nonce: nonce)
}
public func open(authenticatedCipherText: NSData, senderPublicKey: PublicKey, recipientSecretKey: SecretKey, nonce: Nonce) -> NSData? {
if nonce.length != NonceBytes || authenticatedCipherText.length < MacBytes {
public func open(authenticatedCipherText: Data, senderPublicKey: PublicKey, recipientSecretKey: SecretKey, nonce: Nonce) -> Data? {
if nonce.count != NonceBytes || authenticatedCipherText.count < MacBytes {
return nil
}
if senderPublicKey.length != PublicKeyBytes || recipientSecretKey.length != SecretKeyBytes {
if senderPublicKey.count != PublicKeyBytes || recipientSecretKey.count != SecretKeyBytes {
return nil
}
guard let message = NSMutableData(length: authenticatedCipherText.length - MacBytes) else {
return nil
}
if crypto_box_open_easy(message.mutableBytesPtr(), authenticatedCipherText.bytesPtr(), CUnsignedLongLong(authenticatedCipherText.length), nonce.bytesPtr(), senderPublicKey.bytesPtr(), recipientSecretKey.bytesPtr()) != 0 {
var message = Data(count: authenticatedCipherText.count - MacBytes)
let result = message.withUnsafeMutableBytes { messagePtr in
return authenticatedCipherText.withUnsafeBytes { authenticatedCipherTextPtr in
return nonce.withUnsafeBytes { noncePtr in
return senderPublicKey.withUnsafeBytes { senderPublicKeyPtr in
return recipientSecretKey.withUnsafeBytes { recipientSecretKeyPtr in
return crypto_box_open_easy(
messagePtr,
authenticatedCipherTextPtr,
CUnsignedLongLong(authenticatedCipherText.count),
noncePtr,
senderPublicKeyPtr,
recipientSecretKeyPtr)
}
}
}
}
}
if result != 0 {
return nil
}
return message
}
public func open(authenticatedCipherText: NSData, senderPublicKey: PublicKey, recipientSecretKey: SecretKey, nonce: Nonce, mac: MAC) -> NSData? {
if nonce.length != NonceBytes || mac.length != MacBytes {
public func open(authenticatedCipherText: Data, senderPublicKey: PublicKey, recipientSecretKey: SecretKey, nonce: Nonce, mac: MAC) -> Data? {
if nonce.count != NonceBytes || mac.count != MacBytes {
return nil
}
if senderPublicKey.length != PublicKeyBytes || recipientSecretKey.length != SecretKeyBytes {
if senderPublicKey.count != PublicKeyBytes || recipientSecretKey.count != SecretKeyBytes {
return nil
}
guard let message = NSMutableData(length: authenticatedCipherText.length) else {
return nil
}
if crypto_box_open_detached(message.mutableBytesPtr(), authenticatedCipherText.bytesPtr(), mac.bytesPtr(), CUnsignedLongLong(authenticatedCipherText.length), nonce.bytesPtr(), senderPublicKey.bytesPtr(), recipientSecretKey.bytesPtr()) != 0 {
var message = Data(count: authenticatedCipherText.count)
let result = message.withUnsafeMutableBytes { messagePtr in
return authenticatedCipherText.withUnsafeBytes { authenticatedCipherTextPtr in
return mac.withUnsafeBytes { macPtr in
return nonce.withUnsafeBytes { noncePtr in
return senderPublicKey.withUnsafeBytes { senderPublicKeyPtr in
return recipientSecretKey.withUnsafeBytes { recipientSecretKeyPtr in
return crypto_box_open_detached(
messagePtr,
authenticatedCipherTextPtr,
macPtr,
CUnsignedLongLong(authenticatedCipherText.count),
noncePtr,
senderPublicKeyPtr,
recipientSecretKeyPtr)
}
}
}
}
}
}
if result != 0 {
return nil
}
return message
}
public func beforenm(recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> NSData? {
let key = NSMutableData(length: BeforenmBytes)
if crypto_box_beforenm(key!.mutableBytesPtr(), recipientPublicKey.bytesPtr(), senderSecretKey.bytesPtr()) != 0 {
public func beforenm(recipientPublicKey: PublicKey, senderSecretKey: SecretKey) -> Data? {
var key = Data(count: BeforenmBytes)
let result = key.withUnsafeMutableBytes { keyPtr in
return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in
return senderSecretKey.withUnsafeBytes { senderSecretKeyPtr in
return crypto_box_beforenm(keyPtr, recipientPublicKeyPtr, senderSecretKeyPtr)
}
}
}
if result != 0 {
return nil
}
return key
}
public func seal(message: NSData, beforenm: Beforenm) -> (authenticatedCipherText: NSData, nonce: Nonce)? {
if beforenm.length != BeforenmBytes {
public func seal(message: Data, beforenm: Beforenm) -> (authenticatedCipherText: Data, nonce: Nonce)? {
if beforenm.count != BeforenmBytes {
return nil
}
guard let authenticatedCipherText = NSMutableData(length: message.length + MacBytes) else {
return nil
}
guard let nonce = self.nonce() else {
return nil
}
if crypto_box_easy_afternm(authenticatedCipherText.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), nonce.bytesPtr(), beforenm.bytesPtr()) != 0 {
var authenticatedCipherText = Data(count: message.count + MacBytes)
let nonce = self.nonce()
let result = authenticatedCipherText.withUnsafeMutableBytes { authenticatedCipherTextPtr in
return message.withUnsafeBytes { messagePtr in
return nonce.withUnsafeBytes { noncePtr in
return beforenm.withUnsafeBytes { beforenmPtr in
return crypto_box_easy_afternm(
authenticatedCipherTextPtr,
messagePtr,
CUnsignedLongLong(message.count),
noncePtr,
beforenmPtr)
}
}
}
}
if result != 0 {
return nil
}
return (authenticatedCipherText: authenticatedCipherText, nonce: nonce)
}
public func open(nonceAndAuthenticatedCipherText: NSData, beforenm: Beforenm) -> NSData? {
if nonceAndAuthenticatedCipherText.length < NonceBytes + MacBytes {
public func open(nonceAndAuthenticatedCipherText: Data, beforenm: Beforenm) -> Data? {
if nonceAndAuthenticatedCipherText.count < NonceBytes + MacBytes {
return nil
}
let nonce = nonceAndAuthenticatedCipherText.subdata(with: NSRange(0..<NonceBytes)) as Nonce
let authenticatedCipherText = nonceAndAuthenticatedCipherText.subdata(with: NSRange(NonceBytes..<nonceAndAuthenticatedCipherText.length)) as NSData
let nonce = nonceAndAuthenticatedCipherText.subdata(in: 0..<NonceBytes) as Nonce
let authenticatedCipherText = nonceAndAuthenticatedCipherText.subdata(in: NonceBytes..<nonceAndAuthenticatedCipherText.count)
return open(authenticatedCipherText: authenticatedCipherText, beforenm: beforenm, nonce: nonce)
}
public func open(authenticatedCipherText: NSData, beforenm: Beforenm, nonce: Nonce) -> NSData? {
if nonce.length != NonceBytes || authenticatedCipherText.length < MacBytes {
public func open(authenticatedCipherText: Data, beforenm: Beforenm, nonce: Nonce) -> Data? {
if nonce.count != NonceBytes || authenticatedCipherText.count < MacBytes {
return nil
}
if beforenm.length != BeforenmBytes {
if beforenm.count != BeforenmBytes {
return nil
}
guard let message = NSMutableData(length: authenticatedCipherText.length - MacBytes) else {
return nil
}
if crypto_box_open_easy_afternm(message.mutableBytesPtr(), authenticatedCipherText.bytesPtr(), CUnsignedLongLong(authenticatedCipherText.length), nonce.bytesPtr(), beforenm.bytesPtr()) != 0 {
var message = Data(count: authenticatedCipherText.count - MacBytes)
let result = message.withUnsafeMutableBytes { messagePtr in
return authenticatedCipherText.withUnsafeBytes { authenticatedCipherTextPtr in
return nonce.withUnsafeBytes { noncePtr in
return beforenm.withUnsafeBytes { beforenmPtr in
return crypto_box_open_easy_afternm(
messagePtr,
authenticatedCipherTextPtr,
CUnsignedLongLong(authenticatedCipherText.count),
noncePtr,
beforenmPtr)
}
}
}
}
if result != 0 {
return nil
}
return message
}
public func seal(message: NSData, beforenm: Beforenm) -> NSData? {
guard let (authenticatedCipherText, nonce): (NSData, Nonce) = seal(message: message, beforenm: beforenm) else {
public func seal(message: Data, beforenm: Beforenm) -> Data? {
guard let (authenticatedCipherText, nonce): (Data, Nonce) = seal(message: message, beforenm: beforenm) else {
return nil
}
let nonceAndAuthenticatedCipherText = NSMutableData(data: nonce as Data)
nonceAndAuthenticatedCipherText.append(authenticatedCipherText as Data)
var nonceAndAuthenticatedCipherText = nonce
nonceAndAuthenticatedCipherText.append(authenticatedCipherText)
return nonceAndAuthenticatedCipherText
}
public func seal(message: NSData, recipientPublicKey: Box.PublicKey) -> NSData? {
if recipientPublicKey.length != PublicKeyBytes {
public func seal(message: Data, recipientPublicKey: Box.PublicKey) -> Data? {
if recipientPublicKey.count != PublicKeyBytes {
return nil
}
guard let anonymousCipherText = NSMutableData(length: SealBytes + message.length) else {
return nil
}
if crypto_box_seal(anonymousCipherText.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), recipientPublicKey.bytesPtr()) != 0 {
var anonymousCipherText = Data(count: SealBytes + message.count)
let result = anonymousCipherText.withUnsafeMutableBytes { anonymousCipherTextPtr in
return message.withUnsafeBytes { messagePtr in
return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in
return crypto_box_seal(
anonymousCipherTextPtr,
messagePtr,
CUnsignedLongLong(message.count),
recipientPublicKeyPtr)
}
}
}
if result != 0 {
return nil
}
return anonymousCipherText
}
public func open(anonymousCipherText: NSData, recipientPublicKey: PublicKey, recipientSecretKey: SecretKey) -> NSData? {
if recipientPublicKey.length != PublicKeyBytes || recipientSecretKey.length != SecretKeyBytes || anonymousCipherText.length < SealBytes {
public func open(anonymousCipherText: Data, recipientPublicKey: PublicKey, recipientSecretKey: SecretKey) -> Data? {
if recipientPublicKey.count != PublicKeyBytes || recipientSecretKey.count != SecretKeyBytes || anonymousCipherText.count < SealBytes {
return nil
}
let message = NSMutableData(length: anonymousCipherText.length - SealBytes)
if message == nil {
return nil
}
if crypto_box_seal_open(message!.mutableBytesPtr(), anonymousCipherText.bytesPtr(), CUnsignedLongLong(anonymousCipherText.length), recipientPublicKey.bytesPtr(), recipientSecretKey.bytesPtr()) != 0 {
var message = Data(count: anonymousCipherText.count - SealBytes)
let result = message.withUnsafeMutableBytes { messagePtr in
return anonymousCipherText.withUnsafeBytes { anonymousCipherTextPtr in
return recipientPublicKey.withUnsafeBytes { recipientPublicKeyPtr in
return recipientSecretKey.withUnsafeBytes { recipientSecretKeyPtr in
return crypto_box_seal_open(
messagePtr,
anonymousCipherTextPtr,
CUnsignedLongLong(anonymousCipherText.count),
recipientPublicKeyPtr,
recipientSecretKeyPtr)
}
}
}
}
if result != 0 {
return nil
}
return message
}
}

86
Sodium/GenericHash.swift
View File

@ -15,37 +15,60 @@ public class GenericHash {
public let KeybytesMin = Int(crypto_generichash_keybytes_min())
public let KeybytesMax = Int(crypto_generichash_keybytes_max())
public let Keybytes = Int(crypto_generichash_keybytes())
public let Primitive = String.init(validatingUTF8:crypto_generichash_primitive())
public let Primitive = String.init(validatingUTF8: crypto_generichash_primitive())
public func hash(message: NSData, key: NSData? = nil) -> NSData? {
public func hash(message: Data, key: Data? = nil) -> Data? {
return hash(message: message, key: key, outputLength: Bytes)
}
public func hash(message: NSData, key: NSData?, outputLength: Int) -> NSData? {
guard let output = NSMutableData(length: outputLength) else {
return nil
}
var ret: CInt;
public func hash(message: Data, key: Data?, outputLength: Int) -> Data? {
var output = Data(count: outputLength)
var result: Int32 = -1
if let key = key {
ret = crypto_generichash(output.mutableBytesPtr(), output.length, message.bytesPtr(), CUnsignedLongLong(message.length), key.bytesPtr(), key.length)
result = output.withUnsafeMutableBytes { outputPtr in
return message.withUnsafeBytes { messagePtr in
return key.withUnsafeBytes { keyPtr in
return crypto_generichash(
outputPtr,
output.count,
messagePtr,
CUnsignedLongLong(message.count),
keyPtr,
key.count)
}
}
}
} else {
ret = crypto_generichash(output.mutableBytesPtr(), output.length, message.bytesPtr(), CUnsignedLongLong(message.length), nil, 0)
result = output.withUnsafeMutableBytes { outputPtr in
return message.withUnsafeBytes { messagePtr in
return crypto_generichash(
outputPtr,
output.count,
messagePtr,
CUnsignedLongLong(message.count),
nil,
0)
}
}
}
if ret != 0 {
if result != 0 {
return nil
}
return output
}
public func hash(message: NSData, outputLength: Int) -> NSData? {
return hash(message: message, key: NSData(), outputLength: outputLength)
public func hash(message: Data, outputLength: Int) -> Data? {
return hash(message: message, key: nil, outputLength: outputLength)
}
public func initStream(key: NSData? = nil) -> Stream? {
public func initStream(key: Data? = nil) -> Stream? {
return Stream(key: key, outputLength: Bytes)
}
public func initStream(key: NSData?, outputLength: Int) -> Stream? {
public func initStream(key: Data?, outputLength: Int) -> Stream? {
return Stream(key: key, outputLength: outputLength)
}
@ -57,20 +80,26 @@ public class GenericHash {
public var outputLength: Int = 0
private var state: UnsafeMutablePointer<crypto_generichash_state>?
init?(key: NSData?, outputLength: Int) {
init?(key: Data?, outputLength: Int) {
state = UnsafeMutablePointer<crypto_generichash_state>.allocate(capacity: 1)
guard let state = state else {
return nil
}
var ret: CInt
var result: Int32 = -1
if let key = key {
ret = crypto_generichash_init(state, key.bytesPtr(), key.length, outputLength)
result = key.withUnsafeBytes { keyPtr in
crypto_generichash_init(state, keyPtr, key.count, outputLength)
}
} else {
ret = crypto_generichash_init(state, nil, 0, outputLength)
result = crypto_generichash_init(state, nil, 0, outputLength)
}
if ret != 0 {
if result != 0 {
return nil
}
self.outputLength = outputLength;
}
@ -78,17 +107,22 @@ public class GenericHash {
state?.deallocate(capacity: 1)
}
public func update(input: NSData) -> Bool {
return crypto_generichash_update(state!, input.bytesPtr(), CUnsignedLongLong(input.length)) == 0
public func update(input: Data) -> Bool {
return input.withUnsafeBytes { inputPtr in
return crypto_generichash_update(state!, inputPtr, CUnsignedLongLong(input.count)) == 0
}
}
public func final() -> NSData? {
guard let output = NSMutableData(length: outputLength) else {
return nil
}
if crypto_generichash_final(state!, output.mutableBytesPtr(), output.length) != 0 {
public func final() -> Data? {
var output = Data(count: outputLength)
let result = output.withUnsafeMutableBytes { outputPtr in
crypto_generichash_final(state!, outputPtr, output.count)
}
if result != 0 {
return nil
}
return output
}
}

23
Sodium/NSData+Extensions.swift
View File

@ -1,23 +0,0 @@
//
// InternalExtensions.swift
// Sodium
//
// Created by Frank Denis on 1/6/15.
// Copyright (c) 2015 Frank Denis. All rights reserved.
//
import Foundation
public extension NSData {
func bytesPtr<T>() -> UnsafePointer<T>{
let rawBytes = self.bytes
return rawBytes.assumingMemoryBound(to: T.self);
}
}
public extension NSMutableData {
func mutableBytesPtr<T>() -> UnsafeMutablePointer<T>{
let rawBytes = self.mutableBytes
return rawBytes.assumingMemoryBound(to: T.self)
}
}

130
Sodium/PWHash.swift
View File

@ -19,33 +19,67 @@ public class PWHash {
public let MemLimitModerate = Int(crypto_pwhash_memlimit_moderate())
public let MemLimitSensitive = Int(crypto_pwhash_memlimit_sensitive())
public func str(passwd: NSData, opsLimit: Int, memLimit: Int) -> String? {
guard let output = NSMutableData(length: StrBytes) else {
public func str(passwd: Data, opsLimit: Int, memLimit: Int) -> String? {
var output = Data(count: StrBytes)
let result = output.withUnsafeMutableBytes { outputPtr in
return passwd.withUnsafeBytes { passwdPtr in
return crypto_pwhash_str(outputPtr,
passwdPtr,
CUnsignedLongLong(passwd.count),
CUnsignedLongLong(opsLimit),
size_t(memLimit))
}
}
if result != 0 {
return nil
}
if crypto_pwhash_str(output.mutableBytesPtr(), passwd.bytesPtr(), CUnsignedLongLong(passwd.length), CUnsignedLongLong(opsLimit), size_t(memLimit)) != 0 {
return nil
}
return NSString(data: output as Data, encoding: String.Encoding.utf8.rawValue) as String?
return String(data: output, encoding: .utf8)
}
public func strVerify(hash: String, passwd: NSData) -> Bool {
guard let hashData = (hash + "\0").data(using: String.Encoding.utf8, allowLossyConversion: false) else {
public func strVerify(hash: String, passwd: Data) -> Bool {
guard let hashData = (hash + "\0").data(using: .utf8, allowLossyConversion: false) else {
return false
}
return crypto_pwhash_str_verify((hashData as NSData).bytesPtr(), passwd.bytesPtr(), CUnsignedLongLong(passwd.length)) == 0
return hashData.withUnsafeBytes { hashPtr in
return passwd.withUnsafeBytes { passwdPtr in
return crypto_pwhash_str_verify(
hashPtr,
passwdPtr,
CUnsignedLongLong(passwd.count)) == 0
}
}
}
public func hash(outputLength: Int, passwd: NSData, salt: NSData, opsLimit: Int, memLimit: Int) -> NSData? {
if salt.length != SaltBytes {
public func hash(outputLength: Int, passwd: Data, salt: Data, opsLimit: Int, memLimit: Int) -> Data? {
if salt.count != SaltBytes {
return nil
}
guard let output = NSMutableData(length: outputLength) else {
return nil
}
if crypto_pwhash(output.mutableBytesPtr(), CUnsignedLongLong(outputLength), passwd.bytesPtr(), CUnsignedLongLong(passwd.length), salt.bytesPtr(), CUnsignedLongLong(opsLimit), size_t(memLimit), crypto_pwhash_ALG_DEFAULT) != 0 {
var output = Data(count: outputLength)
let result = passwd.withUnsafeBytes { passwdPtr in
return salt.withUnsafeBytes { saltPtr in
return output.withUnsafeMutableBytes { outputPtr in
return crypto_pwhash(
outputPtr,
CUnsignedLongLong(outputLength),
passwdPtr,
CUnsignedLongLong(passwd.count),
saltPtr,
CUnsignedLongLong(opsLimit),
size_t(memLimit),
crypto_pwhash_ALG_DEFAULT)
}
}
}
if result != 0 {
return nil
}
return output
}
@ -60,33 +94,69 @@ public class PWHash {
public let MemLimitInteractive = Int(crypto_pwhash_scryptsalsa208sha256_memlimit_interactive())
public let MemLimitSensitive = Int(crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive())
public func str(passwd: NSData, opsLimit: Int, memLimit: Int) -> String? {
guard let output = NSMutableData(length: StrBytes) else {
public func str(passwd: Data, opsLimit: Int, memLimit: Int) -> String? {
var output = Data(count: StrBytes)
let result = output.withUnsafeMutableBytes { outputPtr in
return passwd.withUnsafeBytes { passwdPtr in
crypto_pwhash_scryptsalsa208sha256_str(
outputPtr,
passwdPtr,
CUnsignedLongLong(passwd.count),
CUnsignedLongLong(opsLimit),
size_t(memLimit))
}
}
if result != 0 {
return nil
}
if crypto_pwhash_scryptsalsa208sha256_str(output.mutableBytesPtr(), passwd.bytesPtr(), CUnsignedLongLong(passwd.length), CUnsignedLongLong(opsLimit), size_t(memLimit)) != 0 {
return nil
}
return NSString(data: output as Data, encoding: String.Encoding.utf8.rawValue) as String?
return String(data: output, encoding: .utf8)
}
public func strVerify(hash: String, passwd: NSData) -> Bool {
guard let hashData = (hash + "\0").data(using: String.Encoding.utf8, allowLossyConversion: false) else {
public func strVerify(hash: String, passwd: Data) -> Bool {
guard let hashData = (hash + "\0").data(using: .utf8, allowLossyConversion: false) else {
return false
}
return crypto_pwhash_scryptsalsa208sha256_str_verify((hashData as NSData).bytesPtr(), passwd.bytesPtr(), CUnsignedLongLong(passwd.length)) == 0
return hashData.withUnsafeBytes { hashDataPtr in
return passwd.withUnsafeBytes { passwdPtr in
return crypto_pwhash_scryptsalsa208sha256_str_verify(
hashDataPtr,
passwdPtr,
CUnsignedLongLong(passwd.count)) == 0
}
}
}
public func hash(outputLength: Int, passwd: NSData, salt: NSData, opsLimit: Int, memLimit: Int) -> NSData? {
if salt.length != SaltBytes {
public func hash(outputLength: Int, passwd: Data, salt: Data, opsLimit: Int, memLimit: Int) -> Data? {
if salt.count != SaltBytes {
return nil
}
guard let output = NSMutableData(length: outputLength) else {
return nil
}
if crypto_pwhash_scryptsalsa208sha256(output.mutableBytesPtr(), CUnsignedLongLong(outputLength), passwd.bytesPtr(), CUnsignedLongLong(passwd.length), salt.bytesPtr(), CUnsignedLongLong(opsLimit), size_t(memLimit)) != 0 {
var output = Data(count: outputLength)
let result = output.withUnsafeMutableBytes { outputPtr in
return passwd.withUnsafeBytes { passwdPtr in
return salt.withUnsafeBytes { saltPtr in
return crypto_pwhash_scryptsalsa208sha256(
outputPtr,
CUnsignedLongLong(outputLength),
passwdPtr,
CUnsignedLongLong(passwd.count),
saltPtr,
CUnsignedLongLong(opsLimit),
size_t(memLimit))
}
}
}
if result != 0 {
return nil
}
return output
}
}

8
Sodium/RandomBytes.swift
View File

@ -9,14 +9,14 @@
import Foundation
public class RandomBytes {
public func buf(length: Int) -> NSData? {
public func buf(length: Int) -> Data? {
if length < 0 {
return nil
}
guard let output = NSMutableData(length: length) else {
return nil
var output = Data(count: length)
output.withUnsafeMutableBytes { outputPtr in
randombytes_buf(outputPtr, output.count)
}
randombytes_buf(output.mutableBytesPtr(), output.length)
return output
}

173
Sodium/SecretBox.swift
View File

@ -13,108 +13,171 @@ public class SecretBox {
public let NonceBytes = Int(crypto_secretbox_noncebytes())
public let MacBytes = Int(crypto_secretbox_macbytes())
public typealias Key = NSData
public typealias Nonce = NSData
public typealias MAC = NSData
public typealias Key = Data
public typealias Nonce = Data
public typealias MAC = Data
public func key() -> Key? {
guard let k = NSMutableData(length: KeyBytes) else {
return nil
var k = Data(count: KeyBytes)
k.withUnsafeMutableBytes { kPtr in
randombytes_buf(kPtr, k.count)
}
randombytes_buf(k.mutableBytesPtr(), k.length)
return k
}
public func nonce() -> Nonce? {
guard let n = NSMutableData(length: NonceBytes) else {
return nil
public func nonce() -> Nonce {
var n = Data(count: NonceBytes)
n.withUnsafeMutableBytes { nPtr in
randombytes_buf(nPtr, n.count)
}
randombytes_buf(n.mutableBytesPtr(), n.length)
return n
}
public func seal(message: NSData, secretKey: Key) -> NSData? {
guard let (authenticatedCipherText, nonce): (NSData, Nonce) = seal(message: message, secretKey: secretKey) else {
public func seal(message: Data, secretKey: Key) -> Data? {
guard let (authenticatedCipherText, nonce): (Data, Nonce) = seal(message: message, secretKey: secretKey) else {
return nil
}
let nonceAndAuthenticatedCipherText = NSMutableData(data: nonce as Data)
nonceAndAuthenticatedCipherText.append(authenticatedCipherText as Data)
var nonceAndAuthenticatedCipherText = nonce
nonceAndAuthenticatedCipherText.append(authenticatedCipherText)
return nonceAndAuthenticatedCipherText
}
public func seal(message: NSData, secretKey: Key) -> (authenticatedCipherText: NSData, nonce: Nonce)? {
if secretKey.length != KeyBytes {
public func seal(message: Data, secretKey: Key) -> (authenticatedCipherText: Data, nonce: Nonce)? {
if secretKey.count != KeyBytes {
return nil
}
guard let authenticatedCipherText = NSMutableData(length: message.length + MacBytes) else {
return nil
}
guard let nonce = self.nonce() else {
return nil
}
if crypto_secretbox_easy(authenticatedCipherText.mutableBytesPtr(), message.bytesPtr(), UInt64(message.length), nonce.bytesPtr(), secretKey.bytesPtr()) != 0 {
var authenticatedCipherText = Data(count: message.count + MacBytes)
let nonce = self.nonce()
let result = authenticatedCipherText.withUnsafeMutableBytes { authenticatedCipherTextPtr in
return message.withUnsafeBytes { messagePtr in
return nonce.withUnsafeBytes { noncePtr in
return secretKey.withUnsafeBytes { secretKeyPtr in
return crypto_secretbox_easy(
authenticatedCipherTextPtr,
messagePtr,
UInt64(message.count),
noncePtr,
secretKeyPtr)
}
}
}
}
if result != 0 {
return nil
}
return (authenticatedCipherText: authenticatedCipherText, nonce: nonce)
}
public func seal(message: NSData, secretKey: Key) -> (cipherText: NSData, nonce: Nonce, mac: MAC)? {
if secretKey.length != KeyBytes {
public func seal(message: Data, secretKey: Key) -> (cipherText: Data, nonce: Nonce, mac: MAC)? {
if secretKey.count != KeyBytes {
return nil
}
guard let cipherText = NSMutableData(length: message.length) else {
return nil
}
guard let mac = NSMutableData(length: MacBytes) else {
return nil
}
guard let nonce = self.nonce() else {
return nil
}
if crypto_secretbox_detached(cipherText.mutableBytesPtr(), mac.mutableBytesPtr(), message.bytesPtr(), UInt64(message.length), nonce.bytesPtr(), secretKey.bytesPtr()) != 0 {
var cipherText = Data(count: message.count)
var mac = Data(count: MacBytes)
let nonce = self.nonce()
let result = cipherText.withUnsafeMutableBytes { cipherTextPtr in
return mac.withUnsafeMutableBytes { macPtr in
return message.withUnsafeBytes { messagePtr in
return nonce.withUnsafeBytes { noncePtr in
return secretKey.withUnsafeBytes { secretKeyPtr in
return crypto_secretbox_detached(
cipherTextPtr,
macPtr,
messagePtr,
UInt64(message.count),
noncePtr,
secretKeyPtr)
}
}
}
}
}
if result != 0 {
return nil
}
return (cipherText: cipherText, nonce: nonce, mac: mac)
}
public func open(nonceAndAuthenticatedCipherText: NSData, secretKey: Key) -> NSData? {
if nonceAndAuthenticatedCipherText.length < MacBytes + NonceBytes {
public func open(nonceAndAuthenticatedCipherText: Data, secretKey: Key) -> Data? {
if nonceAndAuthenticatedCipherText.count < MacBytes + NonceBytes {
return nil
}
guard let _ = NSMutableData(length: nonceAndAuthenticatedCipherText.length - MacBytes - NonceBytes) else {
return nil
}
let nonce = nonceAndAuthenticatedCipherText.subdata(with: NSRange(0..<NonceBytes)) as Nonce
let authenticatedCipherText = nonceAndAuthenticatedCipherText.subdata(with: NSRange(NonceBytes..<nonceAndAuthenticatedCipherText.length)) as NSData
let nonce = nonceAndAuthenticatedCipherText.subdata(in: 0..<NonceBytes) as Nonce
let authenticatedCipherText = nonceAndAuthenticatedCipherText.subdata(in: NonceBytes..<nonceAndAuthenticatedCipherText.count)
return open(authenticatedCipherText: authenticatedCipherText, secretKey: secretKey, nonce: nonce)
}
public func open(authenticatedCipherText: NSData, secretKey: Key, nonce: Nonce) -> NSData? {
if authenticatedCipherText.length < MacBytes {
public func open(authenticatedCipherText: Data, secretKey: Key, nonce: Nonce) -> Data? {
if authenticatedCipherText.count < MacBytes {
return nil
}
guard let message = NSMutableData(length: authenticatedCipherText.length - MacBytes) else {
return nil
}
if crypto_secretbox_open_easy(message.mutableBytesPtr(), authenticatedCipherText.bytesPtr(), UInt64(authenticatedCipherText.length), nonce.bytesPtr(), secretKey.bytesPtr()) != 0 {
var message = Data(count: authenticatedCipherText.count - MacBytes)
let result = message.withUnsafeMutableBytes { messagePtr in
return authenticatedCipherText.withUnsafeBytes { authenticatedCipherTextPtr in
return nonce.withUnsafeBytes { noncePtr in
return secretKey.withUnsafeBytes { secretKeyPtr in
return crypto_secretbox_open_easy(
messagePtr,
authenticatedCipherTextPtr,
UInt64(authenticatedCipherText.count),
noncePtr,
secretKeyPtr)
}
}
}
}
if result != 0 {
return nil
}
return message
}
public func open(cipherText: NSData, secretKey: Key, nonce: Nonce, mac: MAC) -> NSData? {
if nonce.length != NonceBytes || mac.length != MacBytes {
public func open(cipherText: Data, secretKey: Key, nonce: Nonce, mac: MAC) -> Data? {
if nonce.count != NonceBytes || mac.count != MacBytes {
return nil
}
if secretKey.length != KeyBytes {
if secretKey.count != KeyBytes {
return nil
}
guard let message = NSMutableData(length: cipherText.length) else {
return nil
}
if crypto_secretbox_open_detached(message.mutableBytesPtr(), cipherText.bytesPtr(), mac.bytesPtr(), UInt64(cipherText.length), nonce.bytesPtr(), secretKey.bytesPtr()) != 0 {
var message = Data(count: cipherText.count)
let result = message.withUnsafeMutableBytes { messagePtr in
return cipherText.withUnsafeBytes { cipherTextPtr in
return mac.withUnsafeBytes { macPtr in
return nonce.withUnsafeBytes { noncePtr in
return secretKey.withUnsafeBytes { secretKeyPtr in
return crypto_secretbox_open_detached(
messagePtr,
cipherTextPtr,
macPtr,
UInt64(cipherText.count),
noncePtr,
secretKeyPtr)
}
}
}
}
}
if result != 0 {
return nil
}
return message
}
}

21
Sodium/ShortHash.swift
View File

@ -12,16 +12,25 @@ public class ShortHash {
public let Bytes = Int(crypto_shorthash_bytes())
public let KeyBytes = Int(crypto_shorthash_keybytes())
public func hash(message: NSData, key: NSData) -> NSData? {
if key.length != KeyBytes {
public func hash(message: Data, key: Data) -> Data? {
if key.count != KeyBytes {
return nil
}
guard let output = NSMutableData(length: Bytes) else {
return nil
}
if crypto_shorthash(output.mutableBytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), key.bytesPtr()) != 0 {
var output = Data(count: Bytes)
let result = output.withUnsafeMutableBytes { outputPtr in
return message.withUnsafeBytes { messagePtr in
return key.withUnsafeBytes { keyPtr in
return crypto_shorthash(outputPtr, messagePtr, CUnsignedLongLong(message.count), keyPtr)
}
}
}
if result != 0 {
return nil
}
return output
}
}

147
Sodium/Sign.swift
View File

@ -13,10 +13,10 @@ public class Sign {
public let PublicKeyBytes = Int(crypto_sign_publickeybytes())
public let SecretKeyBytes = Int(crypto_sign_secretkeybytes())
public let Bytes = Int(crypto_sign_bytes())
public let Primitive = String.init(validatingUTF8:crypto_sign_primitive())
public let Primitive = String(validatingUTF8: crypto_sign_primitive())
public typealias PublicKey = NSData
public typealias SecretKey = NSData
public typealias PublicKey = Data
public typealias SecretKey = Data
public struct KeyPair {
public let publicKey: PublicKey
@ -29,84 +29,141 @@ public class Sign {
}
public func keyPair() -> KeyPair? {
guard let pk = NSMutableData(length: PublicKeyBytes) else {
var pk = Data(count: PublicKeyBytes)
var sk = Data(count: SecretKeyBytes)
let result = pk.withUnsafeMutableBytes { pkPtr in
return sk.withUnsafeMutableBytes { skPtr in
return crypto_sign_keypair(pkPtr, skPtr)
}
}
if result != 0 {
return nil
}
guard let sk = NSMutableData(length: SecretKeyBytes) else {
return nil
}
if crypto_sign_keypair(pk.mutableBytesPtr(), sk.mutableBytesPtr()) != 0 {
return nil
}
return KeyPair(publicKey: PublicKey(data: pk as Data), secretKey: SecretKey(data: sk as Data))
return KeyPair(publicKey: pk,
secretKey: sk)
}
public func keyPair(seed: NSData) -> KeyPair? {
if seed.length != SeedBytes {
public func keyPair(seed: Data) -> KeyPair? {
if seed.count != SeedBytes {
return nil
}
guard let pk = NSMutableData(length: PublicKeyBytes) else {
var pk = Data(count: PublicKeyBytes)
var sk = Data(count: SecretKeyBytes)
let result = pk.withUnsafeMutableBytes { pkPtr in
return sk.withUnsafeMutableBytes { skPtr in
return seed.withUnsafeBytes { seedPtr in
return crypto_sign_seed_keypair(pkPtr, skPtr, seedPtr)
}
}
}
if result != 0 {
return nil
}
guard let sk = NSMutableData(length: SecretKeyBytes) else {
return nil
}
if crypto_sign_seed_keypair(pk.mutableBytesPtr(), sk.mutableBytesPtr(), seed.bytesPtr()) != 0 {
return nil
}
return KeyPair(publicKey: PublicKey(data: pk as Data), secretKey: SecretKey(data: sk as Data))
return KeyPair(publicKey: pk,
secretKey: sk)
}
public func sign(message: NSData, secretKey: SecretKey) -> NSData? {
if secretKey.length != SecretKeyBytes {
public func sign(message: Data, secretKey: SecretKey) -> Data? {
if secretKey.count != SecretKeyBytes {
return nil
}
guard let signedMessage = NSMutableData(length: message.length + Bytes) else {
return nil
}
if crypto_sign(signedMessage.mutableBytesPtr(), nil, message.bytesPtr(), CUnsignedLongLong(message.length), secretKey.bytesPtr()) != 0 {
var signedMessage = Data(count: message.count + Bytes)
let result = signedMessage.withUnsafeMutableBytes { signedMessagePtr in
return message.withUnsafeBytes { messagePtr in
return secretKey.withUnsafeBytes { secretKeyPtr in
return crypto_sign(
signedMessagePtr,
nil,
messagePtr,
CUnsignedLongLong(message.count),
secretKeyPtr)
}
}
}
if result != 0 {
return nil
}
return signedMessage
}
public func signature(message: NSData, secretKey: SecretKey) -> NSData? {
if secretKey.length != SecretKeyBytes {
public func signature(message: Data, secretKey: SecretKey) -> Data? {
if secretKey.count != SecretKeyBytes {
return nil
}
guard let signature = NSMutableData(length: Bytes) else {
return nil
}
if crypto_sign_detached(signature.mutableBytesPtr(), nil, message.bytesPtr(), CUnsignedLongLong(message.length), secretKey.bytesPtr()) != 0 {
var signature = Data(count: Bytes)
let result = signature.withUnsafeMutableBytes { signaturePtr in
return message.withUnsafeBytes { messagePtr in
return secretKey.withUnsafeBytes { secretKeyPtr in
return crypto_sign_detached(
signaturePtr,
nil,
messagePtr,
CUnsignedLongLong(message.count),
secretKeyPtr)
}
}
}
if result != 0 {
return nil
}
return signature
}
public func verify(signedMessage: NSData, publicKey: PublicKey) -> Bool {
let signature = signedMessage.subdata(with: NSRange(0..<Bytes)) as NSData
let message = signedMessage.subdata(with: NSRange(Bytes..<signedMessage.length)) as NSData
public func verify(signedMessage: Data, publicKey: PublicKey) -> Bool {
let signature = signedMessage.subdata(in: 0..<Bytes) as Data
let message = signedMessage.subdata(in: Bytes..<signedMessage.count) as Data
return verify(message: message, publicKey: publicKey, signature: signature)
}
public func verify(message: NSData, publicKey: PublicKey, signature: NSData) -> Bool {
if publicKey.length != PublicKeyBytes {
public func verify(message: Data, publicKey: PublicKey, signature: Data) -> Bool {
if publicKey.count != PublicKeyBytes {
return false
}
return crypto_sign_verify_detached(signature.bytesPtr(), message.bytesPtr(), CUnsignedLongLong(message.length), publicKey.bytesPtr()) == 0
return signature.withUnsafeBytes { signaturePtr in
return message.withUnsafeBytes { messagePtr in
return publicKey.withUnsafeBytes { publicKeyPtr in
return crypto_sign_verify_detached(
signaturePtr,
messagePtr,
CUnsignedLongLong(message.count), publicKeyPtr) == 0
}
}
}
}
public func open(signedMessage: NSData, publicKey: PublicKey) -> NSData? {
if publicKey.length != PublicKeyBytes || signedMessage.length < Bytes {
return nil
}
guard let message = NSMutableData(length: signedMessage.length - Bytes) else {
public func open(signedMessage: Data, publicKey: PublicKey) -> Data? {
if publicKey.count != PublicKeyBytes || signedMessage.count < Bytes {
return nil
}
var message = Data(count: signedMessage.count - Bytes)
var mlen: CUnsignedLongLong = 0;
if crypto_sign_open(message.mutableBytesPtr(), &mlen, signedMessage.bytesPtr(), CUnsignedLongLong(signedMessage.length), publicKey.bytesPtr()) != 0 {
let result = message.withUnsafeMutableBytes { messagePtr in
return signedMessage.withUnsafeBytes { signedMessagePtr in
return publicKey.withUnsafeBytes { publicKeyPtr in
return crypto_sign_open(messagePtr, &mlen, signedMessagePtr, CUnsignedLongLong(signedMessage.count), publicKeyPtr)
}
}
}
if result != 0 {
return nil
}
return message
}
}

42
Sodium/Utils.swift
View File

@ -9,9 +9,6 @@
import Foundation
public class Utils {
public func zero(data: NSMutableData) {
sodium_memzero(UnsafeMutableRawPointer(data.mutableBytes), data.length)
}
public func zero(data: inout Data) {
let count = data.count
@ -37,10 +34,6 @@ public class Utils {
}
}
public func equals(_ b1: NSData, _ b2: NSData) -> Bool {
return equals(b1 as Data, b2 as Data)
}
public func compare(_ b1: Data, _ b2: Data) -> Int? {
if b1.count != b2.count {
return nil
@ -56,10 +49,6 @@ public class Utils {
}
}
public func compare(_ b1: NSData, _ b2: NSData) -> Int? {
return compare(b1 as Data, b2 as Data)
}
public func bin2hex(bin: Data) -> String? {
var hexData = Data(count: bin.count * 2 + 1)
return hexData.withUnsafeMutableBytes { (hexPtr: UnsafeMutablePointer<Int8>) -> String? in
@ -73,25 +62,34 @@ public class Utils {
}
}
public func bin2hex(bin: NSData) -> String? {
return bin2hex(bin: bin as Data)
}
public func hex2bin(hex: String, ignore: String? = nil) -> NSData? {
guard let hexData = hex.data(using: String.Encoding.utf8, allowLossyConversion: false) else {
public func hex2bin(hex: String, ignore: String? = nil) -> Data? {
guard var hexData = hex.data(using: .utf8, allowLossyConversion: false) else {
return nil
}
let hexDataLen = hexData.count
let binDataCapacity = hexDataLen / 2
guard let binData = NSMutableData(length: binDataCapacity) else {
return nil
}
var binData = Data(count: binDataCapacity)
var binDataLen: size_t = 0
let ignore_cstr = ignore != nil ? (ignore! as NSString).utf8String : nil
if sodium_hex2bin(binData.mutableBytesPtr(), binDataCapacity,(hexData as NSData).bytesPtr(), hexDataLen, ignore_cstr, &binDataLen, nil) != 0 {
let result = binData.withUnsafeMutableBytes { binPtr in
return hexData.withUnsafeMutableBytes { hexPtr in
return sodium_hex2bin(binPtr,
binDataCapacity,
hexPtr,
hexDataLen,
ignore_cstr,
&binDataLen,
nil)
}
}
if result != 0 {
return nil
}
binData.length = Int(binDataLen)
binData.count = Int(binDataLen)
return binData
}
}

80
SodiumTests/ReadmeTests.swift
View File

@ -15,133 +15,133 @@ class ReadmeTests : XCTestCase {
let aliceKeyPair = sodium.box.keyPair()!
let bobKeyPair = sodium.box.keyPair()!
let message = "My Test Message".data(using:.utf8)!
let encryptedMessageFromAliceToBob: NSData =
sodium.box.seal(message: message as NSData,
let encryptedMessageFromAliceToBob: Data =
sodium.box.seal(message: message,
recipientPublicKey: bobKeyPair.publicKey,
senderSecretKey: aliceKeyPair.secretKey)!
let messageVerifiedAndDecryptedByBob =
sodium.box.open(nonceAndAuthenticatedCipherText: encryptedMessageFromAliceToBob,
senderPublicKey: aliceKeyPair.publicKey,
recipientSecretKey: bobKeyPair.secretKey)
}
func testAnonymousEncryptionSealedBoxes() {
let sodium = Sodium()!
let bobKeyPair = sodium.box.keyPair()!
let message = "My Test Message".data(using:.utf8)!
let encryptedMessageToBob =
sodium.box.seal(message: message as NSData, recipientPublicKey: bobKeyPair.publicKey)!
sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey)!
let messageDecryptedByBob =
sodium.box.open(anonymousCipherText: encryptedMessageToBob,
recipientPublicKey: bobKeyPair.publicKey,
recipientSecretKey: bobKeyPair.secretKey)
}
func testDetachedSignatures() {
let sodium = Sodium()!
let message = "My Test Message".data(using:.utf8)!
let keyPair = sodium.sign.keyPair()!
let signature = sodium.sign.signature(message: message as NSData, secretKey: keyPair.secretKey)!
if sodium.sign.verify(message: message as NSData,
let signature = sodium.sign.signature(message: message, secretKey: keyPair.secretKey)!
if sodium.sign.verify(message: message,
publicKey: keyPair.publicKey,
signature: signature) {
// signature is valid
}
}
func testAttachedSignatures() {
let sodium = Sodium()!
let message = "My Test Message".data(using:.utf8)!
let keyPair = sodium.sign.keyPair()!
let signedMessage = sodium.sign.sign(message: message as NSData, secretKey: keyPair.secretKey)!
let signedMessage = sodium.sign.sign(message: message, secretKey: keyPair.secretKey)!
if let unsignedMessage = sodium.sign.open(signedMessage: signedMessage, publicKey: keyPair.publicKey) {
// signature is valid
}
}
func testSecretKeyAuthenticatedEncryption() {
let sodium = Sodium()!
let message = "My Test Message".data(using:.utf8)!
let secretKey = sodium.secretBox.key()!
let encrypted: NSData = sodium.secretBox.seal(message: message as NSData, secretKey: secretKey)!
let encrypted: Data = sodium.secretBox.seal(message: message, secretKey: secretKey)!
if let decrypted = sodium.secretBox.open(nonceAndAuthenticatedCipherText: encrypted, secretKey: secretKey) {
// authenticator is valid, decrypted contains the original message
}
}
func testDeterministicHashing() {
let sodium = Sodium()!
let message = "My Test Message".data(using:.utf8)!
let h = sodium.genericHash.hash(message: message as NSData)
let h = sodium.genericHash.hash(message: message )
}
func testKeyedHashing() {
let sodium = Sodium()!
let message = "My Test Message".data(using:.utf8)!
let key = "Secret key".data(using:.utf8)!
let h = sodium.genericHash.hash(message: message as NSData, key: key as NSData)
let h = sodium.genericHash.hash(message: message, key: key )
}
func testStreaming() {
let sodium = Sodium()!
let message1 = "My Test ".data(using:.utf8)!
let message2 = "Message".data(using:.utf8)!
let key = "Secret key".data(using:.utf8)!
let stream = sodium.genericHash.initStream(key: key as NSData)!
stream.update(input: message1 as NSData)
stream.update(input: message2 as NSData)
let stream = sodium.genericHash.initStream(key: key )!
stream.update(input: message1 )
stream.update(input: message2 )
let h = stream.final()
}
func testShortOutputHashing() {
let sodium = Sodium()!
let message = "My Test Message".data(using:.utf8)!
let key = sodium.randomBytes.buf(length: sodium.shortHash.KeyBytes)!
let h = sodium.shortHash.hash(message: message as NSData, key: key as NSData)
let h = sodium.shortHash.hash(message: message, key: key )
}
func testRandomNumberGeneration() {
let sodium = Sodium()!
let randomData = sodium.randomBytes.buf(length: 1000)
}
func testPasswordHashing() {
let sodium = Sodium()!
let password = "Correct Horse Battery Staple".data(using:.utf8)!
let hashedStr = sodium.pwHash.str(passwd: password as NSData,
let hashedStr = sodium.pwHash.str(passwd: password,
opsLimit: sodium.pwHash.OpsLimitInteractive,
memLimit: sodium.pwHash.MemLimitInteractive)!
if sodium.pwHash.strVerify(hash: hashedStr, passwd: password as NSData) {
if sodium.pwHash.strVerify(hash: hashedStr, passwd: password ) {
// Password matches the given hash string
} else {
// Password doesn't match the given hash string
}
}
func testZeroingMemory() {
let sodium = Sodium()!
var dataToZero: NSMutableData = NSMutableData(data:"Message".data(using:.utf8)!)
sodium.utils.zero(data: dataToZero)
var dataToZero = "Message".data(using:.utf8)!
sodium.utils.zero(data: &dataToZero)
}
func testConstantTimeComparison() {
let sodium = Sodium()!
let secret1: NSData = NSData(data:"Secret key".data(using:.utf8)!)
let secret2: NSData = NSData(data:"Secret key".data(using:.utf8)!)
let equality = sodium.utils.equals(b1: secret1, secret2)
let secret1 = "Secret key".data(using:.utf8)!
let secret2 = "Secret key".data(using:.utf8)!
let equality = sodium.utils.equals(secret1, secret2)
}
func testConstantTimeHexdecimalEncoding() {
let sodium = Sodium()!
let data: NSData = NSData(data:"Secret key".data(using:.utf8)!)
let data = "Secret key".data(using:.utf8)!
let hex = sodium.utils.bin2hex(bin: data)
}
func testHexDecimalDecoding() {
let sodium = Sodium()!
let data1 = sodium.utils.hex2bin(hex: "deadbeef")

47
SodiumTests/SodiumTests.swift
View File

@ -10,14 +10,14 @@ import XCTest
import Sodium
extension String {
func toData() -> NSData? {
return self.data(using: String.Encoding.utf8, allowLossyConversion: false) as NSData?
func toData() -> Data? {
return self.data(using: .utf8, allowLossyConversion: false)
}
}
extension NSData {
extension Data {
func toString() -> String? {
return (NSString(data: self as Data, encoding: String.Encoding.utf8.rawValue) as! String)
return String(data: self, encoding: .utf8)
}
}
@ -37,19 +37,19 @@ class SodiumTests: XCTestCase {
let aliceKeyPair = sodium.box.keyPair()!
let bobKeyPair = sodium.box.keyPair()!
let encryptedMessageFromAliceToBob: NSData = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)!
let encryptedMessageFromAliceToBob: Data = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)!
let decrypted = sodium.box.open(nonceAndAuthenticatedCipherText: encryptedMessageFromAliceToBob, senderPublicKey: bobKeyPair.publicKey, recipientSecretKey: aliceKeyPair.secretKey)
XCTAssert(decrypted == message)
let (encryptedMessageFromAliceToBob2, nonce): (NSData, Box.Nonce) = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)!
let (encryptedMessageFromAliceToBob2, nonce): (Data, Box.Nonce) = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)!
let decrypted2 = sodium.box.open(authenticatedCipherText: encryptedMessageFromAliceToBob2, senderPublicKey: aliceKeyPair.publicKey, recipientSecretKey: bobKeyPair.secretKey, nonce: nonce)
XCTAssert(decrypted2 == message)
let (encryptedMessageFromAliceToBob3, nonce2, mac): (NSData, Box.Nonce, Box.MAC) = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)!
let (encryptedMessageFromAliceToBob3, nonce2, mac): (Data, Box.Nonce, Box.MAC) = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey, senderSecretKey: aliceKeyPair.secretKey)!
let decrypted3 = sodium.box.open(authenticatedCipherText: encryptedMessageFromAliceToBob3, senderPublicKey: aliceKeyPair.publicKey, recipientSecretKey: bobKeyPair.secretKey, nonce: nonce2, mac: mac)
XCTAssert(decrypted3 == message)
let encryptedMessageToBob: NSData = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey)!
let encryptedMessageToBob: Data = sodium.box.seal(message: message, recipientPublicKey: bobKeyPair.publicKey)!
let decrypted4 = sodium.box.open(anonymousCipherText: encryptedMessageToBob, recipientPublicKey: bobKeyPair.publicKey,
recipientSecretKey: bobKeyPair.secretKey)
XCTAssert(decrypted4 == message)
@ -61,11 +61,11 @@ class SodiumTests: XCTestCase {
XCTAssert(aliceBeforenm == bobBeforenm)
// Make sure the encryption using beforenm works
let encryptedMessageBeforenm: NSData = sodium.box.seal(message: message, beforenm: aliceBeforenm)!
let encryptedMessageBeforenm: Data = sodium.box.seal(message: message, beforenm: aliceBeforenm)!
let decryptedBeforenm = sodium.box.open(nonceAndAuthenticatedCipherText: encryptedMessageBeforenm, beforenm: aliceBeforenm)
XCTAssert(decryptedBeforenm == message)
let (encryptedMessageBeforenm2, nonceBeforenm): (NSData, Box.Nonce) = sodium.box.seal(message: message, beforenm: aliceBeforenm)!
let (encryptedMessageBeforenm2, nonceBeforenm): (Data, Box.Nonce) = sodium.box.seal(message: message, beforenm: aliceBeforenm)!
let decryptedBeforenm2 = sodium.box.open(authenticatedCipherText: encryptedMessageBeforenm2, beforenm: aliceBeforenm, nonce: nonceBeforenm)
XCTAssert(decryptedBeforenm2 == message)
}
@ -75,7 +75,7 @@ class SodiumTests: XCTestCase {
let secretKey = sodium.secretBox.key()!
// test simple nonce + mac + message box
let encrypted: NSData = sodium.secretBox.seal(message: message, secretKey: secretKey)!
let encrypted: Data = sodium.secretBox.seal(message: message, secretKey: secretKey)!
let decrypted = sodium.secretBox.open(nonceAndAuthenticatedCipherText: encrypted, secretKey: secretKey)!
XCTAssert(decrypted == message)
@ -88,7 +88,7 @@ class SodiumTests: XCTestCase {
let decrypted2 = sodium.secretBox.open(authenticatedCipherText: encrypted2, secretKey: secretKey, nonce: nonce2)
XCTAssert(decrypted2 == message)
XCTAssertNil(sodium.secretBox.open(authenticatedCipherText: encrypted2, secretKey: secretKey, nonce: sodium.secretBox.nonce()!), "Shouldn't be able to decrypt with an invalid nonce")
XCTAssertNil(sodium.secretBox.open(authenticatedCipherText: encrypted2, secretKey: secretKey, nonce: sodium.secretBox.nonce()), "Shouldn't be able to decrypt with an invalid nonce")
// test (message, nonce, mac) box
let (encrypted3, nonce3, mac3) = sodium.secretBox.seal(message: message, secretKey: secretKey)!
@ -132,8 +132,8 @@ class SodiumTests: XCTestCase {
let randomLen = 100 + Int(sodium.randomBytes.uniform(upperBound: 100))
let random1 = sodium.randomBytes.buf(length: randomLen)!
let random2 = sodium.randomBytes.buf(length: randomLen)!
XCTAssert(random1.length == randomLen)
XCTAssert(random2.length == randomLen)
XCTAssert(random1.count == randomLen)
XCTAssert(random2.count == randomLen)
XCTAssert(random1 != random2)
var c1 = 0
@ -179,18 +179,18 @@ class SodiumTests: XCTestCase {
}
func testUtils() {
let dataToZero = NSMutableData(bytes: [1, 2, 3, 4] as [UInt8], length: 4)
sodium.utils.zero(data: dataToZero)
XCTAssert(dataToZero.isEqual(to: Data(bytes: [0, 0, 0, 0] as [UInt8])))
var dataToZero = Data(bytes: [1, 2, 3, 4] as [UInt8])
sodium.utils.zero(data: &dataToZero)
XCTAssert(dataToZero == Data(bytes: [0, 0, 0, 0] as [UInt8]))
var dataToZero2 = Data(bytes: [1, 2, 3, 4] as [UInt8])
sodium.utils.zero(data: &dataToZero2)
XCTAssert(dataToZero2 == Data(bytes: [0, 0, 0, 0,] as [UInt8]))
let eq1 = NSData(bytes: [1, 2, 3, 4] as [UInt8], length: 4)
let eq2 = NSData(bytes: [1, 2, 3, 4] as [UInt8], length: 4)
let eq3 = NSData(bytes: [1, 2, 3, 5] as [UInt8], length: 4)
let eq4 = NSData(bytes: [1, 2, 3] as [UInt8], length: 3)
let eq1 = Data(bytes: [1, 2, 3, 4] as [UInt8])
let eq2 = Data(bytes: [1, 2, 3, 4] as [UInt8])
let eq3 = Data(bytes: [1, 2, 3, 5] as [UInt8])
let eq4 = Data(bytes: [1, 2, 3] as [UInt8])
XCTAssert(sodium.utils.equals(eq1, eq2))
XCTAssert(!sodium.utils.equals(eq1, eq3))
@ -202,7 +202,6 @@ class SodiumTests: XCTestCase {
XCTAssert(sodium.utils.compare(eq1, eq4) == nil)
let bin = sodium.utils.hex2bin(hex: "deadbeef")!
XCTAssert(bin.description == "<deadbeef>")
let hex = sodium.utils.bin2hex(bin: bin)
XCTAssert(hex == "deadbeef")
let bin2 = sodium.utils.hex2bin(hex: "de-ad be:ef", ignore: ":- ")!
@ -221,7 +220,7 @@ class SodiumTests: XCTestCase {
XCTAssert(verify2 == false)
let password3 = "My Test Message".toData()!
let salt = NSData(bytes: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32] as [UInt8], length: 32)
let salt = Data(bytes: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32] as [UInt8])
let hash2 = sodium.pwHash.scrypt.hash(outputLength: 64, passwd: password3, salt: salt, opsLimit: sodium.pwHash.scrypt.OpsLimitInteractive, memLimit: sodium.pwHash.scrypt.MemLimitInteractive)
NSLog(sodium.utils.bin2hex(bin: hash2!)!)
XCTAssert(sodium.utils.bin2hex(bin: hash2!)! == "6f00c5630b0a113be73721d2bab7800c0fce4b4e7a74451704b53afcded3d9e85fbe1acea7d2aa0fecb3027e35d745547b1041d6c51f731bd0aa934da89f7adf")
@ -239,7 +238,7 @@ class SodiumTests: XCTestCase {
XCTAssert(verify2 == false)
let password3 = "My Test Message".toData()!
let salt = NSData(bytes: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16] as [UInt8], length: 16)
let salt = Data(bytes: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16] as [UInt8])
let hash2 = sodium.pwHash.hash(outputLength: 64, passwd: password3, salt: salt, opsLimit: sodium.pwHash.OpsLimitInteractive, memLimit: sodium.pwHash.MemLimitInteractive)
XCTAssert(sodium.utils.bin2hex(bin: hash2!)! == "51d659ee6f8790042688274c5bc8a6296390cdc786d2341c3553b01a5c3f7ff1190e04b86a878538b17ef10e74baa19295479f3e3ee587ce571f366fc66e2fdc")
}