Merge branch 'develop'

.gitlab-ci.yml

@@ -0,0 +1,28 @@
+stages:
+  - unit_tests
+
+variables:
+  LC_ALL: "en_US.UTF-8"
+  LANG: "en_US.UTF-8"
+
+before_script:
+  - git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.dracoon.com/dracoon/ios/client/sdk-swift-crypto-sonar.git
+  - cd sdk-swift-crypto-sonar
+  - sh setup.sh
+  - cd ..
+
+unit_tests:
+  dependencies: []
+  stage: unit_tests
+  artifacts:
+    paths:
+      - TestResults/Logs/Test/*.xcresult
+  script:
+    - bundle exec fastlane runUnitTests
+    - cp sdk-swift-crypto-sonar/printCodeCoverage.sh TestResults/Logs/Test/
+    - cd TestResults/Logs/Test/
+    - ./printCodeCoverage.sh
+    - cd ../../../
+  coverage: '/Code coverage: \d+\.\d+/'
+  tags:
+    - darwin-amd64

DRACOON-Crypto-SDK.podspec

@@ -1,7 +1,7 @@
 
 Pod::Spec.new do |s|
   s.name             = 'DRACOON-Crypto-SDK'
-  s.version          = '2.2.0'
+  s.version          = '2.2.1'
   s.summary          = 'Official DRACOON Crypto SDK'
 
   s.description      = <<-DESC
@@ -18,6 +18,18 @@ Pod::Spec.new do |s|
   s.swift_version = '5.5'
   s.pod_target_xcconfig = { 'VALID_ARCHS' => 'x86_64 arm64' }
 
-  s.source_files = 'crypto-sdk/**/*'
-  s.vendored_frameworks = 'OpenSSL/openssl.framework'
+  s.subspec 'crypto_sdk_objc' do |objc|
+    objc.source_files = 'crypto-sdk/crypto/include/*', 'crypto-sdk-objc/*', 'crypto-sdk/crypto/OpenSslCrypto.m'
+    objc.public_header_files = 'crypto-sdk/crypto/include/*'
+    objc.vendored_frameworks = 'OpenSSL/openssl.xcframework'
+  end
+
+  s.subspec 'crypto_sdk_swift' do |swift|
+    swift.dependency 'DRACOON-Crypto-SDK/crypto_sdk_objc'
+    swift.source_files = 'crypto-sdk/crypto/include/*', 'crypto-sdk-objc/crypto_sdk_objc.h', 'crypto-sdk/**/*'
+    swift.exclude_files = 'crypto-sdk/swift-wrapper/Exports.swift'
+    swift.public_header_files = 'crypto-sdk/crypto/include/*', 'crypto-sdk-objc/crypto_sdk_objc.h'
+    swift.vendored_frameworks = 'OpenSSL/openssl.xcframework'
+  end
+
 end

README.md

@@ -12,19 +12,19 @@ https://support.dracoon.com/hc/en-us/articles/360000986345
 
 #### Minimum Requirements
 
-Xcode 12.3
+Xcode 13
 
 #### Swift Package Manager
 
 Add this line to the dependencies section of your Package.swift:
 
-`.package(name: "crypto_sdk", url: "https://github.com/dracoon/dracoon-swift-crypto-sdk", .upToNextMajor(from: "2.2.0"))`
+`.package(name: "crypto_sdk", url: "https://github.com/dracoon/dracoon-swift-crypto-sdk", .upToNextMajor(from: "2.2.1"))`
 
 #### Carthage
 
 Add the SDK to your Cartfile:
 
-`github "dracoon/dracoon-swift-crypto-sdk.git" ~> 2.2.0`
+`github "dracoon/dracoon-swift-crypto-sdk.git" ~> 2.2.1`
 
 Then run
 
@@ -45,7 +45,7 @@ platform :ios, '12.0'
 use_frameworks!
 
 target '<Your Target Name>' do
-pod 'DRACOON-Crypto-SDK', '~> v2.2.0'
+pod 'DRACOON-Crypto-SDK', '~> v2.2.1'
 end
 ```
 Then run

crypto-sdk.xcodeproj/project.pbxproj

@@ -338,9 +338,9 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = E0D0418A203B04D500658D53 /* Build configuration list for PBXNativeTarget "crypto-sdk" */;
 			buildPhases = (
+				E0D0417F203B04D500658D53 /* Headers */,
 				E0D0417D203B04D500658D53 /* Sources */,
 				E0D0417E203B04D500658D53 /* Frameworks */,
-				E0D0417F203B04D500658D53 /* Headers */,
 				DBA0E1552630577600AAFE6D /* Embed Frameworks */,
 			);
 			buildRules = (
@@ -519,7 +519,7 @@
 					"@executable_path/Frameworks",
 					"@loader_path/Frameworks",
 				);
-				MARKETING_VERSION = 2.2.0;
+				MARKETING_VERSION = 2.2.1;
 				MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE;
 				MTL_FAST_MATH = YES;
 				PRODUCT_BUNDLE_IDENTIFIER = "com.dracoon.crypto-sdk-objc.crypto-sdk-objc";
@@ -556,7 +556,7 @@
 					"@executable_path/Frameworks",
 					"@loader_path/Frameworks",
 				);
-				MARKETING_VERSION = 2.2.0;
+				MARKETING_VERSION = 2.2.1;
 				MTL_FAST_MATH = YES;
 				PRODUCT_BUNDLE_IDENTIFIER = "com.dracoon.crypto-sdk-objc.crypto-sdk-objc";
 				PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)";
@@ -724,7 +724,7 @@
 					"@executable_path/Frameworks",
 					"@loader_path/Frameworks",
 				);
-				MARKETING_VERSION = 2.2.0;
+				MARKETING_VERSION = 2.2.1;
 				PRODUCT_BUNDLE_IDENTIFIER = "com.dracoon.crypto-sdk";
 				PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
@@ -765,7 +765,7 @@
 					"@executable_path/Frameworks",
 					"@loader_path/Frameworks",
 				);
-				MARKETING_VERSION = 2.2.0;
+				MARKETING_VERSION = 2.2.1;
 				ONLY_ACTIVE_ARCH = NO;
 				PRODUCT_BUNDLE_IDENTIFIER = "com.dracoon.crypto-sdk";
 				PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)";

crypto-sdk/crypto/OpenSslCrypto.m

@@ -55,7 +55,6 @@ - (nullable NSDictionary*)createUserKeyPair:(nonnull NSString*)password keyLengt
 
     NSString *publicKey;
     NSString *privateKey;
-    char *pwd;
 
     BIGNUM *r = BN_new();
     BN_set_word(r, RSA_F4);
@@ -86,16 +85,13 @@ - (nullable NSDictionary*)createUserKeyPair:(nonnull NSString*)password keyLengt
 
     if (SecRandomCopyBytes(kSecRandomDefault, SALT_LENGTH, salt) != errSecSuccess) {
         goto fail_userKey_salt;
-        return nil;
     }
 
-    pwd = OPENSSL_malloc(password.length);
-    createPasswordBuffer(password, pwd);
-
     PKCS8_PRIV_KEY_INFO* info;
     info = EVP_PKEY2PKCS8(pkey);
 
     X509_SIG* sig;
+    const char *pwd = password.UTF8String;
     int pwdLength = (int)strlen(pwd);
     sig = PKCS8_encrypt(-1, EVP_aes_256_cbc(), pwd, pwdLength, salt, 20, ITERATION_COUNT, info);
 
@@ -126,7 +122,6 @@ - (nullable NSDictionary*)createUserKeyPair:(nonnull NSString*)password keyLengt
 fail_userKey_pr:
     OPENSSL_free(sig);
     OPENSSL_free(info);
-    OPENSSL_free(pwd);
     BIO_set_close(mem_pr, BIO_CLOSE);
     BIO_free_all(mem_pr);
 fail_userKey_salt:
@@ -177,13 +172,23 @@ - (nullable RSA*)decryptPrivateKey:(NSString*)privateKey withPassword:(NSString*
         return nil;
     }
 
+    RSA *rsaKey = NULL;
     const char *encryptedPrivateKey = privateKey.UTF8String;
     BIO *bio = BIO_new_mem_buf(encryptedPrivateKey, (int)strlen(encryptedPrivateKey));
 
-    [[NSThread currentThread] threadDictionary][passwordKey] = password;
-    RSA *rsaKey = PEM_read_bio_RSAPrivateKey(bio, NULL, pass_cb, NULL);
-    [[NSThread currentThread] threadDictionary][passwordKey] = NULL;
+    X509_SIG* sig = PEM_read_bio_PKCS8(bio, NULL, NULL, NULL);
+    const char* pwd = [password UTF8String];
+    PKCS8_PRIV_KEY_INFO* info = PKCS8_decrypt(sig, pwd, (int)strlen(pwd));
+    if (info == NULL) {
+        goto fail_decrypt;
+    }
+    EVP_PKEY* pkey = EVP_PKCS82PKEY(info);
+    rsaKey = EVP_PKEY_get1_RSA(pkey);
 
+    OPENSSL_free(info);
+    EVP_PKEY_free(pkey);
+fail_decrypt:
+    OPENSSL_free(sig);
     BIO_set_close(bio, BIO_CLOSE);
     BIO_free_all(bio);
 
@@ -634,36 +639,6 @@ int seed_prng() {
     return status;
 }
 
-static NSString* passwordKey = @"OpenSslPasswordKey";
-
-int pass_cb(char *buf, int size, int rwflag, void *u);
-
-int pass_cb(char *buf, int size, int rwflag, void *u) {
-    NSString* passwordString = [[NSThread currentThread] threadDictionary][passwordKey];
-    int length = (int)passwordString.length;
-
-    char bytes[length];
-    createPasswordBuffer(passwordString, bytes);
-
-    memcpy(buf, bytes, length);
-
-    return length;
-}
-
-void createPasswordBuffer(NSString *str, char* bytes);
-
-void createPasswordBuffer(NSString *str, char* bytes) {
-    // be compatible to Bouncycastle PKCS5PasswordToBytes()
-    int length = (int)str.length;
-    unichar buffer[length];
-
-    [str getCharacters:buffer range:NSMakeRange(0, length)];
-
-    for (int i = 0; i < length; i++) {
-        bytes[i] = buffer[i];
-    }
-}
-
 #pragma mark -
 #pragma mark Helper