diff --git a/Package.resolved b/Package.resolved index 07da1b7..109f4d1 100644 --- a/Package.resolved +++ b/Package.resolved @@ -12,10 +12,10 @@ }, { "package": "secp256k1", - "repositoryURL": "https://github.com/gnosis/secp256k1.swift.git", + "repositoryURL": "https://github.com/status-im/secp256k1.swift.git", "state": { "branch": "master", - "revision": "43bb7f4e4cfa6317272c50b9dae4e88e53e258c0", + "revision": "d2c49786e9245d77f4eba6ce78a87f87506623c5", "version": null } } diff --git a/Package.swift b/Package.swift index 40926e9..3cbdd1a 100644 --- a/Package.swift +++ b/Package.swift @@ -15,7 +15,7 @@ let package = Package( targets: ["Keycard"]), ], dependencies: [ - .package(url: "https://github.com/gnosis/secp256k1.swift.git", .branch("master")), + .package(url: "https://github.com/status-im/secp256k1.swift.git", .branch("master")), .package(url: "https://github.com/krzyzanowskim/CryptoSwift.git", .upToNextMinor(from: "1.0.0")) ], diff --git a/README.md b/README.md index 5b5797e..844b8cd 100644 --- a/README.md +++ b/README.md @@ -5,11 +5,3 @@ This is a Swift SDK to integrate [Keycard](https://github.com/status-im/status-k This SDK is a work in progress, please check the Issues to contribute. To integrate Keycard with Android or Desktop, please refer to [Keycard Java SDK](https://github.com/status-im/status-keycard-java). Keycard also has a [Go SDK](https://github.com/status-im/keycard-go/). - - -Xcode generated project -libsecp256k1 header search paths missing "$(SRCROOT)/../secp2561k/Classes" prefixes - -https://forums.swift.org/t/headersearchpath-issue/26468/6 - - diff --git a/Sources/Keycard/Crypto.swift b/Sources/Keycard/Crypto.swift index d420ba7..c62743b 100644 --- a/Sources/Keycard/Crypto.swift +++ b/Sources/Keycard/Crypto.swift @@ -59,23 +59,8 @@ class Crypto { } } - func pbkdf2(password: String, salt: [UInt8], iterations: Int, hmac: PBKDF2HMac) -> [UInt8] { - let keyLength: Int - let variant: HMAC.Variant - - switch hmac { - case .sha256: - keyLength = 32 - variant = .sha256 - case .sha512: - keyLength = 64 - variant = .sha512 - } - - return try! PKCS5.PBKDF2(password: Array(password.utf8), salt: salt, iterations: iterations, keyLength: keyLength, variant: variant).calculate() - } - - func new_pbkdf2(password: String, salt: [UInt8], iterations requiredIterations: Int? = nil, hmac: PBKDF2HMac) -> [UInt8] { + func pbkdf2(password: String, salt: [UInt8], iterations requiredIterations: Int? = nil, hmac: PBKDF2HMac) -> [UInt8] { + // implemented using CommonCrypto because it is much faster (ms vs s) on the device than CryptoSwfit implementation. let keyLength: Int let prf: CCPseudoRandomAlgorithm diff --git a/Sources/Keycard/KeycardCommandSet.swift b/Sources/Keycard/KeycardCommandSet.swift index fb62066..0dfdc78 100644 --- a/Sources/Keycard/KeycardCommandSet.swift +++ b/Sources/Keycard/KeycardCommandSet.swift @@ -14,7 +14,10 @@ public class KeycardCommandSet { } func pairingPasswordToSecret(password: String) -> [UInt8] { - Crypto.shared.new_pbkdf2(password: password, salt: Array("Keycard Pairing Password Salt".utf8), iterations: cardChannel.pairingPasswordPBKDF2IterationCount, hmac: PBKDF2HMac.sha256) + Crypto.shared.pbkdf2(password: password, + salt: Array("Keycard Pairing Password Salt".utf8), + iterations: cardChannel.pairingPasswordPBKDF2IterationCount, + hmac: PBKDF2HMac.sha256) } public func select(instanceIdx: UInt8 = 1) throws -> APDUResponse { diff --git a/Sources/Keycard/Logger.swift b/Sources/Keycard/Logger.swift index 2043d8b..cb686bb 100644 --- a/Sources/Keycard/Logger.swift +++ b/Sources/Keycard/Logger.swift @@ -5,7 +5,7 @@ open class Logger { static var shared: Logger = Logger() - public var isEnabled = true + public var isEnabled = false public init() {} diff --git a/Sources/Keycard/Mnemonic.swift b/Sources/Keycard/Mnemonic.swift index 63a5c26..7d482b8 100644 --- a/Sources/Keycard/Mnemonic.swift +++ b/Sources/Keycard/Mnemonic.swift @@ -4,7 +4,10 @@ class Mnemonic { static let bip39IterationCount = 2048 static func toBinarySeed(mnemonicPhrase: String, password: String = "") -> [UInt8] { - Crypto.shared.new_pbkdf2(password: mnemonicPhrase, salt: Array(("mnemonic" + password).utf8), iterations: Mnemonic.bip39IterationCount, hmac: PBKDF2HMac.sha512) + Crypto.shared.pbkdf2(password: mnemonicPhrase, + salt: Array(("mnemonic" + password).utf8), + iterations: Mnemonic.bip39IterationCount, + hmac: PBKDF2HMac.sha512) } let indexes: [UInt16] diff --git a/Tests/KeycardTests/CryptoTests.swift b/Tests/KeycardTests/CryptoTests.swift index 8c5f203..a315722 100644 --- a/Tests/KeycardTests/CryptoTests.swift +++ b/Tests/KeycardTests/CryptoTests.swift @@ -17,28 +17,4 @@ final class CryptoTests: XCTestCase { XCTAssertEqual(decryptedText, plaintext) } - func test_pbkdf() { - let password = "123456" - let salt = [UInt8]("Keycard Pairing Password Salt".utf8) - let hmac = PBKDF2HMac.sha256 - let iterations = 100 - let old = Crypto.shared.new_pbkdf2(password: password, salt: salt, iterations: iterations, hmac: hmac) - let new = Crypto.shared.pbkdf2(password: password, salt: salt, iterations: iterations, hmac: hmac) - XCTAssertEqual(new, old) - } - - func test_cmac() { - continueAfterFailure = false - let plaintext = "Hello, World!" - let plaintextBytes = [UInt8](plaintext.utf8) - let (sk, pk) = Crypto.shared.secp256k1GeneratePair() - let secret = Crypto.shared.secp256k1ECDH(privKey: sk, pubKey: pk) - let fullKey = Crypto.shared.sha512(secret) - XCTAssertEqual(fullKey.count, 64) - let macKey = Array(fullKey[48...]) - XCTAssertEqual(macKey.count, 16) - let data = Crypto.shared.aes256CMac(data: plaintextBytes, key: macKey) - XCTAssertFalse(data.isEmpty) - } - }