Swift cross-platform crypto library using CommonCrypto/libcrypto

Last update: Oct 15, 2022

Overview

BlueCryptor

Swift cross-platform crypto library derived from IDZSwiftCommonCrypto.

IMPORTANT NOTE: This release is NOT entirely source code compatible with previous releases. There are instances where exceptions are thrown now instead of the framework calling fatalError(). This means that there are more recoverable errors in the library than before. The only time that fatalError() is called is to indicate either a programming error or a non-recoverable system error.

Note: On macOS and iOS, BlueCryptor uses the Apple provided CommonCrypto library. On Linux, it uses libcrypto from the OpenSSL project.

Prerequisites

Swift

Swift Open Source swift-4.0.0-RELEASE toolchain (Minimum REQUIRED for latest release)
Swift Open Source swift-4.2-RELEASE toolchain (Recommended)
Swift toolchain included in Xcode Version 10.0 (10A255) or higher.

macOS

macOS 10.11.6 (El Capitan) or higher.
Xcode Version 9.0 or higher using one of the above toolchains.
Xcode Version 10.0 (10A255) or higher using the included toolchain (Recommended).
CommonCrypto is provided by macOS.

iOS

iOS 10.0 or higher
Xcode Version 9.0 or higher using one of the above toolchains.
Xcode Version 10.0 (10A255) or higher using the included toolchain (Recommended).
CommonCrypto is provided by iOS.

Linux

Ubuntu 16.04 (or 16.10 but only tested on 16.04) and 18.04.
One of the Swift Open Source toolchain listed above.
OpenSSL is provided by the distribution. Note: 1.0.x, 1.1.x and later releases of OpenSSL are supported.
The appropriate libssl-dev package is required to be installed when building.

Build

To build Cryptor from the command line:

% cd <path-to-clone>
% swift build

Testing

To run the supplied unit tests for Cryptor from the command line:

% cd <path-to-clone>
% swift build
% swift test

Getting started

Including in your project

Swift Package Manager

To include BlueCryptor into a Swift Package Manager package, add it to the dependencies attribute defined in your Package.swift file. You can select the version using the majorVersion and minor parameters. For example:

	dependencies: [
		.Package(url: "https://github.com/IBM-Swift/BlueCryptor.git", majorVersion: <majorVersion>, minor: <minor>)
	]

Carthage

To include BlueCryptor in a project using Carthage, add a line to your Cartfile with the GitHub organization and project names and version. For example:

	github "IBM-Swift/BlueCryptor" ~> <majorVersion>.<minor>

CocoaPods

To include BlueCryptor in a project using CocoaPods, you just add BlueCryptor to your Podfile, for example:

    platform :ios, '10.0'

    target 'MyApp' do
        use_frameworks!
        pod 'BlueCryptor'
    end

Before starting

The first thing you need to do is import the Cryptor framework. This is done by the following:

import Cryptor

API

Cryptor

The following code demonstrates encryption and decryption using AES single block CBC mode using optional chaining.

let key = CryptoUtils.byteArray(fromHex: "2b7e151628aed2a6abf7158809cf4f3c")
let iv = CryptoUtils.byteArray(fromHex: "00000000000000000000000000000000")
let plainText = CryptoUtils.byteArray(fromHex: "6bc1bee22e409f96e93d7e117393172a")

var textToCipher = plainText
if plainText.count % Cryptor.Algorithm.aes.blockSize != 0 {
	textToCipher = CryptoUtils.zeroPad(byteArray: plainText, blockSize: Cryptor.Algorithm.aes.blockSize)
}
do {
	let cipherText = try Cryptor(operation: .encrypt, algorithm: .aes, options: .none, key: key, iv: iv).update(byteArray: textToCipher)?.final()
		
	print(CryptoUtils.hexString(from: cipherText!))
		
	let decryptedText = try Cryptor(operation: .decrypt, algorithm: .aes, options: .none, key: key, iv: iv).update(byteArray: cipherText!)?.final()

	print(CryptoUtils.hexString(from: decryptedText!))
} catch let error {
	guard let err = error as? CryptorError else {
		// Handle non-Cryptor error...
		return
	}
	// Handle Cryptor error... (See Status.swift for types of errors thrown)
}

Digest

The following example illustrates generating an MD5 digest from both a String and an instance of NSData.

let qbfBytes : [UInt8] = [0x54,0x68,0x65,0x20,0x71,0x75,0x69,0x63,0x6b,0x20,0x62,0x72,0x6f,0x77,0x6e,0x20,0x66,0x6f,0x78,0x20,0x6a,0x75,0x6d,0x70,0x73,0x20,0x6f,0x76,0x65,0x72,0x20,0x74,0x68,0x65,0x20,0x6c,0x61,0x7a,0x79,0x20,0x64,0x6f,0x67,0x2e]
let qbfString = "The quick brown fox jumps over the lazy dog."

// String...
let md5 = Digest(using: .md5)
md5.update(string: qfbString)
let digest = md5.final()

// NSData using optional chaining...
let qbfData = CryptoUtils.data(from: qbfBytes)
let digest = Digest(using: .md5).update(data: qbfData)?.final()

HMAC

The following demonstrates generating an SHA256 HMAC using byte arrays for keys and data.

let myKeyData = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
let myData = "4869205468657265"
let key = CryptoUtils.byteArray(fromHex: myKeyData)
let data : [UInt8] = CryptoUtils.byteArray(fromHex: myData)

let hmac = HMAC(using: HMAC.Algorithm.sha256, key: key).update(byteArray: data)?.final()

Key Derivation

The following illustrates generating a key using a password, salt, number of rounds and a specified derived key length using the SHA1 algorithm. Then it shows how to generate a String from resultant key.

let password = "password"
let salt = salt
let rounds: UInt = 2
let derivedKeyLen = 20
do {
	let key = PBKDF.deriveKey(fromPassword: password, salt: salt, prf: .sha1, rounds: rounds, derivedKeyLength: derivedKeyLen)
	let keyString = CryptoUtils.hexString(from: key)
} catch let error {
	guard let err = error as? CryptorError else {
		// Handle non-Cryptor error...
		return
	}
	// Handle Cryptor error... (See Status.swift for types of errors thrown)
}

Random Byte Generation

The following demonstrates generating random bytes of a given length.

let numberOfBytes = 256*256
do {
	let randomBytes = try Random.generate(byteCount: numberOfBytes)
} catch {
  	print("Error generating random bytes")
}

Utilities

Cryptor also provides a set of data manipulation utility functions for conversion of data from various formats:

To byteArray ([UInt8])
- From hex string
- From UTF8 string
To Data
- From hex string
- From byte array ([UInt8])
To NSData
- From hex string
- From byte array ([UInt8])
To NSString
- From byte array ([UInt8])
To hexList (String)
- From byte array ([UInt8])

Also provided are an API to pad a byte array ([UInt8]) such that it is an integral number of block size in bytes long.

func zeroPad(byteArray: [UInt8], blockSize: Int) -> [UInt8]
func zeroPad(string: String, blockSize: Int) -> [UInt8]

Restrictions

The following algorithm is not available on Linux since it is not supported by OpenSSL.

Digest: MD2

In all cases, use of unsupported APIs or algorithms will result in a Swift fatalError(), terminating the program and should be treated as a programming error.

Community

We love to talk server-side Swift and Kitura. Join our Slack to meet the team!

License

This library is licensed under Apache 2.0. Full license text is available in LICENSE.

Comments

RSA Signing

What would it take to extend this library to support RSA in addition to HMAC? I'd like to use it for signing JWT tokens, but Google only supports RS256.

Looks like CommonCrypto supports it, so I'm assuming OpenSSL does too.
enhancement

opened by collinhundley 26
Invalid Exclude in Xcode 13
Since upgrading to Xcode 13, I'm seeing an Invalid Exclude warning message indicating that the requested file cannot be found.

This applies to:

Cryptor.xcodeproj

Sources/Info.plist

README.md
opened by adam-redboxmobile 15
ECDSA support

In SwiftJWT, we would like to support ES256. This requires the JWT be signed/verified using ECDSA. BlueCryptor seems like the right place to implement a common API for the Elliptic curve algorithm.

OpenSSL has an implementation that is documented here. This could be used for the linux implementation.

Apple security has an implementation that is documented here. This could be used for the iOS/MacOS implementation.

@billabt This approach is fairly similar to BlueRSA. Is there a reason you made BlueRSA a separate repo instead of incorporating it into BlueCryptor?
enhancement

opened by Andrew-Lees11 9
CHTTParser error when running swift build

Hi guys,

So i am a newbie, and in my environment, im running Kaitura over Docker. I get the following error, which I believe is related to the Crypto library, when i run swift build:

/projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ Compile Swift Module 'LoggerAPI' (1 sources) /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ Compile Swift Module 'Core' (28 sources) Compile Swift Module 'Node' (22 sources) /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ /projects/project7/.build/debug/CHTTPParser.build/module.modulemap:2:14: error: umbrella directory '/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include' not found umbrella "/Users/doronkatz/Development/Server/project7/Packages/CHTTPParser-0.3.0/Sources/CHTTPParser/include" ^ <unknown>:0: error: build had 5 command failures error: exit(1): /root/swift-3.0.1-RELEASE-ubuntu16.04/usr/bin/swift-build-tool -f /projects/project7/.build/debug.yaml

My Package.swift is as follows:

` import PackageDescription

let package = Package( name: "project7", dependencies: [ .Package(url: "https://github.com/IBM-Swift/Kitura.git", majorVersion: 1), .Package(url: "https://github.com/IBM-Swift/HeliumLogger.git", majorVersion: 1), .Package(url: "https://github.com/IBM-Swift/BlueCryptor.git", majorVersion: 0, minor: 8), .Package(url: "https://github.com/vapor/mysql.git", majorVersion: 1), ] ) `

Im on Swift 3.0.1. Not sur what else I can do on my end... Any assistance would be great. When i took out crypto the build worked.

Thanks!

opened by doronkatz 7
silence compiler warnings
Silence Compiler Warnings on Xcode 13

Motivation and Context

Clean Build(™)

How Has This Been Tested?

Xcode 13 with swift 5.5 rebuild

Checklist:

[x] I have submitted a CLA form

[x] If applicable, I have updated the documentation accordingly.

[x] If applicable, I have added tests to cover my changes.
opened by mman 4
fix: make byteArray return empty array on failure instead of fatal error
Description

This PR changes byteArray so that on failure it returns an empty array instead of throwing a fatal error.

Motivation and Context

This is required because you make pass user code into the function (such as in Kitura-Session where a users Cookie is decoded). If it throws a fatal error on failure then a user can crash the system. If it returns an empty array the application can handle this in the correct way.

How Has This Been Tested?

This has been tested within Kitura-Session. Using this code makes the session reject the cookie instead of throwing a fatal error and crashing the server.

Checklist:

[x] I have submitted a CLA form

[x] If applicable, I have updated the documentation accordingly.
opened by Andrew-Lees11 4
Replace some fatalError's by optional/Result/throws

I'm using Cryptor for doing signed+encrypted cookies, as well as encrypted values in url params, for example an unsubscribe link in an email that allows quick removal from newsletters.

The library currently fatalError's a lot. Some of it seems reasonable, like using an unsupported encryption algorithm. However, fatalError's are also used for malformed data, which could happen if the user tampers with cookies, urls, etc... This means a user can crash a server using Cryptor very easily.

Should all uses of fatalError be audited to convert most to use optionals, Result or throws?

opened by mbrandonw 4
Detect Invalid Initialization Vector Size.

Since this code is based on IDZSwiftCommonCrypto it has inherited some of that library's flaws. While the library currently pays quite a bit of attention to keys, it has no error checking on IV size.

If a user supplies too small an IV, some uninitialized bytes will used by CommonCrypto. This is not a security risk, it just leads to incorrect results and difficult to track down bugs.

We're adding additional error checking to try to catch these problems before they occur.

You may want to take a look at https://github.com/iosdevzone/IDZSwiftCommonCrypto/pull/79 to see the changes we're making!

opened by iosdevzone 4
Code formatting changes for readability
Description

Splits dictionaries into more digestible blocks and aligns them in a more readable way.

Fixes some formatting issues with the documentation.

Motivation and Context

This PR simply aims to make the code more readable.

How Has This Been Tested?

No logic changes were made. Existing tests were run and passed.
opened by alexpersian 4
Removed warnings found in Swift 4.1

There are a low level API changes in Swift 4.1 which were giving warnings in other projects that depended on this repo, such as Kitura Websocket.

This PR just adds some conditional checks to use the relevant API depending on the Swift version.

Ran the test suite locally and built locally too on Swift 3.1.1, 4.0.3 and 4.1. I have added Travis builds for these Swift versions too.

opened by KyeMaloy97 3
Removed the team from the General Signing and update the project to support iOS 9.0
Description

Motivation and Context

How Has This Been Tested?

Checklist:

[ ] I have submitted a CLA form

[ ] If applicable, I have updated the documentation accordingly.

[ ] If applicable, I have added tests to cover my changes.
opened by laurentmorvillier 3
Removed support for cryptographically broken algorithms MD2, MD4, MD5
Addresses the deprecation that has been there since iOS 13

Also added a project file to the repo to make future maintenance easier

Description

Removing all the code supporting MD2, MD4, MD5

They have been deprecated by Apple for being cryptographically broken

Cleans up warnings seen by anyone targeting an iOS version >13.0

Also included a project file to make future updates & testing easier

Motivation and Context

Issue: #77

Trying to eliminate warnings we see in our application (from consuming SwiftJWT, which consumes this)

How Has This Been Tested?

Unit testing in the repo/code. Also verified passivity in our application.

Checklist:

[x] I have submitted a CLA form (as on other PRs, submitted one electronically, so, assuming that would apply to this, too?)

[x] If applicable, I have updated the documentation accordingly.

[x] If applicable, I have added tests to cover my changes.
opened by LowAmmo 1
Remove support for deprecated cryptographic options (MD2, MD4, MD5) & release to cocoapods

Looks like Apple is considering MD2, MD4, M5 "cryptographically broken"

'CC_MD2_Final' was deprecated in iOS 13.0: This function is cryptographically broken and should not be used in security contexts. Clients should migrate to SHA256 (or stronger).

So, might as well remove those options.

Then, once the options are removed - would be awesome to release the new version to cocoapods! 😄

(working on a PR to address, now)

-Thanks!

opened by LowAmmo 0

Getting " " (empty) Decrypted string from update function

class func decrypt(encodedData: String, secret: String, algorithm: String) -> String {
        do {
            let key = Array(secret.utf8)
            let bytes = encodedData.hexaBytes
            let cryptor = try Cryptor(operation:.decrypt, algorithm:.aes256, options:[.ecbMode, .pkcs7Padding], key:key, iv:[UInt8]())
            if let decrypted = cryptor.update(byteArray: bytes)?.final() {
                return String(bytes: decrypted, encoding: .utf8) ?? ""
            }
        } catch {
            print(error)
        }
        return ""
}

i am using above function to decrypt data. it will returning blank "" string. i am using .ecbMode and .pkcs7Padding pattern also i am getting key and bytes data successfully. issue in cryptor.update function.

opened by nirav-kotecha 0

Invalid Triple-DES encryption result

Hi everyone,

I'm going to implement the Triple-DES to encrypt a password and I'm using the following command to validate the encryption output. Screen Shot 2022-06-01 at 3 47 48 PM

but I got a different encryption result.

Here's my code

func tripleDesEncrypt(inputStr: String, keyStr: String) -> String? {
        let key = CryptoUtils.byteArray(fromHex: keyStr)
        let iv = CryptoUtils.byteArray(fromHex: "0000000000000000")
        let plainText = CryptoUtils.byteArray(fromHex: inputStr)
        
        var textToCipher = plainText
        if plainText.count % Cryptor.Algorithm.tripleDes.blockSize != 0 {
            textToCipher = CryptoUtils.zeroPad(byteArray: plainText, blockSize: Cryptor.Algorithm.tripleDes.blockSize)
        }
        do {
            let cipherText = try Cryptor(operation: .encrypt, algorithm: .tripleDes, options: .pkcs7Padding, key: key, iv: iv).update(byteArray: textToCipher)?.final()
            
            print(CryptoUtils.hexString(from: cipherText!))

        } catch let error {
            guard let err = error as? CryptorError else {
                return nil
            }
            
            print(err.description)
        }
        
        return nil
    }

Input inputStr: 0592389EDCBA96FF keyStr: 0123456789abcdeffedcba9876543210

Output d9f8e02413307c829b81df2a39d8c603

The right output should be a25fbc3a3ed409102e24eeb85aef49ae

Please advise.

opened by MohamedT-Silverkey 0

custom framework build failing with no full bitcode error

Hi Everyone, I am very new to iOS so this might be a stupid question, but please help me out. I am using the BlueCryptor for doing some encryptions in my custom framework. I added the BlueCryptor to the framework through SwiftPackages->AddNewPackage. All the functionality is working fine.

I am using my framework in an app which needs bitcode to be enabled. So I added this user-defined build setting in my fraework: BITCODE_GENERATION_MODE(https://medium.com/@heitorburger/static-libraries-frameworks-and-bitcode-6d8f784478a9)

Now the build is failing with :

ld: bitcode bundle could not be generated because '/Users/ds/Library/Developer/Xcode/DerivedData/customFramework-excnpjvylyjcgnahfenjtaqmjjmf/Build/Products/Release-iphoneos/Cryptor.o' was built without full bitcode. All object files and libraries for bitcode must be generated from Xcode Archive or Install build file '/Users/ds/Library/Developer/Xcode/DerivedData/customFramework-excnpjvylyjcgnahfenjtaqmjjmf/Build/Products/Release-iphoneos/Cryptor.o' for architecture arm64 clang: error: linker command failed with exit code 1 (use -v to see invocation)

opened by Tharunreddych 1

Releases(2.0.1)

2.0.1(Oct 21, 2021)

Source code(tar.gz)
Source code(zip)
2.0.0(Oct 21, 2021)

Source code(tar.gz)
Source code(zip)
1.0.32(Feb 27, 2018)
Version 1.0

Swift cross-platform crypto library derived from [IDZSwiftCommonCrypto]Swift cross-platform crypto library derived from IDZSwiftCommonCrypto.

IMPORTANT NOTE: This release is NOT entirely source code compatible with previous releases. There are instances where exceptions are thrown now instead of the framework calling fatalError(). This means that there are more recoverable errors in the library than before. The only time that fatalError() is called is to indicate either a programming error or a non-recoverable system error.

Note: On macOS and iOS, BlueCryptor uses the Apple provided CommonCrypto library. On Linux, it uses libcrypto from the OpenSSL project.

Prerequisites

Swift

Swift Open Source swift-4.0.0-RELEASE toolchain (Minimum REQUIRED for latest release)

Swift Open Source swift-5.0-RELEASE toolchain (Recommended)

Swift toolchain included in Xcode Version 10.2 (10E125) or higher.

macOS

macOS 10.11.6 (El Capitan) or higher.

Xcode Version 9.0 (9A325) or higher using one of the above toolchains.

Xcode Version 10.2 (10E125) or higher using the included toolchain (Recommended).

iOS

iOS 10.0 or higher

Xcode Version 9.0 (9A325) or higher using one of the above toolchains.

Xcode Version 10.2 (10E125) or higher using the included toolchain (Recommended).

Linux

Ubuntu 16.04 (or 16.10 but only tested on 16.04 and 18.04).

One of the Swift Open Source toolchain listed above.

OpenSSL is provided by the distribution. Note: 1.0.x, 1.1.x and later releases of OpenSSL are supported.

Changes since 1.0.0

Fixed warnings from Swift 4.1, added build support for 3.1.1 thru 4.1. PR #34.

Make Swift 4.1 the default compiler. Issue #35.

Support for Xcode 10 Beta. PR #38.

Added Swift 4.2 builds to CI.

Added scheme for building iOS version of BlueCryptor and made it shared. Issue #43.

Update README to specify libssl-dev as a requirement for building on Linux. Issue #42.

Minor license update.

Updates for Xcode 10 to project.

Swift 4.2 support. PR #46

Make Swift 4.2 the default compiler in project.

Revert (#46) to use OpenSSL module in 4.2 format. PR #47.

Update recommendations to Swift 4.2 and Xcode 10.

Added support for OpenSSL 1.1.x as well as OpenSSL 1.0.x.

Added CI support for building with Swift 5. PR #49.

Removed requirement of Swift 4.2 to support OpenSSL 1.1.x. OpenSSL 1.1.x is now supported using Swift 4.0, 4.1 and 4.2.

Update CI support to use Swift 4.2.3. PR #52

byteArray utility method will now return an empty array if the input array contains invalid hex digits. Note: This function previously resulted in a fatal error under these circumstances. PR #53. In a future release, this function will throw an exception when encountering invalid hex digits.

Update to Swift 5.0. PR #54.

Cleanup warnings on Linux. PR #57, #58.

Fixed warning showing up on Xcode 11. PR #60.

Add CI support for Xcode 11.

Fixed some linter warnings, update to Swift 5.1. PR #62

Source code(tar.gz)
Source code(zip)
0.8.27(Nov 17, 2016)
This release minimally requires use of the swift-3.1.1-RELEASE toolchain or the swift-4.0.0-RELEASE toolchain which is recommended.

Compatible with Xcode 9.0 (9A235) General Release or higher using one of the above toolchains.

Removed old restriction on Digest by now allowing the Data extension to work on Linux as well as macOS.

Renamed Updateable protocol to Updatable.

Added new Data based update function to Updatable.

Added support for SHA1 algorithm in both Digest and HMAC.

For every function that took a NSData, there is now an equivalent function that takes a Data object.

Added tests for new Data based functions.

Allow use on iOS, tvOS and watchOS as well as macOS.

Removed the inout modifier from the update(data: Data) function in Updatable extension. It was unnecessary. See issue #7 for more details.

Added CI (PR#6).

Removed RSA stub. This will be replaced by a forthcoming RSA-centric cross-platform package in the near future.

Merged PR #20 to fix a memory leak on Linux.

Added iOS target to supplied Xcode project.

Merged PR #23 to improve documentation formatting.

Support of Xcode 9 Beta.

Support for Swift 4.

Detect an invalid initialization vector size passed in to the StreamCryptor initializers. Issue #26.

Fixed problem with passing the size of an IV passed as a String. Need to account for all the bytes not just the character length which could be different.

Added additional tests to cover issue #26.

Added CocoaPod support (not quite functional yet).

Remove build on Xcode 8.3.

CI updates.

Completed audit of fatalErrors as per issue #30 . Next step will be the code changes. No code changes with this release, just added comments where fatalError() calls will be removed in a future release and replaced by exceptions and/or Status changes.

Source code(tar.gz)
Source code(zip)
0.6.1(Aug 16, 2016)
This release requires use of the swift-DEVELOPMENT-SNAPSHOT-2016-08-015-a toolchain.

Compatible with Xcode 8 Beta 6 using the above toolchains.

Removed old restriction on Digest by now allowing the Data extension to work on Linux as well as macOS.

Renamed Updateable protocol to Updatable.

Added new Data based update function to Updatable.

Added support for SHA1 algorithm in both Digest and HMAC.

For every function that took a NSData, there is now an equivalent function that takes a Data object.

Added tests for new Data based functions.

Source code(tar.gz)
Source code(zip)
0.5.6(Aug 6, 2016)
This release requires use of the swift-DEVELOPMENT-SNAPSHOT-2016-08-04-a toolchain or the new swift-DEVELOPMENT-SNAPSHOT-2016-08-07-a toolchain.

Compatible with Xcode 8 Beta 5 using either of the above toolchains.

Removed old restriction on Digest by now allowing the Data extension to work on Linux as well as macOS.

Renamed Updateable protocol to Updatable.

Added new Data based update function to Updatable.

Added support for SHA1 algorithm in both Digest and HMAC.

For every function that took a NSData, there is now an equivalent function that takes a Data object.

Added tests for new Data based functions.

Source code(tar.gz)
Source code(zip)
0.4.0(Jul 26, 2016)

This release requires use of the new swift-DEVELOPMENT-SNAPSHOT-2016-07-25-a toolchain.

Note: Due to inconsistencies in the implementation of Data on macOS and Linux, this release continues to use the NSData and NSMutableData types. Once these inconsistencies are rectified, the Data type will be adopted.
Source code(tar.gz)
Source code(zip)
0.3.0(Jun 22, 2016)

This release requires use of the new swift-DEVELOPMENT-SNAPSHOT-2016-06-20-a toolchain. No other changes.
Source code(tar.gz)
Source code(zip)
0.2.5(May 25, 2016)
Dependency CCrypto was renamed to OpenSSL.

Support both 5/09, 5/31 and 6/06 toolchains.

Source code(tar.gz)
Source code(zip)
0.2.1(Apr 29, 2016)

Added new defaultKeySize public var to StreamCryptor.Algorithm for ease in determining the key size to use.
Source code(tar.gz)
Source code(zip)