diff --git a/Private/privateKey256.pem b/Private/privateKey256.pem new file mode 100644 index 0000000..61d7f5a --- /dev/null +++ b/Private/privateKey256.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIIHjmZWSXyYrRusrK1z3TDaZY5mBeed3vODCxcwu0FsKoAoGCCqGSM49 +AwEHoUQDQgAEsszGIDjEgu6k/MkW+p5Bf+UPEU/jF9bLykzEOzP3rD/HJ2AprRpV +m+PNIaLThIdUTPsO2BBBLH2CaAJ/1x65Wg== +-----END EC PRIVATE KEY----- diff --git a/Private/public.pem b/Private/public.pem new file mode 100644 index 0000000..ad241cc --- /dev/null +++ b/Private/public.pem @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAAH1pxhFDBJWP1yFlEz71+uR19zeS +JCSj3VRcw0bWkx0SSpxBL1O2eYiwE/TaW1Xwmm70FyqOyw+bI6CdWaUlXKIA4AhQ +qKZlYp9mS7OZcjLWnraVQx/JvgCJUUJJLhppGrDPjletpM0qB5fwi+Hjc9cV8KrD +7aAYLz4kRcTSBP9Hc/c= +-----END PUBLIC KEY----- diff --git a/Private/signedMessage/Message.bin b/Private/signedMessage/Message.bin index 0c254f9..44c61df 100644 Binary files a/Private/signedMessage/Message.bin and b/Private/signedMessage/Message.bin differ diff --git a/Private/signedMessage/public-key256.pem b/Private/signedMessage/public-key256.pem new file mode 100644 index 0000000..d6f7e30 --- /dev/null +++ b/Private/signedMessage/public-key256.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsszGIDjEgu6k/MkW+p5Bf+UPEU/j +F9bLykzEOzP3rD/HJ2AprRpVm+PNIaLThIdUTPsO2BBBLH2CaAJ/1x65Wg== +-----END PUBLIC KEY----- \ No newline at end of file diff --git a/Sources/MessageUtils/Enums/SignType.swift b/Sources/MessageUtils/Enums/SignType.swift index 8aa47aa..6f466da 100644 --- a/Sources/MessageUtils/Enums/SignType.swift +++ b/Sources/MessageUtils/Enums/SignType.swift @@ -1,3 +1,5 @@ public enum SignType: UInt32 { case P521 = 10 + case P384 = 11 + case P256 = 12 } \ No newline at end of file diff --git a/Sources/MessageUtils/MessageUtils.swift b/Sources/MessageUtils/MessageUtils.swift index 55eec55..f42178f 100644 --- a/Sources/MessageUtils/MessageUtils.swift +++ b/Sources/MessageUtils/MessageUtils.swift @@ -1,9 +1,10 @@ // The Swift Programming Language // https://docs.swift.org/swift-book -import Foundation import Crypto +import Foundation + public func serializeV1(msg: MessageP) -> Data { let MESSAGE_CAPACITY: Int = countBytes(msg: msg) @@ -63,26 +64,37 @@ public func serializeV1(msg: MessageP) -> Data { return serializedData } - -public func signMessage(msgData: Data, signType: SignType, key: P521.Signing.PrivateKey) throws -> [UInt8] { - let signatureBytes = try signatureBytes(signature: signType) +public func signMessage(msgData: Data, signType: SignType, key: P256.Signing.PrivateKey) throws + -> [UInt8] +{ // UGLY We are hypothesisying that signType is P521 - let signature = try signP521(object: msgData, key: key).map { value in - return value - } + switch signType { + /* case .P521: - return signature + return try signP521(object: msgData, key: key).map { value in + return value + } */ + case .P256: + return try signP256(object: msgData, key: key).map { value in + return value + } + + default: + throw CommonError.SIGNATURE_NOT_SUPPORTED + } } -public func verifyMessageSignature(message: SignedMessage, key: P521.Signing.PublicKey) throws -> Bool { +public func verifyMessageSignature(message: SignedMessage, key: P256.Signing.PublicKey) throws + -> Bool +{ // UGLY Assuming P521 Signature - let msgData = serializeV1(msg: message) - return try verifySignatureP521(signature: Data(message.signature), object: msgData, key: key) - + let msgData = serializeV1(msg: message) + return try verifySignatureP256(signature: Data(message.signature), object: msgData, key: key) + } public func deserializeV1(serializedData: Data) throws -> SignedMessage { @@ -97,8 +109,6 @@ public func deserializeV1(serializedData: Data) throws -> SignedMessage { let signType: SignType = SignType(rawValue: serializedData[4...7].uint32)! // First 8 bytes - let signBytes = try signatureBytes(signature: signType) - let timestamp = serializedData[8...15].double // 8 Bytes @@ -160,10 +170,7 @@ public func deserializeV1(serializedData: Data) throws -> SignedMessage { return value } - // Sanity check signature with signatureType - if signature.count != signBytes { - throw DeserializationError.UNMATCHING_SIGNATURE_TYPE - } + // We can't check for bytes a priori, unluckily return SignedMessage( version: version, @@ -178,7 +185,6 @@ public func deserializeV1(serializedData: Data) throws -> SignedMessage { signature: signature ) } - public func countBytes(msg: MessageP) -> Int { /// @@ -200,14 +206,3 @@ public func countBytes(msg: MessageP) -> Int { return INITIAL_CAPACITY_BYTES + fieldReveservedCapacity } - -public func signatureBytes(signature: SignType) throws -> Int { - switch signature { - - case .P521: - return 132 - - default: - throw CommonError.SIGNATURE_NOT_SUPPORTED - } -} diff --git a/Sources/MessageUtils/Utils/CryptoUtils/Security.swift b/Sources/MessageUtils/Utils/CryptoUtils/Security.swift index f331ba5..c96fbe3 100644 --- a/Sources/MessageUtils/Utils/CryptoUtils/Security.swift +++ b/Sources/MessageUtils/Utils/CryptoUtils/Security.swift @@ -8,6 +8,11 @@ import Foundation public func signP521(object: Data, key: P521.Signing.PrivateKey)throws -> Data { return try key.signature(for: object).rawRepresentation +} + +public func signP256(object: Data, key: P256.Signing.PrivateKey)throws -> Data { + return try key.signature(for: object).rawRepresentation + } /* public func sign(object: T, key: P521.Signing.PrivateKey) throws -> String { @@ -35,24 +40,59 @@ public func verifySignatureP521(signature: Data, object: Data, key: P521.Signing return key.isValidSignature(ecdsa, for: object) } +public func verifySignatureP256(signature: Data, object: Data, key: P256.Signing.PublicKey) throws -> Bool { + + let ecdsa: P256.Signing.ECDSASignature + + do { + ecdsa = try P256.Signing.ECDSASignature(rawRepresentation: signature) + } catch { + throw SecurityError.NotDecodableError + } + + return key.isValidSignature(ecdsa, for: object) +} -// ------------------ -// --- PEM 2 Key ---- -// ------------------ -public func pem2key(filePath: String) throws -> P521.Signing.PrivateKey { + +// ------------------- +// --- PEM 2 Key 521 - +// ------------------- +public func pem2_P521key(filePath: String) throws -> P521.Signing.PrivateKey { let pemURL: URL = URL(filePath: filePath) - return try pem2key(filePem: pemURL) + return try pem2_P521key(filePem: pemURL) } -public func pem2key(filePem: URL) throws -> P521.Signing.PrivateKey { +public func pem2_P521key(filePem: URL) throws -> P521.Signing.PrivateKey { let fileString: String = try String(contentsOf: filePem, encoding: String.Encoding.utf8) - return try pem2key(pemString: fileString) + return try pem2_P521key(pemString: fileString) } -public func pem2key(pemString: String) throws -> P521.Signing.PrivateKey { +public func pem2_P521key(pemString: String) throws -> P521.Signing.PrivateKey { return try P521.Signing.PrivateKey(pemRepresentation: pemString) } + +// ------------------- +// --- PEM 2 Key 256 - +// ------------------- + +public func pem2_P256key(filePath: String) throws -> P256.Signing.PrivateKey { + + let pemURL: URL = URL(filePath: filePath) + + return try pem2_P256key(filePem: pemURL) +} + +public func pem2_P256key(filePem: URL) throws -> P256.Signing.PrivateKey { + + let fileString: String = try String(contentsOf: filePem, encoding: String.Encoding.utf8) + return try pem2_P256key(pemString: fileString) +} + +public func pem2_P256key(pemString: String) throws -> P256.Signing.PrivateKey { + return try P256.Signing.PrivateKey(pemRepresentation: pemString) +} + diff --git a/Sources/MessageUtils/Utils/CryptoUtils/SecurityProtocols.swift b/Sources/MessageUtils/Utils/CryptoUtils/SecurityProtocols.swift new file mode 100644 index 0000000..c4a2116 --- /dev/null +++ b/Sources/MessageUtils/Utils/CryptoUtils/SecurityProtocols.swift @@ -0,0 +1,9 @@ +import Crypto + +public protocol PublicSignKeyP { + +} + +public protocol PrivateSignKeyP { + +} diff --git a/Tests/MessageUtilsTests/MessageUtilsTests.swift b/Tests/MessageUtilsTests/MessageUtilsTests.swift index 6d9e68a..2100874 100644 --- a/Tests/MessageUtilsTests/MessageUtilsTests.swift +++ b/Tests/MessageUtilsTests/MessageUtilsTests.swift @@ -29,7 +29,7 @@ import Testing messageType: .KEEPALIVE, devType: .EDGE_SENSOR, RESERVED: 0, - signType: .P521, + signType: .P256, timestamp: Date(), devID: 1, location: Location(x: 10, y: 20, z: 1), @@ -43,8 +43,8 @@ import Testing } @Test func serializeDeserializeMessage() async throws { - let keyPath = "./Private/privateKey.pem" - let key = try pem2key(filePath: keyPath) + let keyPath = "./Private/privateKey256.pem" + let key = try pem2_P256key(filePath: keyPath) let publicKey = key.publicKey // Write your test here and use APIs like `#expect(...)` to check expected conditions. @@ -53,7 +53,7 @@ import Testing messageType: .KEEPALIVE, devType: .EDGE_SENSOR, RESERVED: 0, - signType: .P521, + signType: .P256, timestamp: Date(), devID: 1, location: Location(x: 10, y: 20, z: 1), @@ -92,21 +92,22 @@ import Testing @Test func serializeMessageForLaterUse() async throws { // Write your test here and use APIs like `#expect(...)` to check expected conditions. - let keyPath = "./Private/privateKey.pem" - let key = try pem2key(filePath: keyPath) + let keyPath = "./Private/privateKey256.pem" + let key = try pem2_P256key(filePath: keyPath) let msg = Message( version: 1, messageType: .KEEPALIVE, devType: .EDGE_SENSOR, RESERVED: 0, - signType: .P521, + signType: .P256, timestamp: Date(), - devID: 1, + devID: 120, location: Location(x: 10, y: 20, z: 1), fields: [ Field(key: Array("valueOfLife".utf8), value: Array("42".utf8)), Field(key: Array("Live Love".utf8), value: Array("Laugh".utf8)), + Field(key: Array("Covfefe".utf8), value: Array("1.20f".utf8)), ] ) @@ -116,6 +117,6 @@ import Testing data.append(Data(signature)) try data.write(to: URL(filePath: "./Private/signedMessage/Message.bin")) - try key.publicKey.pemRepresentation.write(to: URL(filePath: "./Private/signedMessage/public-key.pem"), atomically: true, encoding: String.Encoding.utf8) + try key.publicKey.pemRepresentation.write(to: URL(filePath: "./Private/signedMessage/public-key256.pem"), atomically: true, encoding: String.Encoding.utf8) }