Compare commits

...

7 commits
0.1.0 ... main

Author SHA1 Message Date
Shibo Lyu
94a251ed0c fix: dependencies & concurrency markups 2025-04-24 15:25:55 +08:00
Shibo Lyu
c600a12016 doc: Add Swift Package Index badges to README 2025-04-23 16:35:15 +08:00
Shibo Lyu
d2657b54f3 feat: Add configurable buffer size for file signature verification 2025-04-23 16:32:47 +08:00
Shibo Lyu
e10a2449c8 fix: SwiftPM language versions property name 2025-04-23 16:18:30 +08:00
Shibo Lyu
1a762651b6 fix: supported platforms 2025-04-23 11:00:33 +08:00
Shibo Lyu
2248fe8c01 Add Swift 5.8+ package configuration for backward compatibility with old
toolchains
2025-04-22 19:24:19 +08:00
Shibo Lyu
17aa683ffd Add Sendable conformance to Minisign types. 2025-04-22 19:22:45 +08:00
4 changed files with 57 additions and 11 deletions

View file

@ -8,9 +8,8 @@ let package = Package(
platforms: [
.macOS(.v10_15),
.iOS(.v13),
.visionOS(.v1),
.watchOS(.v6),
.tvOS(.v13),
.watchOS(.v6)
],
products: [
// Products define the executables and libraries a package produces, making them visible to other packages.
@ -28,7 +27,7 @@ let package = Package(
.default(enabledTraits: ["UseSwiftCrypto"]),
],
dependencies: [
.package(url: "https://github.com/apple/swift-crypto", from: "2.0.0"),
.package(url: "https://github.com/apple/swift-crypto", "1.0.0" ..< "4.0.0"),
.package(url: "https://github.com/lovetodream/swift-blake2", from: "0.1.0")
],
targets: [
@ -45,5 +44,6 @@ let package = Package(
name: "MinisignTests",
dependencies: ["Minisign"]
),
]
],
swiftLanguageModes: [.v6]
)

43
Package@swift-5.9.swift Normal file
View file

@ -0,0 +1,43 @@
// swift-tools-version: 5.9
import PackageDescription
let package = Package(
name: "Minisign",
platforms: [
.macOS(.v10_15),
.iOS(.v13),
.watchOS(.v6),
.tvOS(.v13),
],
products: [
// Products define the executables and libraries a package produces, making them visible to other packages.
.library(
name: "Minisign",
targets: ["Minisign"]
)
],
dependencies: [
.package(url: "https://github.com/apple/swift-crypto", "1.0.0" ..< "4.0.0"),
.package(url: "https://github.com/lovetodream/swift-blake2", from: "0.1.0"),
],
targets: [
// Targets are the basic building blocks of a package, defining a module or a test suite.
// Targets can depend on other targets in this package and products from dependencies.
.target(
name: "Minisign",
dependencies: [
.product(name: "Crypto", package: "swift-crypto"),
.product(name: "BLAKE2", package: "swift-blake2"),
],
swiftSettings: [
.define("UseSwiftCrypto")
]
),
.testTarget(
name: "MinisignTests",
dependencies: ["Minisign"]
),
],
swiftLanguageVersions: [.version("6"), .v5]
)

View file

@ -1,10 +1,14 @@
# Swift Minisign
[![](https://img.shields.io/endpoint?url=https%3A%2F%2Fswiftpackageindex.com%2Fapi%2Fpackages%2Flaosb%2Fswift-minisign%2Fbadge%3Ftype%3Dplatforms)](https://swiftpackageindex.com/laosb/swift-minisign)
[![](https://img.shields.io/endpoint?url=https%3A%2F%2Fswiftpackageindex.com%2Fapi%2Fpackages%2Flaosb%2Fswift-minisign%2Fbadge%3Ftype%3Dswift-versions)](https://swiftpackageindex.com/laosb/swift-minisign)
Swift implementation of Minisign, a simple and secure tool for signing and verifying files.
This is a fork of [slarew/swift-minisign](https://github.com/slarew/swift-minisign), with these improvements:
- Convenient & efficient API for verifying (big) files
- `Sendable` conformance & full Swift 6 support
- Replaced C wrapping `swift-crypto-blake2` with [pure Swift implementation of blake2b](https://github.com/lovetodream/swift-blake2).
- For Apple platforms, Swift Crypto dependency is now optional, controllable via trait `UseSwiftCrypto`.

View file

@ -6,12 +6,12 @@ import BLAKE2
import Foundation
#if UseSwiftCrypto
import Crypto
@preconcurrency import Crypto
#else
import CryptoKit
@preconcurrency import CryptoKit
#endif
public enum SignatureAlgorithm: RawRepresentable {
public enum SignatureAlgorithm: Sendable, RawRepresentable {
case pureEdDSA
case hashedEdDSA
@ -39,7 +39,7 @@ public enum SignatureAlgorithm: RawRepresentable {
private let untrustedCommentHeader = "untrusted comment: ".data(using: .utf8)!
private let trustedCommentHeader = "trusted comment: ".data(using: .utf8)!
public struct PublicKey {
public struct PublicKey: Sendable {
public let untrustedComment: String
public let signatureAlgorithm: SignatureAlgorithm
public let keyID: Data
@ -87,13 +87,12 @@ public struct PublicKey {
///
/// This method reads the file in chunks to avoid loading the entire file into memory, but does so in a blocking manner.
/// It's recommended to use this method in a background thread or task.
public func isValidSignature(_ signature: Signature, forFileAt url: URL) throws -> Bool {
public func isValidSignature(_ signature: Signature, forFileAt url: URL, bufferSize: Int = 8192) throws -> Bool {
guard signature.signatureAlgorithm == .hashedEdDSA else { throw SignatureVerifyError.algorithmNotSupportedForFile }
var blake2b = try! BLAKE2b()
let fileHandle = try FileHandle(forReadingFrom: url)
let bufferSize = 4096
while true {
let data = fileHandle.readData(ofLength: bufferSize)
if data.isEmpty { break }
@ -115,7 +114,7 @@ public struct PublicKey {
}
}
public struct Signature {
public struct Signature: Sendable {
public let untrustedComment: String
public let signatureAlgorithm: SignatureAlgorithm
public let keyID: Data