mirror of
https://github.com/laosb/swift-minisign.git
synced 2025-05-18 17:51:08 +00:00
Compare commits
7 commits
Author | SHA1 | Date | |
---|---|---|---|
![]() |
94a251ed0c | ||
![]() |
c600a12016 | ||
![]() |
d2657b54f3 | ||
![]() |
e10a2449c8 | ||
![]() |
1a762651b6 | ||
![]() |
2248fe8c01 | ||
![]() |
17aa683ffd |
4 changed files with 57 additions and 11 deletions
|
@ -8,9 +8,8 @@ let package = Package(
|
|||
platforms: [
|
||||
.macOS(.v10_15),
|
||||
.iOS(.v13),
|
||||
.visionOS(.v1),
|
||||
.watchOS(.v6),
|
||||
.tvOS(.v13),
|
||||
.watchOS(.v6)
|
||||
],
|
||||
products: [
|
||||
// Products define the executables and libraries a package produces, making them visible to other packages.
|
||||
|
@ -28,7 +27,7 @@ let package = Package(
|
|||
.default(enabledTraits: ["UseSwiftCrypto"]),
|
||||
],
|
||||
dependencies: [
|
||||
.package(url: "https://github.com/apple/swift-crypto", from: "2.0.0"),
|
||||
.package(url: "https://github.com/apple/swift-crypto", "1.0.0" ..< "4.0.0"),
|
||||
.package(url: "https://github.com/lovetodream/swift-blake2", from: "0.1.0")
|
||||
],
|
||||
targets: [
|
||||
|
@ -45,5 +44,6 @@ let package = Package(
|
|||
name: "MinisignTests",
|
||||
dependencies: ["Minisign"]
|
||||
),
|
||||
]
|
||||
],
|
||||
swiftLanguageModes: [.v6]
|
||||
)
|
||||
|
|
43
Package@swift-5.9.swift
Normal file
43
Package@swift-5.9.swift
Normal file
|
@ -0,0 +1,43 @@
|
|||
// swift-tools-version: 5.9
|
||||
|
||||
import PackageDescription
|
||||
|
||||
let package = Package(
|
||||
name: "Minisign",
|
||||
platforms: [
|
||||
.macOS(.v10_15),
|
||||
.iOS(.v13),
|
||||
.watchOS(.v6),
|
||||
.tvOS(.v13),
|
||||
],
|
||||
products: [
|
||||
// Products define the executables and libraries a package produces, making them visible to other packages.
|
||||
.library(
|
||||
name: "Minisign",
|
||||
targets: ["Minisign"]
|
||||
)
|
||||
],
|
||||
dependencies: [
|
||||
.package(url: "https://github.com/apple/swift-crypto", "1.0.0" ..< "4.0.0"),
|
||||
.package(url: "https://github.com/lovetodream/swift-blake2", from: "0.1.0"),
|
||||
],
|
||||
targets: [
|
||||
// Targets are the basic building blocks of a package, defining a module or a test suite.
|
||||
// Targets can depend on other targets in this package and products from dependencies.
|
||||
.target(
|
||||
name: "Minisign",
|
||||
dependencies: [
|
||||
.product(name: "Crypto", package: "swift-crypto"),
|
||||
.product(name: "BLAKE2", package: "swift-blake2"),
|
||||
],
|
||||
swiftSettings: [
|
||||
.define("UseSwiftCrypto")
|
||||
]
|
||||
),
|
||||
.testTarget(
|
||||
name: "MinisignTests",
|
||||
dependencies: ["Minisign"]
|
||||
),
|
||||
],
|
||||
swiftLanguageVersions: [.version("6"), .v5]
|
||||
)
|
|
@ -1,10 +1,14 @@
|
|||
# Swift Minisign
|
||||
|
||||
[](https://swiftpackageindex.com/laosb/swift-minisign)
|
||||
[](https://swiftpackageindex.com/laosb/swift-minisign)
|
||||
|
||||
Swift implementation of Minisign, a simple and secure tool for signing and verifying files.
|
||||
|
||||
This is a fork of [slarew/swift-minisign](https://github.com/slarew/swift-minisign), with these improvements:
|
||||
|
||||
- Convenient & efficient API for verifying (big) files
|
||||
- `Sendable` conformance & full Swift 6 support
|
||||
- Replaced C wrapping `swift-crypto-blake2` with [pure Swift implementation of blake2b](https://github.com/lovetodream/swift-blake2).
|
||||
- For Apple platforms, Swift Crypto dependency is now optional, controllable via trait `UseSwiftCrypto`.
|
||||
|
||||
|
|
|
@ -6,12 +6,12 @@ import BLAKE2
|
|||
import Foundation
|
||||
|
||||
#if UseSwiftCrypto
|
||||
import Crypto
|
||||
@preconcurrency import Crypto
|
||||
#else
|
||||
import CryptoKit
|
||||
@preconcurrency import CryptoKit
|
||||
#endif
|
||||
|
||||
public enum SignatureAlgorithm: RawRepresentable {
|
||||
public enum SignatureAlgorithm: Sendable, RawRepresentable {
|
||||
case pureEdDSA
|
||||
case hashedEdDSA
|
||||
|
||||
|
@ -39,7 +39,7 @@ public enum SignatureAlgorithm: RawRepresentable {
|
|||
private let untrustedCommentHeader = "untrusted comment: ".data(using: .utf8)!
|
||||
private let trustedCommentHeader = "trusted comment: ".data(using: .utf8)!
|
||||
|
||||
public struct PublicKey {
|
||||
public struct PublicKey: Sendable {
|
||||
public let untrustedComment: String
|
||||
public let signatureAlgorithm: SignatureAlgorithm
|
||||
public let keyID: Data
|
||||
|
@ -87,13 +87,12 @@ public struct PublicKey {
|
|||
///
|
||||
/// This method reads the file in chunks to avoid loading the entire file into memory, but does so in a blocking manner.
|
||||
/// It's recommended to use this method in a background thread or task.
|
||||
public func isValidSignature(_ signature: Signature, forFileAt url: URL) throws -> Bool {
|
||||
public func isValidSignature(_ signature: Signature, forFileAt url: URL, bufferSize: Int = 8192) throws -> Bool {
|
||||
guard signature.signatureAlgorithm == .hashedEdDSA else { throw SignatureVerifyError.algorithmNotSupportedForFile }
|
||||
var blake2b = try! BLAKE2b()
|
||||
|
||||
let fileHandle = try FileHandle(forReadingFrom: url)
|
||||
|
||||
let bufferSize = 4096
|
||||
while true {
|
||||
let data = fileHandle.readData(ofLength: bufferSize)
|
||||
if data.isEmpty { break }
|
||||
|
@ -115,7 +114,7 @@ public struct PublicKey {
|
|||
}
|
||||
}
|
||||
|
||||
public struct Signature {
|
||||
public struct Signature: Sendable {
|
||||
public let untrustedComment: String
|
||||
public let signatureAlgorithm: SignatureAlgorithm
|
||||
public let keyID: Data
|
||||
|
|
Loading…
Add table
Reference in a new issue