laosb/swift-minisign
1
0
Fork 0
mirror of https://github.com/laosb/swift-minisign.git synced 2025-05-19 10:11:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: laosb:0.1.0
Branches Tags
laosb:main
laosb:0.1.5
laosb:0.1.4
laosb:0.1.3
laosb:0.1.2
laosb:0.1.1
laosb:0.1.0
...
compare: laosb:main
Branches Tags
laosb:main
laosb:0.1.5
laosb:0.1.4
laosb:0.1.3
laosb:0.1.2
laosb:0.1.1
laosb:0.1.0

7 commits
0.1.0 ... main

Author SHA1 Message Date
Shibo Lyu
94a251ed0c fix: dependencies & concurrency markups 2025-04-24 15:25:55 +08:00
Shibo Lyu
c600a12016 doc: Add Swift Package Index badges to README 2025-04-23 16:35:15 +08:00
Shibo Lyu
d2657b54f3 feat: Add configurable buffer size for file signature verification 2025-04-23 16:32:47 +08:00
Shibo Lyu
e10a2449c8 fix: SwiftPM language versions property name 2025-04-23 16:18:30 +08:00
Shibo Lyu
1a762651b6 fix: supported platforms 2025-04-23 11:00:33 +08:00
Shibo Lyu
2248fe8c01 Add Swift 5.8+ package configuration for backward compatibility with old 
toolchains
 2025-04-22 19:24:19 +08:00
Shibo Lyu
17aa683ffd Add Sendable conformance to Minisign types. 2025-04-22 19:22:45 +08:00
4 changed files with 57 additions and 11 deletions
Show stats Expand all files Collapse all files

8
Package.swift
View file

@ -8,9 +8,8 @@ let package = Package(
platforms: [ platforms: [
.macOS(.v10_15), .macOS(.v10_15),
.iOS(.v13), .iOS(.v13),
.visionOS(.v1), .watchOS(.v6),
.tvOS(.v13), .tvOS(.v13),
.watchOS(.v6)
], ],
products: [ products: [
// Products define the executables and libraries a package produces, making them visible to other packages. // Products define the executables and libraries a package produces, making them visible to other packages.
@ -28,7 +27,7 @@ let package = Package(
.default(enabledTraits: ["UseSwiftCrypto"]), .default(enabledTraits: ["UseSwiftCrypto"]),
], ],
dependencies: [ dependencies: [
.package(url: "https://github.com/apple/swift-crypto", from: "2.0.0"), .package(url: "https://github.com/apple/swift-crypto", "1.0.0" ..< "4.0.0"),
.package(url: "https://github.com/lovetodream/swift-blake2", from: "0.1.0") .package(url: "https://github.com/lovetodream/swift-blake2", from: "0.1.0")
], ],
targets: [ targets: [
@ -45,5 +44,6 @@ let package = Package(
name: "MinisignTests", name: "MinisignTests",
dependencies: ["Minisign"] dependencies: ["Minisign"]
), ),
] ],
swiftLanguageModes: [.v6]
) )

43
Package@swift-5.9.swift Normal file
View file

@ -0,0 +1,43 @@
// swift-tools-version: 5.9
import PackageDescription
let package = Package(
name: "Minisign",
platforms: [
.macOS(.v10_15),
.iOS(.v13),
.watchOS(.v6),
.tvOS(.v13),
],
products: [
// Products define the executables and libraries a package produces, making them visible to other packages.
.library(
name: "Minisign",
targets: ["Minisign"]
)
],
dependencies: [
.package(url: "https://github.com/apple/swift-crypto", "1.0.0" ..< "4.0.0"),
.package(url: "https://github.com/lovetodream/swift-blake2", from: "0.1.0"),
],
targets: [
// Targets are the basic building blocks of a package, defining a module or a test suite.
// Targets can depend on other targets in this package and products from dependencies.
.target(
name: "Minisign",
dependencies: [
.product(name: "Crypto", package: "swift-crypto"),
.product(name: "BLAKE2", package: "swift-blake2"),
],
swiftSettings: [
.define("UseSwiftCrypto")
]
),
.testTarget(
name: "MinisignTests",
dependencies: ["Minisign"]
),
],
swiftLanguageVersions: [.version("6"), .v5]
)

4
README.md
View file

@ -1,10 +1,14 @@
# Swift Minisign # Swift Minisign
[![](https://img.shields.io/endpoint?url=https%3A%2F%2Fswiftpackageindex.com%2Fapi%2Fpackages%2Flaosb%2Fswift-minisign%2Fbadge%3Ftype%3Dplatforms)](https://swiftpackageindex.com/laosb/swift-minisign)
[![](https://img.shields.io/endpoint?url=https%3A%2F%2Fswiftpackageindex.com%2Fapi%2Fpackages%2Flaosb%2Fswift-minisign%2Fbadge%3Ftype%3Dswift-versions)](https://swiftpackageindex.com/laosb/swift-minisign)
Swift implementation of Minisign, a simple and secure tool for signing and verifying files. Swift implementation of Minisign, a simple and secure tool for signing and verifying files.
This is a fork of [slarew/swift-minisign](https://github.com/slarew/swift-minisign), with these improvements: This is a fork of [slarew/swift-minisign](https://github.com/slarew/swift-minisign), with these improvements:
- Convenient & efficient API for verifying (big) files - Convenient & efficient API for verifying (big) files
- `Sendable` conformance & full Swift 6 support
- Replaced C wrapping `swift-crypto-blake2` with [pure Swift implementation of blake2b](https://github.com/lovetodream/swift-blake2). - Replaced C wrapping `swift-crypto-blake2` with [pure Swift implementation of blake2b](https://github.com/lovetodream/swift-blake2).
- For Apple platforms, Swift Crypto dependency is now optional, controllable via trait `UseSwiftCrypto`. - For Apple platforms, Swift Crypto dependency is now optional, controllable via trait `UseSwiftCrypto`.

13
Sources/Minisign/Minisign.swift
View file

@ -6,12 +6,12 @@ import BLAKE2
import Foundation import Foundation
#if UseSwiftCrypto #if UseSwiftCrypto
import Crypto @preconcurrency import Crypto
#else #else
import CryptoKit @preconcurrency import CryptoKit
#endif #endif
public enum SignatureAlgorithm: RawRepresentable { public enum SignatureAlgorithm: Sendable, RawRepresentable {
case pureEdDSA case pureEdDSA
case hashedEdDSA case hashedEdDSA
@ -39,7 +39,7 @@ public enum SignatureAlgorithm: RawRepresentable {
private let untrustedCommentHeader = "untrusted comment: ".data(using: .utf8)! private let untrustedCommentHeader = "untrusted comment: ".data(using: .utf8)!
private let trustedCommentHeader = "trusted comment: ".data(using: .utf8)! private let trustedCommentHeader = "trusted comment: ".data(using: .utf8)!
public struct PublicKey { public struct PublicKey: Sendable {
public let untrustedComment: String public let untrustedComment: String
public let signatureAlgorithm: SignatureAlgorithm public let signatureAlgorithm: SignatureAlgorithm
public let keyID: Data public let keyID: Data
@ -87,13 +87,12 @@ public struct PublicKey {
/// ///
/// This method reads the file in chunks to avoid loading the entire file into memory, but does so in a blocking manner. /// This method reads the file in chunks to avoid loading the entire file into memory, but does so in a blocking manner.
/// It's recommended to use this method in a background thread or task. /// It's recommended to use this method in a background thread or task.
public func isValidSignature(_ signature: Signature, forFileAt url: URL) throws -> Bool { public func isValidSignature(_ signature: Signature, forFileAt url: URL, bufferSize: Int = 8192) throws -> Bool {
guard signature.signatureAlgorithm == .hashedEdDSA else { throw SignatureVerifyError.algorithmNotSupportedForFile } guard signature.signatureAlgorithm == .hashedEdDSA else { throw SignatureVerifyError.algorithmNotSupportedForFile }
var blake2b = try! BLAKE2b() var blake2b = try! BLAKE2b()
let fileHandle = try FileHandle(forReadingFrom: url) let fileHandle = try FileHandle(forReadingFrom: url)
let bufferSize = 4096
while true { while true {
let data = fileHandle.readData(ofLength: bufferSize) let data = fileHandle.readData(ofLength: bufferSize)
if data.isEmpty { break } if data.isEmpty { break }
@ -115,7 +114,7 @@ public struct PublicKey {
} }
} }
public struct Signature { public struct Signature: Sendable {
public let untrustedComment: String public let untrustedComment: String
public let signatureAlgorithm: SignatureAlgorithm public let signatureAlgorithm: SignatureAlgorithm
public let keyID: Data public let keyID: Data