lysann/passforios
1
0
Fork 0
Code Issues Pull requests Activity
passforios/passKit/Crypto/ObjectivePGPInterface.swift

81 lines
2.7 KiB
Swift
Raw Normal View History

Separate encryption/decryption logic for different frameworks used
2019-09-08 23:00:46 +02:00
//
Name classes/structs consistently
2020-04-19 15:41:30 +02:00
// ObjectivePGPInterface.swift
Separate encryption/decryption logic for different frameworks used
2019-09-08 23:00:46 +02:00
// passKit
//
// Created by Danny Moesch on 08.09.19.
// Copyright © 2019 Bob Sun. All rights reserved.
//
import ObjectivePGP
Name classes/structs consistently
2020-04-19 15:41:30 +02:00
struct ObjectivePGPInterface: PGPInterface {
Separate encryption/decryption logic for different frameworks used
2019-09-08 23:00:46 +02:00
private let keyring = ObjectivePGP.defaultKeyring
init(publicArmoredKey: String, privateArmoredKey: String) throws {
guard let publicKeyData = publicArmoredKey.data(using: .ascii), let privateKeyData = privateArmoredKey.data(using: .ascii) else {
Enable SwiftLint rule 'identifier_name' and handle all violations
2020-09-20 15:07:18 +02:00
throw AppError.keyImport
Separate encryption/decryption logic for different frameworks used
2019-09-08 23:00:46 +02:00
}
let publicKeys = try ObjectivePGP.readKeys(from: publicKeyData)
let privateKeys = try ObjectivePGP.readKeys(from: privateKeyData)
keyring.import(keys: publicKeys)
keyring.import(keys: privateKeys)
Remove unused elements (#530)
2021-12-31 07:35:17 +01:00
guard publicKeys.first != nil, privateKeys.first != nil else {
Enable SwiftLint rule 'identifier_name' and handle all violations
2020-09-20 15:07:18 +02:00
throw AppError.keyImport
Separate encryption/decryption logic for different frameworks used
2019-09-08 23:00:46 +02:00
}
}
decryption: GopenPGPInterface tries to identify decryption key from message metadata So the system can have multiple private keys, and the caller doesn't need to specify a specific one regardless. Ideally: If there are several matches we could also take into account which keys have already been unlocked (or passthrases saved in keychain). Right now it only grabs the first match.
2026-03-10 22:16:42 +01:00
func decrypt(encryptedData: Data, keyIDHint _: String?, passPhraseForKey: @escaping (String) -> String) throws -> Data? {
decryption: always request key passphrase based on key ID
2026-03-10 17:14:11 +01:00
try ObjectivePGP.decrypt(encryptedData, andVerifySignature: false, using: keyring.keys) { selectedKey in
guard let selectedKey else {
return nil
}
return passPhraseForKey(selectedKey.keyID.longIdentifier)
}
Separate encryption/decryption logic for different frameworks used
2019-09-08 23:00:46 +02:00
}
PGPInterface can encrypt with multiple keys, PGPAgent can encrypt with all keys
2026-03-11 00:21:30 +01:00
func encryptWithAllKeys(plainData: Data) throws -> Data {
clarify public vs private keys + make prvate key IDs available
2026-03-11 16:16:50 +01:00
let keys = keyring.keys.filter { $0.isPublic && $0.isSecret }
return try encrypt(plainData: plainData, keyIDs: keys.map(\.keyID.longIdentifier))
PGPInterface can encrypt with multiple keys, PGPAgent can encrypt with all keys
2026-03-11 00:21:30 +01:00
}
func encrypt(plainData: Data, keyIDs: [String]) throws -> Data {
let keys = try keyIDs.map { keyID in
guard let key = keyring.findKey(keyID) else {
throw AppError.pgpPublicKeyNotFound(keyID: keyID)
}
return key
}
let encryptedData = try ObjectivePGP.encrypt(plainData, addSignature: false, using: keys, passphraseForKey: nil)
Update SwiftyUserDefaults to current version 5.0.0
2020-01-02 00:48:00 +01:00
if Defaults.encryptInArmored {
Separate encryption/decryption logic for different frameworks used
2019-09-08 23:00:46 +02:00
return Armor.armored(encryptedData, as: .message).data(using: .ascii)!
}
return encryptedData
}
Check existence of PGP keys before encrypt/decrypt
2020-04-14 20:20:16 -07:00
func containsPublicKey(with keyID: String) -> Bool {
keyring.findKey(keyID)?.isPublic ?? false
}
func containsPrivateKey(with keyID: String) -> Bool {
keyring.findKey(keyID)?.isSecret ?? false
}
clarify public vs private keys + make prvate key IDs available
2026-03-11 16:16:50 +01:00
func getKeyIDs(type: PGPKey) -> [String] {
getKeys(type: type).map(\.keyID.longIdentifier)
Update to gopengpg v2.0.0
2020-04-11 23:23:38 -07:00
}
clarify public vs private keys + make prvate key IDs available
2026-03-11 16:16:50 +01:00
func getShortKeyIDs(type: PGPKey) -> [String] {
getKeys(type: type).map(\.keyID.shortIdentifier)
}
private func getKeys(type: PGPKey) -> [Key] {
switch type {
case .PUBLIC:
keyring.keys.filter(\.isPublic)
case .PRIVATE:
keyring.keys.filter(\.isSecret)
}
Separate encryption/decryption logic for different frameworks used
2019-09-08 23:00:46 +02:00
}
}
Reference in a new issue Copy permalink