Skip to content

Commit

Permalink
fix(ios): disable macos
Browse files Browse the repository at this point in the history 
Signed-off-by: Berend Sliedrecht <[email protected]>
  • Loading branch information
Berend Sliedrecht committed Feb 15, 2024
1 parent ff0975f commit bd43d65
Show file tree
Hide file tree
Showing 6 changed files with 9 additions and 116 deletions.
3 changes: 0 additions & 3 deletions .cargo/config.toml
View file

This file was deleted.

7 changes: 1 addition & 6 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,7 @@ edition = "2021"
name = "secure_env"
crate-type = ["cdylib", "rlib"]

[[example]]
name = "android"
path = "./examples/android/src/lib.rs"
crate-type = ["cdylib"]

[target.'cfg(any(target_os = "macos", target_os = "ios"))'.dependencies]
[target.'cfg(target_os = "ios")'.dependencies]
security-framework = { git = "https://github.com/berendsliedrecht/rust-security-framework", branch = "main" }
p256 = { version = "0.13.2", features = ["ecdsa-core"] }

Expand Down
8 changes: 3 additions & 5 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
# Common Mobile Hardware Security Module for ES256 Signing

## TODO
## TODO:

- IOS: get a key by some id?
- `SecItemCopyMatching` seems to be required for that which is not available in `security-framework` and it is currently also without author
- https://developer.apple.com/documentation/security/1398306-secitemcopymatching
- Android: everything
- Setup equal tests on android and iOS
- Run iOS in CI
42 changes: 2 additions & 40 deletions examples/android/Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

61 changes: 1 addition & 60 deletions src/ios.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,8 @@ impl SecureEnvironmentOps<Key> for SecureEnvironment {

let options = AccessControlOptions::PRIVATE_KEY_USAGE & AccessControlOptions::BIOMETRY_CURRENT_SET;
let flags = SecAccessControl::create_with_flags(options.bits()).unwrap();
let opts = opts.set_access_control(flags);

// let opts = opts.set_app_tag("id.animo.ios");
let opts = opts.set_access_control(flags);

// Set the a token of `SecureEnclave`.
// Meaning Apple will store the key in a secure element
Expand Down Expand Up @@ -173,61 +172,3 @@ impl KeyOps for Key {
Ok(signature)
}
}

#[cfg(all(test, any(target_os = "macos", target_os = "ios")))]
mod test {
use std::ptr::addr_of;

use askar_crypto::{alg::p256::P256KeyPair, repr::KeyPublicBytes};

use super::*;

#[test]
fn generate_key_pair() {
let key = SecureEnvironment::generate_keypair("my-test-key").unwrap();
assert!(!addr_of!(key).is_null());
}

#[test]
fn get_keypair_by_id() {
let id = "my-get-keypair-by-id-test-key";
let key = SecureEnvironment::generate_keypair(id).unwrap();
let public_key = key.get_public_key().unwrap();

let retrieved_key = SecureEnvironment::get_keypair_by_id(id).unwrap();
let retrieved_public_key = retrieved_key.get_public_key().unwrap();

assert_eq!(public_key, retrieved_public_key);
}

#[test]
fn get_public_key() {
let key = SecureEnvironment::generate_keypair("my-test-public-key").unwrap();
let public_key_bytes = key.get_public_key().unwrap();

assert_eq!(public_key_bytes.len(), 33);
}

#[test]
fn sign() {
let key = SecureEnvironment::generate_keypair("my-test-sign-key").unwrap();

let signature = key.sign(b"Hello World!").unwrap();

assert_eq!(signature.len(), 64);
}

#[test]
fn sign_and_external_verification() {
let msg = b"Hello World!";
let key = SecureEnvironment::generate_keypair("my-test-sign-key").unwrap();

let public_key = key.get_public_key().unwrap();
let signature = key.sign(b"Hello World!").unwrap();

let verify_key = P256KeyPair::from_public_bytes(&public_key).unwrap();
let is_signature_valid = verify_key.verify_signature(msg, &signature);

assert!(is_signature_valid);
}
}
4 changes: 2 additions & 2 deletions src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,9 @@ pub use key::*;
mod secure_environment;
pub use secure_environment::*;

#[cfg(any(target_os = "macos", target_os = "ios"))]
#[cfg(target_os = "ios")]
mod ios;
#[cfg(any(target_os = "macos", target_os = "ios"))]
#[cfg(target_os = "ios")]
pub use ios::*;

#[cfg(target_os = "android")]
Expand Down

0 comments on commit bd43d65

Please sign in to comment.