feat: Support conditional CommonCrypto

kylef · kylef · commit ec727f11324b · 2017-08-03T19:20:55.000-07:00
diff --git a/JSONWebToken.podspec b/JSONWebToken.podspec
@@ -14,4 +14,5 @@ Pod::Spec.new do |spec|
   spec.requires_arc = true
   spec.dependency 'CryptoSwift', '~> 0.6.1'
   spec.module_name = 'JWT'
+  spec.exclude_files = ['Sources/HMACCommonCrypto.swift']
 end
diff --git a/JWT.xcodeproj/project.pbxproj b/JWT.xcodeproj/project.pbxproj
@@ -7,6 +7,14 @@
 	objects = {
 
 /* Begin PBXBuildFile section */
+		273010FF1F33EABA00219C35 /* HMAC.swift in Sources */ = {isa = PBXBuildFile; fileRef = 273010FE1F33EABA00219C35 /* HMAC.swift */; };
+		273011001F33EABA00219C35 /* HMAC.swift in Sources */ = {isa = PBXBuildFile; fileRef = 273010FE1F33EABA00219C35 /* HMAC.swift */; };
+		273011011F33EABA00219C35 /* HMAC.swift in Sources */ = {isa = PBXBuildFile; fileRef = 273010FE1F33EABA00219C35 /* HMAC.swift */; };
+		273011021F33EABA00219C35 /* HMAC.swift in Sources */ = {isa = PBXBuildFile; fileRef = 273010FE1F33EABA00219C35 /* HMAC.swift */; };
+		2730110A1F33FC9100219C35 /* HMACCryptoSwift.swift in Sources */ = {isa = PBXBuildFile; fileRef = 273011091F33FC9100219C35 /* HMACCryptoSwift.swift */; };
+		2730110B1F33FC9100219C35 /* HMACCryptoSwift.swift in Sources */ = {isa = PBXBuildFile; fileRef = 273011091F33FC9100219C35 /* HMACCryptoSwift.swift */; };
+		2730110C1F33FC9100219C35 /* HMACCryptoSwift.swift in Sources */ = {isa = PBXBuildFile; fileRef = 273011091F33FC9100219C35 /* HMACCryptoSwift.swift */; };
+		2730110D1F33FC9100219C35 /* HMACCryptoSwift.swift in Sources */ = {isa = PBXBuildFile; fileRef = 273011091F33FC9100219C35 /* HMACCryptoSwift.swift */; };
 		2734C6A81D88001F00BFF9F1 /* CryptoSwift.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 66725DAB1C59202E00FC32F4 /* CryptoSwift.framework */; };
 		2734C6A91D88002900BFF9F1 /* CryptoSwift.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 66725DAB1C59202E00FC32F4 /* CryptoSwift.framework */; };
 		2734C6AA1D88003000BFF9F1 /* CryptoSwift.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 66725DAB1C59202E00FC32F4 /* CryptoSwift.framework */; };
@@ -79,6 +87,9 @@
 /* End PBXContainerItemProxy section */
 
 /* Begin PBXFileReference section */
+		273010FE1F33EABA00219C35 /* HMAC.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HMAC.swift; sourceTree = "<group>"; };
+		273011041F33FC5F00219C35 /* HMACCommonCrypto.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HMACCommonCrypto.swift; sourceTree = "<group>"; };
+		273011091F33FC9100219C35 /* HMACCryptoSwift.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HMACCryptoSwift.swift; sourceTree = "<group>"; };
 		277794041DF221F800573F3E /* ClaimSet.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ClaimSet.swift; sourceTree = "<group>"; };
 		2777940A1DF22BE400573F3E /* JOSEHeader.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = JOSEHeader.swift; sourceTree = "<group>"; };
 		2777940F1DF22D0D00573F3E /* Encode.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Encode.swift; sourceTree = "<group>"; };
@@ -218,6 +229,9 @@
 				520A71151C469F010005C709 /* Decode.swift */,
 				2777940F1DF22D0D00573F3E /* Encode.swift */,
 				520A71161C469F010005C709 /* JWT.swift */,
+				273010FE1F33EABA00219C35 /* HMAC.swift */,
+				273011041F33FC5F00219C35 /* HMACCommonCrypto.swift */,
+				273011091F33FC9100219C35 /* HMACCryptoSwift.swift */,
 			);
 			path = Sources;
 			sourceTree = "<group>";
@@ -481,7 +495,9 @@
 				277794101DF22D0D00573F3E /* Encode.swift in Sources */,
 				2777940B1DF22BE400573F3E /* JOSEHeader.swift in Sources */,
 				277794051DF221F800573F3E /* ClaimSet.swift in Sources */,
+				273010FF1F33EABA00219C35 /* HMAC.swift in Sources */,
 				520A71171C469F010005C709 /* Base64.swift in Sources */,
+				2730110A1F33FC9100219C35 /* HMACCryptoSwift.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -503,7 +519,9 @@
 				277794111DF22D0D00573F3E /* Encode.swift in Sources */,
 				2777940C1DF22BE400573F3E /* JOSEHeader.swift in Sources */,
 				277794061DF221F800573F3E /* ClaimSet.swift in Sources */,
+				273011001F33EABA00219C35 /* HMAC.swift in Sources */,
 				CD9B621A1C7753D8005D4844 /* Base64.swift in Sources */,
+				2730110B1F33FC9100219C35 /* HMACCryptoSwift.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -517,7 +535,9 @@
 				277794121DF22D0D00573F3E /* Encode.swift in Sources */,
 				2777940D1DF22BE400573F3E /* JOSEHeader.swift in Sources */,
 				277794071DF221F800573F3E /* ClaimSet.swift in Sources */,
+				273011011F33EABA00219C35 /* HMAC.swift in Sources */,
 				CD9B622C1C7753EC005D4844 /* Base64.swift in Sources */,
+				2730110C1F33FC9100219C35 /* HMACCryptoSwift.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -531,7 +551,9 @@
 				277794131DF22D0D00573F3E /* Encode.swift in Sources */,
 				2777940E1DF22BE400573F3E /* JOSEHeader.swift in Sources */,
 				277794081DF221F800573F3E /* ClaimSet.swift in Sources */,
+				273011021F33EABA00219C35 /* HMAC.swift in Sources */,
 				CD9B623E1C7753FB005D4844 /* Base64.swift in Sources */,
+				2730110D1F33FC9100219C35 /* HMACCryptoSwift.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
diff --git a/Package.swift b/Package.swift
@@ -4,5 +4,6 @@ let package = Package(
   name: "JWT",
   dependencies: [
     .Package(url: "https://github.com/krzyzanowskim/CryptoSwift", versions: Version(0, 6, 1) ..< Version(0, 7, 0)),
-  ]
+  ],
+  exclude: ["Sources/HMACCommonCrypto.swift"]
 )
diff --git a/Sources/HMAC.swift b/Sources/HMAC.swift
@@ -0,0 +1,7 @@
+import Foundation
+
+enum HMACAlgorithm {
+  case sha256
+  case sha384
+  case sha512
+}
diff --git a/Sources/HMACCommonCrypto.swift b/Sources/HMACCommonCrypto.swift
@@ -0,0 +1,46 @@
+import Foundation
+import CommonCrypto
+
+
+extension HMACAlgorithm {
+  var commonCryptoAlgorithm: CCHmacAlgorithm {
+    switch self {
+    case .sha256:
+      return CCHmacAlgorithm(kCCHmacAlgSHA256)
+    case .sha384:
+      return CCHmacAlgorithm(kCCHmacAlgSHA384)
+    case .sha512:
+      return CCHmacAlgorithm(kCCHmacAlgSHA512)
+    }
+  }
+
+  var commonCryptoDigestLength: Int32 {
+    switch self {
+    case .sha256:
+      return CC_SHA256_DIGEST_LENGTH
+    case .sha384:
+      return CC_SHA384_DIGEST_LENGTH
+    case .sha512:
+      return CC_SHA512_DIGEST_LENGTH
+    }
+  }
+}
+
+
+func hmac(algorithm: HMACAlgorithm, key: Data, message: Data) -> Data {
+  let context = UnsafeMutablePointer<CCHmacContext>.allocate(capacity: 1)
+  defer { context.deallocate(capacity: 1) }
+
+  key.withUnsafeBytes() { (buffer: UnsafePointer<UInt8>) in
+    CCHmacInit(context, algorithm.commonCryptoAlgorithm, buffer, size_t(key.count))
+  }
+
+  message.withUnsafeBytes { (buffer: UnsafePointer<UInt8>) in
+    CCHmacUpdate(context, buffer, size_t(message.count))
+  }
+
+  var hmac = Array<UInt8>(repeating: 0, count: Int(algorithm.commonCryptoDigestLength))
+  CCHmacFinal(context, &hmac)
+
+  return Data(hmac)
+}
diff --git a/Sources/HMACCryptoSwift.swift b/Sources/HMACCryptoSwift.swift
@@ -0,0 +1,28 @@
+import Foundation
+import CryptoSwift
+
+
+extension HMACAlgorithm {
+  var cryptoSwiftVariant: HMAC.Variant {
+    switch self {
+    case .sha256:
+      return .sha256
+    case .sha384:
+      return .sha384
+    case .sha512:
+      return .sha512
+    }
+  }
+}
+
+
+func hmac(algorithm: HMACAlgorithm, key: Data, message: Data) -> Data {
+  let mac = HMAC(key: key.bytes, variant: algorithm.cryptoSwiftVariant)
+  let result: [UInt8]
+  do {
+    result = try mac.authenticate(message.bytes)
+  } catch {
+    result = []
+  }
+  return Data(bytes: result)
+}
diff --git a/Sources/JWT.swift b/Sources/JWT.swift
@@ -1,5 +1,4 @@
 import Foundation
-import CryptoSwift
 
 public typealias Payload = [String: Any]
 
@@ -32,30 +31,23 @@ public enum Algorithm: CustomStringConvertible {
 
   /// Sign a message using the algorithm
   func sign(_ message: String) -> String {
-    func signHS(_ key: Data, variant: CryptoSwift.HMAC.Variant) -> String {
+    func signHS(_ key: Data, algorithm: HMACAlgorithm) -> String {
       let messageData = message.data(using: String.Encoding.utf8, allowLossyConversion: false)!
-      let mac = HMAC(key: key.bytes, variant: variant)
-      let result: [UInt8]
-      do {
-        result = try mac.authenticate(messageData.bytes)
-      } catch {
-        result = []
-      }
-      return base64encode(Data(bytes: result))
+      return base64encode(hmac(algorithm: algorithm, key: key, message: messageData))
     }
 
     switch self {
     case .none:
       return ""
 
     case .hs256(let key):
-      return signHS(key, variant: .sha256)
+      return signHS(key, algorithm: .sha256)
 
     case .hs384(let key):
-      return signHS(key, variant: .sha384)
+      return signHS(key, algorithm: .sha384)
 
     case .hs512(let key):
-      return signHS(key, variant: .sha512)
+      return signHS(key, algorithm: .sha512)
     }
   }
 

Original file line number	Diff line number	Diff line change
`@@ -4,5 +4,6 @@ let package = Package(`
`4`	`4`	`name: "JWT",`
`5`	`5`	`dependencies: [`
`6`	`6`	`.Package(url: "https://github.com/krzyzanowskim/CryptoSwift", versions: Version(0, 6, 1) ..< Version(0, 7, 0)),`
`7`		`- ]`
	`7`	`+ ],`
	`8`	`+ exclude: ["Sources/HMACCommonCrypto.swift"]`
`8`	`9`	`)`