feat: v1.2.3

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "swift-secure-enclave-tool-rs"
-version = "1.2.2"
+version = "1.2.3"
 edition = "2024"
 authors = ["Hatter Jiang"]
 repository = "https://git.hatter.ink/hatter/swift-secure-enclave-tool-rs"
@@ -12,6 +12,6 @@ categories = ["cryptography"]
 [dependencies]
 hex = "0.4.3"
 base64 = "0.22.1"
-rust_util = "0.6.47"
+rust_util = "0.6.49"
 serde = { version = "1.0.219", features = ["derive"] }
 serde_json = "1.0.140"

src/lib.rs

@@ -1,11 +1,12 @@
 use base64::Engine;
 use base64::engine::general_purpose::STANDARD;
-use rust_util::{XResult, debugging, opt_result, simple_error};
+use rust_util::{XResult, debugging, opt_result, simple_error, util_env};
 use serde::{Deserialize, de};
 use serde_json::Value;
 use std::process::{Command, Output};
 
-const SWIFT_SECURE_ENCLAVE_TOOL_CMD: &str = "swift-secure-enclave-tool-v2";
+const ENV_SWIFT_SECURE_ENCLAVE_TOOL_CMD_KEY: &str = "SWIFT_SECURE_ENCLAVE_TOOL_CMD";
+const DEFAULT_SWIFT_SECURE_ENCLAVE_TOOL_CMD: &str = "swift-secure-enclave-tool-v2";
 
 #[derive(Debug, Clone, Copy)]
 pub enum KeyPurpose {
@@ -36,7 +37,10 @@ impl ControlFlag {
 
 #[derive(Debug, Clone, Copy, Eq, PartialEq)]
 pub enum DigestType {
-    Raw, Sha256, Sha384, Sha512,
+    Raw,
+    Sha256,
+    Sha384,
+    Sha512,
 }
 
 impl DigestType {
@@ -64,7 +68,9 @@ impl DigestType {
             Some("sha256") => DigestType::Sha256,
             Some("sha384") => DigestType::Sha384,
             Some("sha512") => DigestType::Sha512,
-            Some(other_digest_type) => return simple_error!("Invalid digest type: {}", other_digest_type),
+            Some(other_digest_type) => {
+                return simple_error!("Invalid digest type: {}", other_digest_type);
+            }
         })
     }
 }
@@ -129,7 +135,7 @@ struct ExternalPublicKey {
 }
 
 pub fn is_secure_enclave_supported() -> XResult<bool> {
-    let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
+    let mut cmd = Command::new(get_swift_secure_enclave_tool_cmd());
     cmd.arg("is_support_secure_enclave");
 
     let cmd_stdout = run_command_stdout(cmd)?;
@@ -146,7 +152,7 @@ pub fn generate_keypair(
     key_purpose: KeyPurpose,
     control_flag: ControlFlag,
 ) -> XResult<KeyMaterial> {
-    let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
+    let mut cmd = Command::new(get_swift_secure_enclave_tool_cmd());
     cmd.arg(match key_purpose {
         KeyPurpose::Signing => "generate_p256_ecsign_keypair",
         KeyPurpose::KeyAgreement => "generate_p256_ecdh_keypair",
@@ -162,7 +168,7 @@ pub fn recover_keypair(
     key_purpose: KeyPurpose,
     private_key_representation: &[u8],
 ) -> XResult<KeyMaterial> {
-    let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
+    let mut cmd = Command::new(get_swift_secure_enclave_tool_cmd());
     cmd.arg(match key_purpose {
         KeyPurpose::Signing => "recover_p256_ecsign_public_key",
         KeyPurpose::KeyAgreement => "recover_p256_ecdh_public_key",
@@ -178,8 +184,12 @@ pub fn private_key_sign(private_key_representation: &[u8], content: &[u8]) -> XR
     private_key_sign_digested(private_key_representation, content, DigestType::Raw)
 }
 
-pub fn private_key_sign_digested(private_key_representation: &[u8], content: &[u8], digest_type: DigestType) -> XResult<Vec<u8>> {
+pub fn private_key_sign_digested(
-    let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
+    private_key_representation: &[u8],
+    content: &[u8],
+    digest_type: DigestType,
+) -> XResult<Vec<u8>> {
+    let mut cmd = Command::new(get_swift_secure_enclave_tool_cmd());
     cmd.arg("compute_p256_ecsign");
     cmd.arg("--private-key");
     cmd.arg(STANDARD.encode(private_key_representation));
@@ -199,7 +209,7 @@ pub fn private_key_ecdh(
     private_key_representation: &[u8],
     ephemera_public_key: &[u8],
 ) -> XResult<Vec<u8>> {
-    let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
+    let mut cmd = Command::new(get_swift_secure_enclave_tool_cmd());
     cmd.arg("compute_p256_ecdh");
     cmd.arg("--private-key");
     cmd.arg(STANDARD.encode(private_key_representation));
@@ -210,7 +220,12 @@ pub fn private_key_ecdh(
     parse_ecdh_result(&cmd_stdout)
 }
 
-pub fn external_sign(external_command: &str, parameter: &str, alg: &str, content: &[u8]) -> XResult<Vec<u8>> {
+pub fn external_sign(
+    external_command: &str,
+    parameter: &str,
+    alg: &str,
+    content: &[u8],
+) -> XResult<Vec<u8>> {
     let mut cmd = Command::new(external_command);
     cmd.arg("external_sign");
     cmd.arg("--parameter");
@@ -224,7 +239,11 @@ pub fn external_sign(external_command: &str, parameter: &str, alg: &str, content
     parse_sign_result(&cmd_stdout)
 }
 
-pub fn external_ecdh(external_command: &str, parameter: &str, ephemera_public_key: &[u8]) -> XResult<Vec<u8>> {
+pub fn external_ecdh(
+    external_command: &str,
+    parameter: &str,
+    ephemera_public_key: &[u8],
+) -> XResult<Vec<u8>> {
     let mut cmd = Command::new(external_command);
     cmd.arg("external_ecdh");
     cmd.arg("--parameter");
@@ -282,7 +301,12 @@ fn run_command(mut cmd: Command) -> XResult<Output> {
             if !output.status.success() {
                 let stderr = String::from_utf8_lossy(&output.stderr);
                 let stdout = String::from_utf8_lossy(&output.stdout);
-                simple_error!("Run command not success: {:?}\n - stdout: {}\n - stderr: {}", output.status.code(), stdout, stderr)
+                simple_error!(
+                    "Run command not success: {:?}\n - stdout: {}\n - stderr: {}",
+                    output.status.code(),
+                    stdout,
+                    stderr
+                )
             } else {
                 Ok(output)
             }
@@ -353,3 +377,8 @@ fn is_success(cmd_stdout: &str) -> XResult<bool> {
     }
     simple_error!("Bad result: {}", cmd_stdout)
 }
+
+fn get_swift_secure_enclave_tool_cmd() -> String {
+    util_env::env_var(ENV_SWIFT_SECURE_ENCLAVE_TOOL_CMD_KEY)
+        .unwrap_or_else(|| DEFAULT_SWIFT_SECURE_ENCLAVE_TOOL_CMD.to_string())
+}