From b590dd47f132ce873d71e1782c2e9359c9d65e4a Mon Sep 17 00:00:00 2001 From: Hatter Jiang Date: Mon, 28 Apr 2025 22:54:29 +0800 Subject: [PATCH] feat: updates --- swift-secure-enclave-tool-v2.swift | 110 +++++++++++++++++++++++++---- 1 file changed, 97 insertions(+), 13 deletions(-) diff --git a/swift-secure-enclave-tool-v2.swift b/swift-secure-enclave-tool-v2.swift index 199563c..bdbc563 100644 --- a/swift-secure-enclave-tool-v2.swift +++ b/swift-secure-enclave-tool-v2.swift @@ -26,19 +26,25 @@ struct SupportSecureEnclaveResponse: Codable { struct GenerateSecureEnclaveP256KeyPairResponse: Codable { var success: Bool - var publicKeyPointBase64: String - var publicKeyDerBase64: String - var dataRepresentationBase64: String + var public_key_point_base64: String + var public_key_base64: String + var data_representation_base64: String } struct ComputeSecureEnclaveP256EcsignResponse: Codable { var success: Bool - var signatureDerBase64: String + var signature_base64: String } struct ComputeSecureEnclaveP256EcdhResponse: Codable { var success: Bool - var sharedSecret: String + var shared_secret: String +} + +struct ExternalSpecResponse: Codable { + var success: Bool + var agent: String + var specification: String } func stringify(_ value: T) -> String? { @@ -120,9 +126,9 @@ func signingPrivateKeyToResponse(_ privateKeyReference: SecureEnclave.P256.Signi let dataRepresentationBase64 = privateKeyReference.dataRepresentation.base64EncodedString() return GenerateSecureEnclaveP256KeyPairResponse( success: true, - publicKeyPointBase64: publicKeyPointBase64, - publicKeyDerBase64: publicKeyDerBase64, - dataRepresentationBase64: dataRepresentationBase64 + public_key_point_base64: publicKeyPointBase64, + public_key_base64: publicKeyDerBase64, + data_representation_base64: dataRepresentationBase64 ) } @@ -132,9 +138,9 @@ func keyAgreementPrivateKeyToResponse(_ privateKeyReference: SecureEnclave.P256. let dataRepresentationBase64 = privateKeyReference.dataRepresentation.base64EncodedString() return GenerateSecureEnclaveP256KeyPairResponse( success: true, - publicKeyPointBase64: publicKeyPointBase64, - publicKeyDerBase64: publicKeyDerBase64, - dataRepresentationBase64: dataRepresentationBase64 + public_key_point_base64: publicKeyPointBase64, + public_key_base64: publicKeyDerBase64, + data_representation_base64: dataRepresentationBase64 ) } @@ -195,7 +201,7 @@ func computeSecureEnclaveP256Ecsign(privateKeyDataRepresentation: String, conten return ComputeSecureEnclaveP256EcsignResponse( success: true, - signatureDerBase64: signature.derRepresentation.base64EncodedString() + signature_base64: signature.derRepresentation.base64EncodedString() ) } catch { exitError("\(error)") @@ -230,7 +236,7 @@ func computeSecureEnclaveP256Ecdh(privateKeyDataRepresentation: String, ephemera return ComputeSecureEnclaveP256EcdhResponse( success: true, - sharedSecret: sharedSecret.description + shared_secret: sharedSecret.description ) } catch { exitError("\(error)") @@ -238,6 +244,14 @@ func computeSecureEnclaveP256Ecdh(privateKeyDataRepresentation: String, ephemera } } +func externalSpec() -> ExternalSpecResponse { + return ExternalSpecResponse( + success: true, + agent: "swift-secure-enclave-external-provider/2.0.0-alpha", + specification: "External/1.0.0-alpha" + ) +} + if (CommandLine.arguments.count == 1) { exitError("require at least one argument") } @@ -302,10 +316,77 @@ if (command == "compute_p256_ecdh") { exitOkWithJson(response) } +if (command == "external_spec") { + exitOkWithJson(externalSpec()) +} + if (command == "version") { exitOkWithJson(VersionResponse(success: true, version: "2.0.0-20250428")) } + +struct GenerateSecureEnclaveP256KeyPairRequest { + var controlFlag: String +} + +func parseGenerateSecureEnclaveP256KeyPairRequest() -> GenerateSecureEnclaveP256KeyPairRequest? { + var controlFlagOpt: String? + let len = CommandLine.arguments.count; + if CommandLine.arguments.count > 2 { + var i = 2 + while i < len { + let k = CommandLine.arguments[i]; + if (k == "--control-flag") { + controlFlagOpt = CommandLine.arguments[i + 1] + i += 1 + } + } + } + guard let controlFlag = controlFlagOpt else { + exitError("parameter --control-flag required.") + return nil + } + return GenerateSecureEnclaveP256KeyPairRequest( + controlFlag: controlFlag + ) +} + +struct ComputeP256EcSignRequest { + var dataRepresentationBase64: String + var messageBase64: String +} + +func parseComputeP256EcSignRequest() -> ComputeP256EcSignRequest? { + var dataRepresentationBase64Opt: String? + var messageBase64Opt: String? + let len = CommandLine.arguments.count; + if CommandLine.arguments.count > 2 { + var i = 2 + while i < len { + let k = CommandLine.arguments[i]; + if (k == "--data-representation-base64" || k == "--private-key") { + dataRepresentationBase64Opt = CommandLine.arguments[i + 1] + i += 1 + } else if (k == "--message-base64") { + messageBase64Opt = CommandLine.arguments[i + 1] + i += 1 + } + } + } + guard let dataRepresentationBase64 = dataRepresentationBase64Opt else { + exitError("parameter --data-representation-base64 or --private-key required.") + return nil + } + guard let messageBase64 = messageBase64Opt else { + exitError("parameter --message-base64 required.") + return nil + } + return ComputeP256EcSignRequest( + dataRepresentationBase64: dataRepresentationBase64, + messageBase64: messageBase64 + ) +} + if (command == "help") { print("swift-secure-enclave-tool-v2 ") print("help - print help") @@ -317,6 +398,9 @@ if (command == "help") { print("recover_p256_ecdh_public_key - recover Secure Enclave P256 EC DH key pair") print("compute_p256_ecsign - compure Secure Enclave P256 EC sign") print("compute_p256_ecdh - compure Secure Enclave P256 EC DH") + print("external_spec - external specification") + print("external_public_key --parameter - external public key") + print("external_sign --parameter --alg --message-base64 - external sign") print() print("options:") print("> controlFlag - none, userPresence, devicePasscode, biometryAny, biometryCurrentSet")