hatter/swift-secure-enclave-tool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: updates

Browse Source
This commit is contained in:
Hatter Jiang
2025-04-28 22:54:29 +08:00
parent a541a393c1
commit b590dd47f1
1 changed files with 97 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
swift-secure-enclave-tool-v2.swift
View File

@@ -26,19 +26,25 @@ struct SupportSecureEnclaveResponse: Codable {
struct GenerateSecureEnclaveP256KeyPairResponse: Codable { struct GenerateSecureEnclaveP256KeyPairResponse: Codable {
var success: Bool var success: Bool
var publicKeyPointBase64: String var public_key_point_base64: String
var publicKeyDerBase64: String var public_key_base64: String
var dataRepresentationBase64: String var data_representation_base64: String
} }
struct ComputeSecureEnclaveP256EcsignResponse: Codable { struct ComputeSecureEnclaveP256EcsignResponse: Codable {
var success: Bool var success: Bool
var signatureDerBase64: String var signature_base64: String
} }
struct ComputeSecureEnclaveP256EcdhResponse: Codable { struct ComputeSecureEnclaveP256EcdhResponse: Codable {
var success: Bool var success: Bool
var sharedSecret: String var shared_secret: String
}
struct ExternalSpecResponse: Codable {
var success: Bool
var agent: String
var specification: String
} }
func stringify<T: Encodable>(_ value: T) -> String? { func stringify<T: Encodable>(_ value: T) -> String? {
@@ -120,9 +126,9 @@ func signingPrivateKeyToResponse(_ privateKeyReference: SecureEnclave.P256.Signi
let dataRepresentationBase64 = privateKeyReference.dataRepresentation.base64EncodedString() let dataRepresentationBase64 = privateKeyReference.dataRepresentation.base64EncodedString()
return GenerateSecureEnclaveP256KeyPairResponse( return GenerateSecureEnclaveP256KeyPairResponse(
success: true, success: true,
publicKeyPointBase64: publicKeyPointBase64, public_key_point_base64: publicKeyPointBase64,
publicKeyDerBase64: publicKeyDerBase64, public_key_base64: publicKeyDerBase64,
dataRepresentationBase64: dataRepresentationBase64 data_representation_base64: dataRepresentationBase64
) )
} }
@@ -132,9 +138,9 @@ func keyAgreementPrivateKeyToResponse(_ privateKeyReference: SecureEnclave.P256.
let dataRepresentationBase64 = privateKeyReference.dataRepresentation.base64EncodedString() let dataRepresentationBase64 = privateKeyReference.dataRepresentation.base64EncodedString()
return GenerateSecureEnclaveP256KeyPairResponse( return GenerateSecureEnclaveP256KeyPairResponse(
success: true, success: true,
publicKeyPointBase64: publicKeyPointBase64, public_key_point_base64: publicKeyPointBase64,
publicKeyDerBase64: publicKeyDerBase64, public_key_base64: publicKeyDerBase64,
dataRepresentationBase64: dataRepresentationBase64 data_representation_base64: dataRepresentationBase64
) )
} }
@@ -195,7 +201,7 @@ func computeSecureEnclaveP256Ecsign(privateKeyDataRepresentation: String, conten
return ComputeSecureEnclaveP256EcsignResponse( return ComputeSecureEnclaveP256EcsignResponse(
success: true, success: true,
signatureDerBase64: signature.derRepresentation.base64EncodedString() signature_base64: signature.derRepresentation.base64EncodedString()
) )
} catch { } catch {
exitError("\(error)") exitError("\(error)")
@@ -230,7 +236,7 @@ func computeSecureEnclaveP256Ecdh(privateKeyDataRepresentation: String, ephemera
return ComputeSecureEnclaveP256EcdhResponse( return ComputeSecureEnclaveP256EcdhResponse(
success: true, success: true,
sharedSecret: sharedSecret.description shared_secret: sharedSecret.description
) )
} catch { } catch {
exitError("\(error)") exitError("\(error)")
@@ -238,6 +244,14 @@ func computeSecureEnclaveP256Ecdh(privateKeyDataRepresentation: String, ephemera
} }
} }
func externalSpec() -> ExternalSpecResponse {
return ExternalSpecResponse(
success: true,
agent: "swift-secure-enclave-external-provider/2.0.0-alpha",
specification: "External/1.0.0-alpha"
)
}
if (CommandLine.arguments.count == 1) { if (CommandLine.arguments.count == 1) {
exitError("require at least one argument") exitError("require at least one argument")
} }
@@ -302,10 +316,77 @@ if (command == "compute_p256_ecdh") {
exitOkWithJson(response) exitOkWithJson(response)
} }
if (command == "external_spec") {
exitOkWithJson(externalSpec())
}
if (command == "version") { if (command == "version") {
exitOkWithJson(VersionResponse(success: true, version: "2.0.0-20250428")) exitOkWithJson(VersionResponse(success: true, version: "2.0.0-20250428"))
} }
struct GenerateSecureEnclaveP256KeyPairRequest {
var controlFlag: String
}
func parseGenerateSecureEnclaveP256KeyPairRequest() -> GenerateSecureEnclaveP256KeyPairRequest? {
var controlFlagOpt: String?
let len = CommandLine.arguments.count;
if CommandLine.arguments.count > 2 {
var i = 2
while i < len {
let k = CommandLine.arguments[i];
if (k == "--control-flag") {
controlFlagOpt = CommandLine.arguments[i + 1]
i += 1
}
}
}
guard let controlFlag = controlFlagOpt else {
exitError("parameter --control-flag required.")
return nil
}
return GenerateSecureEnclaveP256KeyPairRequest(
controlFlag: controlFlag
)
}
struct ComputeP256EcSignRequest {
var dataRepresentationBase64: String
var messageBase64: String
}
func parseComputeP256EcSignRequest() -> ComputeP256EcSignRequest? {
var dataRepresentationBase64Opt: String?
var messageBase64Opt: String?
let len = CommandLine.arguments.count;
if CommandLine.arguments.count > 2 {
var i = 2
while i < len {
let k = CommandLine.arguments[i];
if (k == "--data-representation-base64" || k == "--private-key") {
dataRepresentationBase64Opt = CommandLine.arguments[i + 1]
i += 1
} else if (k == "--message-base64") {
messageBase64Opt = CommandLine.arguments[i + 1]
i += 1
}
}
}
guard let dataRepresentationBase64 = dataRepresentationBase64Opt else {
exitError("parameter --data-representation-base64 or --private-key required.")
return nil
}
guard let messageBase64 = messageBase64Opt else {
exitError("parameter --message-base64 required.")
return nil
}
return ComputeP256EcSignRequest(
dataRepresentationBase64: dataRepresentationBase64,
messageBase64: messageBase64
)
}
if (command == "help") { if (command == "help") {
print("swift-secure-enclave-tool-v2 <command>") print("swift-secure-enclave-tool-v2 <command>")
print("help - print help") print("help - print help")
@@ -317,6 +398,9 @@ if (command == "help") {
print("recover_p256_ecdh_public_key <privateKey> - recover Secure Enclave P256 EC DH key pair") print("recover_p256_ecdh_public_key <privateKey> - recover Secure Enclave P256 EC DH key pair")
print("compute_p256_ecsign <privateKey> <content> - compure Secure Enclave P256 EC sign") print("compute_p256_ecsign <privateKey> <content> - compure Secure Enclave P256 EC sign")
print("compute_p256_ecdh <privateKey> <ephemeraPublicKey> - compure Secure Enclave P256 EC DH") print("compute_p256_ecdh <privateKey> <ephemeraPublicKey> - compure Secure Enclave P256 EC DH")
print("external_spec - external specification")
print("external_public_key --parameter <parameter> - external public key")
print("external_sign --parameter <parameter> --alg <alg> --message-base64 <message-in-base64> - external sign")
print() print()
print("options:") print("options:")
print("> controlFlag - none, userPresence, devicePasscode, biometryAny, biometryCurrentSet") print("> controlFlag - none, userPresence, devicePasscode, biometryAny, biometryCurrentSet")