hatter/tiny-encrypt-rs
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: v1.2.0, support macos secure enclave

Browse Source
This commit is contained in:
Hatter Jiang
2023-12-09 13:58:30 +08:00
parent a8b2fc62b8
commit 42bc09fe07
9 changed files with 79 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/util_keychainkey.rs
View File

@@ -12,6 +12,25 @@ pub fn is_support_se() -> bool {
unsafe { is_support_secure_enclave() }
}
pub fn decrypt_data(private_key_base64: &str, ephemeral_public_key_bytes: &[u8]) -> XResult<Vec<u8>> {
let ephemera_public_key_base64 = util::encode_base64(ephemeral_public_key_bytes);
let result = unsafe {
compute_secure_enclave_p256_ecdh(
SRString::from(private_key_base64), SRString::from(ephemera_public_key_base64.as_str()),
)
};
let result = result.as_str();
if !result.starts_with("ok:SharedSecret:") {
return simple_error!("ECDH P256 in secure enclave failed: {}", result);
}
let shared_secret_hex = result.chars().skip("ok:SharedSecret:".len()).collect::<String>();
let shared_secret_hex = shared_secret_hex.trim();
Ok(opt_result!(hex::decode(shared_secret_hex), "Decrypt shared secret hex: {}, failed: {}", shared_secret_hex))
}
pub fn generate_se_p256_keypair() -> XResult<(String, String)> {
if !is_support_se() {
return simple_error!("Secure enclave is not supported.");
@@ -22,7 +41,7 @@ pub fn generate_se_p256_keypair() -> XResult<(String, String)> {
return simple_error!("Generate P256 in secure enclave failed: {}", result);
}
let public_key_and_private_key = result.chars().skip(3).collect::<String>();
let public_key_and_private_keys = public_key_and_private_key.split(",").collect::<Vec<_>>();
let public_key_and_private_keys = public_key_and_private_key.split(',').collect::<Vec<_>>();
if public_key_and_private_keys.len() != 2 {
return simple_error!("Generate P256 in secure enclave result is bad: {}", public_key_and_private_key);
}