new LICENSE; updated README; added back fat-lib scripts

highmobility · Jan 17, 2020 · fb2d42b · fb2d42b
1 parent d767965
commit fb2d42b
Show file tree

Hide file tree

Showing 23 changed files with 622 additions and 949 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
+*.swiftpm
 *.dSYM
 .DS_Store
 /.build

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -0,0 +1,49 @@
+## Introduction
+
+We would love to accept your patches and contributions to this project. Before getting to work, please first discuss the changes that you wish to make with us via [GitHub Issues](https://github.com/highmobility/hmcryptokit-swift/issues), [Spectrum](https://spectrum.chat/high-mobility/) or [Slack](https://slack.high-mobility.com/).
+
+
+## Pull Request Process
+
+We strive to ensure high quality across all our projects. In order to achieve this, we require that *all* pull requests are *covered by tests* and are there to improve the SDK for everyone, not just a single narrow use-case.
+
+
+## Code Review Process
+
+Code review takes place in GitHub pull requests. See [this article](https://help.github.com/articles/about-pull-requests/) if you're not familiar with GitHub Pull Requests.  
+
+Once you open a pull request, project maintainers will review your code and respond to your pull request with any feedback they might have. The process at this point is as follows: 
+
+- Thumbs-up are required from project maintainers
+- Your change will be merged into the project's master branch
+
+
+## How to report a bug
+
+Any security issues should be submitted directly to [security@high-mobility.com](mailto:security@high-mobility.com). In order to determine whether you are dealing with a security issue, ask yourself these two questions:  
+
+- Can I access something that's not mine, or something I shouldn't have access to?
+- Can I disable something for other people?
+
+If the answer to either of those two questions is "yes" then you're probably dealing with a security issue. Note that even if you answer "no" to both questions, you may still be dealing with a security issue, so if you're unsure, just email us at [security@high-mobility.com](mailto:security@high-mobility.com).
+
+
+When filing an issue, make sure to answer these five questions:  
+
+- What version of the library are you using?
+- What operating system and processor architecture are you using?
+- What did you do?
+- What did you expect to see?
+- What did you see instead? 
+
+General questions should go to [Spectrum](https://spectrum.chat/high-mobility) instead of the issue tracker. 
+
+
+## HIGH MOBILITY Community
+
+If you have any questions or if you would like to get involved in the HIGH MOBILITY community you can check out:
+
+- [Spectrum](https://spectrum.chat/high-mobility/)
+- [Slack](https://slack.high-mobility.com/)
+
+To find out more about the company behind the project please visit [high-mobility.com](https://high-mobility.com/).
diff --git a/HMCryptoKit.xcodeproj/project.pbxproj b/HMCryptoKit.xcodeproj/project.pbxproj
@@ -460,7 +460,7 @@
 				INFOPLIST_FILE = HMCryptoKit.xcodeproj/HMCryptoKit_Info.plist;
 				IPHONEOS_DEPLOYMENT_TARGET = 10.0;
 				LD_RUNPATH_SEARCH_PATHS = "$(TOOLCHAIN_DIR)/usr/lib/swift/macosx";
-				MARKETING_VERSION = 1.2.15;
+				MARKETING_VERSION = 1.2.16;
 				PRODUCT_BUNDLE_IDENTIFIER = "com.high-mobility.hmcryptokit";
 				PRODUCT_MODULE_NAME = "$(TARGET_NAME:c99extidentifier)";
 				PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)";
@@ -482,7 +482,7 @@
 				INFOPLIST_FILE = HMCryptoKit.xcodeproj/HMCryptoKit_Info.plist;
 				IPHONEOS_DEPLOYMENT_TARGET = 10.0;
 				LD_RUNPATH_SEARCH_PATHS = "$(TOOLCHAIN_DIR)/usr/lib/swift/macosx";
-				MARKETING_VERSION = 1.2.15;
+				MARKETING_VERSION = 1.2.16;
 				PRODUCT_BUNDLE_IDENTIFIER = "com.high-mobility.hmcryptokit";
 				PRODUCT_MODULE_NAME = "$(TARGET_NAME:c99extidentifier)";
 				PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)";

diff --git a/LICENSE b/LICENSE
diff --git a/README.md b/README.md
@@ -1,29 +1,60 @@
-## What is in this repository ##
+# HMCryptoKit iOS SDK
 
-**HMCryptoKit** source code in *Swift*, that can be made into a *framework* by `swift build` (*macOS* and *Linux* only), or through *Xcode*. Using the latter allows additionally to build for *iOS*, *tvOS* or *watchOS*.  
+The HMCryptoKit iOS SDK is a collection of cryptographic functions, centered around Elliptic Curve Cryptography, needed in [HMKit](https://github.com/highmobility/hmkit-swift) and is based on Apple's [Security](https://developer.apple.com/documentation/Security) and [CommonCrypto](https://developer.apple.com/library/archive/documentation/Security/Conceptual/cryptoservices/Introduction/Introduction.html) libraries.
 
-In addition, if using this as a *dependency* with Swift Package Manager, the suitable architecture is handled by Xcode.
-
-Lastly, there's a *command-line* tool for executing cryptographic commands related to High-Mobility's system.  
+Security overview can be read [here](https://high-mobility.com/learn/documentation/security/overview/).
+
+Table of contents
+=================
+<!--ts-->
+   * [Features](#features)
+   * [Integration](#integration)
+   * [Requirements](#requirements)
+   * [Contributing](#contributing)
+   * [Licence](#licence)
+<!--te-->
+
+
+## Features
+
+**ECC**: Uses well established *Elliptic Curve Cryptography*'s curve *p256* (that is as secure as RSA, while having a smaller footprint).
 
-## Framework Usage ##
+**De-/Encrypt**: Enables simple encryption and decryption with *AES128*.
 
-For *iOS*, it's recommended to build the *universal* framework - thus enabling running on a simulator as well.  
-There's an `AppStoreCompatible.sh` script for thinning the framework before submission to iTC.  
+**Keys**: Perform *Diffie-Hellman*'s key exchange using *X9.63 SHA256* algorithm. Additionally 
+convert keys back and forth between bytes and Apple's `SecKey` format.
 
-For *macOS* and *Linux*, executing `swift build` and using the product is recommended (use the `--show-bin-path` option to get the output path).
+**Random**: Create pseudo-random bytes for cryptographic functions or as unique IDs.
 
-For *other Apple* platforms, the *universal* framework can be made with `lipo` from *Xcode*'s simulator and device products. When creating a *universal* one, the *module maps* need to be copied as well.  
+**Signatures**: Create and verify *Elliptic Curve Digital Signature Algorithm* (ECDSA) *X9.62 SHA256* or *HMAC* signatures.
 
-## Parser Usage ##
 
-Simply execute `./HMCryptoKitCLT [input]` on the command-line.  
+## Integration
+
+It's **recommended** to use the library through *Swift Package Manager* (SPM), which is now also built-in to Xcode and accessible in `File > Swift Packages > ...` or  going to project settings and selecting `Swift Packages` in the top-center.  
+When targeting a Swift package, the `Package.swift` file must include `.package(url: "https://github.com/highmobility/hmcryptokit-swift", .upToNextMinor(from: "[__version__]")),` under *dependencies*.
 
-Input must be in *hex*.  
-The tool outputs *data* if the inputs were suitable, an *error* is returned otherwise.  
-
-Flags:  
- -h, --help:  Print the help for a command  
- -d, --dev:   Output hexadecimal array: 0xA1, 0xB2, 0xC3...
-
- ![screenshot](assets/screenshot.png?raw=true)
+
+If SPM is not possible, the source can be downloaded directly from Github
+and built into an `.xcframework` using an accompaning script: [XCFrameworkBuilder.sh](https://github.com/highmobility/hmcryptokit-swift/tree/master/Scripts/XCFrameworkBuilder.sh). The created package includes both the simulator and device binaries, which must then be dropped (linked) to the target Xcode project.
+
+Furthermore, when `.xcframework` is also not suitable, the library can be made into a *fat binary* (`.framework`) by running [UniversalBuildScript.sh](https://github.com/highmobility/hmcryptokit-swift/tree/master/Scripts/UniversalBuildScript.sh). This combines both simulator and device slices into one binary, but requires the simulator slice to be removed *before* being able to upload to *App Store Connect* – for this there is a [AppStoreCompatible.sh](https://github.com/highmobility/hmcryptokit-swift/tree/master/Scripts/AppStoreCompatible.sh) script included inside the created `.framework` folder.
+
+
+## Requirements
+
+HMCryptoKit iOS SDK requires Xcode 11.0 or later and is compatible with apps targeting iOS 10.0 or above.
+
+
+## Contributing
+
+We would love to accept your patches and contributions to this project. Before getting to work, please first discuss the changes that you wish to make with us via [GitHub Issues](https://github.com/highmobility/hmcryptokit-swift/issues), [Spectrum](https://spectrum.chat/high-mobility/) or [Slack](https://slack.high-mobility.com/).
+
+To start developing HMCryptoKit, please run `git clone git@github.com:highmobility/hmcryptokit-swift.git` and open the Xcode project (Xcode will handle the dependencies itself). Releases are done by tagged commits (as required by SPM, please read more about it [here](https://swift.org/getting-started/#using-the-package-manager) and [here](https://github.com/apple/swift-package-manager/tree/master/Documentation)).
+
+See more in [CONTRIBUTING.md](https://github.com/highmobility/hmcryptokit-swift/tree/master/CONTRIBUTING.md)
+
+
+## Licence
+
+This repository is using MIT licence. See more in [LICENCE](https://github.com/highmobility/hmcryptokit-swift/tree/master/LICENSE)
diff --git a/Scripts/AppStoreCompatible.sh b/Scripts/AppStoreCompatible.sh
@@ -0,0 +1,93 @@
+#!/bin/sh
+
+#
+# Copyright (C) 2018 High-Mobility GmbH
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http:#www.gnu.org/licenses/.
+#
+# Please inquire about commercial licensing options at
+# licensing@high-mobility.com
+#
+#  AppStoreCompatible.sh
+#
+#  Created by Mikk Rätsep on 07/03/2017.
+#
+
+
+# This script thins the Universal (library) file
+# Also removes the irrelevant .swiftmodule-s by removing the Simulator parts
+
+
+# How to use AppStoreCompatible.sh script:
+#   1) navigate to the .framework folder in terminal
+#   2) execute
+#       sh AppStoreCompatible.sh
+
+
+
+
+# Make some vars
+FILE_COUNT=0
+
+
+# Ignores the macOS platform - there's no simulator on it...
+if [ "${PLATFORM_NAME}" != "macosx" ]; then
+
+
+# See if this is called from XCode or not
+if [ -n "${SCRIPT_INPUT_FILE_COUNT}" ]; then
+
+FILE_COUNT="${SCRIPT_INPUT_FILE_COUNT}"
+FRAMEWORK_PATH="${SCRIPT_INPUT_FILE_0}"
+
+else
+
+FILE_COUNT=1
+FRAMEWORK_PATH="$(pwd)"
+
+fi
+
+
+
+# Check there's an input file
+if [ ${FILE_COUNT} -eq 1 ]; then
+
+
+# Gather some paths
+NAME=${FRAMEWORK_PATH##*"/"}
+NAME=${NAME%%".framework"}
+
+MODULES_DIR="${FRAMEWORK_PATH}/Modules/${NAME}.swiftmodule"
+
+
+# Remove the x86_64 slices from the binary and files from the .swiftmodule
+if $(lipo ${NAME} -verify_arch x86_64); then
+
+lipo ${NAME} -remove x86_64 -o ${NAME}
+
+fi
+
+# Remove the .swiftmodule files
+rm -fr "${MODULES_DIR}/x86_64.swiftdoc"
+rm -fr "${MODULES_DIR}/x86_64.swiftmodule"
+rm -fr "${MODULES_DIR}/x86_64-apple-ios-simulator.swiftdoc"
+rm -fr "${MODULES_DIR}/x86_64-apple-ios-simulator.swiftmodule"
+
+# Remove the script (can't upload to iTunesConnect with it)
+rm -- "$0"
+
+fi
+
+
+fi
diff --git a/Scripts/UniversalBuildScript.sh b/Scripts/UniversalBuildScript.sh
@@ -0,0 +1,132 @@
+#!/bin/sh
+
+#
+# Copyright (C) 2018 High-Mobility GmbH
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http:#www.gnu.org/licenses/.
+#
+# Please inquire about commercial licensing options at
+# licensing@high-mobility.com
+#
+#  UniversalBuildScript.sh
+#
+#  Created by Mikk Rätsep on 16/03/2018.
+#  Copyright © 2018 High-Mobility. All rights reserved.
+
+
+######################
+# Conf Some Vars
+######################
+
+
+if [ -z "${CONFIGURATION}" ]; then
+    CONFIGURATION="Release"
+fi
+
+if [ -z "${SRCROOT}" ]; then
+    SRCROOT="$( cd "$(dirname "$0")" ; pwd -P )/.."
+fi
+
+if [ -z "${BUILD_DIR}" ]; then
+    BUILD_DIR="${SRCROOT}/build"
+fi
+
+
+######################
+# Options
+######################
+
+FRAMEWORK_NAME="$(find ${SRCROOT} -name '*.xcodeproj')"
+FRAMEWORK_NAME=${FRAMEWORK_NAME##*/}
+FRAMEWORK_NAME=${FRAMEWORK_NAME%.*}
+
+PROJECT_PATH="${SRCROOT}/${FRAMEWORK_NAME}.xcodeproj"
+
+SIMULATOR_PATH="${BUILD_DIR}/${CONFIGURATION}-simulator"
+SIMULATOR_LIBRARY_PATH="${SIMULATOR_PATH}/${FRAMEWORK_NAME}.framework"
+
+DEVICE_PATH="${BUILD_DIR}/${CONFIGURATION}-device"
+DEVICE_LIBRARY_PATH="${DEVICE_PATH}/${FRAMEWORK_NAME}.framework"
+
+ARCHIVE_PATH="${DEVICE_PATH}/${FRAMEWORK_NAME}.xcarchive"
+
+UNIVERSAL_LIBRARY_DIR="${BUILD_DIR}/${CONFIGURATION}-iosUniversal"
+
+FRAMEWORK="${UNIVERSAL_LIBRARY_DIR}/${FRAMEWORK_NAME}.framework"
+
+
+######################
+# Build Frameworks
+######################
+
+echo "Building for Simulator..."
+xcodebuild -quiet -project ${PROJECT_PATH} -target ${FRAMEWORK_NAME} -sdk iphonesimulator -configuration ${CONFIGURATION} CONFIGURATION_BUILD_DIR=${SIMULATOR_PATH} OTHER_CFLAGS="-fembed-bitcode" ONLY_ACTIVE_ARCH=NO clean build
+
+echo "Archiving for Device..."
+xcodebuild -quiet -project ${PROJECT_PATH} -scheme ${FRAMEWORK_NAME} -sdk iphoneos -configuration ${CONFIGURATION} OTHER_CFLAGS="-fembed-bitcode" -archivePath ${ARCHIVE_PATH} clean archive
+
+# Updates the device's library path
+DEVICE_LIBRARY_PATH="${ARCHIVE_PATH}/Products/Library/Frameworks/${FRAMEWORK_NAME}.framework"
+
+
+######################
+# Create directory for universal
+######################
+
+echo "Removing and making directories..."
+rm -rf ${UNIVERSAL_LIBRARY_DIR}
+
+mkdir ${UNIVERSAL_LIBRARY_DIR}
+mkdir ${FRAMEWORK}
+
+
+######################
+# Copy files Framework
+######################
+
+echo "Copying frameworks..."
+cp -r "${DEVICE_LIBRARY_PATH}/." "${FRAMEWORK}"
+
+# And the AppStoreCompatible script
+echo "Copying AppStoreCompatible script"
+cp "${SRCROOT}/Scripts/AppStoreCompatible.sh" "${FRAMEWORK}"
+
+
+######################
+# Make an universal binary
+######################
+
+echo "Combining frameworks together..."
+lipo "${SIMULATOR_LIBRARY_PATH}/${FRAMEWORK_NAME}" "${DEVICE_LIBRARY_PATH}/${FRAMEWORK_NAME}" -create -output "${FRAMEWORK}/${FRAMEWORK_NAME}"
+
+# For Swift framework, Swiftmodule needs to be copied in the universal framework
+if [ -d "${DEVICE_LIBRARY_PATH}/Modules/${FRAMEWORK_NAME}.swiftmodule/" ]; then
+cp -f -R "${DEVICE_LIBRARY_PATH}/Modules/${FRAMEWORK_NAME}.swiftmodule/" "${FRAMEWORK}/Modules/${FRAMEWORK_NAME}.swiftmodule/"
+fi
+
+if [ -d "${SIMULATOR_LIBRARY_PATH}/Modules/${FRAMEWORK_NAME}.swiftmodule/" ]; then
+cp -f -R "${SIMULATOR_LIBRARY_PATH}/Modules/${FRAMEWORK_NAME}.swiftmodule/" "${FRAMEWORK}/Modules/${FRAMEWORK_NAME}.swiftmodule/"
+fi
+
+
+######################
+# Cleanup
+######################
+
+# Copy the Universal to the root dir
+cp -f -R "${FRAMEWORK}" "${SRCROOT}"
+
+# Removes the build/ folder from the source folder
+echo "Removing build directory..."
+rm -rfd "${SRCROOT}/build"