-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use CryptoKit #214
Use CryptoKit #214
Conversation
one of the tests failing here doesn't really seem like it should be, seems like wonky CI. |
From the error code, it looks like one of Travis CI's typical inexplicable xcodebuild failures. I've restarted that CI job, which usually works for a flaky build. Thanks for the PR! It's a busy week, but I'll try to review and merge it soon. |
@mattrubin no problemo, I have a few more ambitious things to accomplish. |
I am interested in moving towards a more protocol oriented composition and pulling a few things out, like legacy support (for now) & the token persistence mechanisms. I think with a protocol approach, it will be easier for folks to roll their own persisters. Such as secured CoreData stores and the like. |
would also like to use your work on bases, modernize with a swift package, etc. so I might just use this as a reference. |
CryptoKit must be weakly linked so that code compiled with an SDK than can import CryptoKit does not crash when run on an OS version that pre-dates CryptoKit. The weak link build setting must be conditional on the SDK so that the project can be built by Xcode 10, which is unable to link CryptoKit.
While you're certainly welcome to use this project as a basis for your own implementation, most of the changes you mentioned (moving to Bases for base32 decoding, adding SPM support, pulling out the keychain integration and supporting alternative persistence stores) are on my roadmap for OneTimePassword. I can't promise any delivery dates for those features since I work on this project in my scarce free time, but PRs are always welcome! I'm curious what your vision is for "protocol oriented composition". Just swappable persistence methods, or something more? |
Codecov Report
@@ Coverage Diff @@
## develop #214 +/- ##
==========================================
+ Coverage 97.17% 97.38% +0.2%
==========================================
Files 6 6
Lines 389 420 +31
==========================================
+ Hits 378 409 +31
Misses 11 11
Continue to review full report at Codecov.
|
This is my vision: https://github.com/ericlewis/THOTP Heavily inspired, but the Generators & Passwords are protocol based. This means we can switch out the actual implementation. So we could create a concrete type (NSManagedObject for instance) that conforms to PasswordProtocol and now we can use CoreData to persist a password since all of the functional generation implementation lives as protocols / extensions. You could do similarly for a keychain persistence layer as well. The more composable it is, the more powerful :) I intend to release another framework that is a persistent layer, but it’s actually achievable super simply: using valet and a clever extension, plus some serialization code, and I had persistence parity in around 20 lines of code or so. On top of that, I conform to Identifiable, to make it easier to persist (since it’ll have an ID) as well as display in SwiftUI applications. My framework is not exactly the same as yours, I have no real desire for backwards compatibility currently. It wouldn’t really be too difficult to add it, tho. But for me it was easier to start from scratch, plus use all modern features directly. |
@ericlewis Thanks for sharing this! It's interesting to see a different approach to the same functionality. I think the struct-based approach OneTimePassword takes is a better fit for my use case, but I may look more closely at using the protocol-oriented approach to make persistence extensible. |
Use the new Apple CryptoKit under the hood when running iOS/iPadOS 13, macOS 10.15, or watchOS 6.0.