pisalcoding
diff --git a/‎Sources/HybridCrypto/AES Cipher/AESCipher.swift‎
Lines changed: 130 additions & 0 deletions b/‎Sources/HybridCrypto/AES Cipher/AESCipher.swift‎
Lines changed: 130 additions & 0 deletions
diff --git a/‎Sources/HybridCrypto/AES Cipher/AESResult.swift‎
Lines changed: 21 additions & 0 deletions b/‎Sources/HybridCrypto/AES Cipher/AESResult.swift‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎Sources/HybridCrypto/Extensions/Data+Extensions.swift‎
Lines changed: 23 additions & 0 deletions b/‎Sources/HybridCrypto/Extensions/Data+Extensions.swift‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎Sources/HybridCrypto/Extensions/String+Extensions.swift‎
Lines changed: 49 additions & 0 deletions b/‎Sources/HybridCrypto/Extensions/String+Extensions.swift‎
Lines changed: 49 additions & 0 deletions
diff --git a/‎Sources/HybridCrypto/Hash/HMAC.swift‎
Lines changed: 80 additions & 0 deletions b/‎Sources/HybridCrypto/Hash/HMAC.swift‎
Lines changed: 80 additions & 0 deletions
diff --git a/‎Sources/HybridCrypto/Hybrid Cipher/HttpFriendlyResult.swift‎
Lines changed: 37 additions & 0 deletions b/‎Sources/HybridCrypto/Hybrid Cipher/HttpFriendlyResult.swift‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎Sources/HybridCrypto/Hybrid Cipher/HybridCipherResult.swift‎
Lines changed: 26 additions & 0 deletions b/‎Sources/HybridCrypto/Hybrid Cipher/HybridCipherResult.swift‎
Lines changed: 26 additions & 0 deletions
@@ -0,0 +1,130 @@
+//
+//  AESCipher.swift
+//  MobileBanking
+//
+//  Created by Pisal on 6/22/22.
+//  Copyright © 2022 WB Finance. All rights reserved.
+//
+
+import Foundation
+import CommonCrypto
+
+public class AESCipher {
+    
+    private var aesKeySizeInBytes: Int!
+    private var aesMode: String!
+    private var keyIterationCount: UInt32!
+    
+    public init(aesKeySizeInBytes: Int,
+         aesMode: String,
+         keyIterationCount: Int = 100
+    ) {
+        self.aesKeySizeInBytes = aesKeySizeInBytes
+        self.aesMode = aesMode
+        self.keyIterationCount = UInt32(keyIterationCount)
+    }
+    
+    public func encrypt(password: String, message: String) -> AESResult {
+        let iv = randomizeBytes(count: kCCBlockSizeAES128)
+        let salt = randomizeBytes(count: 8)
+        let aesKey = aesKey(forPassword: password, salt: salt)
+        let data = message.data(using: .utf8)!
+        
+        let ciphertext = crypt(
+            operation: kCCEncrypt,
+            algorithm: kCCAlgorithmAES,
+            options: kCCOptionPKCS7Padding,
+            key: aesKey,
+            initializationVector: iv,
+            dataIn: data)
+        
+        return AESResult(
+            salt: salt.toBase64String(),
+            iv: iv.toBase64String(),
+            encodedData: ciphertext!.toBase64String()
+        )
+    }
+    
+    public func decrypt(password: String, salt: Data, iv: Data, base64CipherText: Data) -> NSDictionary {
+        let aesKey = aesKey(forPassword: password, salt: salt)
+        let decryptedData = crypt(operation: kCCDecrypt,
+                                  algorithm: kCCAlgorithmAES,
+                                  options: kCCOptionPKCS7Padding,
+                                  key: aesKey,
+                                  initializationVector: iv,
+                                  dataIn: base64CipherText
+        )
+        
+        let str = String(decoding: decryptedData!, as: UTF8.self)
+        return str.toDictionary()! as NSDictionary
+    }
+    
+    
+    //========================================================================================
+    //MARK:- Internal
+    //========================================================================================
+    private func randomizeBytes(count: Int) -> Data {
+        let bytes = UnsafeMutableRawPointer.allocate(byteCount: count, alignment: 1)
+        defer { bytes.deallocate() }
+        let status = SecRandomCopyBytes(nil, count, bytes)
+        assert(status == kCCSuccess)
+        return Data(bytes: bytes, count: count)
+    }
+    
+    private func aesKey(
+        forPassword password: String,
+        salt: Data
+    ) -> Data {
+        let derivedKey = NSMutableData(length: aesKeySizeInBytes * 2)!
+        let result = CCKeyDerivationPBKDF(
+            CCPBKDFAlgorithm(kCCPBKDF2),
+            password,
+            password.lengthOfBytes(using: .utf8),
+            salt.bytes,
+            salt.count,
+            CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA1),
+            self.keyIterationCount,
+            derivedKey.mutableBytes,
+            derivedKey.length
+        )
+        assert(result == kCCSuccess)
+        return derivedKey.copy() as! Data
+    }
+    
+    private func crypt(
+        operation: Int,
+        algorithm: Int,
+        options: Int,
+        key: Data,
+        initializationVector iv: Data,
+        dataIn: Data
+    ) -> Data? {
+        return key.withUnsafeBytes { keyUnsafeRawBufferPointer in
+            return dataIn.withUnsafeBytes { dataInUnsafeRawBufferPointer in
+                return iv.withUnsafeBytes { ivUnsafeRawBufferPointer in
+                    // Give the data out some breathing room for PKCS7's padding.
+                    let dataOutSize: Int = dataIn.count + kCCBlockSizeAES128 * 2
+                    let dataOut = UnsafeMutableRawPointer.allocate(byteCount: dataOutSize,
+                                                                   alignment: 1)
+                    defer { dataOut.deallocate() }
+                    var dataOutMoved: Int = 0
+                    let status = CCCrypt(
+                        CCOperation(operation),
+                        CCAlgorithm(algorithm),
+                        CCOptions(options),
+                        keyUnsafeRawBufferPointer.baseAddress,
+                        key.count,
+                        ivUnsafeRawBufferPointer.baseAddress,
+                        dataInUnsafeRawBufferPointer.baseAddress,
+                        dataIn.count,
+                        dataOut,
+                        dataOutSize,
+                        &dataOutMoved
+                    )
+                    guard status == kCCSuccess else { return nil }
+                    return Data(bytes: dataOut, count: dataOutMoved)
+                }
+            }
+        }
+    }
+}
@@ -0,0 +1,21 @@
+//
+//  File.swift
+//  
+//
+//  Created by Pisal on 8/19/22.
+//
+
+import Foundation
+
+public struct AESResult : Codable {
+    let salt: String
+    let iv: String
+    let encodedData: String
+    
+    enum CodingKeys: String, CodingKey {
+        case salt
+        case iv
+        case encodedData
+    }
+}
+
@@ -0,0 +1,23 @@
+//
+//  Data+Extensions.swift
+//  HybridEncryption
+//
+//  Created by Pisal on 8/19/22.
+//
+
+import Foundation
+import CommonCrypto
+
+public extension Data {
+    func toBase64String() -> String {
+        return self.base64EncodedString(options: .lineLength64Characters)
+    }
+    
+    mutating func appendString(string: String) {
+        append(string.data(using: .utf8)!)
+    }
+
+    public var bytes: Array<UInt8> {
+      Array(self)
+    }
+}
@@ -0,0 +1,49 @@
+//
+//  String+Extensions.swift
+//  HybridEncryption
+//
+//  Created by Pisal on 8/19/22.
+//
+
+import Foundation
+
+
+public extension String {
+    public func toDictionary() -> [String:AnyObject]? {
+        if let data = self.data(using: String.Encoding.utf8) {
+            do {
+                let json = try JSONSerialization.jsonObject(with: data, options: .mutableContainers) as? [String:AnyObject]
+                return json
+            } catch {}
+        }
+        return nil
+    }
+    
+    public func toBase64() -> String {
+        return Data(self.utf8).base64EncodedString()
+    }
+    
+    public var md5: String {
+        return HMAC.hash(input: self, algo: HMACAlgo.MD5)
+    }
+    
+    public var sha1: String {
+        return HMAC.hash(input: self, algo: HMACAlgo.SHA1)
+    }
+    
+    public var sha224: String {
+        return HMAC.hash(input: self, algo: HMACAlgo.SHA224)
+    }
+    
+    public var sha256: String {
+        return HMAC.hash(input: self, algo: HMACAlgo.SHA256)
+    }
+    
+    public var sha384: String {
+        return HMAC.hash(input: self, algo: HMACAlgo.SHA384)
+    }
+    
+    public var sha512: String {
+        return HMAC.hash(input: self, algo: HMACAlgo.SHA512)
+    }
+}
@@ -0,0 +1,80 @@
+//
+//  Mmac.swift
+//  HybridEncryption
+//
+//  Created by Pisal on 8/19/22.
+//
+
+import Foundation
+import CommonCrypto
+
+public struct HMAC {
+    
+    static func hash(input: String, algo: HMACAlgo) -> String {
+        if let stringData = input.data(using: .utf8, allowLossyConversion: false) {
+            return hexStringFromData(input: digest(input: stringData as NSData, algo: algo))
+        }
+        return ""
+    }
+    
+    private static func digest(input : NSData, algo: HMACAlgo) -> NSData {
+        let digestLength = algo.digestLength()
+        var hash = [UInt8](repeating: 0, count: digestLength)
+        switch algo {
+        case .MD5:
+            CC_MD5(input.bytes, UInt32(input.length), &hash)
+            break
+        case .SHA1:
+            CC_SHA1(input.bytes, UInt32(input.length), &hash)
+            break
+        case .SHA224:
+            CC_SHA224(input.bytes, UInt32(input.length), &hash)
+            break
+        case .SHA256:
+            CC_SHA256(input.bytes, UInt32(input.length), &hash)
+            break
+        case .SHA384:
+            CC_SHA384(input.bytes, UInt32(input.length), &hash)
+            break
+        case .SHA512:
+            CC_SHA512(input.bytes, UInt32(input.length), &hash)
+            break
+        }
+        return NSData(bytes: hash, length: digestLength)
+    }
+    
+    private static func hexStringFromData(input: NSData) -> String {
+        var bytes = [UInt8](repeating: 0, count: input.length)
+        input.getBytes(&bytes, length: input.length)
+        
+        var hexString = ""
+        for byte in bytes {
+            hexString += String(format:"%02x", UInt8(byte))
+        }
+        
+        return hexString
+    }
+}
+
+enum HMACAlgo {
+    case MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+    
+    func digestLength() -> Int {
+        var result: CInt = 0
+        switch self {
+        case .MD5:
+            result = CC_MD5_DIGEST_LENGTH
+        case .SHA1:
+            result = CC_SHA1_DIGEST_LENGTH
+        case .SHA224:
+            result = CC_SHA224_DIGEST_LENGTH
+        case .SHA256:
+            result = CC_SHA256_DIGEST_LENGTH
+        case .SHA384:
+            result = CC_SHA384_DIGEST_LENGTH
+        case .SHA512:
+            result = CC_SHA512_DIGEST_LENGTH
+        }
+        return Int(result)
+    }
+}
@@ -0,0 +1,37 @@
+//
+//  HttpFriendlyResult.swift
+//  
+//
+//  Created by Pisal on 8/19/22.
+//
+
+import Foundation
+
+public struct HttpFriendlyResult : Codable {
+    /// RSA-encrypted AES password of request body
+    let requestPassword: String
+
+    /// IV that was used while encrypting the raw data
+    let iv: String
+    
+    /// salt that was used while encrypting the raw data
+    let salt: String
+
+    /// RSA-encrypted AES password for peer/server to encrypt the response
+    let responsePassword: String
+
+    /// AES-encrypted data
+    let encryptedData: String
+
+    /// RSA-encrypted SHA512 hash of the raw data
+    let signature: String
+    
+    enum CodingKeys: String, CodingKey {
+        case requestPassword
+        case iv
+        case salt
+        case responsePassword
+        case encryptedData
+        case signature
+    }
+}
@@ -0,0 +1,26 @@
+//
+//  HybridCipherResult.swift
+//  
+//
+//  Created by Pisal on 8/19/22.
+//
+
+import Foundation
+
+public struct HybridCipherResult : Codable {
+    
+    /**
+     * Should be saved for decrypting the encrypted response from server
+     */
+    let rawResponsePassword: String
+    
+    /**
+     * Suitable for sending to server via REST API
+     */
+    let httpParams: HttpFriendlyResult
+    
+    enum CodingKeys: String, CodingKey {
+        case rawResponsePassword
+        case httpParams
+    }
+}