ios/Crypto.swift at main · hailey.at/expo-atproto-auth

this repo has no description
expo-atproto-auth / ios / Crypto.swift
at main 2.2 kB view raw
 1import Foundation
 2import CryptoKit
 3import JOSESwift
 4
 5class CryptoUtil: NSObject {
 6  static func digest(data: Data) -> Data {
 7    let hash = SHA256.hash(data: data)
 8    return Data(hash)
 9  }
10
11  public static func getRandomValues(byteLength: Int) -> Data {
12    let bytes = (0..<byteLength).map { _ in UInt8.random(in: UInt8.min...UInt8.max) }
13    return Data(bytes)
14  }
15
16  static func generateJwk() -> EncodedJWK {
17    let kid = UUID().uuidString
18
19    let privKey = P256.Signing.PrivateKey()
20    let pubKey = privKey.publicKey
21
22    let x = pubKey.x963Representation[1..<33].base64URLEncodedString()
23    let y = pubKey.x963Representation[33...].base64URLEncodedString()
24    let d = privKey.rawRepresentation.base64URLEncodedString()
25
26    let jwk = EncodedJWK()
27    jwk.kty = "EC"
28    jwk.use = "sig"
29    jwk.crv = "P-256"
30    jwk.kid = kid
31    jwk.x = x
32    jwk.y = y
33    jwk.d = d
34    jwk.alg = "ES256"
35
36    return jwk
37  }
38
39  static func decodeJwk(x: String, y: String, d: String) throws -> SecKey {
40    func base64UrlDecode(_ string: String) -> Data? {
41      var base64 = string
42        .replacingOccurrences(of: "-", with: "+")
43        .replacingOccurrences(of: "_", with: "/")
44
45      let remainder = base64.count % 4
46      if remainder > 0 {
47        base64 += String(repeating: "=", count: 4 - remainder)
48      }
49
50      return Data(base64Encoded: base64)
51    }
52
53    guard let xData = base64UrlDecode(x),
54          let yData = base64UrlDecode(y),
55          let dData = base64UrlDecode(d) else {
56      throw ExpoAtprotoAuthError.invalidJwk
57    }
58
59    var keyData = Data()
60    keyData.append(0x04)
61    keyData.append(xData)
62    keyData.append(yData)
63    keyData.append(dData)
64
65    let attributes: [String: Any] = [
66      kSecAttrKeyType as String: kSecAttrKeyTypeEC,
67      kSecAttrKeyClass as String: kSecAttrKeyClassPrivate,
68      kSecAttrKeySizeInBits as String: 256
69    ]
70
71    var error: Unmanaged<CFError>?
72
73    let key = SecKeyCreateWithData(keyData as CFData, attributes as CFDictionary, &error)
74    if error != nil {
75      throw error!.takeUnretainedValue()
76    }
77
78    guard let key = key else {
79      throw ExpoAtprotoAuthError.invalidJwk
80    }
81
82    return key
83  }
84}