Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support SecKey Certificate private keys #195

Merged
merged 6 commits into from
Oct 2, 2024
Merged

Support SecKey Certificate private keys #195

merged 6 commits into from
Oct 2, 2024

Conversation

robotrory
Copy link
Contributor

Motivation

I would like to create Certificates using a SecKey so that I can create certificates signed by hardware-backed keys. Currently, Swift Certificates requires the private key be provided in an exported representation, but this isn't possible when a SecKey is marked as non-exportable.

Modifications

Adds a new SecKeyWrapper backing to Certificate.PrivateKey to support initalisation with SecKey. This wrapper struct handles key validation and signing operations by calling the appropriate SecKey interfaces. Adds additional tests to support new backing type.

Result

Certifcate.PrivateKey can be initialised with a SecKey, allowing existing hardware-backed SecKey instances to be used as the issuer private key for new Certificate instances.

Support SecKey Certificate private keys.
2416d41 
Motivation:

I would like to create Certificates using a SecKey so that I can create certificates signed by hardware-backed keys. Currently, Swift Certificates requires the private key be provided in an exported representation, but this isn't possible when a SecKey is marked as non-exportable.

Modifications:

Adds a new SecKeyWrapper backing to Certificate.PrivateKey to support initalisation with SecKey. This wrapper struct handles key validation and signing operations by calling the appropriate SecKey interfaces. Adds additional tests to support new backing type.

Result:

Certifcate.PrivateKey can be initialised with a SecKey, allowing existing hardware-backed SecKey instances to be used as the issuer private key for new Certificate instances.
@Lukasa Lukasa added the 🆕 semver/minor Adds new public API. label Sep 9, 2024
@Lukasa
Copy link
Contributor

Lukasa commented Sep 9, 2024

@swift-server-bot add to allowlist

@Lukasa
Copy link
Contributor

Lukasa commented Sep 9, 2024

FYI, there are formatting issues:

Sources/X509/SecKeyWrapper.swift:87:16: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:87:16: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:118:16: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:121:20: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:123:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:125:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:132:23: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:118:16: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:121:20: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:123:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:125:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:121:20: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:123:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:125:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:123:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:125:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:125:27: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:132:23: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:132:23: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:148:24: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:150:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:152:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:148:24: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:150:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:152:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:148:24: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:150:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:152:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:150:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:152:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:152:31: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:267:16: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:267:16: warning: [NoParensAroundConditions] remove the parentheses around this expression
Sources/X509/SecKeyWrapper.swift:34:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:36:23: warning: [Spacing] remove 1 space
Sources/X509/SecKeyWrapper.swift:41:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:43:21: warning: [Spacing] remove 1 space
Sources/X509/SecKeyWrapper.swift:47:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:57:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:59:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:61:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:63:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:66:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:74:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:77:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:85:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:93:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:96:22: warning: [Spacing] remove 1 space
Sources/X509/SecKeyWrapper.swift:97:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:104:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:103:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:106:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:109:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:117:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:120:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:140:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:144:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:169:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:168:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:170:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:172:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:174:18: warning: [AddLines] add 1 line break
Sources/X509/SecKeyWrapper.swift:174:61: warning: [AddLines] add 1 line break
Sources/X509/SecKeyWrapper.swift:175:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:175:1: warning: [Indentation] unindent by 40 spaces
Sources/X509/SecKeyWrapper.swift:176:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:176:1: warning: [Indentation] unindent by 40 spaces
Sources/X509/SecKeyWrapper.swift:177:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:177:1: warning: [Indentation] unindent by 40 spaces
Sources/X509/SecKeyWrapper.swift:179:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:181:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:184:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:187:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:189:26: warning: [Spacing] remove 1 space
Sources/X509/SecKeyWrapper.swift:222:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:225:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:227:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:228:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:235:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:254:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:260:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:263:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:281:1: warning: [LineLength] line is too long
Sources/X509/SecKeyWrapper.swift:280:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:283:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:284:24: warning: [Spacing] remove 1 space
Sources/X509/SecKeyWrapper.swift:285:21: warning: [Spacing] remove 1 space
Sources/X509/SecKeyWrapper.swift:286:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/SecKeyWrapper.swift:303:1: warning: [TrailingWhitespace] remove trailing whitespace
Sources/X509/CertificatePrivateKey.swift:73:1: warning: [TrailingWhitespace] remove trailing whitespace
/swift-certificates/Tests/X509Tests/SignatureTests.swift:413:46: warning: [TrailingComma] add trailing comma to the last element in multiline collection literal
/swift-certificates/Tests/X509Tests/SignatureTests.swift:414:14: warning: [TrailingComma] add trailing comma to the last element in multiline collection literal
Tests/X509Tests/SignatureTests.swift:37:1: warning: [LineLength] line is too long
Tests/X509Tests/SignatureTests.swift:38:1: warning: [LineLength] line is too long
Tests/X509Tests/SignatureTests.swift:397:16: warning: [AddLines] add 1 line break
Tests/X509Tests/SignatureTests.swift:398:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:407:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:411:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:412:18: warning: [Spacing] remove 1 space
Tests/X509Tests/SignatureTests.swift:416:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:419:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:430:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:441:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:452:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:463:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:474:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:485:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:496:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:507:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:518:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:529:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:540:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:551:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:562:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:573:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:584:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:595:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:606:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:617:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:628:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:639:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:650:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SignatureTests.swift:661:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SecKeyWrapperTests.swift:26:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SecKeyWrapperTests.swift:28:17: warning: [Spacing] remove 1 space
Tests/X509Tests/SecKeyWrapperTests.swift:29:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SecKeyWrapperTests.swift:31:1: warning: [LineLength] line is too long
Tests/X509Tests/SecKeyWrapperTests.swift:32:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SecKeyWrapperTests.swift:37:1: warning: [LineLength] line is too long
Tests/X509Tests/SecKeyWrapperTests.swift:43:1: warning: [TrailingWhitespace] remove trailing whitespace
Tests/X509Tests/SecKeyWrapperTests.swift:48:1: warning: [TrailingWhitespace] remove trailing whitespace
** ERROR: ❌ Running swift-format produced errors.

  To fix, run the following command:

    % swift-format format --parallel --recursive --in-place Sources Tests Benchmarks/Benchmarks

Lukasa
Lukasa reviewed Sep 16, 2024
View reviewed changes
Sources/X509/CMakeLists.txt Outdated Show resolved Hide resolved
Rory Smith added 2 commits September 18, 2024 09:23
@Lukasa Lukasa merged commit d8799da into apple:main Oct 2, 2024
5 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Lukasa Lukasa Lukasa approved these changes

Assignees
No one assigned
Labels
🆕 semver/minor Adds new public API.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@robotrory @Lukasa