Support Swift 5

.swift-version

@@ -1 +1 @@
-4.2.3
+5.0

.travis.yml

@@ -25,30 +25,34 @@ matrix:
       dist: xenial
       sudo: required
       services: docker
-      env: DOCKER_IMAGE=swift:4.2.3
+      env: DOCKER_IMAGE=swift:4.2.4 SWIFT_SNAPSHOT=4.2.4
     - os: linux
       dist: xenial
       sudo: required
       services: docker
-      env: DOCKER_IMAGE=swift:4.2.3 SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT
+      env: DOCKER_IMAGE=swift:5.0-xenial
     - os: linux
       dist: xenial
       sudo: required
       services: docker
-      env: DOCKER_IMAGE=ubuntu:18.04
+      env: DOCKER_IMAGE=swift:5.0 SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT
     - os: osx
       osx_image: xcode9.2
       sudo: required
       env: SWIFT_SNAPSHOT=4.0.3
     - os: osx
       osx_image: xcode9.4
       sudo: required
-      env: SWIFT_SNAPSHOT=4.1.2
+      env: SWIFT_SNAPSHOT=4.1.2 JAZZY_ELIGIBLE=true
     - os: osx
       osx_image: xcode10.1
       sudo: required
+      env: SWIFT_SNAPSHOT=4.2.1
     - os: osx
-      osx_image: xcode10.1
+      osx_image: xcode10.2
+      sudo: required
+    - os: osx
+      osx_image: xcode10.2
       sudo: required
       env: SWIFT_SNAPSHOT=$SWIFT_DEVELOPMENT_SNAPSHOT
 

Package.swift

@@ -1,4 +1,4 @@
-// swift-tools-version:4.2
+// swift-tools-version:5.0
 // The swift-tools-version declares the minimum version of Swift required to build this package.
 
 //

Package@swift-4.2.swift

@@ -0,0 +1,58 @@
+// swift-tools-version:4.2
+// The swift-tools-version declares the minimum version of Swift required to build this package.
+
+//
+//  Package.swift
+//  CryptorRSA
+//
+//  Copyright © 2017,2018 IBM. All rights reserved.
+//
+// 	Licensed under the Apache License, Version 2.0 (the "License");
+// 	you may not use this file except in compliance with the License.
+// 	You may obtain a copy of the License at
+//
+// 	http://www.apache.org/licenses/LICENSE-2.0
+//
+// 	Unless required by applicable law or agreed to in writing, software
+// 	distributed under the License is distributed on an "AS IS" BASIS,
+// 	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// 	See the License for the specific language governing permissions and
+// 	limitations under the License.
+//
+
+import PackageDescription
+
+var dependencies: [Package.Dependency] = []
+var targetDependencies: [Target.Dependency] = []
+
+
+#if os(Linux)
+
+	dependencies.append(.package(url: "https://github.com/IBM-Swift/OpenSSL.git", from: "2.2.0"))
+	targetDependencies.append(.byName(name: "OpenSSL"))
+
+#endif
+
+let package = Package(
+	name: "CryptorRSA",
+    products: [
+        // Products define the executables and libraries produced by a package, and make them visible to other packages.
+        .library(
+            name: "CryptorRSA",
+            targets: ["CryptorRSA"]
+        )
+    ],
+	dependencies: dependencies,
+    targets: [
+        // Targets are the basic building blocks of a package. A target can define a module or a test suite.
+        // Targets can depend on other targets in this package, and on products in packages which this package depends on.
+        .target(
+            name: "CryptorRSA",
+            dependencies: targetDependencies
+        ),
+        .testTarget(
+            name: "CryptorRSATests",
+            dependencies: ["CryptorRSA"]
+        )
+    ]
+)

Sources/CryptorRSA/CryptorRSA.swift

@@ -49,7 +49,7 @@ public class CryptorRSA {
 
 		return PlaintextData(with: data)
 	}
-	
+
 	///
 	/// Creates a message from a plaintext string, with the specified encoding.
 	///
@@ -329,7 +329,7 @@ public class CryptorRSA {
 				defer {
 					RSA_free(rsaKey)
 				}
-				
+
 				// Set the additional authenticated data (aad) as the RSA key modulus and publicExponent in an ASN1 sequence.
 				guard let aad = key.publicKeyBytes else {
 					let source = "Encryption failed"
@@ -404,8 +404,8 @@ public class CryptorRSA {
 				}
 
 				// Encrypt the plaintext into encrypted using gcmAlgorithm with the random aes key and all 0 iv.
-				guard(self.data.withUnsafeBytes({ (plaintext: UnsafePointer<UInt8>) -> Int32 in
-					return EVP_EncryptUpdate(rsaEncryptCtx, encrypted, &processedLength, plaintext, Int32(data.count))
+				guard(self.data.withUnsafeBytes({ (plaintext: UnsafeRawBufferPointer) -> Int32 in
+					return EVP_EncryptUpdate(rsaEncryptCtx, encrypted, &processedLength, plaintext.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(data.count))
 				})) == 1 else {
 					let source = "Encryption failed"
 					if let reason = CryptorRSA.getLastError(source: source) {
@@ -515,8 +515,8 @@ public class CryptorRSA {
 
 				// EVP_SealUpdate is a complex macros and therefore the compiler doesnt
 				// convert it directly to swift. From /usr/local/opt/openssl/include/openssl/evp.h:
-				_ = self.data.withUnsafeBytes({ (plaintext: UnsafePointer<UInt8>) -> Int32 in
-					return EVP_EncryptUpdate(rsaEncryptCtx, encrypted, &processedLength, plaintext, Int32(self.data.count))
+				_ = self.data.withUnsafeBytes({ (plaintext: UnsafeRawBufferPointer) -> Int32 in
+					return EVP_EncryptUpdate(rsaEncryptCtx, encrypted, &processedLength, plaintext.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(self.data.count))
 				})
 				encLength = processedLength
 
@@ -547,7 +547,7 @@ public class CryptorRSA {
 			///	- Returns:	Decrypted data object.
 			///
 			func decryptedGCM(with key: PrivateKey) throws -> PlaintextData? {
-				
+
 				// Initialize the decryption context.
 				let rsaDecryptCtx = EVP_CIPHER_CTX_new()
 				EVP_CIPHER_CTX_init_wrapper(rsaDecryptCtx)
@@ -624,7 +624,7 @@ public class CryptorRSA {
 				var decMsgLen: Int32 = 0
 				// Use a 16-byte all zero initialization vector (IV) to match Apple Security.
 				let iv = [UInt8](repeating: 0, count: 16)
-				
+
 				// Decrypt the encryptedKey into the aeskey using the RSA private key
 				guard RSA_private_decrypt(Int32(encryptedKey.count), [UInt8](encryptedKey), aeskey, rsaKey, RSA_PKCS1_OAEP_PADDING) != 0,
 					// Set the IV length to be 16 bytes.
@@ -643,8 +643,8 @@ public class CryptorRSA {
 						throw Error(code: ERR_DECRYPTION_FAILED, reason: source + ": No OpenSSL error reported.")
 				}
 				// Decrypt the encrypted data using the symmetric key.
-				guard encryptedData.withUnsafeBytes({ (enc: UnsafePointer<UInt8>) -> Int32 in
-					return EVP_DecryptUpdate(rsaDecryptCtx, decrypted, &processedLen, enc, Int32(encryptedData.count))
+				guard encryptedData.withUnsafeBytes({ (enc: UnsafeRawBufferPointer) -> Int32 in
+					return EVP_DecryptUpdate(rsaDecryptCtx, decrypted, &processedLen, enc.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(encryptedData.count))
 				}) != 0 else {
 					let source = "Decryption failed"
 					if let reason = CryptorRSA.getLastError(source: source) {
@@ -655,8 +655,8 @@ public class CryptorRSA {
 				decMsgLen += processedLen
 
 				// Verify the provided GCM tag.
-				guard tagData.withUnsafeMutableBytes({ (tag: UnsafeMutablePointer<UInt8>) -> Int32 in
-					return EVP_CIPHER_CTX_ctrl(rsaDecryptCtx, EVP_CTRL_GCM_SET_TAG, 16, tag)
+				guard tagData.withUnsafeMutableBytes({ (tag: UnsafeMutableRawBufferPointer) -> Int32 in
+					return EVP_CIPHER_CTX_ctrl(rsaDecryptCtx, EVP_CTRL_GCM_SET_TAG, 16, tag.baseAddress)
 				}) == 1,
 					EVP_DecryptFinal_ex(rsaDecryptCtx, decrypted.advanced(by: Int(decMsgLen)), &processedLen) == 1
 					else {
@@ -690,7 +690,7 @@ public class CryptorRSA {
 				let encIVLength = Int(EVP_CIPHER_iv_length(.make(optional: encType)))
 				// Size of encryptedKey
 				let encryptedDataLength = Int(self.data.count) - encKeyLength - encIVLength
-				
+
 				// Extract encryptedKey, encryptedData, encryptedIV from data
 				// self.data = encryptedKey + encryptedData + encryptedIV
 				let encryptedKey = self.data.subdata(in: 0..<encKeyLength)
@@ -720,9 +720,9 @@ public class CryptorRSA {
 					#endif
 				}
 				// EVP_OpenInit returns 0 on error or the recovered secret key size if successful
-				var status = encryptedKey.withUnsafeBytes({ (ek: UnsafePointer<UInt8>) -> Int32 in
-					return encryptedIV.withUnsafeBytes({ (iv: UnsafePointer<UInt8>) -> Int32 in
-						return EVP_OpenInit(rsaDecryptCtx, .make(optional: encType), ek, Int32(encryptedKey.count), iv, .make(optional: key.reference))
+				var status = encryptedKey.withUnsafeBytes({ (ek: UnsafeRawBufferPointer) -> Int32 in
+					return encryptedIV.withUnsafeBytes({ (iv: UnsafeRawBufferPointer) -> Int32 in
+						return EVP_OpenInit(rsaDecryptCtx, .make(optional: encType), ek.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(encryptedKey.count), iv.baseAddress?.assumingMemoryBound(to: UInt8.self), .make(optional: key.reference))
 					})
 				})
 				guard status != 0 else {
@@ -736,8 +736,8 @@ public class CryptorRSA {
 
 				// EVP_OpenUpdate is a complex macros and therefore the compiler doesnt
 				// convert it directly to Swift. From /usr/local/opt/openssl/include/openssl/evp.h:
-				_ = encryptedData.withUnsafeBytes({ (enc: UnsafePointer<UInt8>) -> Int32 in
-					return EVP_DecryptUpdate(rsaDecryptCtx, decrypted, &processedLen, enc, Int32(encryptedData.count))
+				_ = encryptedData.withUnsafeBytes({ (enc: UnsafeRawBufferPointer) -> Int32 in
+					return EVP_DecryptUpdate(rsaDecryptCtx, decrypted, &processedLen, enc.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(encryptedData.count))
 				})
 				decMsgLen = processedLen
 
@@ -798,8 +798,8 @@ public class CryptorRSA {
                 EVP_DigestSignInit(md_ctx, nil, .make(optional: md), nil, .make(optional: key.reference))
 
                 // Convert Data to UnsafeRawPointer!
-                _ = self.data.withUnsafeBytes({ (message: UnsafePointer<UInt8>) -> Int32 in
-                    return EVP_DigestUpdate(md_ctx, message, self.data.count)
+                _ = self.data.withUnsafeBytes({ (message: UnsafeRawBufferPointer) -> Int32 in
+                    return EVP_DigestUpdate(md_ctx, message.baseAddress?.assumingMemoryBound(to: UInt8.self), self.data.count)
                 })
 
                 // Determine the size of the actual signature
@@ -891,8 +891,8 @@ public class CryptorRSA {
                 EVP_DigestVerifyInit(md_ctx, nil, .make(optional: md), nil, .make(optional: key.reference))
 
 
-                var rc = self.data.withUnsafeBytes({ (message: UnsafePointer<UInt8>) -> Int32 in
-                    return EVP_DigestUpdate(md_ctx, message, self.data.count)
+                var rc = self.data.withUnsafeBytes({ (message: UnsafeRawBufferPointer) -> Int32 in
+                    return EVP_DigestUpdate(md_ctx, message.baseAddress?.assumingMemoryBound(to: UInt8.self), self.data.count)
                 })
                 guard rc == 1 else {
                     let source = "Signature verification failed."
@@ -904,11 +904,11 @@ public class CryptorRSA {
                 }
 
                 // Unlike other return values above, this return indicates if signature verifies or not
-                rc = signature.data.withUnsafeBytes({ (sig: UnsafePointer<UInt8>) -> Int32 in
+                rc = signature.data.withUnsafeBytes({ (sig: UnsafeRawBufferPointer) -> Int32 in
                     // Wrapper for OpenSSL EVP_DigestVerifyFinal function defined in
                     // IBM-Swift/OpenSSL/shim.h, to provide compatibility with OpenSSL
                     // 1.0.1 and 1.0.2 on Ubuntu 14.04 and 16.04, respectively.
-                    return SSL_EVP_digestVerifyFinal_wrapper(md_ctx, sig, signature.data.count)
+                    return SSL_EVP_digestVerifyFinal_wrapper(md_ctx, sig.baseAddress?.assumingMemoryBound(to: UInt8.self), signature.data.count)
                 })
 
                 return (rc == 1) ? true : false

Sources/CryptorRSA/CryptorRSADigest.swift

@@ -226,7 +226,7 @@ extension Data {
 		#if os(Linux)
 
 			public var engine: (_ data: UnsafePointer<UInt8>, _ len: CC_LONG, _ md: UnsafeMutablePointer<UInt8>) -> UnsafeMutablePointer<UInt8>? {
-			
+
 				switch self {
 
 				case .sha1:
@@ -293,12 +293,12 @@ extension Data {
 	public func digest(using alogorithm: Algorithm) throws -> Data {
 
 		var hash = [UInt8](repeating: 0, count: Int(alogorithm.length))
-		
-		self.withUnsafeBytes {
-
-			_ = alogorithm.engine($0, CC_LONG(self.count), &hash)
+
+		self.withUnsafeBytes { ptr in
+			guard let baseAddress = ptr.baseAddress else { return }
+			_ = alogorithm.engine(baseAddress.assumingMemoryBound(to: UInt8.self), CC_LONG(self.count), &hash)
 		}
 
-		return Data(bytes: hash)
+		return Data(hash)
 	}
 }

Sources/CryptorRSA/CryptorRSAKey.swift

@@ -281,9 +281,9 @@ extension CryptorRSA {
 			}
 
 			// Move the key data to BIO
-			try data.withUnsafeBytes() { (buffer: UnsafePointer<UInt8>) in
+			try data.withUnsafeBytes() { (buffer: UnsafeRawBufferPointer) in
 
-				let len = BIO_write(certbio, buffer, Int32(data.count))
+				let len = BIO_write(certbio, buffer.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(data.count))
 				guard len != 0 else {
 					let source = "Couldn't create BIO reference from key data"
 					if let reason = CryptorRSA.getLastError(source: source) {

Sources/CryptorRSA/CryptorRSAUtilities.swift

@@ -47,7 +47,7 @@ public extension CryptorRSA {
 	///	- Returns:				`RSA` representation of the key.
 	///
 	static func createKey(from keyData: Data, type: CryptorRSA.RSAKey.KeyType) throws ->  NativeKey {
-		
+
 		var keyData = keyData
 
 		// If data is a PEM String, strip the headers and convert to der.
@@ -66,9 +66,9 @@ public extension CryptorRSA {
             BIO_free(bio)
         }
 		// Create a BIO object with the key data...
-		try headerKey.withUnsafeBytes() { (buffer: UnsafePointer<UInt8>) in
-			
-			let len = BIO_write(bio, buffer, Int32(headerKey.count))
+		try headerKey.withUnsafeBytes() { (buffer: UnsafeRawBufferPointer) in
+
+			let len = BIO_write(bio, buffer.baseAddress?.assumingMemoryBound(to: UInt8.self), Int32(headerKey.count))
             guard len != 0 else {
                 let source = "Couldn't create BIO reference from key data"
                 if let reason = CryptorRSA.getLastError(source: source) {
@@ -296,28 +296,28 @@ public extension CryptorRSA {
 	static func addX509CertificateHeader(for keyData: Data) -> Data {
 
 		if keyData.count == 140 {
-			return Data(bytes: [0x30, 0x81, 0x9F,
-								0x30, 0x0D,
-								0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
-								0x05, 0x00,
-								0x03, 0x81, 0x8D, 0x00]) + keyData
+			return Data([0x30, 0x81, 0x9F,
+						 0x30, 0x0D,
+						 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
+						 0x05, 0x00,
+						 0x03, 0x81, 0x8D, 0x00]) + keyData
 		} else if keyData.count == 270 {
-			return Data(bytes: [0x30, 0x82, 0x01, 0x22,
-								0x30, 0x0D,
-								0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
-								0x05, 0x00,
-								0x03, 0x82, 0x01, 0x0F, 0x00]) + keyData
-		} else if keyData.count == 398 {  
-			return Data(bytes: [0x30, 0x82, 0x01, 0xA2,
-								0x30, 0x0D,
-								0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
-								0x05, 0x00,
-								0x03, 0x82, 0x01, 0x8F, 0x00]) + keyData
+			return Data([0x30, 0x82, 0x01, 0x22,
+						 0x30, 0x0D,
+						 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
+						 0x05, 0x00,
+						 0x03, 0x82, 0x01, 0x0F, 0x00]) + keyData
+		} else if keyData.count == 398 {
+			return Data([0x30, 0x82, 0x01, 0xA2,
+						 0x30, 0x0D,
+						 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
+						 0x05, 0x00,
+						 0x03, 0x82, 0x01, 0x8F, 0x00]) + keyData
 		} else if keyData.count == 526 {
-			return Data(bytes: [0x30, 0x82, 0x02, 0x22,
-								0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
-								0x05, 0x00,
-								0x03, 0x82, 0x02, 0x0F, 0x00]) + keyData            
+			return Data([0x30, 0x82, 0x02, 0x22,
+						 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
+						 0x05, 0x00,
+						 0x03, 0x82, 0x02, 0x0F, 0x00]) + keyData            
 		} else {
 			return keyData
 		}