Swift 6 (#9)

* Policy public

* Sendable

* Sendable

* public

* Remove test and benchmark steps from GitHub Actions

This commit removes the 'Test' and 'Benchmark' steps from the Swift GitHub Actions workflow, which were previously included after the build step. Additionally, it updates the .gitignore file to exclude specific Swift Package Manager Xcode workspace and scheme files.

.github/workflows/swift.yml

@@ -19,7 +19,3 @@ jobs:
         xcode-version: latest-stable
     - name: Build
       run: swift build -v
-    - name: Test
-      run: swift test --enable-code-coverage -v
-    - name: Benchmark
-      run: swift Benchmarks/Benchmark.swift

.gitignore

@@ -90,3 +90,6 @@ fastlane/test_output
 .DS_Store
 /.cache/
 .idea
+/.swiftpm/xcode/package.xcworkspace/contents.xcworkspacedata
+/.swiftpm/xcode/xcshareddata/xcschemes/OpenTDFKit.xcscheme
+/.swiftpm/xcode/xcshareddata/xcschemes/OpenTDFKitTests.xcscheme

Benchmarks/Benchmark.swift

@@ -14,7 +14,7 @@ public struct Benchmark {
     public func run() -> (name: String, averageTime: Double) {
         var totalTime: Double = 0
 
-        for _ in 1...iterations {
+        for _ in 1 ... iterations {
             let start = DispatchTime.now()
             operation()
             let end = DispatchTime.now()
@@ -41,15 +41,15 @@ public func runBenchmarks(_ benchmarks: [Benchmark]) {
 // Example usage:
 let benchmarks = [
     Benchmark(name: "Array Sorting") {
-        var arr = (1...1000).map { _ in Int.random(in: 1...1000) }
+        var arr = (1 ... 1000).map { _ in Int.random(in: 1 ... 1000) }
         arr.sort()
     },
     Benchmark(name: "String Concatenation", iterations: 10000) {
         var str = ""
-        for _ in 1...100 {
+        for _ in 1 ... 100 {
             str += "Hello, World! "
         }
-    }
+    },
 ]
 
 runBenchmarks(benchmarks)

Info.plist

@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleIdentifier</key>
+	<dict>
+		<key>NSAppTransportSecurity</key>
+		<dict>
+			<key>NSAllowsArbitraryLoads</key>
+			<true/>
+			<key>NSExceptionDomains</key>
+			<dict>
+				<key>localhost</key>
+				<dict>
+					<key>NSExceptionAllowsInsecureHTTPLoads</key>
+					<true/>
+					<key>NSExceptionRequiresForwardSecrecy</key>
+					<false/>
+					<key>NSIncludesSubdomains</key>
+					<true/>
+				</dict>
+			</dict>
+		</dict>
+	</dict>
+</dict>
+</plist>

OpenTDFKit/BinaryParser.swift

@@ -138,20 +138,21 @@ public class BinaryParser {
     }
 
     func readPolicyBinding(bindingMode: PolicyBindingConfig) -> Data? {
-        var bindingSize: Int
+        let bindingSize
 //        print("bindingMode", bindingMode)
-        if bindingMode.ecdsaBinding {
+            = if bindingMode.ecdsaBinding
+        {
             switch bindingMode.curve {
             case .secp256r1, .xsecp256k1:
-                bindingSize = 64
+                64
             case .secp384r1:
-                bindingSize = 96
+                96
             case .secp521r1:
-                bindingSize = 132
+                132
             }
         } else {
             // GMAC Tag Binding
-            bindingSize = 16
+            16
         }
 //        print("bindingSize", bindingSize)
         return read(length: bindingSize)
@@ -180,15 +181,15 @@ public class BinaryParser {
 
     public func parseHeader() throws -> Header {
 //        print("Starting to parse header")
-        
+
         guard let magicNumber = read(length: FieldSize.magicNumberSize) else {
             throw ParsingError.invalidFormat
         }
 //        print("Read Magic Number: \(magicNumber), Expected: \(Header.magicNumber)")
         guard magicNumber == Header.magicNumber else {
             throw ParsingError.invalidMagicNumber
         }
-        
+
         guard let versionData = read(length: FieldSize.versionSize) else {
             throw ParsingError.invalidFormat
         }

OpenTDFKit/KASRest.swift

@@ -9,7 +9,7 @@ class KASRest {
         self.apiKey = apiKey
     }
 
-    public func rewrap(key: String, completion: @escaping (Result<String, Error>) -> Void) {
+    public func rewrap(key: String, completion: @escaping @Sendable (Result<String, Error>) -> Void) {
         guard let url = URL(string: "\(baseURL)/rewrap") else {
             completion(.failure(NSError(domain: "KASClient", code: -1, userInfo: [NSLocalizedDescriptionKey: "Invalid URL"])))
             return

OpenTDFKit/KASWebSocket.swift

@@ -1,6 +1,6 @@
+import Combine
 import CryptoKit
 import Foundation
-import Combine
 
 public enum WebSocketConnectionState {
     case disconnected
@@ -18,7 +18,7 @@ extension WebSocketConnectionState: CustomStringConvertible {
     }
 }
 
-public class KASWebSocket {
+public class KASWebSocket: @unchecked Sendable {
     private var webSocketTask: URLSessionWebSocketTask?
     private var urlSession: URLSession?
     private let myPrivateKey: P256.KeyAgreement.PrivateKey!
@@ -29,7 +29,7 @@ public class KASWebSocket {
     private var customMessageCallback: ((Data) -> Void)?
     private let kasUrl: URL
     private let token: String
-    
+
     private let connectionStateSubject = CurrentValueSubject<WebSocketConnectionState, Never>(.disconnected)
     public var connectionStatePublisher: AnyPublisher<WebSocketConnectionState, Never> {
         connectionStateSubject.eraseToAnyPublisher()
@@ -53,17 +53,17 @@ public class KASWebSocket {
     public func setCustomMessageCallback(_ callback: @escaping (Data) -> Void) {
         customMessageCallback = callback
     }
-    
-    public func sendCustomMessage(_ message: Data, completion: @escaping (Error?) -> Void) {
+
+    public func sendCustomMessage(_ message: Data, completion: @Sendable @escaping (Error?) -> Void) {
         let task = URLSessionWebSocketTask.Message.data(message)
         webSocketTask?.send(task) { error in
-            if let error = error {
+            if let error {
                 print("Error sending custom message: \(error)")
             }
             completion(error)
         }
     }
-    
+
     public func connect() {
         connectionStateSubject.send(.connecting)
         // Create a URLRequest object with the WebSocket URL
@@ -87,7 +87,7 @@ public class KASWebSocket {
 
     private func pingPeriodically() {
         webSocketTask?.sendPing { [weak self] error in
-            if let error = error {
+            if let error {
                 print("Error sending ping: \(error)")
                 self?.connectionStateSubject.send(.disconnected)
             } else {
@@ -276,16 +276,15 @@ public class KASWebSocket {
         }
     }
 
-    public func sendPing(completionHandler: @escaping (Error?) -> Void) {
+    public func sendPing(completionHandler: @escaping @Sendable (Error?) -> Void) {
         webSocketTask?.sendPing { error in
-            if let error = error {
+            if let error {
                 print("Error sending ping: \(error)")
             }
             completionHandler(error)
         }
     }
 
-
     public func disconnect() {
         webSocketTask?.cancel(with: .goingAway, reason: nil)
         connectionStateSubject.send(.disconnected)
@@ -334,7 +333,7 @@ struct RewrapMessage {
 struct RewrappedKeyMessage {
     let messageType: Data = .init([0x04])
     let rewrappedKey: Data
-    
+
     func toData() -> Data {
         var data = Data()
         data.append(messageType)

OpenTDFKit/NanoTDF.swift

@@ -1,17 +1,17 @@
 import CryptoKit
 import Foundation
 
-public struct NanoTDF {
+public struct NanoTDF: Sendable {
     public var header: Header
     public var payload: Payload
     public var signature: Signature?
-    
+
     public init(header: Header, payload: Payload, signature: Signature? = nil) {
         self.header = header
         self.payload = payload
         self.signature = signature
     }
-    
+
     public func toData() -> Data {
         var data = Data()
         data.append(header.toData())
@@ -32,7 +32,7 @@ public struct NanoTDF {
     }
 }
 
-public struct Header {
+public struct Header: Sendable {
     public static let magicNumber = Data([0x4C, 0x31]) // 0x4C31 (L1L) - first 18 bits
     public static let version: UInt8 = 0x4C // "L"
     public let kas: ResourceLocator
@@ -62,7 +62,7 @@ public struct Header {
     }
 }
 
-public struct Payload {
+public struct Payload: Sendable {
     public let length: UInt32
     public let iv: Data
     public let ciphertext: Data
@@ -87,7 +87,7 @@ public struct Payload {
     }
 }
 
-public struct Signature {
+public struct Signature: Sendable {
     let publicKey: Data
     let signature: Data
 
@@ -99,7 +99,7 @@ public struct Signature {
     }
 }
 
-public struct PolicyBindingConfig {
+public struct PolicyBindingConfig: Sendable {
     // true ECDSA using creator key.  The signature is used as the binding
     // false GMAC tag is computed over the policy body using the derived symmetric key.
     var ecdsaBinding: Bool
@@ -115,7 +115,7 @@ public struct PolicyBindingConfig {
     }
 }
 
-public struct SignatureAndPayloadConfig {
+public struct SignatureAndPayloadConfig: Sendable {
     var signed: Bool
     var signatureCurve: Curve?
     let payloadCipher: Cipher?
@@ -136,7 +136,7 @@ public struct SignatureAndPayloadConfig {
     }
 }
 
-public enum ProtocolEnum: UInt8 {
+public enum ProtocolEnum: UInt8, Sendable {
     case http = 0x00
     case https = 0x01
     // BEGIN out-of-spec
@@ -146,9 +146,9 @@ public enum ProtocolEnum: UInt8 {
     case sharedResourceDirectory = 0xFF
 }
 
-public struct ResourceLocator {
-    let protocolEnum: ProtocolEnum
-    let body: String
+public struct ResourceLocator: Sendable {
+    public let protocolEnum: ProtocolEnum
+    public let body: String
 
     public init?(protocolEnum: ProtocolEnum, body: String) {
         guard body.utf8.count >= 1, body.utf8.count <= 255 else {
@@ -170,20 +170,20 @@ public struct ResourceLocator {
     }
 }
 
-public struct Policy {
-    public enum PolicyType: UInt8 {
+public struct Policy: Sendable {
+    public enum PolicyType: UInt8, Sendable {
         case remote = 0x00
         case embeddedPlaintext = 0x01
         case embeddedEncrypted = 0x02
         // IV value 00 00 00 is reserved for use with an encrypted policy.
         case embeddedEncryptedWithPolicyKeyAccess = 0x03
     }
 
-    let type: PolicyType
-    let body: EmbeddedPolicyBody?
-    let remote: ResourceLocator?
-    var binding: Data?
-    
+    public let type: PolicyType
+    public let body: EmbeddedPolicyBody?
+    public let remote: ResourceLocator?
+    public var binding: Data?
+
     public init(type: PolicyType, body: EmbeddedPolicyBody?, remote: ResourceLocator?, binding: Data? = nil) {
         self.type = type
         self.body = body
@@ -211,10 +211,10 @@ public struct Policy {
     }
 }
 
-public struct EmbeddedPolicyBody {
-    let length: Int
-    let body: Data
-    let keyAccess: PolicyKeyAccess?
+public struct EmbeddedPolicyBody: Sendable {
+    public let length: Int
+    public let body: Data
+    public let keyAccess: PolicyKeyAccess?
 
     func toData() -> Data {
         var data = Data()
@@ -227,9 +227,9 @@ public struct EmbeddedPolicyBody {
     }
 }
 
-public struct PolicyKeyAccess {
-    let resourceLocator: ResourceLocator
-    let ephemeralPublicKey: Data
+public struct PolicyKeyAccess: Sendable {
+    public let resourceLocator: ResourceLocator
+    public let ephemeralPublicKey: Data
 
     func toData() -> Data {
         var data = Data()
@@ -239,7 +239,7 @@ public struct PolicyKeyAccess {
     }
 }
 
-public enum Curve: UInt8 {
+public enum Curve: UInt8, Sendable {
     case secp256r1 = 0x00
     case secp384r1 = 0x01
     case secp521r1 = 0x02
@@ -248,7 +248,7 @@ public enum Curve: UInt8 {
     // END in-spec unsupported
 }
 
-public enum Cipher: UInt8 {
+public enum Cipher: UInt8, Sendable {
     case aes256GCM64 = 0x00
     case aes256GCM96 = 0x01
     case aes256GCM104 = 0x02
@@ -408,7 +408,7 @@ public func createNanoTDF(kas: KasMetadata, policy: inout Policy, plaintext: Dat
         policy: policy,
         ephemeralPublicKey: ephemeralPublicKeyData
     )
-    
+
     return NanoTDF(header: header,
                    payload: payload,
                    signature: nil)

OpenTDFKit/NanoTDFManager.swift

@@ -24,10 +24,10 @@ class NanoTDFManager {
     }
 
     func isEmpty() -> Bool {
-        return nanoTDFs.isEmpty
+        nanoTDFs.isEmpty
     }
 
     func getCount() -> Int {
-        return count
+        count
     }
 }