fix(ios): disable macos

Signed-off-by: Berend Sliedrecht <[email protected]>
animo · Feb 23, 2024 · 7b7c02a · 7b7c02a
1 parent 65fe00d
commit 7b7c02a
Show file tree

Hide file tree

Showing 5 changed files with 22 additions and 113 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -38,7 +38,7 @@ jobs:
         include:
           - target: aarch64-linux-android
             runner: ubuntu-latest
-          - target: aarch64-apple-darwin
+          - target: aarch64-apple-ios
             runner: macos-latest
 
     runs-on: ${{ matrix.runner }}
@@ -86,7 +86,7 @@ jobs:
         include:
           - target: aarch64-linux-android
             runner: macos-latest
-          - target: aarch64-apple-darwin
+          - target: aarch64-apple-ios
             runner: macos-latest
 
     runs-on: ${{ matrix.runner }}

diff --git a/Cargo.toml b/Cargo.toml
@@ -17,8 +17,8 @@ crate-type = ["cdylib", "rlib"]
 name = "secure_env"
 
 [target.'cfg(target_os = "ios")'.dependencies]
-p256 = { version = "0.13.2", features = ["ecdsa-core"] }
 security-framework = { version = "2.9.2" }
+p256 = { version = "0.13.2", features = ["ecdsa-core"] }
 
 [target.'cfg(target_os = "android")'.dependencies]
 android-activity = { version = "0.5.0", features = ["native-activity"] }
@@ -28,6 +28,3 @@ ndk-context = "0.1.1"
 
 [dependencies]
 thiserror = "1.0.50"
-
-[target.'cfg(any(target_os = "macos", target_os = "ios"))'.dev-dependencies]
-askar-crypto = "0.3.0"
diff --git a/examples/android/Cargo.lock b/examples/android/Cargo.lock
diff --git a/src/ios.rs b/src/ios.rs
@@ -14,10 +14,24 @@ use security_framework::{
 ///
 /// # Examples
 ///
+/// ## Generate a keypair
+///
+/// ```
+/// use secure_env::{SecureEnvironment, SecureEnvironmentOps};
+///
+/// let key = SecureEnvironment::generate_keypair("my-unique-id").unwrap();
+/// ```
+///
+/// ## Get a keypair from the keychain
+///
 /// ```
 /// use secure_env::{SecureEnvironment, SecureEnvironmentOps};
 ///
-/// let _key = SecureEnvironment::generate_keypair("my-unique-id").unwrap();
+/// {
+///     SecureEnvironment::generate_keypair("my-unique-id").unwrap();
+/// }
+///
+/// let key = SecureEnvironment::get_keypair_by_id("my-unique-id").unwrap();
 /// ```
 #[derive(Debug, Clone, Eq, PartialEq, Copy)]
 pub struct SecureEnvironment;
@@ -30,12 +44,6 @@ impl SecureEnvironmentOps<Key> for SecureEnvironment {
         // Set the key type to `ec` (Elliptic Curve)
         let opts = opts.set_key_type(KeyType::ec());
 
-        let options = AccessControlOptions::PRIVATE_KEY_USAGE & AccessControlOptions::BIOMETRY_CURRENT_SET;
-        let flags = SecAccessControl::create_with_flags(options.bits()).unwrap();
-        let opts = opts.set_access_control(flags);
-
-        // let opts = opts.set_app_tag("id.animo.ios");
-
         // Set the a token of `SecureEnclave`.
         // Meaning Apple will store the key in a secure element
         let opts = opts.set_token(Token::SecureEnclave);
@@ -173,61 +181,3 @@ impl KeyOps for Key {
         Ok(signature)
     }
 }
-
-#[cfg(all(test, any(target_os = "macos", target_os = "ios")))]
-mod test {
-    use std::ptr::addr_of;
-
-    use askar_crypto::{alg::p256::P256KeyPair, repr::KeyPublicBytes};
-
-    use super::*;
-
-    #[test]
-    fn generate_key_pair() {
-        let key = SecureEnvironment::generate_keypair("my-test-key").unwrap();
-        assert!(!addr_of!(key).is_null());
-    }
-
-    #[test]
-    fn get_keypair_by_id() {
-        let id = "my-get-keypair-by-id-test-key";
-        let key = SecureEnvironment::generate_keypair(id).unwrap();
-        let public_key = key.get_public_key().unwrap();
-
-        let retrieved_key = SecureEnvironment::get_keypair_by_id(id).unwrap();
-        let retrieved_public_key = retrieved_key.get_public_key().unwrap();
-
-        assert_eq!(public_key, retrieved_public_key);
-    }
-
-    #[test]
-    fn get_public_key() {
-        let key = SecureEnvironment::generate_keypair("my-test-public-key").unwrap();
-        let public_key_bytes = key.get_public_key().unwrap();
-
-        assert_eq!(public_key_bytes.len(), 33);
-    }
-
-    #[test]
-    fn sign() {
-        let key = SecureEnvironment::generate_keypair("my-test-sign-key").unwrap();
-
-        let signature = key.sign(b"Hello World!").unwrap();
-
-        assert_eq!(signature.len(), 64);
-    }
-
-    #[test]
-    fn sign_and_external_verification() {
-        let msg = b"Hello World!";
-        let key = SecureEnvironment::generate_keypair("my-test-sign-key").unwrap();
-
-        let public_key = key.get_public_key().unwrap();
-        let signature = key.sign(b"Hello World!").unwrap();
-
-        let verify_key = P256KeyPair::from_public_bytes(&public_key).unwrap();
-        let is_signature_valid = verify_key.verify_signature(msg, &signature);
-
-        assert!(is_signature_valid);
-    }
-}
diff --git a/src/lib.rs b/src/lib.rs
@@ -11,9 +11,9 @@ pub use key::*;
 mod secure_environment;
 pub use secure_environment::*;
 
-#[cfg(any(target_os = "macos", target_os = "ios"))]
+#[cfg(target_os = "ios")]
 mod ios;
-#[cfg(any(target_os = "macos", target_os = "ios"))]
+#[cfg(target_os = "ios")]
 pub use ios::*;
 
 #[cfg(target_os = "android")]