diff --git a/supreme/src/androidMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.android.kt b/supreme/src/androidMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.android.kt index d568488e..4d1f437a 100644 --- a/supreme/src/androidMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.android.kt +++ b/supreme/src/androidMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.android.kt @@ -3,11 +3,13 @@ package at.asitplus.signum.supreme.agreement import at.asitplus.signum.indispensable.CryptoPublicKey import at.asitplus.signum.indispensable.toJcaPublicKey import at.asitplus.signum.supreme.HazardousMaterials +import at.asitplus.signum.supreme.dsl.DSLConfigureFn import at.asitplus.signum.supreme.hazmat.jcaPrivateKey +import at.asitplus.signum.supreme.os.PlatformSigningProviderSignerSigningConfigurationBase import at.asitplus.signum.supreme.sign.Signer -import javax.crypto.KeyAgreement -actual fun Signer.ECDSA.performAgreement(publicKey: CryptoPublicKey.EC): ByteArray = +actual fun Signer.ECDSA.performAgreement(publicKey: CryptoPublicKey.EC, config: DSLConfigureFn): ByteArray = + /*TODO: check auth similar to https://github.com/a-sit-plus/kmp-crypto/blob/02ee22227dcef3ee03e65a19f0aa578168f7b518/supreme/src/androidMain/kotlin/at/asitplus/signum/supreme/os/AndroidKeyStoreProvider.kt#L360*/ javax.crypto.KeyAgreement.getInstance("ECDH").also { @OptIn(HazardousMaterials::class) it.init(jcaPrivateKey) diff --git a/supreme/src/commonMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.kt b/supreme/src/commonMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.kt index fc17eafc..2e2033bd 100644 --- a/supreme/src/commonMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.kt +++ b/supreme/src/commonMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.kt @@ -6,6 +6,8 @@ import at.asitplus.signum.indispensable.CryptoPrivateKey import at.asitplus.signum.indispensable.CryptoPublicKey import at.asitplus.signum.indispensable.SignatureAlgorithm import at.asitplus.signum.indispensable.nativeDigest +import at.asitplus.signum.supreme.dsl.DSLConfigureFn +import at.asitplus.signum.supreme.os.PlatformSigningProviderSignerSigningConfigurationBase import at.asitplus.signum.supreme.sign.Signer import at.asitplus.signum.supreme.sign.curve import at.asitplus.signum.supreme.sign.signerFor @@ -13,10 +15,15 @@ import at.asitplus.signum.supreme.sign.signerFor /** * Elliptic-curve Diffie-Hellman key agreement. * Curves of public key and signer need to match! + * + * [config] can be used to display a custom authentication prompt */ -fun Signer.ECDSA.keyAgreement(publicKey: CryptoPublicKey.EC): KmmResult = catching { +fun Signer.ECDSA.keyAgreement( + publicKey: CryptoPublicKey.EC, + config: DSLConfigureFn = null +): KmmResult = catching { require(curve == publicKey.curve) { "Private and public key curve mismatch" } - performAgreement(publicKey) + performAgreement(publicKey, config) } /** @@ -34,13 +41,21 @@ fun CryptoPrivateKey.WithPublicKey.keyAgreement(publicKey: C * Elliptic-curve Diffie-Hellman key agreement. * Curves of public key and signer need to match! */ -fun CryptoPublicKey.EC.keyAgreement(privateKey: CryptoPrivateKey.WithPublicKey) = privateKey.keyAgreement(this) +fun CryptoPublicKey.EC.keyAgreement(privateKey: CryptoPrivateKey.WithPublicKey) = + privateKey.keyAgreement(this) /** * Elliptic-curve Diffie-Hellman key agreement. * Curves of public key and signer need to match! + * + * [config] can be used to display a custom authentication prompt */ -fun CryptoPublicKey.EC.keyAgreement(signer: Signer.ECDSA) = signer.keyAgreement(this) +fun CryptoPublicKey.EC.keyAgreement( + signer: Signer.ECDSA, + config: DSLConfigureFn = null +) = signer.keyAgreement(this, config) -//TODO CFG lambda for auth dialog, etc -internal expect fun Signer.ECDSA.performAgreement(publicKey: CryptoPublicKey.EC): ByteArray \ No newline at end of file +internal expect fun Signer.ECDSA.performAgreement( + publicKey: CryptoPublicKey.EC, + config: DSLConfigureFn +): ByteArray \ No newline at end of file diff --git a/supreme/src/iosMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.ios.kt b/supreme/src/iosMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.ios.kt index 006478f9..510876b5 100644 --- a/supreme/src/iosMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.ios.kt +++ b/supreme/src/iosMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.ios.kt @@ -7,8 +7,10 @@ import at.asitplus.signum.internals.corecall import at.asitplus.signum.internals.takeFromCF import at.asitplus.signum.internals.toByteArray import at.asitplus.signum.supreme.dsl.DSL +import at.asitplus.signum.supreme.dsl.DSLConfigureFn import at.asitplus.signum.supreme.os.IosSigner import at.asitplus.signum.supreme.os.IosSignerSigningConfiguration +import at.asitplus.signum.supreme.os.PlatformSigningProviderSignerSigningConfigurationBase import at.asitplus.signum.supreme.sign.ECPrivateKeySigner import at.asitplus.signum.supreme.sign.EphemeralSigner import at.asitplus.signum.supreme.sign.PrivateKeySigner @@ -18,14 +20,13 @@ import kotlinx.cinterop.memScoped import platform.Foundation.NSData @OptIn(ExperimentalForeignApi::class) -internal actual fun Signer.ECDSA.performAgreement(publicKey: CryptoPublicKey.EC): ByteArray { +internal actual fun Signer.ECDSA.performAgreement(publicKey: CryptoPublicKey.EC, config: DSLConfigureFn): ByteArray { return catchingUnwrapped { - val priv = if( this is EphemeralSigner.EC) this.privateKey.value else if (this is IosSigner) - this.privateKeyManager.get(DSL.resolve(::IosSignerSigningConfiguration, null)).value + this.privateKeyManager.get(DSL.resolve(::IosSignerSigningConfiguration, config)).value else if(this is ECPrivateKeySigner) this.secKey else throw IllegalArgumentException(this::class.qualifiedName!!) diff --git a/supreme/src/jvmMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.jvm.kt b/supreme/src/jvmMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.jvm.kt index f22a23d0..8841866d 100644 --- a/supreme/src/jvmMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.jvm.kt +++ b/supreme/src/jvmMain/kotlin/at/asitplus/signum/supreme/agreement/KeyAgreement.jvm.kt @@ -3,11 +3,13 @@ package at.asitplus.signum.supreme.agreement import at.asitplus.signum.indispensable.CryptoPublicKey import at.asitplus.signum.indispensable.toJcaPublicKey import at.asitplus.signum.supreme.HazardousMaterials +import at.asitplus.signum.supreme.dsl.DSLConfigureFn import at.asitplus.signum.supreme.hazmat.jcaPrivateKey +import at.asitplus.signum.supreme.os.PlatformSigningProviderSignerSigningConfigurationBase import at.asitplus.signum.supreme.sign.Signer import javax.crypto.KeyAgreement -actual fun Signer.ECDSA.performAgreement(publicKey: CryptoPublicKey.EC): ByteArray = +internal actual fun Signer.ECDSA.performAgreement(publicKey: CryptoPublicKey.EC, config: DSLConfigureFn): ByteArray = KeyAgreement.getInstance("ECDH").also { @OptIn(HazardousMaterials::class) it.init(jcaPrivateKey)