search

Kitura / BlueRSA

RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).
Apache License 2.0
132 stars 57 forks source link

Update to Swift 5.1, fix crash on Linux #53

Open djones6 opened 4 years ago

djones6 commented 4 years ago

This PR updates the CI configuration to use the Swift 5.1 release toolchain.

While testing, I noticed an intermittent failure in test_makeKeyPair() that results in an error being thrown on macOS, and a hard crash on Linux (force-unwrapping nil):

macOS:

/Users/travis/build/IBM-Swift/BlueRSA/Tests/CryptorRSATests/CryptorRSATests.swift:770:
  error: -[CryptorRSATests.CryptorRSATests test_makeKeyPair] : failed - test_makeKeyPair 
  failed for bitSize: 1024, with error: Error code: -9999(0x-270F), Couldn't create key 
  reference from key data

Linux:

Test Case 'CryptorRSATests.test_makeKeyPair' started at 2019-09-27 15:15:58.221
Fatal error: Unexpectedly found nil while unwrapping an Optional value

I've included a fix here for the force-unwrap: d2i_PUBKEY_bio and d2i_PrivateKey_bio can fail (returning null) if the BIO does not contain a valid RSA key, but we were not handling that case. The test still fails intermittently, but with an error now:

/home/travis/build/IBM-Swift/BlueRSA/Tests/CryptorRSATests/CryptorRSATests.swift:770:
  error: CryptorRSATests.test_makeKeyPair : failed - test_makeKeyPair failed for bitSize: 
  4096, with error: Error code: -9999(0x-270F), ERROR: Failed to create key from BIO, 
  code: 218570875, reason: header too long

I tracked down the reason for the intermittent failure in #52 - an unsafe assumption that leads us - occasionally - to incorrectly drop the first 26 bytes of the key data. I added a test for this situation in https://github.com/IBM-Swift/BlueRSA/commit/a35c877669bac43fa6b79fd12668636e6d8dad21 but I do not yet understand what the appropriate fix is, so this test is currently failing.

CLAassistant commented 3 years ago

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

:white_check_mark: dannys42
:x: djones6
You have signed the CLA already but the status is still pending? Let us recheck it.

sonarcloud[bot] commented 3 years ago

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 2 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication