From c66d0e34a3c71bd4d4a55ce591c62be88d56525a Mon Sep 17 00:00:00 2001 From: Brianna Birman Date: Thu, 19 Dec 2024 13:10:18 -0800 Subject: [PATCH] Remove 13.0 deprecations --- .../Classes/Security/SFSDKCryptoUtils.h | 16 ------- .../Classes/Security/SFSDKCryptoUtils.m | 38 ----------------- .../Classes/Util/SFApplicationHelper.h | 5 --- .../Classes/Util/SFApplicationHelper.m | 17 -------- .../Classes/Util/SFSDKOAuth2.h | 4 -- .../Classes/Util/SFSDKOAuth2.m | 4 -- .../CryptoUtilsTests.swift | 11 ----- .../PushNotificationDecryptionTests.swift | 2 +- .../SFSDKCryptoUtilsTests.m | 42 ++----------------- .../SFSDKPushNotificationDataProvider.m | 3 +- 10 files changed, 6 insertions(+), 136 deletions(-) diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.h b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.h index 54582022d8..dc5fb693e5 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.h +++ b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.h @@ -153,22 +153,6 @@ extern NSUInteger const kSFPBKDFDefaultSaltByteLength; */ + (nullable SecKeyRef)getRSAPrivateKeyRefWithName:(NSString *)keyName keyLength:(NSUInteger)length; -/** - * Encrypt data with given `SecKeyRef` using the RSA `pkcs1` algorithm. - * @param data Data to encrypt - * @param keyRef Keyref used in encryption - * @return `NSData` object containing the encrypted Data, or `nil` if encryption failed. - */ -+ (nullable NSData*)encryptUsingRSAforData:(NSData *)data withKeyRef:(SecKeyRef)keyRef SFSDK_DEPRECATED(12.0, 13.0, "Will be removed."); - -/** - * Decrypt data with given `SecKeyRef` using the RSA `pkcs1` algorithm. - * @param data Data to decrypt - * @param keyRef Keyref used in decryption - * @return `NSData` object containing the decrypted Data, or `nil` if decryption failed. - */ -+ (nullable NSData*)decryptUsingRSAforData:(NSData *)data withKeyRef:(SecKeyRef)keyRef SFSDK_DEPRECATED(12.0, 13.0, "Will be removed."); - /** * Check for availability of the secure enclave. * @return YES if secure enclave is available. diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.m b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.m index 3222ced3df..eeb495bb3a 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.m +++ b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.m @@ -193,44 +193,6 @@ + (nullable SecKeyRef)getRSAPrivateKeyRefWithName:(NSString *)keyName keyLength: return [self getRSAKeyRefWithTag:tagString keyLength:length]; } -+ (nullable NSData*)encryptUsingRSAforData:(NSData *)data withKeyRef:(SecKeyRef)keyRef -{ - uint8_t *bytes = (uint8_t*)[data bytes]; - size_t blockSize = SecKeyGetBlockSize(keyRef); - - uint8_t cipherText[blockSize]; - size_t cipherLength = blockSize; - OSStatus status = SecKeyEncrypt(keyRef, kSecPaddingPKCS1, bytes, [data length], &cipherText[0], &cipherLength); - - if (status != errSecSuccess) { - [SFSDKCoreLogger e:[self class] format:@"encryptUsingRSAforData failed with status code: %d", status]; - return nil; - } - - NSData *encryptedData = [NSData dataWithBytes:cipherText length:cipherLength]; - return encryptedData; - -} - -+ (nullable NSData*)decryptUsingRSAforData:(NSData *)data withKeyRef:(SecKeyRef)keyRef -{ - size_t blockSize = SecKeyGetBlockSize(keyRef); - size_t cipherLength = [data length]; - uint8_t *cipherText = (uint8_t*)[data bytes]; - - uint8_t plainText[blockSize]; - size_t plainLength = blockSize; - OSStatus status = SecKeyDecrypt(keyRef, kSecPaddingPKCS1, &cipherText[0], cipherLength, &plainText[0], &plainLength ); - - if (status != errSecSuccess) { - [SFSDKCoreLogger e:[self class] format:@"decryptUsingRSAforData failed with status code: %d", status]; - return nil; - } - - NSData *decryptedData = [NSData dataWithBytes:plainText length:plainLength]; - return decryptedData; -} - + (BOOL) isSecureEnclaveAvailable { #if TARGET_OS_SIMULATOR diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.h b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.h index a6c0c6a6e3..b4d96e8102 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.h +++ b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.h @@ -40,11 +40,6 @@ NS_ASSUME_NONNULL_BEGIN */ + (nullable UIApplication*)sharedApplication; -/** Opens the specified URL. - @param url The URL to be opened. - @return YES if the URL is successfully opened. - */ -+ (BOOL)openURL:(NSURL*)url SFSDK_DEPRECATED(12.2, 13.0, "Use openURL:options:completionHandler: instead."); + (void)openURL:(NSURL*)url options:(NSDictionary *)options completionHandler:(void (^ __nullable)(BOOL success))completion; diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.m b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.m index b35debc53d..25811893eb 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.m +++ b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.m @@ -34,23 +34,6 @@ + (UIApplication*)sharedApplication { return nil; } -+ (BOOL)openURL:(NSURL*)url { - BOOL success = NO; - UIApplication *app = [self sharedApplication]; - - if (app) { - SEL selector = @selector(openURL:); - NSInvocation *invocation = [NSInvocation invocationWithMethodSignature:[[app class] instanceMethodSignatureForSelector:selector]]; - [invocation setTarget:app]; - [invocation setSelector:selector]; - [invocation setArgument:&url atIndex:2]; - [invocation invoke]; - [invocation getReturnValue:&success]; - } - - return success; -} - + (void)openURL:(NSURL*)url options:(NSDictionary *)options completionHandler:(void (^ __nullable)(BOOL success))completion { UIApplication *app = [self sharedApplication]; diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.h b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.h index aed11f7124..d66ff0dd7a 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.h +++ b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.h @@ -133,11 +133,7 @@ NS_ASSUME_NONNULL_BEGIN - (void)accessTokenForApprovalCode:(SFSDKOAuthTokenEndpointRequest *)endpointReq completion:(void (^)(SFSDKOAuthTokenEndpointResponse *))completionBlock; - (void)accessTokenForRefresh:(SFSDKOAuthTokenEndpointRequest *)endpointReq completion:(void (^)(SFSDKOAuthTokenEndpointResponse *))completionBlock; - (void)openIDTokenForRefresh:(SFSDKOAuthTokenEndpointRequest *)endpointReq completion:(void (^)(NSString *))completionBlock; -- (void)revokeRefreshToken:(SFOAuthCredentials *)credentials SFSDK_DEPRECATED(12.1, 13.0, "Will be replaced by revokeRefreshToken:reason:"); - -@optional - (void)revokeRefreshToken:(SFOAuthCredentials *)credentials reason:(SFLogoutReason)reason; - @end @protocol SFSDKOAuthSessionManaging diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.m b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.m index a7dd89f626..2cd2ca186f 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.m +++ b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.m @@ -385,10 +385,6 @@ - (void)handleTokenEndpointResponse:(void (^)(SFSDKOAuthTokenEndpointResponse *) } } -- (void)revokeRefreshToken:(SFOAuthCredentials *)credentials { - [self revokeRefreshToken:credentials reason:SFLogoutReasonUnknown]; -} - - (void)revokeRefreshToken:(SFOAuthCredentials *)credentials reason:(SFLogoutReason)reason { if (credentials.refreshToken != nil) { NSMutableURLRequest *request = [SFSDKOAuth2 requestForRevokeRefreshToken:credentials reason:reason]; diff --git a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/CryptoUtilsTests.swift b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/CryptoUtilsTests.swift index 988b9d897b..d0be16968d 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/CryptoUtilsTests.swift +++ b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/CryptoUtilsTests.swift @@ -55,15 +55,4 @@ class CryptoUtilsTests: XCTestCase { decryptedData = try XCTUnwrap(SFSDKCryptoUtils.decrypt(data: encryptedData, key: privateKey, algorithm: SecKeyAlgorithm.rsaEncryptionOAEPSHA256)) XCTAssertEqual(stringToEncrypt, String(bytes: decryptedData, encoding: .utf8)) } - - func testEncryptWithOldPKCS1MethodDecryptWithNew() throws { - let stringToEncrypt = "Test string" - let data = try XCTUnwrap(stringToEncrypt.data(using: .utf8)) - - // Old encrypt - let encryptedData = try XCTUnwrap(SFSDKCryptoUtils.encrypt(usingRSAforData: data, withKeyRef: publicKey)) // Deprecated method - // New decrypt - let decryptedData = try XCTUnwrap(SFSDKCryptoUtils.decrypt(data: encryptedData, key: privateKey, algorithm: SecKeyAlgorithm.rsaEncryptionPKCS1)) - XCTAssertEqual(stringToEncrypt, String(bytes: decryptedData, encoding: .utf8)) - } } diff --git a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/PushNotificationDecryptionTests.swift b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/PushNotificationDecryptionTests.swift index e3ed6ef628..9ca7f40030 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/PushNotificationDecryptionTests.swift +++ b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/PushNotificationDecryptionTests.swift @@ -57,7 +57,7 @@ class PushNotificationDecryptionTests: XCTestCase { // RSA-PKCS1 encryption for secret let secret = key + iv - let encryptedSecret = try XCTUnwrap(SFSDKCryptoUtils.encrypt(usingRSAforData: secret, withKeyRef: publicKey)) + let encryptedSecret = try SFSDKCryptoUtils.encrypt(data: secret, key: publicKey, algorithm: SecKeyAlgorithm.rsaEncryptionPKCS1) let secretString = encryptedSecret.base64EncodedString() notificationContent.userInfo[kRemoteNotificationKeySecret] = secretString diff --git a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKCryptoUtilsTests.m b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKCryptoUtilsTests.m index cf6f5b8d54..b4c7137296 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKCryptoUtilsTests.m +++ b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKCryptoUtilsTests.m @@ -23,6 +23,7 @@ */ #import +#import #import "SFSDKCryptoUtils.h" @interface SFSDKCryptoUtilsTests : XCTestCase @@ -219,43 +220,6 @@ - (void)testRSAKeyGenerationDifferentKey } -- (void)testRSAEncryptionAndDecryption -{ - size_t keySize = 2048; - - [SFSDKCryptoUtils createRSAKeyPairWithName:@"test" keyLength:keySize accessibleAttribute:kSecAttrAccessibleAfterFirstUnlock]; - - SecKeyRef publicKeyRef = [SFSDKCryptoUtils getRSAPublicKeyRefWithName:@"test" keyLength:keySize]; - SecKeyRef privateKeyRef = [SFSDKCryptoUtils getRSAPrivateKeyRefWithName:@"test" keyLength:keySize]; - - // Encrypt data - NSString *testString = @"This is a test"; - NSData *testData = [testString dataUsingEncoding:NSUTF8StringEncoding]; - NSData *encryptedData = [SFSDKCryptoUtils encryptUsingRSAforData:testData withKeyRef:publicKeyRef]; - - // Decrypt data - NSData *decryptedData = [SFSDKCryptoUtils decryptUsingRSAforData:encryptedData withKeyRef:privateKeyRef]; - NSString *result = [[NSString alloc] initWithData:decryptedData encoding:NSUTF8StringEncoding]; - XCTAssertTrue([testString isEqualToString:result]); -} - -- (void)testRSAEncryptionAndDecryptionForData -{ - size_t keySize = 2048; - - [SFSDKCryptoUtils createRSAKeyPairWithName:@"test" keyLength:keySize accessibleAttribute:kSecAttrAccessibleAfterFirstUnlock]; - - SecKeyRef publicKeyRef = [SFSDKCryptoUtils getRSAPublicKeyRefWithName:@"test" keyLength:keySize]; - SecKeyRef privateKeyRef = [SFSDKCryptoUtils getRSAPrivateKeyRefWithName:@"test" keyLength:keySize]; - - NSUInteger byteDataInt = 123456; - NSData *testData = [NSData dataWithBytes:&byteDataInt length:sizeof(NSUInteger)]; - NSData *encryptedData = [SFSDKCryptoUtils encryptUsingRSAforData:testData withKeyRef:publicKeyRef]; - - NSData *decryptedData = [SFSDKCryptoUtils decryptUsingRSAforData:encryptedData withKeyRef:privateKeyRef]; - XCTAssertEqualObjects(testData, decryptedData, @"Data objects are not the same data."); -} - - (void)testRSAEncryptionAndDecryptionWrongKeys { size_t keySize = 2048; @@ -269,10 +233,10 @@ - (void)testRSAEncryptionAndDecryptionWrongKeys // Encrypt data NSString *testString = @"This is a test"; NSData *testData = [testString dataUsingEncoding:NSUTF8StringEncoding]; - NSData *encryptedData = [SFSDKCryptoUtils encryptUsingRSAforData:testData withKeyRef:publicKeyRef]; + NSData *encryptedData = [SFSDKCryptoUtils encryptData:testData key:publicKeyRef algorithm:kSecKeyAlgorithmRSAEncryptionOAEPSHA256 error:nil]; // Decrypt data - NSData *decryptedData = [SFSDKCryptoUtils decryptUsingRSAforData:encryptedData withKeyRef:privateKeyRef]; + NSData *decryptedData = [SFSDKCryptoUtils decryptData:encryptedData key:privateKeyRef algorithm:kSecKeyAlgorithmRSAEncryptionOAEPSHA256 error:nil]; NSString *result = [[NSString alloc] initWithData:decryptedData encoding:NSUTF8StringEncoding]; XCTAssertFalse([testString isEqualToString:result]); } diff --git a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKPushNotificationDataProvider.m b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKPushNotificationDataProvider.m index 0a3095a4f6..19a3fd6370 100644 --- a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKPushNotificationDataProvider.m +++ b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKPushNotificationDataProvider.m @@ -28,6 +28,7 @@ #import "SFSDKPushNotificationDataProvider.h" #import "SFSDKPushNotificationEncryptionConstants.h" #import "SFEncryptionKey.h" +#import static NSUInteger const kEncryptionKeyLengthBytes = 16; static NSUInteger const kEncryptionIVLengthBytes = 16; @@ -84,7 +85,7 @@ - (nonnull NSString *)encryptKeyUsingRSAPublicKey:(nonnull SFEncryptionKey *)key [fullKeyData appendData:key.initializationVector]; SecKeyRef publicKeyRef = [self getPublicKeyRef]; - NSData *encryptedKeyData = [SFSDKCryptoUtils encryptUsingRSAforData:fullKeyData withKeyRef:publicKeyRef]; + NSData *encryptedKeyData = [SFSDKCryptoUtils encryptData:fullKeyData key:publicKeyRef algorithm:kSecKeyAlgorithmRSAEncryptionOAEPSHA256 error:nil]; CFRelease(publicKeyRef); return [encryptedKeyData base64EncodedStringWithOptions:0]; }