forcedotcom · bbirman · Dec 20, 2024 · Dec 19, 2024 · bbirman · Dec 19, 2024
diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.h b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.h
@@ -153,22 +153,6 @@ extern NSUInteger const kSFPBKDFDefaultSaltByteLength;
  */
 + (nullable SecKeyRef)getRSAPrivateKeyRefWithName:(NSString *)keyName keyLength:(NSUInteger)length;
 
-/**
- * Encrypt data with given `SecKeyRef` using the RSA `pkcs1` algorithm.
- * @param data Data to encrypt
- * @param keyRef Keyref used in encryption
- * @return `NSData` object containing the encrypted Data, or `nil` if encryption failed.
- */
-+ (nullable NSData*)encryptUsingRSAforData:(NSData *)data withKeyRef:(SecKeyRef)keyRef SFSDK_DEPRECATED(12.0, 13.0, "Will be removed.");
-
-/**
- * Decrypt data with given `SecKeyRef` using the RSA `pkcs1` algorithm.
- * @param data Data to decrypt
- * @param keyRef Keyref used in decryption
- * @return `NSData` object containing the decrypted Data, or `nil` if decryption failed.
- */
-+ (nullable NSData*)decryptUsingRSAforData:(NSData *)data withKeyRef:(SecKeyRef)keyRef SFSDK_DEPRECATED(12.0, 13.0, "Will be removed.");
-
 /**
  * Check for availability of the secure enclave.
  * @return YES if secure enclave is available.

diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.m b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Security/SFSDKCryptoUtils.m
@@ -193,44 +193,6 @@ + (nullable SecKeyRef)getRSAPrivateKeyRefWithName:(NSString *)keyName keyLength:
     return [self getRSAKeyRefWithTag:tagString keyLength:length];
 }
 
-+ (nullable NSData*)encryptUsingRSAforData:(NSData *)data withKeyRef:(SecKeyRef)keyRef
-{
-    uint8_t *bytes = (uint8_t*)[data bytes];
-    size_t blockSize = SecKeyGetBlockSize(keyRef);
-
-    uint8_t cipherText[blockSize];
-    size_t cipherLength = blockSize;
-    OSStatus status = SecKeyEncrypt(keyRef, kSecPaddingPKCS1, bytes, [data length], &cipherText[0], &cipherLength);
-
-    if (status != errSecSuccess) {
-        [SFSDKCoreLogger e:[self class] format:@"encryptUsingRSAforData failed with status code: %d", status];
-        return nil;
-    }
-
-    NSData *encryptedData = [NSData dataWithBytes:cipherText length:cipherLength];
-    return encryptedData;
-
-}
-
-+ (nullable NSData*)decryptUsingRSAforData:(NSData *)data withKeyRef:(SecKeyRef)keyRef
-{
-    size_t blockSize = SecKeyGetBlockSize(keyRef);
-    size_t cipherLength = [data length];
-    uint8_t *cipherText = (uint8_t*)[data bytes];
-
-    uint8_t plainText[blockSize];
-    size_t plainLength = blockSize;
-    OSStatus status = SecKeyDecrypt(keyRef, kSecPaddingPKCS1, &cipherText[0], cipherLength, &plainText[0], &plainLength );
-
-    if (status != errSecSuccess) {
-        [SFSDKCoreLogger e:[self class] format:@"decryptUsingRSAforData failed with status code: %d", status];
-        return nil;
-    }
-
-    NSData *decryptedData = [NSData dataWithBytes:plainText length:plainLength];
-    return decryptedData;
-}
-
 + (BOOL) isSecureEnclaveAvailable
 {
 #if TARGET_OS_SIMULATOR

diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.h b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.h
@@ -40,11 +40,6 @@ NS_ASSUME_NONNULL_BEGIN
  */
 + (nullable UIApplication*)sharedApplication;
 
-/** Opens the specified URL.
- @param url The URL to be opened.
- @return YES if the URL is successfully opened.
- */
-+ (BOOL)openURL:(NSURL*)url SFSDK_DEPRECATED(12.2, 13.0, "Use openURL:options:completionHandler: instead.");
 
 + (void)openURL:(NSURL*)url options:(NSDictionary<UIApplicationOpenExternalURLOptionsKey, id> *)options completionHandler:(void (^ __nullable)(BOOL success))completion;
 

diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.m b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFApplicationHelper.m
@@ -34,23 +34,6 @@ + (UIApplication*)sharedApplication {
     return nil;
 }
 
-+ (BOOL)openURL:(NSURL*)url {
-    BOOL success = NO;
-    UIApplication *app = [self sharedApplication];
-
-    if (app) {
-        SEL selector = @selector(openURL:);
-        NSInvocation *invocation = [NSInvocation invocationWithMethodSignature:[[app class] instanceMethodSignatureForSelector:selector]];
-        [invocation setTarget:app];
-        [invocation setSelector:selector];
-        [invocation setArgument:&url atIndex:2];
-        [invocation invoke];
-        [invocation getReturnValue:&success];
-    }
-
-    return success;
-}
-
 + (void)openURL:(NSURL*)url options:(NSDictionary<UIApplicationOpenExternalURLOptionsKey, id> *)options completionHandler:(void (^ __nullable)(BOOL success))completion {
     UIApplication *app = [self sharedApplication];
 

diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.h b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.h
@@ -133,11 +133,7 @@ NS_ASSUME_NONNULL_BEGIN
 - (void)accessTokenForApprovalCode:(SFSDKOAuthTokenEndpointRequest *)endpointReq completion:(void (^)(SFSDKOAuthTokenEndpointResponse *))completionBlock;
 - (void)accessTokenForRefresh:(SFSDKOAuthTokenEndpointRequest *)endpointReq completion:(void (^)(SFSDKOAuthTokenEndpointResponse *))completionBlock;
 - (void)openIDTokenForRefresh:(SFSDKOAuthTokenEndpointRequest *)endpointReq completion:(void (^)(NSString *))completionBlock;
-- (void)revokeRefreshToken:(SFOAuthCredentials *)credentials SFSDK_DEPRECATED(12.1, 13.0, "Will be replaced by revokeRefreshToken:reason:");
-
-@optional
 - (void)revokeRefreshToken:(SFOAuthCredentials *)credentials reason:(SFLogoutReason)reason;
-
 @end
 
 @protocol SFSDKOAuthSessionManaging<NSObject>

diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.m b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/Util/SFSDKOAuth2.m
@@ -385,11 +385,7 @@
     }
 }
 
-- (void)revokeRefreshToken:(SFOAuthCredentials *)credentials {
-    [self revokeRefreshToken:credentials reason:SFLogoutReasonUnknown];
-}
-
 - (void)revokeRefreshToken:(SFOAuthCredentials *)credentials reason:(SFLogoutReason)reason {
     if (credentials.refreshToken != nil) {
         NSMutableURLRequest *request = [SFSDKOAuth2 requestForRevokeRefreshToken:credentials reason:reason];


diff --git a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/CryptoUtilsTests.swift b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/CryptoUtilsTests.swift
@@ -55,15 +55,4 @@
         decryptedData = try XCTUnwrap(SFSDKCryptoUtils.decrypt(data: encryptedData, key: privateKey, algorithm: SecKeyAlgorithm.rsaEncryptionOAEPSHA256))
         XCTAssertEqual(stringToEncrypt, String(bytes: decryptedData, encoding: .utf8))
     }
-
-    func testEncryptWithOldPKCS1MethodDecryptWithNew() throws {
-        let stringToEncrypt = "Test string"
-        let data = try XCTUnwrap(stringToEncrypt.data(using: .utf8))
-
-        // Old encrypt
-        let encryptedData = try XCTUnwrap(SFSDKCryptoUtils.encrypt(usingRSAforData: data, withKeyRef: publicKey)) // Deprecated method
-        // New decrypt
-        let decryptedData = try XCTUnwrap(SFSDKCryptoUtils.decrypt(data: encryptedData, key: privateKey, algorithm: SecKeyAlgorithm.rsaEncryptionPKCS1))
-        XCTAssertEqual(stringToEncrypt, String(bytes: decryptedData, encoding: .utf8))
-    }
 }
diff --git a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/PushNotificationDecryptionTests.swift b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/PushNotificationDecryptionTests.swift
@@ -57,7 +57,7 @@
 
         // RSA-PKCS1 encryption for secret
         let secret = key + iv
-        let encryptedSecret = try XCTUnwrap(SFSDKCryptoUtils.encrypt(usingRSAforData: secret, withKeyRef: publicKey))
+        let encryptedSecret = try SFSDKCryptoUtils.encrypt(data: secret, key: publicKey, algorithm: SecKeyAlgorithm.rsaEncryptionPKCS1)
         let secretString = encryptedSecret.base64EncodedString()
 
         notificationContent.userInfo[kRemoteNotificationKeySecret] = secretString

diff --git a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKCryptoUtilsTests.m b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKCryptoUtilsTests.m
@@ -23,6 +23,7 @@
  */
 
 #import <XCTest/XCTest.h>
+#import <SalesforceSDKCore/SalesforceSDKCore-Swift.h>
 #import "SFSDKCryptoUtils.h"
 
 @interface SFSDKCryptoUtilsTests : XCTestCase
@@ -219,43 +220,6 @@
 
 }
 
-- (void)testRSAEncryptionAndDecryption
-{
-    size_t keySize = 2048;
-
-    [SFSDKCryptoUtils createRSAKeyPairWithName:@"test" keyLength:keySize accessibleAttribute:kSecAttrAccessibleAfterFirstUnlock];
-
-    SecKeyRef publicKeyRef = [SFSDKCryptoUtils getRSAPublicKeyRefWithName:@"test" keyLength:keySize];
-    SecKeyRef privateKeyRef = [SFSDKCryptoUtils getRSAPrivateKeyRefWithName:@"test" keyLength:keySize];
-
-    // Encrypt data
-    NSString *testString = @"This is a test";
-    NSData *testData = [testString dataUsingEncoding:NSUTF8StringEncoding];
-    NSData *encryptedData = [SFSDKCryptoUtils encryptUsingRSAforData:testData withKeyRef:publicKeyRef];
-
-    // Decrypt data
-    NSData *decryptedData = [SFSDKCryptoUtils decryptUsingRSAforData:encryptedData withKeyRef:privateKeyRef];
-    NSString *result = [[NSString alloc] initWithData:decryptedData encoding:NSUTF8StringEncoding];
-    XCTAssertTrue([testString isEqualToString:result]);
-}
-
-- (void)testRSAEncryptionAndDecryptionForData
-{
-    size_t keySize = 2048;
-
-    [SFSDKCryptoUtils createRSAKeyPairWithName:@"test" keyLength:keySize accessibleAttribute:kSecAttrAccessibleAfterFirstUnlock];
-
-    SecKeyRef publicKeyRef = [SFSDKCryptoUtils getRSAPublicKeyRefWithName:@"test" keyLength:keySize];
-    SecKeyRef privateKeyRef = [SFSDKCryptoUtils getRSAPrivateKeyRefWithName:@"test" keyLength:keySize];
-
-    NSUInteger byteDataInt = 123456;
-    NSData *testData = [NSData dataWithBytes:&byteDataInt length:sizeof(NSUInteger)];
-    NSData *encryptedData = [SFSDKCryptoUtils encryptUsingRSAforData:testData withKeyRef:publicKeyRef];
-
-    NSData *decryptedData = [SFSDKCryptoUtils decryptUsingRSAforData:encryptedData withKeyRef:privateKeyRef];
-    XCTAssertEqualObjects(testData, decryptedData, @"Data objects are not the same data.");
-}
-
 - (void)testRSAEncryptionAndDecryptionWrongKeys
 {
     size_t keySize = 2048;
@@ -267,12 +231,12 @@
    SecKeyRef privateKeyRef = [SFSDKCryptoUtils getRSAPrivateKeyRefWithName:@"test" keyLength:keySize];

     // Encrypt data
     NSString *testString = @"This is a test";
     NSData *testData = [testString dataUsingEncoding:NSUTF8StringEncoding];
-    NSData *encryptedData = [SFSDKCryptoUtils encryptUsingRSAforData:testData withKeyRef:publicKeyRef];
+    NSData *encryptedData = [SFSDKCryptoUtils encryptData:testData key:publicKeyRef algorithm:kSecKeyAlgorithmRSAEncryptionOAEPSHA256 error:nil];
 
     // Decrypt data
-    NSData *decryptedData = [SFSDKCryptoUtils decryptUsingRSAforData:encryptedData withKeyRef:privateKeyRef];
+    NSData *decryptedData = [SFSDKCryptoUtils decryptData:encryptedData key:privateKeyRef algorithm:kSecKeyAlgorithmRSAEncryptionOAEPSHA256 error:nil];
     NSString *result = [[NSString alloc] initWithData:decryptedData encoding:NSUTF8StringEncoding];
     XCTAssertFalse([testString isEqualToString:result]);
 }
@@ -286,9 +250,9 @@
    XCTAssertFalse(publicKeyRef != NULL, @"Private key should not have been found");

    // Create keys
    [SFSDKCryptoUtils createECKeyPairWithName:@"test" accessibleAttribute:kSecAttrAccessibleAfterFirstUnlock useSecureEnclave:[SFSDKCryptoUtils isSecureEnclaveAvailable]];

    // Keys should exist
    privateKeyRef = [SFSDKCryptoUtils getECPrivateKeyRefWithName:@"test"];
    publicKeyRef = [SFSDKCryptoUtils getECPublicKeyRefWithName:@"test"];
    XCTAssertTrue(privateKeyRef != NULL, @"Public key should have been found");
@@ -305,10 +269,10 @@
 }

 - (void)testECEncryptionAndDecryptionForData
 {
    // Create keys
    [SFSDKCryptoUtils createECKeyPairWithName:@"test" accessibleAttribute:kSecAttrAccessibleAfterFirstUnlock useSecureEnclave:[SFSDKCryptoUtils isSecureEnclaveAvailable]];
    SecKeyRef privateKeyRef = [SFSDKCryptoUtils getECPrivateKeyRefWithName:@"test"];
    SecKeyRef publicKeyRef = [SFSDKCryptoUtils getECPublicKeyRefWithName:@"test"];

    NSData *testData = [@"test data" dataUsingEncoding:NSUTF8StringEncoding];

diff --git a/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKPushNotificationDataProvider.m b/libs/SalesforceSDKCore/SalesforceSDKCoreTests/SFSDKPushNotificationDataProvider.m
@@ -28,6 +28,7 @@
 #import "SFSDKPushNotificationDataProvider.h"
 #import "SFSDKPushNotificationEncryptionConstants.h"
 #import "SFEncryptionKey.h"
+#import <SalesforceSDKCore/SalesforceSDKCore-Swift.h>
 
 static NSUInteger const kEncryptionKeyLengthBytes = 16;
 static NSUInteger const kEncryptionIVLengthBytes = 16;
@@ -83,8 +84,8 @@
    NSMutableData *fullKeyData = [[NSMutableData alloc] initWithData:key.key];
     [fullKeyData appendData:key.initializationVector];
 
     SecKeyRef publicKeyRef = [self getPublicKeyRef];
-    NSData *encryptedKeyData = [SFSDKCryptoUtils encryptUsingRSAforData:fullKeyData withKeyRef:publicKeyRef];
+    NSData *encryptedKeyData = [SFSDKCryptoUtils encryptData:fullKeyData key:publicKeyRef algorithm:kSecKeyAlgorithmRSAEncryptionOAEPSHA256 error:nil];
     CFRelease(publicKeyRef);
     return [encryptedKeyData base64EncodedStringWithOptions:0];
 }