KeyMaterial

public class KeyMaterial

This class can be used to securely store key material in memory.

  • The size of the key material in bytes.

    Declaration

    Swift

    public var sizeInBytes: UInt32 { get }
  • Initializes new key material of a given size.

    Declaration

    Swift

    public init(sizeInBytes: UInt32, initialize: Bool = true)

    Parameters

    sizeInBytes

    The size of the key material in bytes.

    initialze

    If true, then the allocated memory will be filled cryptographically secure random data, else it will be filled with 0xdb.

  • Initializes key material by a given byte array. The byte array is copied to a secure memory location and overwritten with zeros afterwards in order to avoid the key material from being compromised.

    Declaration

    Swift

    public init?(bytes: inout Bytes)

    Parameters

    bytes

    The key material.

  • Creates another instance pointing to the same secure memory location.

    Declaration

    Swift

    public init(_ other: KeyMaterial)

    Parameters

    other

    Other key material.

  • Read raw bytes from the key material.

    Usually you do not need to call this function.

    Declaration

    Swift

    public func withUnsafeBytes<ResultType, ContentType>(body: (UnsafePointer<ContentType>) throws -> ResultType) rethrows -> ResultType

    Parameters

    body

    A code block where the key material is readable.

    Return Value

    The result from the body code block.

  • Make changes to the raw bytes of the key material.

    Warning

    Use this with caution, as setting key material manually might lead to insecure key material.

    Declaration

    Swift

    func withUnsafeMutableBytes<ResultType, ContentType>(body: (UnsafeMutablePointer<ContentType>) throws -> ResultType) rethrows -> ResultType

    Parameters

    body

    A code block where the key material is writable.

    Return Value

    The result from the body code block.

  • Copy the key material from the secure memory into an insecure byte array.

    Warning

    Use this with caution, as the output is not located in secure memory.

    Declaration

    Swift

    @inline(__always)
    public func copyBytes() -> Bytes

    Return Value

    A copy of the key material.

  • Returns a fingerprint of the key material. This can be used to compare key materials of different sizes.

    The fingerprint will only be calculated the first time this function is called.

    Declaration

    Swift

    func fingerprint() -> Bytes

    Return Value

    The fingerprint.

  • Constant time comparison of the key material.

    Warning

    Do not use if other might have a different size.

    Note

    Explicitly do not conform to the Equatable protocol, as its invocation is determined statically. Therefore subclasses might end up being compared with this method. This can lead to problems if their sizes do not match, i.e. the application might crash or worse consider two instances equal if this instance is a prefix of the other. Hence, if a subclass is used to guarantee a fixed size, this method can safely called in an implementation of the == operator of the Equatable protocol. Then the compiler will only allow to compare instances of fixed length types. To compare instances of possibly different sizes, use isFingerprintEqual(to:).

    Precondition

    sizeInBytes = other.sizeInBytes

    Declaration

    Swift

    func isEqual(to other: KeyMaterial) -> Bool

    Parameters

    other

    Other key material to which this should be compared to.

    Return Value

    true if the key material is equal.

  • Constant time comparison of the hash representing the key material.

    This can be used to compare instances that potentially have different sizes. If they are guaranteed to have the same size, use isEqual(to:) instead, as it is faster.

    Declaration

    Swift

    func isFingerprintEqual(to other: KeyMaterial) -> Bool

    Return Value

    true if both key materials have the same fingerprint.