Features: Put PKCS12 into our "namespace"...

Cornucopia-Swift · Jul 1, 2024 · e5ac557 · e5ac557
1 parent 00caf3e
commit e5ac557
Showing 1 changed file with 38 additions and 32 deletions.
diff --git a/Sources/CornucopiaCore/Features/PKCS12/PKCS12.swift b/Sources/CornucopiaCore/Features/PKCS12/PKCS12.swift
@@ -5,45 +5,51 @@
 import Foundation
 import Security
 
-public struct PKCS12 {
+public extension Cornucopia.Core {
 
-    public enum Error: Swift.Error {
-        case authorizationFailed
-        case importFailed
-    }
-
-    public let label: String?
-    public let keyID: NSData?
-    public let trust: SecTrust?
-    public let certChain: [SecTrust]?
-    public let identity: SecIdentity?
+    struct PKCS12 {
 
-    /// Creates a PKCS12 instance from `data`, secured with password `password`.
-    public init(pkcs12Data: Data, password: String) throws {
-        let importPasswordOption: NSDictionary = [kSecImportExportPassphrase as NSString: password]
-        var items: CFArray?
-        let secError: OSStatus = SecPKCS12Import(pkcs12Data as NSData, importPasswordOption, &items)
-        guard secError == errSecSuccess else {
-            let error = secError == errSecAuthFailed ? Error.authorizationFailed : Error.importFailed
-            throw error
+        public enum Error: Swift.Error {
+            case authorizationFailed
+            case importFailed
+            case noIdentity
         }
-        guard let theItemsCFArray = items else { throw Error.importFailed }
-        let theItemsNSArray: NSArray = theItemsCFArray as NSArray
-        guard let dictArray = theItemsNSArray as? [[String: AnyObject]] else { throw Error.importFailed }
 
-        func f<T>(key: CFString) -> T? {
-            for dict in dictArray {
-                if let value = dict[key as String] as? T {
-                    return value
+        public let identity: SecIdentity
+        public let label: String?
+        public let keyID: NSData?
+        public let trust: SecTrust?
+        public let certChain: [SecTrust]?
+
+        /// Creates a PKCS12 instance from `data`, secured with password `password`.
+        public init(pkcs12Data: Data, password: String) throws {
+            let importPasswordOption: NSDictionary = [kSecImportExportPassphrase as NSString: password]
+            var items: CFArray?
+            let secError: OSStatus = SecPKCS12Import(pkcs12Data as NSData, importPasswordOption, &items)
+            guard secError == errSecSuccess else {
+                let error = secError == errSecAuthFailed ? Error.authorizationFailed : Error.importFailed
+                throw error
+            }
+            guard let theItemsCFArray = items else { throw Error.importFailed }
+            let theItemsNSArray: NSArray = theItemsCFArray as NSArray
+            guard let dictArray = theItemsNSArray as? [[String: AnyObject]] else { throw Error.importFailed }
+
+            func f<T>(key: CFString) -> T? {
+                for dict in dictArray {
+                    if let value = dict[key as String] as? T {
+                        return value
+                    }
                 }
+                return nil
             }
-            return nil
+            guard let identity: SecIdentity = f(key: kSecImportItemIdentity) else { throw Error.noIdentity }
+            self.identity = identity
+
+            self.label = f(key: kSecImportItemLabel)
+            self.keyID = f(key: kSecImportItemKeyID)
+            self.trust = f(key: kSecImportItemTrust)
+            self.certChain = f(key: kSecImportItemCertChain)
         }
-        self.label = f(key: kSecImportItemLabel)
-        self.keyID = f(key: kSecImportItemKeyID)
-        self.trust = f(key: kSecImportItemTrust)
-        self.certChain = f(key: kSecImportItemCertChain)
-        self.identity = f(key: kSecImportItemIdentity)
     }
 }
 #endif