-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathSTSecurityModels.swift
More file actions
145 lines (131 loc) · 4.49 KB
/
STSecurityModels.swift
File metadata and controls
145 lines (131 loc) · 4.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
//
// STSecurityModels.swift
// STBaseProject
//
// Created by 寒江孤影 on 2018/12/10.
//
import Foundation
// MARK: - 加密算法
public enum STCryptoAlgorithm: String, Codable {
case aes256GCM = "AES-256-GCM"
case aes256CBC = "AES-256-CBC"
case chaCha20Poly1305 = "ChaCha20-Poly1305"
}
// MARK: - 统一加密错误
public enum STCryptoError: Error, LocalizedError {
case invalidData
case encryptionFailed
case decryptionFailed
case invalidSignature
case invalidKey
case invalidNonce
case invalidTag
case keyGenerationFailed
case unsupportedAlgorithm
case invalidSalt
case invalidIterations
public var errorDescription: String? {
switch self {
case .invalidData: return "无效的数据"
case .encryptionFailed: return "加密失败"
case .decryptionFailed: return "解密失败"
case .invalidSignature: return "签名验证失败"
case .invalidKey: return "无效的密钥"
case .invalidNonce: return "无效的随机数"
case .invalidTag: return "无效的认证标签"
case .keyGenerationFailed: return "密钥生成失败"
case .unsupportedAlgorithm: return "不支持的加密算法"
case .invalidSalt: return "无效的盐值"
case .invalidIterations: return "无效的迭代次数"
}
}
}
// MARK: - 加密配置
public struct STEncryptionConfig: Codable {
public let enabled: Bool
public let algorithm: STCryptoAlgorithm
public let keyRotationInterval: TimeInterval
public let enableRequestSigning: Bool
public let enableResponseSigning: Bool
public init(
enabled: Bool = true,
algorithm: STCryptoAlgorithm = .aes256GCM,
keyRotationInterval: TimeInterval = 86400,
enableRequestSigning: Bool = true,
enableResponseSigning: Bool = true
) {
self.enabled = enabled
self.algorithm = algorithm
self.keyRotationInterval = keyRotationInterval
self.enableRequestSigning = enableRequestSigning
self.enableResponseSigning = enableResponseSigning
}
}
// MARK: - 反调试配置
public struct STAntiDebugConfig: Codable {
public let enabled: Bool
public let checkInterval: TimeInterval
public let enableAntiDebugging: Bool
public let enableAntiHooking: Bool
public let enableAntiTampering: Bool
public init(
enabled: Bool = true,
checkInterval: TimeInterval = 5.0,
enableAntiDebugging: Bool = true,
enableAntiHooking: Bool = true,
enableAntiTampering: Bool = true
) {
self.enabled = enabled
self.checkInterval = checkInterval
self.enableAntiDebugging = enableAntiDebugging
self.enableAntiHooking = enableAntiHooking
self.enableAntiTampering = enableAntiTampering
}
}
// MARK: - 安全检测结果
public struct STSecurityCheckResult {
public let issues: [STSecurityIssue]
public let isSecure: Bool
public let timestamp: Date
public init(issues: [STSecurityIssue], isSecure: Bool) {
self.issues = issues
self.isSecure = isSecure
self.timestamp = Date()
}
}
// MARK: - 安全问题类型
public enum STSecurityIssue: String, Codable {
case proxyDetected = "proxy_detected"
case debuggingDetected = "debugging_detected"
case jailbreakDetected = "jailbreak_detected"
case hookingDetected = "hooking_detected"
case simulatorDetected = "simulator_detected"
case sslPinningFailed = "ssl_pinning_failed"
public var description: String {
switch self {
case .proxyDetected: return "检测到代理环境"
case .debuggingDetected: return "检测到调试环境"
case .jailbreakDetected: return "检测到越狱环境"
case .hookingDetected: return "检测到Hook框架"
case .simulatorDetected: return "检测到模拟器环境"
case .sslPinningFailed: return "SSL证书绑定失败"
}
}
public var severity: STSecuritySeverity {
switch self {
case .proxyDetected, .debuggingDetected, .hookingDetected:
return .high
case .jailbreakDetected, .sslPinningFailed:
return .critical
case .simulatorDetected:
return .medium
}
}
}
// MARK: - 安全严重程度
public enum STSecuritySeverity: String, Codable {
case low = "low"
case medium = "medium"
case high = "high"
case critical = "critical"
}