From f98e46e42a99e431aa00dcb0d38df6e345561939 Mon Sep 17 00:00:00 2001 From: Si Beaumont Date: Thu, 17 Oct 2024 10:03:07 +0100 Subject: [PATCH] wrapper: Move EC types and random bytes into CryptoBoringWrapper (#277) * wrapper: Remove _boring suffix from files in CryptoBoringWrapper * wrapper: Move EC types and random bytes into CryptoBoringWrapper * tests: Remove unused conditional compilation conditions in wrapper tests --- Sources/Crypto/CMakeLists.txt | 2 -- Sources/CryptoBoringWrapper/CMakeLists.txt | 7 +++-- .../EC/EllipticCurve.swift} | 29 ++++++++----------- .../EC/EllipticCurvePoint.swift} | 23 ++++++--------- ....swift => ArbitraryPrecisionInteger.swift} | 0 ...ift => FiniteFieldArithmeticContext.swift} | 0 .../Util/RandomBytes.swift | 4 +-- Sources/_CryptoExtras/CMakeLists.txt | 1 - .../ArbitraryPrecisionIntegerTests.swift | 3 -- .../FiniteFieldArithmeticTests.swift | 3 -- 10 files changed, 28 insertions(+), 44 deletions(-) rename Sources/{Crypto/Keys/EC/BoringSSL/EllipticCurve_boring.swift => CryptoBoringWrapper/EC/EllipticCurve.swift} (77%) rename Sources/{Crypto/Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift => CryptoBoringWrapper/EC/EllipticCurvePoint.swift} (71%) rename Sources/CryptoBoringWrapper/Util/{ArbitraryPrecisionInteger_boring.swift => ArbitraryPrecisionInteger.swift} (100%) rename Sources/CryptoBoringWrapper/Util/{FiniteFieldArithmeticContext_boring.swift => FiniteFieldArithmeticContext.swift} (100%) rename Sources/{_CryptoExtras => CryptoBoringWrapper}/Util/RandomBytes.swift (94%) diff --git a/Sources/Crypto/CMakeLists.txt b/Sources/Crypto/CMakeLists.txt index 3613429d..95a1c437 100644 --- a/Sources/Crypto/CMakeLists.txt +++ b/Sources/Crypto/CMakeLists.txt @@ -67,8 +67,6 @@ add_library(Crypto "Key Wrapping/AESWrap.swift" "Key Wrapping/BoringSSL/AESWrap_boring.swift" "Keys/EC/BoringSSL/Ed25519_boring.swift" - "Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift" - "Keys/EC/BoringSSL/EllipticCurve_boring.swift" "Keys/EC/BoringSSL/NISTCurvesKeys_boring.swift" "Keys/EC/BoringSSL/X25519Keys_boring.swift" "Keys/EC/Curve25519.swift" diff --git a/Sources/CryptoBoringWrapper/CMakeLists.txt b/Sources/CryptoBoringWrapper/CMakeLists.txt index 97dc9afe..33cc096e 100644 --- a/Sources/CryptoBoringWrapper/CMakeLists.txt +++ b/Sources/CryptoBoringWrapper/CMakeLists.txt @@ -15,8 +15,11 @@ add_library(CryptoBoringWrapper STATIC "AEAD/BoringSSLAEAD.swift" "CryptoKitErrors_boring.swift" - "Util/ArbitraryPrecisionInteger_boring.swift" - "Util/FiniteFieldArithmeticContext_boring.swift") + "EC/EllipticCurve.swift" + "EC/EllipticCurvePoint.swift" + "Util/ArbitraryPrecisionInteger.swift" + "Util/FiniteFieldArithmeticContext.swift" + "Util/RandomBytes.swift") target_include_directories(CryptoBoringWrapper PUBLIC $ diff --git a/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurve_boring.swift b/Sources/CryptoBoringWrapper/EC/EllipticCurve.swift similarity index 77% rename from Sources/Crypto/Keys/EC/BoringSSL/EllipticCurve_boring.swift rename to Sources/CryptoBoringWrapper/EC/EllipticCurve.swift index d269833f..fb204d43 100644 --- a/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurve_boring.swift +++ b/Sources/CryptoBoringWrapper/EC/EllipticCurve.swift @@ -11,22 +11,18 @@ // SPDX-License-Identifier: Apache-2.0 // //===----------------------------------------------------------------------===// -#if CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API -@_exported import CryptoKit -#else @_implementationOnly import CCryptoBoringSSL -import CryptoBoringWrapper /// A wrapper around BoringSSL's EC_GROUP object that handles reference counting and /// liveness. @usableFromInline -class BoringSSLEllipticCurveGroup { +package class BoringSSLEllipticCurveGroup { /* private but usableFromInline */ @usableFromInline var _group: OpaquePointer @usableFromInline - init(_ curve: CurveName) throws { + package init(_ curve: CurveName) throws { guard let group = CCryptoBoringSSL_EC_GROUP_new_by_curve_name(curve.baseNID) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoBoringWrapperError.internalBoringSSLError() } self._group = group @@ -41,36 +37,36 @@ class BoringSSLEllipticCurveGroup { extension BoringSSLEllipticCurveGroup { @usableFromInline - var coordinateByteCount: Int { + package var coordinateByteCount: Int { (Int(CCryptoBoringSSL_EC_GROUP_get_degree(self._group)) + 7) / 8 } @usableFromInline - func makeUnsafeOwnedECKey() throws -> OpaquePointer { + package func makeUnsafeOwnedECKey() throws -> OpaquePointer { guard let key = CCryptoBoringSSL_EC_KEY_new(), CCryptoBoringSSL_EC_KEY_set_group(key, self._group) == 1 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoBoringWrapperError.internalBoringSSLError() } return key } @usableFromInline - func makeUnsafeOwnedECPoint() throws -> OpaquePointer { + package func makeUnsafeOwnedECPoint() throws -> OpaquePointer { guard let point = CCryptoBoringSSL_EC_POINT_new(self._group) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoBoringWrapperError.internalBoringSSLError() } return point } @inlinable - func withUnsafeGroupPointer(_ body: (OpaquePointer) throws -> T) rethrows -> T { + package func withUnsafeGroupPointer(_ body: (OpaquePointer) throws -> T) rethrows -> T { try body(self._group) } @usableFromInline - var order: ArbitraryPrecisionInteger { + package var order: ArbitraryPrecisionInteger { // Groups must have an order. let baseOrder = CCryptoBoringSSL_EC_GROUP_get0_order(self._group)! return try! ArbitraryPrecisionInteger(copying: baseOrder) @@ -79,7 +75,7 @@ extension BoringSSLEllipticCurveGroup { /// An elliptic curve can be represented in a Weierstrass form: `y² = x³ + ax + b`. This /// property provides the values of a and b on the curve. @usableFromInline - var weierstrassCoefficients: (field: ArbitraryPrecisionInteger, a: ArbitraryPrecisionInteger, b: ArbitraryPrecisionInteger) { + package var weierstrassCoefficients: (field: ArbitraryPrecisionInteger, a: ArbitraryPrecisionInteger, b: ArbitraryPrecisionInteger) { var field = ArbitraryPrecisionInteger() var a = ArbitraryPrecisionInteger() var b = ArbitraryPrecisionInteger() @@ -101,7 +97,7 @@ extension BoringSSLEllipticCurveGroup { extension BoringSSLEllipticCurveGroup { @usableFromInline - enum CurveName { + package enum CurveName { case p256 case p384 case p521 @@ -121,4 +117,3 @@ extension BoringSSLEllipticCurveGroup.CurveName { } } } -#endif // CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API diff --git a/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift b/Sources/CryptoBoringWrapper/EC/EllipticCurvePoint.swift similarity index 71% rename from Sources/Crypto/Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift rename to Sources/CryptoBoringWrapper/EC/EllipticCurvePoint.swift index 75684e96..e97f8806 100644 --- a/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift +++ b/Sources/CryptoBoringWrapper/EC/EllipticCurvePoint.swift @@ -11,22 +11,18 @@ // SPDX-License-Identifier: Apache-2.0 // //===----------------------------------------------------------------------===// -#if CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API -@_exported import CryptoKit -#else @_implementationOnly import CCryptoBoringSSL -import CryptoBoringWrapper /// A wrapper around BoringSSL's EC_POINT with some lifetime management. @usableFromInline -class EllipticCurvePoint { +package class EllipticCurvePoint { /* private but @usableFromInline */ @usableFromInline var _basePoint: OpaquePointer @usableFromInline - init(multiplying scalar: ArbitraryPrecisionInteger, on group: BoringSSLEllipticCurveGroup) throws { + package init(multiplying scalar: ArbitraryPrecisionInteger, on group: BoringSSLEllipticCurveGroup) throws { self._basePoint = try group.withUnsafeGroupPointer { groupPtr in guard let basePoint = CCryptoBoringSSL_EC_POINT_new(groupPtr) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoBoringWrapperError.internalBoringSSLError() } return basePoint } @@ -34,16 +30,16 @@ class EllipticCurvePoint { try group.withUnsafeGroupPointer { groupPtr in try scalar.withUnsafeBignumPointer { bigNumPtr in guard CCryptoBoringSSL_EC_POINT_mul(groupPtr, self._basePoint, bigNumPtr, nil, nil, nil) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoBoringWrapperError.internalBoringSSLError() } } } } - init(copying pointer: OpaquePointer, on group: BoringSSLEllipticCurveGroup) throws { + package init(copying pointer: OpaquePointer, on group: BoringSSLEllipticCurveGroup) throws { self._basePoint = try group.withUnsafeGroupPointer { groupPtr in guard let basePoint = CCryptoBoringSSL_EC_POINT_dup(pointer, groupPtr) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoBoringWrapperError.internalBoringSSLError() } return basePoint } @@ -58,12 +54,12 @@ class EllipticCurvePoint { extension EllipticCurvePoint { @inlinable - func withPointPointer(_ body: (OpaquePointer) throws -> T) rethrows -> T { + package func withPointPointer(_ body: (OpaquePointer) throws -> T) rethrows -> T { try body(self._basePoint) } @usableFromInline - func affineCoordinates(group: BoringSSLEllipticCurveGroup) throws -> (x: ArbitraryPrecisionInteger, y: ArbitraryPrecisionInteger) { + package func affineCoordinates(group: BoringSSLEllipticCurveGroup) throws -> (x: ArbitraryPrecisionInteger, y: ArbitraryPrecisionInteger) { var x = ArbitraryPrecisionInteger() var y = ArbitraryPrecisionInteger() @@ -71,7 +67,7 @@ extension EllipticCurvePoint { try y.withUnsafeMutableBignumPointer { yPtr in try group.withUnsafeGroupPointer { groupPtr in guard CCryptoBoringSSL_EC_POINT_get_affine_coordinates_GFp(groupPtr, self._basePoint, xPtr, yPtr, nil) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoBoringWrapperError.internalBoringSSLError() } } } @@ -80,4 +76,3 @@ extension EllipticCurvePoint { return (x: x, y: y) } } -#endif // CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API diff --git a/Sources/CryptoBoringWrapper/Util/ArbitraryPrecisionInteger_boring.swift b/Sources/CryptoBoringWrapper/Util/ArbitraryPrecisionInteger.swift similarity index 100% rename from Sources/CryptoBoringWrapper/Util/ArbitraryPrecisionInteger_boring.swift rename to Sources/CryptoBoringWrapper/Util/ArbitraryPrecisionInteger.swift diff --git a/Sources/CryptoBoringWrapper/Util/FiniteFieldArithmeticContext_boring.swift b/Sources/CryptoBoringWrapper/Util/FiniteFieldArithmeticContext.swift similarity index 100% rename from Sources/CryptoBoringWrapper/Util/FiniteFieldArithmeticContext_boring.swift rename to Sources/CryptoBoringWrapper/Util/FiniteFieldArithmeticContext.swift diff --git a/Sources/_CryptoExtras/Util/RandomBytes.swift b/Sources/CryptoBoringWrapper/Util/RandomBytes.swift similarity index 94% rename from Sources/_CryptoExtras/Util/RandomBytes.swift rename to Sources/CryptoBoringWrapper/Util/RandomBytes.swift index 71ca52a0..f4aea1fd 100644 --- a/Sources/_CryptoExtras/Util/RandomBytes.swift +++ b/Sources/CryptoBoringWrapper/Util/RandomBytes.swift @@ -14,7 +14,7 @@ extension UnsafeMutableRawBufferPointer { @inlinable - func initializeWithRandomBytes(count: Int) { + package func initializeWithRandomBytes(count: Int) { guard count > 0 else { return } @@ -46,7 +46,7 @@ extension UnsafeMutableRawBufferPointer { extension SystemRandomNumberGenerator { @inlinable - static func randomBytes(count: Int) -> [UInt8] { + package static func randomBytes(count: Int) -> [UInt8] { Array(unsafeUninitializedCapacity: count) { buffer, initializedCount in UnsafeMutableRawBufferPointer(start: buffer.baseAddress, count: buffer.count).initializeWithRandomBytes(count: count) initializedCount = count diff --git a/Sources/_CryptoExtras/CMakeLists.txt b/Sources/_CryptoExtras/CMakeLists.txt index eef4376d..35a46f80 100644 --- a/Sources/_CryptoExtras/CMakeLists.txt +++ b/Sources/_CryptoExtras/CMakeLists.txt @@ -24,7 +24,6 @@ add_library(_CryptoExtras "Util/DigestType.swift" "Util/Error.swift" "Util/PEMDocument.swift" - "Util/RandomBytes.swift" "Util/SubjectPublicKeyInfo.swift") target_include_directories(_CryptoExtras PRIVATE diff --git a/Tests/CryptoBoringWrapperTests/ArbitraryPrecisionIntegerTests.swift b/Tests/CryptoBoringWrapperTests/ArbitraryPrecisionIntegerTests.swift index 488ad30c..e96c7bcc 100644 --- a/Tests/CryptoBoringWrapperTests/ArbitraryPrecisionIntegerTests.swift +++ b/Tests/CryptoBoringWrapperTests/ArbitraryPrecisionIntegerTests.swift @@ -11,8 +11,6 @@ // SPDX-License-Identifier: Apache-2.0 // //===----------------------------------------------------------------------===// -#if CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API -#else @testable import CryptoBoringWrapper import XCTest @@ -168,4 +166,3 @@ final class ArbitraryPrecisionIntegerTests: XCTestCase { } } } -#endif // CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API diff --git a/Tests/CryptoBoringWrapperTests/FiniteFieldArithmeticTests.swift b/Tests/CryptoBoringWrapperTests/FiniteFieldArithmeticTests.swift index f596f7ab..0e7b7101 100644 --- a/Tests/CryptoBoringWrapperTests/FiniteFieldArithmeticTests.swift +++ b/Tests/CryptoBoringWrapperTests/FiniteFieldArithmeticTests.swift @@ -11,8 +11,6 @@ // SPDX-License-Identifier: Apache-2.0 // //===----------------------------------------------------------------------===// -#if CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API -#else @testable import CryptoBoringWrapper import XCTest @@ -124,4 +122,3 @@ final class FiniteFieldArithmeticTests: XCTestCase { } } } -#endif // CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API