Skip to content

Commit

Permalink
Merge branch 'main' into ml-dsa
Browse files Browse the repository at this point in the history
  • Loading branch information
fpseverino authored Dec 16, 2024
2 parents 9b1b317 + 0bf9f47 commit e61fe0b
Show file tree
Hide file tree
Showing 9 changed files with 83 additions and 10 deletions.
13 changes: 11 additions & 2 deletions Package.swift
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,18 @@ import PackageDescription
// To develop this on Apple platforms, set this to true
let development = false

// Ideally, we should use `.when(platforms:)` to set `swiftSettings` and
// `dependencies` like on other platforms. However, `Platform.freebsd` is not
// yet available, and therefore we guard the settings behind this boolean.
#if os(FreeBSD)
let isFreeBSD = true
#else
let isFreeBSD = false
#endif

let swiftSettings: [SwiftSetting]
let dependencies: [Target.Dependency]
if development {
if development || isFreeBSD {
swiftSettings = [
.define("CRYPTO_IN_SWIFTPM"),
.define("CRYPTO_IN_SWIFTPM_FORCE_BUILD_API"),
Expand All @@ -44,7 +53,7 @@ if development {
Platform.linux,
Platform.android,
Platform.windows,
Platform.wasi,
Platform.wasi
]
swiftSettings = [
.define("CRYPTO_IN_SWIFTPM"),
Expand Down
4 changes: 2 additions & 2 deletions Sources/CCryptoBoringSSL/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -276,7 +276,7 @@ if(CMAKE_SYSTEM_NAME STREQUAL Darwin AND CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x
gen/crypto/chacha-x86_64-apple.S
gen/crypto/chacha20_poly1305_x86_64-apple.S
gen/crypto/md5-x86_64-apple.S)
elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android" AND CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x86_64")
elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD" AND CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x86_64")
target_sources(CCryptoBoringSSL PRIVATE
gen/bcm/aes-gcm-avx10-x86_64-linux.S
gen/bcm/aesni-gcm-x86_64-linux.S
Expand Down Expand Up @@ -313,7 +313,7 @@ elseif(CMAKE_SYSTEM_NAME STREQUAL Darwin AND CMAKE_SYSTEM_PROCESSOR MATCHES "arm
gen/bcm/vpaes-armv8-apple.S
gen/crypto/chacha-armv8-apple.S
gen/crypto/chacha20_poly1305_armv8-apple.S)
elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android" AND CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64")
elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD" AND CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64")
target_sources(CCryptoBoringSSL PRIVATE
gen/bcm/aesv8-armv8-linux.S
gen/bcm/aesv8-gcm-armv8-linux.S
Expand Down
2 changes: 1 addition & 1 deletion Sources/Crypto/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ add_library(Crypto
target_compile_definitions(Crypto PRIVATE
"$<$<COMPILE_LANGUAGE:Swift>:CRYPTO_IN_SWIFTPM>")

if(CMAKE_SYSTEM_NAME STREQUAL "Linux" OR CMAKE_SYSTEM_NAME STREQUAL "Windows" OR CMAKE_SYSTEM_NAME STREQUAL "Android" OR CMAKE_SYSTEM_NAME STREQUAL "WASI")
if(CMAKE_SYSTEM_NAME STREQUAL "Linux" OR CMAKE_SYSTEM_NAME STREQUAL "Windows" OR CMAKE_SYSTEM_NAME STREQUAL "Android" OR CMAKE_SYSTEM_NAME STREQUAL "WASI" OR CMAKE_SYSTEM_NAME STREQUAL FreeBSD)
target_compile_definitions(Crypto PRIVATE
"$<$<COMPILE_LANGUAGE:Swift>:CRYPTO_IN_SWIFTPM_FORCE_BUILD_API>")
endif()
Expand Down
44 changes: 43 additions & 1 deletion Sources/Crypto/Docs.docc/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,46 @@ Swift Crypto provides a Swift library for common cryptographic operations. It is
* `Crypto` - an open-source implementation of a substantial portion of the API of [Apple CryptoKit](https://developer.apple.com/documentation/cryptokit) suitable for use on Linux platforms. It enables cross-platform or server applications with the advantages of CryptoKit.
* `CryptoExtras` - a collection of additional cryptographic primitives and utilities that are not part of CryptoKit but useful in a server environment.

Swift Crypto is built on top of [BoringSSL](https://boringssl.googlesource.com/boringssl/), Google's fork of OpenSSL. The current features of Swift Crypto cover key exchange, key derivation, encryption and decryption, hashing, message authentication, and more.
Swift Crypto is built on top of [BoringSSL](https://boringssl.googlesource.com/boringssl/), Google's fork of OpenSSL. The current features of Swift Crypto cover key exchange, key derivation, encryption and decryption, hashing, message authentication, and more.

## Topics

### Cryptographically secure hashes

- ``HashFunction``
- ``SHA512``
- ``SHA384``
- ``SHA256``

### Message authentication codes

- ``HMAC``
- ``SymmetricKey``
- ``SymmetricKeySize``

### Ciphers

- ``AES``
- ``ChaChaPoly``

### Public key cryptography

- ``Curve25519``
- ``P521``
- ``P384``
- ``P256``
- ``SharedSecret``
- ``HPKE``

### Key derivation functions

- ``HKDF``

### Errors

- ``CryptoKitError``
- ``CryptoKitASN1Error``

### Legacy algorithms

- ``Insecure``
2 changes: 1 addition & 1 deletion Sources/CryptoBoringWrapper/Util/RandomBytes.swift
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ extension UnsafeMutableRawBufferPointer {
return
}

#if canImport(Darwin) || os(Linux) || os(Android) || os(Windows)
#if canImport(Darwin) || os(Linux) || os(Android) || os(Windows) || os(FreeBSD)
var rng = SystemRandomNumberGenerator()
precondition(count <= self.count)

Expand Down
20 changes: 20 additions & 0 deletions Sources/_CryptoExtras/Docs.docc/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,24 @@

Provides additional cryptographic APIs that are not available in CryptoKit (and therefore the core Crypto library).

## Overview

`CryptoExtras` is a collection of additional cryptographic primitives and utilities that are not part of CryptoKit but useful in a server environment.

## Topics

### Ciphers

- ``_CryptoExtras/Crypto/AES``

### Public key cryptography

- ``_RSA``

### Key derivation functions

- ``KDF``

### Legacy algorithms

- ``_CryptoExtras/Crypto/Insecure``
4 changes: 2 additions & 2 deletions Sources/_CryptoExtras/RSA/RSA+BlindSigning.swift
Original file line number Diff line number Diff line change
Expand Up @@ -410,7 +410,7 @@ extension _RSA.BlindSigning.PublicKey {
/// Prepare a message to be signed using the blind signing protocol.
///
/// - Parameter message: The message to be signed.
/// - Parameter parameters: Parameters used in the blind signing protocol.
///
/// - Returns: A prepared message, modified according to the parameters provided.
///
/// - Seealso: [RFC 9474: Prepare](https://www.rfc-editor.org/rfc/rfc9474.html#name-prepare).
Expand Down Expand Up @@ -440,7 +440,7 @@ extension _RSA.BlindSigning.PublicKey {
///
/// - Parameter signature: The signature of the blinded message.
/// - Parameter message: The message to be signed.
/// - Parameter blindInverse: The inverse from the message blinding.
/// - Parameter blindingInverse: The inverse from the message blinding.
/// - Returns: The signature of the message.
///
/// - Seealso: [RFC 9474: Finalize](https://www.rfc-editor.org/rfc/rfc9474.html#name-finalize).
Expand Down
2 changes: 1 addition & 1 deletion Tests/CryptoTests/Encodings/DERTests.swift
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ class DERTests: XCTestCase {
}

func randomBytes(count: Int) -> [UInt8] {
#if canImport(Darwin) || os(Linux) || os(Android) || os(Windows)
#if canImport(Darwin) || os(Linux) || os(Android) || os(Windows) || os(FreeBSD)
var rng = SystemRandomNumberGenerator()
return (0..<count).map { _ in rng.next() }
#else
Expand Down
2 changes: 2 additions & 0 deletions cmake/modules/SwiftSupport.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ function(get_swift_host_arch result_var_name)
set("${result_var_name}" "armv7" PARENT_SCOPE)
elseif("${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "AMD64")
set("${result_var_name}" "x86_64" PARENT_SCOPE)
elseif("${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "amd64")
set("${result_var_name}" "x86_64" PARENT_SCOPE)
elseif("${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "IA64")
set("${result_var_name}" "itanium" PARENT_SCOPE)
elseif("${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "x86")
Expand Down

0 comments on commit e61fe0b

Please sign in to comment.