Merge branch 'main' into slh-dsa

apple · Nov 30, 2024 · 4a3718d · 4a3718d
2 parents 2e217ac + dc4c2c1
commit 4a3718d
Show file tree

Hide file tree

Showing 43 changed files with 1,703 additions and 505 deletions.
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
@@ -10,7 +10,6 @@ jobs:
     uses: swiftlang/github-workflows/.github/workflows/soundness.yml@main
     with:
       license_header_check_project_name: "SwiftCrypto"
-      format_check_enabled: false
       docs_check_enabled: false
 
   cmake-lists:

diff --git a/.github/workflows/pull_request_label.yml b/.github/workflows/pull_request_label.yml
@@ -6,7 +6,7 @@ on:
 
 jobs:
   semver-label-check:
-    name: Semantic Version label check
+    name: Semantic version label check
     runs-on: ubuntu-latest
     timeout-minutes: 1
     steps:

diff --git a/.licenseignore b/.licenseignore
@@ -2,6 +2,7 @@
 **/.gitignore
 .licenseignore
 .unacceptablelanguageignore
+.swiftformatignore
 .gitattributes
 .git-blame-ignore-revs
 .mailfilter

diff --git a/.swift-format b/.swift-format
@@ -0,0 +1,62 @@
+{
+  "version" : 1,
+  "indentation" : {
+    "spaces" : 4
+  },
+  "tabWidth" : 4,
+  "fileScopedDeclarationPrivacy" : {
+    "accessLevel" : "private"
+  },
+  "spacesAroundRangeFormationOperators" : false,
+  "indentConditionalCompilationBlocks" : false,
+  "indentSwitchCaseLabels" : false,
+  "lineBreakAroundMultilineExpressionChainComponents" : false,
+  "lineBreakBeforeControlFlowKeywords" : false,
+  "lineBreakBeforeEachArgument" : true,
+  "lineBreakBeforeEachGenericRequirement" : true,
+  "lineLength" : 120,
+  "maximumBlankLines" : 1,
+  "respectsExistingLineBreaks" : true,
+  "prioritizeKeepingFunctionOutputTogether" : true,
+  "rules" : {
+    "AllPublicDeclarationsHaveDocumentation" : false,
+    "AlwaysUseLiteralForEmptyCollectionInit" : false,
+    "AlwaysUseLowerCamelCase" : false,
+    "AmbiguousTrailingClosureOverload" : true,
+    "BeginDocumentationCommentWithOneLineSummary" : false,
+    "DoNotUseSemicolons" : true,
+    "DontRepeatTypeInStaticProperties" : true,
+    "FileScopedDeclarationPrivacy" : true,
+    "FullyIndirectEnum" : true,
+    "GroupNumericLiterals" : true,
+    "IdentifiersMustBeASCII" : true,
+    "NeverForceUnwrap" : false,
+    "NeverUseForceTry" : false,
+    "NeverUseImplicitlyUnwrappedOptionals" : false,
+    "NoAccessLevelOnExtensionDeclaration" : true,
+    "NoAssignmentInExpressions" : true,
+    "NoBlockComments" : true,
+    "NoCasesWithOnlyFallthrough" : true,
+    "NoEmptyTrailingClosureParentheses" : true,
+    "NoLabelsInCasePatterns" : true,
+    "NoLeadingUnderscores" : false,
+    "NoParensAroundConditions" : true,
+    "NoVoidReturnOnFunctionSignature" : true,
+    "OmitExplicitReturns" : true,
+    "OneCasePerLine" : true,
+    "OneVariableDeclarationPerLine" : true,
+    "OnlyOneTrailingClosureArgument" : true,
+    "OrderedImports" : true,
+    "ReplaceForEachWithForLoop" : true,
+    "ReturnVoidInsteadOfEmptyTuple" : true,
+    "UseEarlyExits" : false,
+    "UseExplicitNilCheckInConditions" : false,
+    "UseLetInEveryBoundCaseVariable" : false,
+    "UseShorthandTypeNames" : true,
+    "UseSingleLinePropertyGetter" : false,
+    "UseSynthesizedInitializer" : false,
+    "UseTripleSlashForDocumentationComments" : true,
+    "UseWhereClausesInForLoops" : false,
+    "ValidateDocumentationComments" : false
+  }
+}
diff --git a/.swiftformat b/.swiftformat
diff --git a/.swiftformatignore b/.swiftformatignore
@@ -0,0 +1,141 @@
+Package.swift
+Sources/Crypto/AEADs/AES/GCM/AES-GCM.swift
+Sources/Crypto/AEADs/ChachaPoly/ChaChaPoly.swift
+Sources/Crypto/AEADs/Cipher.swift
+Sources/Crypto/AEADs/Nonces.swift
+Sources/Crypto/ASN1/ASN1.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Any.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ASN1BitString.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Boolean.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Identifier.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Integer.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Null.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ASN1OctetString.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Strings.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ArraySliceBigint.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/GeneralizedTime.swift
+Sources/Crypto/ASN1/Basic ASN1 Types/ObjectIdentifier.swift
+Sources/Crypto/ASN1/ECDSASignature.swift
+Sources/Crypto/ASN1/PEMDocument.swift
+Sources/Crypto/ASN1/PKCS8PrivateKey.swift
+Sources/Crypto/ASN1/SEC1PrivateKey.swift
+Sources/Crypto/ASN1/SubjectPublicKeyInfo.swift
+Sources/Crypto/CryptoKitErrors.swift
+Sources/Crypto/Digests/Digest.swift
+Sources/Crypto/Digests/Digests.swift
+Sources/Crypto/Digests/HashFunctions.swift
+Sources/Crypto/Digests/HashFunctions_SHA2.swift
+Sources/Crypto/HPKE/Ciphersuite/HPKE-AEAD.swift
+Sources/Crypto/HPKE/Ciphersuite/HPKE-Ciphersuite.swift
+Sources/Crypto/HPKE/Ciphersuite/HPKE-KDF.swift
+Sources/Crypto/HPKE/Ciphersuite/HPKE-KexKeyDerivation.swift
+Sources/Crypto/HPKE/Ciphersuite/HPKE-LabeledExtract.swift
+Sources/Crypto/HPKE/Ciphersuite/HPKE-Utils.swift
+Sources/Crypto/HPKE/Ciphersuite/KEM/Conformances/DHKEM.swift
+Sources/Crypto/HPKE/Ciphersuite/KEM/Conformances/HPKE-KEM-Curve25519.swift
+Sources/Crypto/HPKE/Ciphersuite/KEM/Conformances/HPKE-NIST-EC-KEMs.swift
+Sources/Crypto/HPKE/Ciphersuite/KEM/HPKE-KEM.swift
+Sources/Crypto/HPKE/HPKE-Errors.swift
+Sources/Crypto/HPKE/HPKE.swift
+Sources/Crypto/HPKE/Key Schedule/HPKE-Context.swift
+Sources/Crypto/HPKE/Key Schedule/HPKE-KeySchedule.swift
+Sources/Crypto/HPKE/Modes/HPKE-Modes.swift
+Sources/Crypto/Insecure/Insecure.swift
+Sources/Crypto/Insecure/Insecure_HashFunctions.swift
+Sources/Crypto/KEM/KEM.swift
+Sources/Crypto/Key Agreement/DH.swift
+Sources/Crypto/Key Agreement/ECDH.swift
+Sources/Crypto/Key Derivation/HKDF.swift
+Sources/Crypto/Key Wrapping/AESWrap.swift
+Sources/Crypto/Keys/EC/Curve25519.swift
+Sources/Crypto/Keys/EC/Ed25519Keys.swift
+Sources/Crypto/Keys/EC/NISTCurvesKeys.swift
+Sources/Crypto/Keys/EC/X25519Keys.swift
+Sources/Crypto/Keys/Symmetric/SymmetricKeys.swift
+Sources/Crypto/Message Authentication Codes/HMAC/HMAC.swift
+Sources/Crypto/Message Authentication Codes/MACFunctions.swift
+Sources/Crypto/Message Authentication Codes/MessageAuthenticationCode.swift
+Sources/Crypto/PRF/AES.swift
+Sources/Crypto/Signatures/ECDSA.swift
+Sources/Crypto/Signatures/Ed25519.swift
+Sources/Crypto/Signatures/Signature.swift
+Sources/Crypto/Util/PrettyBytes.swift
+Sources/Crypto/Util/SafeCompare.swift
+Sources/Crypto/Util/SecureBytes.swift
+Sources/Crypto/Util/Zeroization.swift
+Sources/_CryptoExtras/AES/AES_CBC.swift
+Sources/_CryptoExtras/AES/AES_CFB.swift
+Sources/_CryptoExtras/AES/AES_CTR.swift
+Sources/_CryptoExtras/AES/AES_GCM_SIV.swift
+Sources/_CryptoExtras/AES/Block Function.swift
+Sources/_CryptoExtras/ChaCha20CTR/ChaCha20CTR.swift
+Sources/_CryptoExtras/ECToolbox/ECToolbox.swift
+Sources/_CryptoExtras/H2G/HashToField.swift
+Sources/_CryptoExtras/Key Derivation/KDF.swift
+Sources/_CryptoExtras/Key Derivation/PBKDF2/PBKDF2.swift
+Sources/_CryptoExtras/Key Derivation/Scrypt/Scrypt.swift
+Sources/_CryptoExtras/OPRFs/OPRF.swift
+Sources/_CryptoExtras/OPRFs/OPRFClient.swift
+Sources/_CryptoExtras/OPRFs/OPRFServer.swift
+Sources/_CryptoExtras/OPRFs/VOPRF+API.swift
+Sources/_CryptoExtras/OPRFs/VOPRFClient.swift
+Sources/_CryptoExtras/OPRFs/VOPRFServer.swift
+Sources/_CryptoExtras/RSA/RSA+BlindSigning.swift
+Sources/_CryptoExtras/RSA/RSA.swift
+Sources/_CryptoExtras/RSA/RSA_security.swift
+Sources/_CryptoExtras/Util/BoringSSLHelpers.swift
+Sources/_CryptoExtras/Util/DigestType.swift
+Sources/_CryptoExtras/Util/Error.swift
+Sources/_CryptoExtras/Util/I2OSP.swift
+Sources/_CryptoExtras/Util/PEMDocument.swift
+Sources/_CryptoExtras/Util/PrettyBytes.swift
+Sources/_CryptoExtras/Util/SubjectPublicKeyInfo.swift
+Sources/_CryptoExtras/ZKPs/DLEQ.swift
+Sources/crypto-shasum/main.swift
+Tests/CryptoTests/ASN1/ASN1Tests.swift
+Tests/CryptoTests/ASN1/GeneralizedTimeTests.swift
+Tests/CryptoTests/Authenticated Encryption/AES-GCM-Runner.swift
+Tests/CryptoTests/Authenticated Encryption/ChaChaPoly-Runner.swift
+Tests/CryptoTests/Digests/DigestsTests.swift
+Tests/CryptoTests/ECDH/X25519-Runner.swift
+Tests/CryptoTests/ECDH/secpECDH_Runner.swift
+Tests/CryptoTests/Encodings/DERTests.swift
+Tests/CryptoTests/Encodings/ECKeyEncodingsTests.swift
+Tests/CryptoTests/HPKE/HPKETests-TestVectors.swift
+Tests/CryptoTests/HPKE/HPKETests.swift
+Tests/CryptoTests/Key Derivation/ECprivateKeysFromSeeds.swift
+Tests/CryptoTests/Key Derivation/HKDFTests.swift
+Tests/CryptoTests/Key Derivation/SharedSecretTests.swift
+Tests/CryptoTests/Key Derivation/X963KDFTests.swift
+Tests/CryptoTests/Key Wrapping/KeyWrapping.swift
+Tests/CryptoTests/MAC/HMACTests.swift
+Tests/CryptoTests/SecureBytes/SecureBytesTests.swift
+Tests/CryptoTests/Signatures/ECDSA/ECDSASignatureTests.swift
+Tests/CryptoTests/Signatures/ECDSA/RawECDSASignaturesTests.swift
+Tests/CryptoTests/Signatures/EdDSA/Ed25519-Runner.swift
+Tests/CryptoTests/Utils/PrettyBytes.swift
+Tests/CryptoTests/Utils/RFCVector.swift
+Tests/CryptoTests/Utils/SplitData.swift
+Tests/CryptoTests/Utils/Wycheproof.swift
+Tests/CryptoTests/Utils/XCTestUtils.swift
+Tests/_CryptoExtrasTests/AES Block Function Tests.swift
+Tests/_CryptoExtrasTests/AES-GCM-SIV-Runner.swift
+Tests/_CryptoExtrasTests/AES_CBCTests.swift
+Tests/_CryptoExtrasTests/AES_CFBTests.swift
+Tests/_CryptoExtrasTests/AES_CTRTests.swift
+Tests/_CryptoExtrasTests/ChaCha20CTRTests.swift
+Tests/_CryptoExtrasTests/ECToolbox/HashToCurveTests.swift
+Tests/_CryptoExtrasTests/OPRFs/ECVOPRFTests.swift
+Tests/_CryptoExtrasTests/OPRFs/VOPRFAPITests.swift
+Tests/_CryptoExtrasTests/OPRFs/VOPRFPublicAPITests.swift
+Tests/_CryptoExtrasTests/PBKDF2Tests.swift
+Tests/_CryptoExtrasTests/ScryptTests.swift
+Tests/_CryptoExtrasTests/TestRSABlindSigning.swift
+Tests/_CryptoExtrasTests/TestRSABlindSigningAPI.swift
+Tests/_CryptoExtrasTests/TestRSAEncryption.swift
+Tests/_CryptoExtrasTests/TestRSASigning.swift
+Tests/_CryptoExtrasTests/Utils/BytesUtil.swift
+Tests/_CryptoExtrasTests/Utils/RFCVector.swift
+Tests/_CryptoExtrasTests/Utils/SplitData.swift
+Tests/_CryptoExtrasTests/Utils/Wycheproof.swift
+Tests/_CryptoExtrasTests/Utils/XCTestUtils.swift
diff --git a/Sources/Crypto/AEADs/AES/GCM/BoringSSL/AES-GCM_boring.swift b/Sources/Crypto/AEADs/AES/GCM/BoringSSL/AES-GCM_boring.swift
@@ -20,32 +20,61 @@ import Foundation
 
 enum OpenSSLAESGCMImpl {
     @inlinable
-    static func seal<Plaintext: DataProtocol, AuthenticatedData: DataProtocol>
-    (key: SymmetricKey, message: Plaintext, nonce: AES.GCM.Nonce?, authenticatedData: AuthenticatedData? = nil) throws -> AES.GCM.SealedBox {
+    static func seal<Plaintext: DataProtocol, AuthenticatedData: DataProtocol>(
+        key: SymmetricKey,
+        message: Plaintext,
+        nonce: AES.GCM.Nonce?,
+        authenticatedData: AuthenticatedData? = nil
+    ) throws -> AES.GCM.SealedBox {
         let nonce = nonce ?? AES.GCM.Nonce()
 
         let aead = try Self._backingAEAD(key: key)
 
         let ciphertext: Data
         let tag: Data
         if let ad = authenticatedData {
-            (ciphertext, tag) = try aead.seal(message: message, key: key, nonce: nonce, authenticatedData: ad)
+            (ciphertext, tag) = try aead.seal(
+                message: message,
+                key: key,
+                nonce: nonce,
+                authenticatedData: ad
+            )
         } else {
-            (ciphertext, tag) = try aead.seal(message: message, key: key, nonce: nonce, authenticatedData: [])
+            (ciphertext, tag) = try aead.seal(
+                message: message,
+                key: key,
+                nonce: nonce,
+                authenticatedData: []
+            )
         }
 
         return try AES.GCM.SealedBox(nonce: nonce, ciphertext: ciphertext, tag: tag)
     }
 
     @inlinable
-    static func open<AuthenticatedData: DataProtocol>
-    (key: SymmetricKey, sealedBox: AES.GCM.SealedBox, authenticatedData: AuthenticatedData? = nil) throws -> Data {
+    static func open<AuthenticatedData: DataProtocol>(
+        key: SymmetricKey,
+        sealedBox: AES.GCM.SealedBox,
+        authenticatedData: AuthenticatedData? = nil
+    ) throws -> Data {
         let aead = try Self._backingAEAD(key: key)
 
         if let ad = authenticatedData {
-            return try aead.open(ciphertext: sealedBox.ciphertext, key: key, nonce: sealedBox.nonce, tag: sealedBox.tag, authenticatedData: ad)
+            return try aead.open(
+                ciphertext: sealedBox.ciphertext,
+                key: key,
+                nonce: sealedBox.nonce,
+                tag: sealedBox.tag,
+                authenticatedData: ad
+            )
         } else {
-            return try aead.open(ciphertext: sealedBox.ciphertext, key: key, nonce: sealedBox.nonce, tag: sealedBox.tag, authenticatedData: [])
+            return try aead.open(
+                ciphertext: sealedBox.ciphertext,
+                key: key,
+                nonce: sealedBox.nonce,
+                tag: sealedBox.tag,
+                authenticatedData: []
+            )
         }
     }
 
@@ -63,4 +92,4 @@ enum OpenSSLAESGCMImpl {
         }
     }
 }
-#endif // CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API
+#endif  // CRYPTO_IN_SWIFTPM && !CRYPTO_IN_SWIFTPM_FORCE_BUILD_API