diff --git a/Sources/Crypto/AEADs/AES/GCM/AES-GCM.swift b/Sources/Crypto/AEADs/AES/GCM/AES-GCM.swift index 0070f296..177df7e2 100644 --- a/Sources/Crypto/AEADs/AES/GCM/AES-GCM.swift +++ b/Sources/Crypto/AEADs/AES/GCM/AES-GCM.swift @@ -167,7 +167,7 @@ extension AES.GCM { let aesGCMOverhead = 12 + 16 if combined.count < aesGCMOverhead { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.init(combined: Data(combined)) @@ -181,7 +181,7 @@ extension AES.GCM { /// - tag: The authentication tag. public init(nonce: AES.GCM.Nonce, ciphertext: C, tag: T) throws { guard tag.count == AES.GCM.tagByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } let nonceByteCount = nonce.bytes.count diff --git a/Sources/Crypto/AEADs/AES/GCM/BoringSSL/AES-GCM_boring.swift b/Sources/Crypto/AEADs/AES/GCM/BoringSSL/AES-GCM_boring.swift index 03be9d2d..3bd9185a 100644 --- a/Sources/Crypto/AEADs/AES/GCM/BoringSSL/AES-GCM_boring.swift +++ b/Sources/Crypto/AEADs/AES/GCM/BoringSSL/AES-GCM_boring.swift @@ -59,7 +59,7 @@ enum OpenSSLAESGCMImpl { case 256: return .aes256gcm default: - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } } } diff --git a/Sources/Crypto/AEADs/ChachaPoly/BoringSSL/ChaChaPoly_boring.swift b/Sources/Crypto/AEADs/ChachaPoly/BoringSSL/ChaChaPoly_boring.swift index 689b2411..18945c24 100644 --- a/Sources/Crypto/AEADs/ChachaPoly/BoringSSL/ChaChaPoly_boring.swift +++ b/Sources/Crypto/AEADs/ChachaPoly/BoringSSL/ChaChaPoly_boring.swift @@ -26,7 +26,7 @@ extension BoringSSLAEAD { let context = try AEADContext(cipher: self, key: key) return try context.seal(message: message, nonce: nonce, authenticatedData: authenticatedData) } catch CryptoBoringWrapperError.underlyingCoreCryptoError(let errorCode) { - throw CryptoKitError.underlyingCoreCryptoError(error: errorCode) + throw CryptoError.underlyingCoreCryptoError(error: errorCode) } } @@ -36,7 +36,7 @@ extension BoringSSLAEAD { let context = try AEADContext(cipher: self, key: key) return try context.open(ciphertext: ciphertext, nonce: nonce, tag: tag, authenticatedData: authenticatedData) } catch CryptoBoringWrapperError.underlyingCoreCryptoError(let errorCode) { - throw CryptoKitError.underlyingCoreCryptoError(error: errorCode) + throw CryptoError.underlyingCoreCryptoError(error: errorCode) } } } @@ -44,7 +44,7 @@ extension BoringSSLAEAD { enum OpenSSLChaChaPolyImpl { static func encrypt(key: SymmetricKey, message: M, nonce: ChaChaPoly.Nonce?, authenticatedData: AD?) throws -> ChaChaPoly.SealedBox { guard key.bitCount == ChaChaPoly.keyBitsCount else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } let nonce = nonce ?? ChaChaPoly.Nonce() @@ -61,7 +61,7 @@ enum OpenSSLChaChaPolyImpl { static func decrypt(key: SymmetricKey, ciphertext: ChaChaPoly.SealedBox, authenticatedData: AD?) throws -> Data { guard key.bitCount == ChaChaPoly.keyBitsCount else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } if let ad = authenticatedData { diff --git a/Sources/Crypto/AEADs/ChachaPoly/ChaChaPoly.swift b/Sources/Crypto/AEADs/ChachaPoly/ChaChaPoly.swift index bd24bde3..002b8d6d 100644 --- a/Sources/Crypto/AEADs/ChachaPoly/ChaChaPoly.swift +++ b/Sources/Crypto/AEADs/ChachaPoly/ChaChaPoly.swift @@ -139,7 +139,7 @@ extension ChaChaPoly { let chachaPolyOverhead = 12 + 16 if combined.count < chachaPolyOverhead { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.combined = Data(combined) @@ -153,7 +153,7 @@ extension ChaChaPoly { /// - tag: An authentication tag. public init(nonce: ChaChaPoly.Nonce, ciphertext: C, tag: T) throws { guard tag.count == ChaChaPoly.tagByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.combined = Data(nonce) + ciphertext + tag diff --git a/Sources/Crypto/AEADs/Nonces.swift b/Sources/Crypto/AEADs/Nonces.swift index 184ff3c0..92f82751 100644 --- a/Sources/Crypto/AEADs/Nonces.swift +++ b/Sources/Crypto/AEADs/Nonces.swift @@ -51,7 +51,7 @@ extension AES.GCM { /// error if the data has a length other than 12 bytes. public init(data: D) throws { if data.count < AES.GCM.defaultNonceByteCount { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.bytes = Data(data) @@ -113,7 +113,7 @@ extension ChaChaPoly { /// error if the data has a length other than 12 bytes. public init(data: D) throws { if data.count != ChaChaPoly.nonceByteCount { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.bytes = Data(data) diff --git a/Sources/Crypto/AEADs/Nonces.swift.gyb b/Sources/Crypto/AEADs/Nonces.swift.gyb index 19a25bb2..9436ae29 100644 --- a/Sources/Crypto/AEADs/Nonces.swift.gyb +++ b/Sources/Crypto/AEADs/Nonces.swift.gyb @@ -60,7 +60,7 @@ extension ${name} { /// error if the data has a length other than 12 bytes. public init(data: D) throws { if data.count ${nonceValidation} { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.bytes = Data(data) diff --git a/Sources/Crypto/ASN1/ASN1.swift b/Sources/Crypto/ASN1/ASN1.swift index a1d4c250..27359e50 100644 --- a/Sources/Crypto/ASN1/ASN1.swift +++ b/Sources/Crypto/ASN1/ASN1.swift @@ -137,7 +137,7 @@ extension ASN1 { /// Parse the node as an ASN.1 sequence. internal static func sequence(_ node: ASN1Node, identifier: ASN1.ASN1Identifier, _ builder: (inout ASN1.ASN1NodeCollection.Iterator) throws -> T) throws -> T { guard node.identifier == identifier, case .constructed(let nodes) = node.content else { - throw CryptoKitASN1Error.unexpectedFieldType + throw CryptoASN1Error.unexpectedFieldType } var iterator = nodes.makeIterator() @@ -145,7 +145,7 @@ extension ASN1 { let result = try builder(&iterator) guard iterator.next() == nil else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return result @@ -153,7 +153,7 @@ extension ASN1 { internal static func sequence(of: T.Type = T.self, identifier: ASN1.ASN1Identifier, rootNode: ASN1Node) throws -> [T] { guard rootNode.identifier == identifier, case .constructed(let nodes) = rootNode.content else { - throw CryptoKitASN1Error.unexpectedFieldType + throw CryptoASN1Error.unexpectedFieldType } return try nodes.map { try T(asn1Encoded: $0) } @@ -162,7 +162,7 @@ extension ASN1 { internal static func sequence(of: T.Type = T.self, identifier: ASN1.ASN1Identifier, nodes: inout ASN1.ASN1NodeCollection.Iterator) throws -> [T] { guard let node = nodes.next() else { // Not present, throw. - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return try sequence(of: T.self, identifier: identifier, rootNode: node) @@ -205,7 +205,7 @@ extension ASN1 { var nodeIterator = nodes.makeIterator() guard let child = nodeIterator.next(), nodeIterator.next() == nil else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return try builder(child) @@ -239,7 +239,7 @@ extension ASN1 { // DER forbids encoding DEFAULT values at their default state. // We can lift this in BER. guard parsed != defaultValue else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return parsed @@ -250,7 +250,7 @@ extension ASN1 { guard result != defaultValue else { // DER forbids encoding DEFAULT values at their default state. // We can lift this in BER. - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return result @@ -279,7 +279,7 @@ extension ASN1 { try parseNode(from: &data, depth: 1, into: &nodes) guard data.count == 0 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return ASN1ParseResult(nodes[...]) } @@ -290,28 +290,28 @@ extension ASN1 { guard depth <= ASN1.ASN1ParseResult.maximumNodeDepth else { // We defend ourselves against stack overflow by refusing to allocate more than 10 stack frames to // the parsing. - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } guard let rawIdentifier = data.popFirst() else { - throw CryptoKitASN1Error.truncatedASN1Field + throw CryptoASN1Error.truncatedASN1Field } let identifier = try ASN1Identifier(rawIdentifier: rawIdentifier) guard let wideLength = try data.readASN1Length() else { - throw CryptoKitASN1Error.truncatedASN1Field + throw CryptoASN1Error.truncatedASN1Field } // UInt is sometimes too large for us! guard let length = Int(exactly: wideLength) else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } var subData = data.prefix(length) data = data.dropFirst(length) guard subData.count == length else { - throw CryptoKitASN1Error.truncatedASN1Field + throw CryptoASN1Error.truncatedASN1Field } if identifier.constructed { @@ -553,7 +553,7 @@ internal protocol ASN1Parseable { extension ASN1Parseable { internal init(asn1Encoded sequenceNodeIterator: inout ASN1.ASN1NodeCollection.Iterator) throws { guard let node = sequenceNodeIterator.next() else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } self = try .init(asn1Encoded: node) @@ -587,7 +587,7 @@ extension ASN1ImplicitlyTaggable { internal init(asn1Encoded sequenceNodeIterator: inout ASN1.ASN1NodeCollection.Iterator, withIdentifier identifier: ASN1.ASN1Identifier = Self.defaultIdentifier) throws { guard let node = sequenceNodeIterator.next() else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } self = try .init(asn1Encoded: node, withIdentifier: identifier) @@ -619,7 +619,7 @@ extension ArraySlice where Element == UInt8 { switch firstByte { case 0x80: // Indefinite form. Unsupported. - throw CryptoKitASN1Error.unsupportedFieldLength + throw CryptoASN1Error.unsupportedFieldLength case let val where val & 0x80 == 0x80: // Top bit is set, this is the long form. The remaining 7 bits of this octet // determine how long the length field is. @@ -638,16 +638,16 @@ extension ArraySlice where Element == UInt8 { switch requiredBits { case 0...7: // For 0 to 7 bits, the long form is unacceptable and we require the short. - throw CryptoKitASN1Error.unsupportedFieldLength + throw CryptoASN1Error.unsupportedFieldLength case 8...: // For 8 or more bits, fieldLength should be the minimum required. let requiredBytes = (requiredBits + 7) / 8 if fieldLength > requiredBytes { - throw CryptoKitASN1Error.unsupportedFieldLength + throw CryptoASN1Error.unsupportedFieldLength } default: // This is not reachable, but we'll error anyway. - throw CryptoKitASN1Error.unsupportedFieldLength + throw CryptoASN1Error.unsupportedFieldLength } return length @@ -661,7 +661,7 @@ extension ArraySlice where Element == UInt8 { extension FixedWidthInteger { internal init(bigEndianBytes bytes: Bytes) throws where Bytes.Element == UInt8 { guard bytes.count <= (Self.bitWidth / 8) else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } self = 0 diff --git a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1BitString.swift b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1BitString.swift index 4f00bf68..babc0935 100644 --- a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1BitString.swift +++ b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1BitString.swift @@ -27,7 +27,7 @@ extension ASN1 { init(asn1Encoded node: ASN1.ASN1Node, withIdentifier identifier: ASN1.ASN1Identifier) throws { guard node.identifier == identifier else { - throw CryptoKitASN1Error.unexpectedFieldType + throw CryptoASN1Error.unexpectedFieldType } guard case .primitive(let content) = node.content else { @@ -37,7 +37,7 @@ extension ASN1 { // The initial octet explains how many of the bits in the _final_ octet are not part of the bitstring. // The only value we support here is 0. guard content.first == 0 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } self.bytes = content.dropFirst() diff --git a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Boolean.swift b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Boolean.swift index 43510e91..f5dc52ad 100644 --- a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Boolean.swift +++ b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Boolean.swift @@ -23,11 +23,11 @@ extension Bool: ASN1ImplicitlyTaggable { init(asn1Encoded node: ASN1.ASN1Node, withIdentifier identifier: ASN1.ASN1Identifier) throws { guard node.identifier == identifier else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } guard case .primitive(let bytes) = node.content, bytes.count == 1 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } switch bytes[bytes.startIndex] { @@ -39,7 +39,7 @@ extension Bool: ASN1ImplicitlyTaggable { self = true default: // If we come to support BER then these values are all "true" as well. - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } } diff --git a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Identifier.swift b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Identifier.swift index 6c98f082..dc183d19 100644 --- a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Identifier.swift +++ b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Identifier.swift @@ -60,7 +60,7 @@ extension ASN1 { init(rawIdentifier: UInt8) throws { // We don't support multibyte identifiers, which are signalled when the bottom 5 bits are all 1. guard rawIdentifier & 0x1F != 0x1F else { - throw CryptoKitASN1Error.invalidFieldIdentifier + throw CryptoASN1Error.invalidFieldIdentifier } self.baseTag = rawIdentifier diff --git a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Integer.swift b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Integer.swift index d8101c4e..3b6dcedb 100644 --- a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Integer.swift +++ b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Integer.swift @@ -41,7 +41,7 @@ extension ASN1IntegerRepresentable { internal init(asn1Encoded node: ASN1.ASN1Node, withIdentifier identifier: ASN1.ASN1Identifier) throws { guard node.identifier == identifier else { - throw CryptoKitASN1Error.unexpectedFieldType + throw CryptoASN1Error.unexpectedFieldType } guard case .primitive(var dataBytes) = node.content else { @@ -50,7 +50,7 @@ extension ASN1IntegerRepresentable { // Zero bytes of integer is not an acceptable encoding. guard dataBytes.count > 0 else { - throw CryptoKitASN1Error.invalidASN1IntegerEncoding + throw CryptoASN1Error.invalidASN1IntegerEncoding } // 8.3.2 If the contents octets of an integer value encoding consist of more than one octet, then the bits of the first octet and bit 8 of the second octet: @@ -62,7 +62,7 @@ extension ASN1IntegerRepresentable { if let first = dataBytes.first, let second = dataBytes.dropFirst().first { if (first == 0xFF) && second.topBitSet || (first == 0x00) && !second.topBitSet { - throw CryptoKitASN1Error.invalidASN1IntegerEncoding + throw CryptoASN1Error.invalidASN1IntegerEncoding } } @@ -72,7 +72,7 @@ extension ASN1IntegerRepresentable { if first == 0x00 { dataBytes = dataBytes.dropFirst() } else if first & 0x80 == 0x80 { - throw CryptoKitASN1Error.invalidASN1IntegerEncoding + throw CryptoASN1Error.invalidASN1IntegerEncoding } } diff --git a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Null.swift b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Null.swift index 83fb8646..97162119 100644 --- a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Null.swift +++ b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1Null.swift @@ -27,11 +27,11 @@ extension ASN1 { init(asn1Encoded node: ASN1.ASN1Node, withIdentifier identifier: ASN1.ASN1Identifier) throws { guard node.identifier == identifier, case .primitive(let content) = node.content else { - throw CryptoKitASN1Error.unexpectedFieldType + throw CryptoASN1Error.unexpectedFieldType } guard content.count == 0 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } } diff --git a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1OctetString.swift b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1OctetString.swift index f7e1336d..be3f5335 100644 --- a/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1OctetString.swift +++ b/Sources/Crypto/ASN1/Basic ASN1 Types/ASN1OctetString.swift @@ -27,7 +27,7 @@ extension ASN1 { init(asn1Encoded node: ASN1.ASN1Node, withIdentifier identifier: ASN1.ASN1Identifier) throws { guard node.identifier == identifier else { - throw CryptoKitASN1Error.unexpectedFieldType + throw CryptoASN1Error.unexpectedFieldType } guard case .primitive(let content) = node.content else { diff --git a/Sources/Crypto/ASN1/Basic ASN1 Types/GeneralizedTime.swift b/Sources/Crypto/ASN1/Basic ASN1 Types/GeneralizedTime.swift index d4c11749..41215ba8 100644 --- a/Sources/Crypto/ASN1/Basic ASN1 Types/GeneralizedTime.swift +++ b/Sources/Crypto/ASN1/Basic ASN1 Types/GeneralizedTime.swift @@ -114,7 +114,7 @@ extension ASN1 { init(asn1Encoded node: ASN1.ASN1Node, withIdentifier identifier: ASN1.ASN1Identifier) throws { guard node.identifier == identifier else { - throw CryptoKitASN1Error.unexpectedFieldType + throw CryptoASN1Error.unexpectedFieldType } guard case .primitive(let content) = node.content else { @@ -133,24 +133,24 @@ extension ASN1 { private func validate() throws { // Validate that the structure is well-formed. guard self._year >= 0 && self._year <= 9999 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } // This also validates the month. guard let daysInMonth = ASN1.GeneralizedTime.daysInMonth(self._month, ofYear: self._year) else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } guard self._day >= 1 && self._day <= daysInMonth else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } guard self._hours >= 0 && self._hours < 24 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } guard self._minutes >= 0 && self._minutes < 60 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } // We allow leap seconds here, but don't validate it. @@ -158,12 +158,12 @@ extension ASN1 { // comparison here. We should consider whether this needs to be transformable // to `Date` or similar. guard self._seconds >= 0 && self._seconds <= 61 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } // Fractional seconds may not be negative and may not be 1 or more. guard self._fractionalSeconds >= 0 && self._fractionalSeconds < 1 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } } } @@ -178,7 +178,7 @@ extension ASN1.GeneralizedTime { guard let rawYear = bytes.readFourDigitDecimalInteger(), let rawMonth = bytes.readTwoDigitDecimalInteger(), let rawDay = bytes.readTwoDigitDecimalInteger() else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } // Next there must be a _time_. Per DER rules, this time must always go @@ -187,7 +187,7 @@ extension ASN1.GeneralizedTime { guard let rawHour = bytes.readTwoDigitDecimalInteger(), let rawMinutes = bytes.readTwoDigitDecimalInteger(), let rawSeconds = bytes.readTwoDigitDecimalInteger() else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } // There may be some fractional seconds. @@ -198,12 +198,12 @@ extension ASN1.GeneralizedTime { // The next character _must_ be Z, or the encoding is invalid. guard bytes.popFirst() == UInt8(ascii: "Z") else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } // Great! There better not be anything left. guard bytes.count == 0 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return try ASN1.GeneralizedTime(year: rawYear, @@ -300,7 +300,7 @@ extension ArraySlice where Element == UInt8 { // If the numerator overflows, we don't support the result. if multiplyOverflow || addingOverflow { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } numerator = newNumeratorWithAdded @@ -309,7 +309,7 @@ extension ArraySlice where Element == UInt8 { // Ok, we're either at the end or the next character is a Z. One final check: there may not have // been any trailing zeros here. This means the number may not be 0 mod 10. if numerator % 10 == 0 { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return Double(numerator) / Double(denominator) diff --git a/Sources/Crypto/ASN1/Basic ASN1 Types/ObjectIdentifier.swift b/Sources/Crypto/ASN1/Basic ASN1 Types/ObjectIdentifier.swift index e7af81e5..f2d055a4 100644 --- a/Sources/Crypto/ASN1/Basic ASN1 Types/ObjectIdentifier.swift +++ b/Sources/Crypto/ASN1/Basic ASN1 Types/ObjectIdentifier.swift @@ -31,7 +31,7 @@ extension ASN1 { init(asn1Encoded node: ASN1.ASN1Node, withIdentifier identifier: ASN1.ASN1Identifier) throws { guard node.identifier == identifier else { - throw CryptoKitASN1Error.unexpectedFieldType + throw CryptoASN1Error.unexpectedFieldType } guard case .primitive(var content) = node.content else { @@ -65,7 +65,7 @@ extension ASN1 { } guard subcomponents.count >= 2 else { - throw CryptoKitASN1Error.invalidObjectIdentifier + throw CryptoASN1Error.invalidObjectIdentifier } // Now we need to expand the subcomponents out. This means we need to undo the step above. The first component will be in the range 0..<40 @@ -185,7 +185,7 @@ extension ArraySlice where Element == UInt8 { // In principle OID subidentifiers can be too large to fit into a UInt. We are choosing to not care about that // because for us it shouldn't matter. guard let subidentifierEndIndex = self.firstIndex(where: { $0 & 0x80 == 0x00 }) else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } let oidSlice = self[self.startIndex ... subidentifierEndIndex] @@ -200,7 +200,7 @@ extension UInt { fileprivate init(sevenBitBigEndianBytes bytes: Bytes) throws where Bytes.Element == UInt8 { // We need to know how many bytes we _need_ to store this "int". guard ((bytes.count * 7) + 7) / 8 <= MemoryLayout.size else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } self = 0 diff --git a/Sources/Crypto/ASN1/PEMDocument.swift b/Sources/Crypto/ASN1/PEMDocument.swift index 9e0c2b6a..7a72f966 100644 --- a/Sources/Crypto/ASN1/PEMDocument.swift +++ b/Sources/Crypto/ASN1/PEMDocument.swift @@ -36,11 +36,11 @@ extension ASN1 { // and the base64 decoded bytes. var lines = pemString.split { $0.isNewline }[...] guard let first = lines.first, let last = lines.last else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } guard let discriminator = first.pemStartDiscriminator, discriminator == last.pemEndDiscriminator else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } // All but the last line must be 64 bytes. The force unwrap is safe because we require the lines to be @@ -49,11 +49,11 @@ extension ASN1 { guard lines.count > 0, lines.dropLast().allSatisfy({ $0.utf8.count == PEMDocument.lineLength }), lines.last!.utf8.count <= PEMDocument.lineLength else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } guard let derBytes = Data(base64Encoded: lines.joined()) else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } self.type = discriminator diff --git a/Sources/Crypto/ASN1/PKCS8PrivateKey.swift b/Sources/Crypto/ASN1/PKCS8PrivateKey.swift index b247776e..950534db 100644 --- a/Sources/Crypto/ASN1/PKCS8PrivateKey.swift +++ b/Sources/Crypto/ASN1/PKCS8PrivateKey.swift @@ -52,7 +52,7 @@ extension ASN1 { self = try ASN1.sequence(rootNode, identifier: identifier) { nodes in let version = try Int(asn1Encoded: &nodes) guard version == 0 else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } let algorithm = try ASN1.RFC5480AlgorithmIdentifier(asn1Encoded: &nodes) @@ -64,7 +64,7 @@ extension ASN1 { let sec1PrivateKeyNode = try ASN1.parse(privateKeyBytes.bytes) let sec1PrivateKey = try ASN1.SEC1PrivateKey(asn1Encoded: sec1PrivateKeyNode) if let innerAlgorithm = sec1PrivateKey.algorithm, innerAlgorithm != algorithm { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } return try .init(algorithm: algorithm, privateKey: sec1PrivateKey) diff --git a/Sources/Crypto/ASN1/SEC1PrivateKey.swift b/Sources/Crypto/ASN1/SEC1PrivateKey.swift index 5236a05c..e6a4890a 100644 --- a/Sources/Crypto/ASN1/SEC1PrivateKey.swift +++ b/Sources/Crypto/ASN1/SEC1PrivateKey.swift @@ -40,7 +40,7 @@ extension ASN1 { self = try ASN1.sequence(rootNode, identifier: identifier) { nodes in let version = try Int(asn1Encoded: &nodes) guard 1 == version else { - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } let privateKey = try ASN1OctetString(asn1Encoded: &nodes) @@ -67,7 +67,7 @@ extension ASN1 { case ASN1ObjectIdentifier.NamedCurves.secp521r1: return .ecdsaP521 default: - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } } } @@ -93,7 +93,7 @@ extension ASN1 { case .ecdsaP521: oid = ASN1ObjectIdentifier.NamedCurves.secp521r1 default: - throw CryptoKitASN1Error.invalidASN1Object + throw CryptoASN1Error.invalidASN1Object } try coder.serialize(oid, explicitlyTaggedWithTagNumber: 0, tagClass: .contextSpecific) diff --git a/Sources/Crypto/CMakeLists.txt b/Sources/Crypto/CMakeLists.txt index 3613429d..1dc10d66 100644 --- a/Sources/Crypto/CMakeLists.txt +++ b/Sources/Crypto/CMakeLists.txt @@ -36,7 +36,7 @@ add_library(Crypto "ASN1/PKCS8PrivateKey.swift" "ASN1/SEC1PrivateKey.swift" "ASN1/SubjectPublicKeyInfo.swift" - "CryptoKitErrors.swift" + "CryptoErrors.swift" "Digests/BoringSSL/Digest_boring.swift" "Digests/Digest.swift" "Digests/Digests.swift" @@ -86,7 +86,7 @@ add_library(Crypto "Signatures/ECDSA.swift" "Signatures/Ed25519.swift" "Signatures/Signature.swift" - "Util/BoringSSL/CryptoKitErrors_boring.swift" + "Util/BoringSSL/CryptoErrors_boring.swift" "Util/BoringSSL/RNG_boring.swift" "Util/BoringSSL/SafeCompare_boring.swift" "Util/BoringSSL/Zeroization_boring.swift" diff --git a/Sources/Crypto/CryptoKitErrors.swift b/Sources/Crypto/CryptoErrors.swift similarity index 93% rename from Sources/Crypto/CryptoKitErrors.swift rename to Sources/Crypto/CryptoErrors.swift index 53aad45d..db7d6eb8 100644 --- a/Sources/Crypto/CryptoKitErrors.swift +++ b/Sources/Crypto/CryptoErrors.swift @@ -64,3 +64,7 @@ public enum CryptoKitASN1Error: Equatable, Error, Hashable { case invalidPEMDocument } #endif + +public typealias CryptoError = CryptoKitError +@available(iOS 14, macOS 11, tvOS 14, watchOS 7, *) +public typealias CryptoASN1Error = CryptoKitASN1Error \ No newline at end of file diff --git a/Sources/Crypto/Key Agreement/ECDH.swift b/Sources/Crypto/Key Agreement/ECDH.swift index 03c47769..8f2515bb 100644 --- a/Sources/Crypto/Key Agreement/ECDH.swift +++ b/Sources/Crypto/Key Agreement/ECDH.swift @@ -85,7 +85,7 @@ extension P256 { public init(pemRepresentation: String) throws { let pem = try ASN1.PEMDocument(pemString: pemRepresentation) guard pem.type == "PUBLIC KEY" else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } self = try .init(derRepresentation: pem.derBytes) } @@ -185,7 +185,7 @@ extension P256 { let parsed = try ASN1.PKCS8PrivateKey(asn1Encoded: Array(pem.derBytes)) self = try .init(rawRepresentation: parsed.privateKey.privateKey) default: - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } } @@ -300,7 +300,7 @@ extension P256 { public init(pemRepresentation: String) throws { let pem = try ASN1.PEMDocument(pemString: pemRepresentation) guard pem.type == "PUBLIC KEY" else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } self = try .init(derRepresentation: pem.derBytes) } @@ -400,7 +400,7 @@ extension P256 { let parsed = try ASN1.PKCS8PrivateKey(asn1Encoded: Array(pem.derBytes)) self = try .init(rawRepresentation: parsed.privateKey.privateKey) default: - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } } @@ -514,7 +514,7 @@ extension P384 { public init(pemRepresentation: String) throws { let pem = try ASN1.PEMDocument(pemString: pemRepresentation) guard pem.type == "PUBLIC KEY" else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } self = try .init(derRepresentation: pem.derBytes) } @@ -614,7 +614,7 @@ extension P384 { let parsed = try ASN1.PKCS8PrivateKey(asn1Encoded: Array(pem.derBytes)) self = try .init(rawRepresentation: parsed.privateKey.privateKey) default: - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } } @@ -729,7 +729,7 @@ extension P384 { public init(pemRepresentation: String) throws { let pem = try ASN1.PEMDocument(pemString: pemRepresentation) guard pem.type == "PUBLIC KEY" else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } self = try .init(derRepresentation: pem.derBytes) } @@ -829,7 +829,7 @@ extension P384 { let parsed = try ASN1.PKCS8PrivateKey(asn1Encoded: Array(pem.derBytes)) self = try .init(rawRepresentation: parsed.privateKey.privateKey) default: - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } } @@ -943,7 +943,7 @@ extension P521 { public init(pemRepresentation: String) throws { let pem = try ASN1.PEMDocument(pemString: pemRepresentation) guard pem.type == "PUBLIC KEY" else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } self = try .init(derRepresentation: pem.derBytes) } @@ -1043,7 +1043,7 @@ extension P521 { let parsed = try ASN1.PKCS8PrivateKey(asn1Encoded: Array(pem.derBytes)) self = try .init(rawRepresentation: parsed.privateKey.privateKey) default: - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } } @@ -1158,7 +1158,7 @@ extension P521 { public init(pemRepresentation: String) throws { let pem = try ASN1.PEMDocument(pemString: pemRepresentation) guard pem.type == "PUBLIC KEY" else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } self = try .init(derRepresentation: pem.derBytes) } @@ -1258,7 +1258,7 @@ extension P521 { let parsed = try ASN1.PKCS8PrivateKey(asn1Encoded: Array(pem.derBytes)) self = try .init(rawRepresentation: parsed.privateKey.privateKey) default: - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } } diff --git a/Sources/Crypto/Key Agreement/ECDH.swift.gyb b/Sources/Crypto/Key Agreement/ECDH.swift.gyb index d4aae6b7..008d918c 100644 --- a/Sources/Crypto/Key Agreement/ECDH.swift.gyb +++ b/Sources/Crypto/Key Agreement/ECDH.swift.gyb @@ -104,7 +104,7 @@ extension ${CURVE} { public init(pemRepresentation: String) throws { let pem = try ASN1.PEMDocument(pemString: pemRepresentation) guard pem.type == "PUBLIC KEY" else { - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } self = try .init(derRepresentation: pem.derBytes) } @@ -208,7 +208,7 @@ extension ${CURVE} { let parsed = try ASN1.PKCS8PrivateKey(asn1Encoded: Array(pem.derBytes)) self = try .init(rawRepresentation: parsed.privateKey.privateKey) default: - throw CryptoKitASN1Error.invalidPEMDocument + throw CryptoASN1Error.invalidPEMDocument } } diff --git a/Sources/Crypto/Key Wrapping/BoringSSL/AESWrap_boring.swift b/Sources/Crypto/Key Wrapping/BoringSSL/AESWrap_boring.swift index 12b8cee5..4bf15c22 100644 --- a/Sources/Crypto/Key Wrapping/BoringSSL/AESWrap_boring.swift +++ b/Sources/Crypto/Key Wrapping/BoringSSL/AESWrap_boring.swift @@ -37,7 +37,7 @@ enum BoringSSLAESWRAPImpl { } guard rc >= 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } // Assert our 8-byte overhead story was true. @@ -66,7 +66,7 @@ enum BoringSSLAESWRAPImpl { } guard rc > 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } // Assert our 8-byte overhead story is true. @@ -106,7 +106,7 @@ extension SymmetricKey { } guard rc == 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return try withUnsafePointer(to: aesKey) { diff --git a/Sources/Crypto/Keys/EC/BoringSSL/Ed25519_boring.swift b/Sources/Crypto/Keys/EC/BoringSSL/Ed25519_boring.swift index acae4c2f..cd155c5f 100644 --- a/Sources/Crypto/Keys/EC/BoringSSL/Ed25519_boring.swift +++ b/Sources/Crypto/Keys/EC/BoringSSL/Ed25519_boring.swift @@ -56,7 +56,7 @@ extension Curve25519.Signing { var publicKey = Array(repeating: UInt8(0), count: 32) let privateKey: SecureBytes = try data.withUnsafeBytes { seedPtr in guard seedPtr.count == 32 else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } let privateKey = SecureBytes(unsafeUninitializedCapacity: 64) { privateKeyPtr, privateKeyBytes in @@ -89,7 +89,7 @@ extension Curve25519.Signing { init(rawRepresentation: D) throws { self.keyBytes = try rawRepresentation.withUnsafeBytes { keyBytesPtr in guard keyBytesPtr.count == 32 else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } return Array(keyBytesPtr) } diff --git a/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift b/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift index 75684e96..7746b2f6 100644 --- a/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift +++ b/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurvePoint_boring.swift @@ -26,7 +26,7 @@ class EllipticCurvePoint { init(multiplying scalar: ArbitraryPrecisionInteger, on group: BoringSSLEllipticCurveGroup) throws { self._basePoint = try group.withUnsafeGroupPointer { groupPtr in guard let basePoint = CCryptoBoringSSL_EC_POINT_new(groupPtr) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return basePoint } @@ -34,7 +34,7 @@ class EllipticCurvePoint { try group.withUnsafeGroupPointer { groupPtr in try scalar.withUnsafeBignumPointer { bigNumPtr in guard CCryptoBoringSSL_EC_POINT_mul(groupPtr, self._basePoint, bigNumPtr, nil, nil, nil) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } } @@ -43,7 +43,7 @@ class EllipticCurvePoint { init(copying pointer: OpaquePointer, on group: BoringSSLEllipticCurveGroup) throws { self._basePoint = try group.withUnsafeGroupPointer { groupPtr in guard let basePoint = CCryptoBoringSSL_EC_POINT_dup(pointer, groupPtr) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return basePoint } @@ -71,7 +71,7 @@ extension EllipticCurvePoint { try y.withUnsafeMutableBignumPointer { yPtr in try group.withUnsafeGroupPointer { groupPtr in guard CCryptoBoringSSL_EC_POINT_get_affine_coordinates_GFp(groupPtr, self._basePoint, xPtr, yPtr, nil) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } } diff --git a/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurve_boring.swift b/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurve_boring.swift index d269833f..c31d54cd 100644 --- a/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurve_boring.swift +++ b/Sources/Crypto/Keys/EC/BoringSSL/EllipticCurve_boring.swift @@ -26,7 +26,7 @@ class BoringSSLEllipticCurveGroup { @usableFromInline init(_ curve: CurveName) throws { guard let group = CCryptoBoringSSL_EC_GROUP_new_by_curve_name(curve.baseNID) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } self._group = group @@ -49,7 +49,7 @@ extension BoringSSLEllipticCurveGroup { func makeUnsafeOwnedECKey() throws -> OpaquePointer { guard let key = CCryptoBoringSSL_EC_KEY_new(), CCryptoBoringSSL_EC_KEY_set_group(key, self._group) == 1 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return key @@ -58,7 +58,7 @@ extension BoringSSLEllipticCurveGroup { @usableFromInline func makeUnsafeOwnedECPoint() throws -> OpaquePointer { guard let point = CCryptoBoringSSL_EC_POINT_new(self._group) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return point diff --git a/Sources/Crypto/Keys/EC/BoringSSL/NISTCurvesKeys_boring.swift b/Sources/Crypto/Keys/EC/BoringSSL/NISTCurvesKeys_boring.swift index ed979975..c700992c 100644 --- a/Sources/Crypto/Keys/EC/BoringSSL/NISTCurvesKeys_boring.swift +++ b/Sources/Crypto/Keys/EC/BoringSSL/NISTCurvesKeys_boring.swift @@ -147,7 +147,7 @@ class BoringSSLECPrivateKeyWrapper { for _ in 0 ..< 100 { // We generate FIPS compliant keys to match the behaviour of CryptoKit on Apple platforms. guard CCryptoBoringSSL_EC_KEY_generate_key(self.key) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } // We want to generate FIPS compliant keys. If this isn't, loop around again. @@ -170,7 +170,7 @@ class BoringSSLECPrivateKeyWrapper { let group = Curve.group let length = bytes.withUnsafeBytes { $0.count } guard length == (group.coordinateByteCount * 3) + 1 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.key = try group.makeUnsafeOwnedECKey() @@ -192,7 +192,7 @@ class BoringSSLECPrivateKeyWrapper { // This brings our behaviour into line with CryptoKit let length = bytes.withUnsafeBytes { $0.count } guard length == group.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.key = try group.makeUnsafeOwnedECKey() @@ -211,7 +211,7 @@ class BoringSSLECPrivateKeyWrapper { func setPrivateKey(_ keyScalar: ArbitraryPrecisionInteger) throws { try keyScalar.withUnsafeBignumPointer { bigNum in guard CCryptoBoringSSL_EC_KEY_set_private_key(self.key, bigNum) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } } @@ -222,7 +222,7 @@ class BoringSSLECPrivateKeyWrapper { // This function is missing some const declarations here, which is why we need the bignums inout. // If that gets fixed, we can clean this function up. guard CCryptoBoringSSL_EC_KEY_set_public_key_affine_coordinates(self.key, xPointer, yPointer) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } } @@ -231,7 +231,7 @@ class BoringSSLECPrivateKeyWrapper { func setPublicKey(point: EllipticCurvePoint) throws { try point.withPointPointer { ecPointer in guard CCryptoBoringSSL_EC_KEY_set_public_key(self.key, ecPointer) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } } @@ -293,7 +293,7 @@ class BoringSSLECPrivateKeyWrapper { } if rc == -1 { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } precondition(rc == outputSize, "Unexpectedly short secret.") secretSize = Int(rc) @@ -305,7 +305,7 @@ class BoringSSLECPrivateKeyWrapper { CCryptoBoringSSLShims_ECDSA_do_sign(digestPtr.baseAddress, digestPtr.count, self.key) } guard let rawSignature = optionalRawSignature else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return ECDSASignature(takingOwnershipOf: rawSignature) @@ -331,7 +331,7 @@ class BoringSSLECPublicKeyWrapper { // This brings our behaviour into line with CryptoKit let length = bytes.withUnsafeBytes { $0.count } guard length == group.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.key = try group.makeUnsafeOwnedECKey() @@ -372,7 +372,7 @@ class BoringSSLECPublicKeyWrapper { try self.setPublicKey(x: &x, y: &y) default: - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -387,7 +387,7 @@ class BoringSSLECPublicKeyWrapper { try self.setPublicKey(x: &x, yBit: yBit) default: - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -399,7 +399,7 @@ class BoringSSLECPublicKeyWrapper { // This brings our behaviour into line with CryptoKit let length = bytes.withUnsafeBytes { $0.count } guard length == group.coordinateByteCount * 2 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.key = try group.makeUnsafeOwnedECKey() @@ -417,13 +417,13 @@ class BoringSSLECPublicKeyWrapper { @usableFromInline init(unsafeTakingOwnership ownedPointer: OpaquePointer) throws { guard let newKeyGroup = CCryptoBoringSSL_EC_KEY_get0_group(ownedPointer) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } let groupEqual = Curve.group.withUnsafeGroupPointer { ourCurvePointer in CCryptoBoringSSL_EC_GROUP_cmp(newKeyGroup, ourCurvePointer, nil) } guard groupEqual == 0 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.key = ownedPointer @@ -497,7 +497,7 @@ class BoringSSLECPublicKeyWrapper { // This function is missing some const declarations here, which is why we need the bignums inout. // If that gets fixed, we can clean this function up. guard CCryptoBoringSSL_EC_KEY_set_public_key_affine_coordinates(self.key, xPointer, yPointer) != 0 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } } @@ -517,11 +517,11 @@ class BoringSSLECPublicKeyWrapper { } guard rc == 1 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } guard CCryptoBoringSSL_EC_KEY_set_public_key(self.key, point) == 1 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } } @@ -543,7 +543,7 @@ extension ContiguousBytes { // of the public key, and the K value of the secret scalar. Let's load that in. return try self.withUnsafeBytes { bytesPtr in guard bytesPtr.first == 0x04 else { - throw CryptoKitError.incorrectKeySize // This is the same error CryptoKit throws on Apple platforms. + throw CryptoError.incorrectKeySize // This is the same error CryptoKit throws on Apple platforms. } let stride = (bytesPtr.count - 1) / 3 @@ -568,7 +568,7 @@ extension ContiguousBytes { // of the public key. Let's load that in. return try self.withUnsafeBytes { bytesPtr in guard bytesPtr.first == 0x04 else { - throw CryptoKitError.incorrectKeySize // This is the same error CryptoKit throws on Apple platforms. + throw CryptoError.incorrectKeySize // This is the same error CryptoKit throws on Apple platforms. } return try readRawPublicNumbers(copyingBytes: UnsafeRawBufferPointer(rebasing: bytesPtr[1...])) @@ -588,7 +588,7 @@ extension ContiguousBytes { case 0x02: yBit = false default: - throw CryptoKitError.incorrectKeySize // This is the same error CryptoKit throws on Apple platforms. + throw CryptoError.incorrectKeySize // This is the same error CryptoKit throws on Apple platforms. } let xBytes = UnsafeRawBufferPointer(rebasing: bytesPtr.dropFirst()) diff --git a/Sources/Crypto/Keys/EC/BoringSSL/X25519Keys_boring.swift b/Sources/Crypto/Keys/EC/BoringSSL/X25519Keys_boring.swift index 3cb3a457..5fa7f522 100644 --- a/Sources/Crypto/Keys/EC/BoringSSL/X25519Keys_boring.swift +++ b/Sources/Crypto/Keys/EC/BoringSSL/X25519Keys_boring.swift @@ -31,7 +31,7 @@ extension Curve25519.KeyAgreement { init(rawRepresentation: D) throws { self.keyBytes = try rawRepresentation.withUnsafeBytes { dataPtr in guard dataPtr.count == Curve25519.KeyAgreement.keySizeBytes else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } return Array(dataPtr) @@ -128,7 +128,7 @@ extension Curve25519.KeyAgreement { /// - Parameter rawRepresentation: The provided key representation. Expected to be a valid 32-bytes private key. static func validateX25519PrivateKeyData(rawRepresentation: UnsafeRawBufferPointer) throws { guard rawRepresentation.count == 32 else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } } } diff --git a/Sources/Crypto/Signatures/BoringSSL/ECDSASignature_boring.swift b/Sources/Crypto/Signatures/BoringSSL/ECDSASignature_boring.swift index 18999303..95b2c9c8 100644 --- a/Sources/Crypto/Signatures/BoringSSL/ECDSASignature_boring.swift +++ b/Sources/Crypto/Signatures/BoringSSL/ECDSASignature_boring.swift @@ -26,7 +26,7 @@ class ECDSASignature { init(contiguousDERBytes derBytes: ContiguousBuffer) throws { self._baseSig = try derBytes.withUnsafeBytes { bytesPtr in guard let sig = CCryptoBoringSSLShims_ECDSA_SIG_from_bytes(bytesPtr.baseAddress, bytesPtr.count) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return sig } @@ -38,7 +38,7 @@ class ECDSASignature { let r = try ArbitraryPrecisionInteger(bytes: rawRepresentation.prefix(half)) let s = try ArbitraryPrecisionInteger(bytes: rawRepresentation.suffix(half)) guard let sig = CCryptoBoringSSL_ECDSA_SIG_new() else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } self._baseSig = sig @@ -49,11 +49,11 @@ class ECDSASignature { // This means we need to dup the pointers (to get something the ECDSA_SIG can own) and then // on error we have to free them. This makes lifetime management pretty rough here! guard let rCopy = CCryptoBoringSSL_BN_dup(rPtr) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } guard let sCopy = CCryptoBoringSSL_BN_dup(sPtr) else { CCryptoBoringSSL_BN_free(rCopy) - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } let rc = CCryptoBoringSSL_ECDSA_SIG_set0(self._baseSig, rCopy, sCopy) diff --git a/Sources/Crypto/Signatures/BoringSSL/EdDSA_boring.swift b/Sources/Crypto/Signatures/BoringSSL/EdDSA_boring.swift index 024da905..86e054e1 100644 --- a/Sources/Crypto/Signatures/BoringSSL/EdDSA_boring.swift +++ b/Sources/Crypto/Signatures/BoringSSL/EdDSA_boring.swift @@ -102,7 +102,7 @@ extension Curve25519.Signing.PrivateKey { } if rc != 1 { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return signature diff --git a/Sources/Crypto/Signatures/ECDSA.swift b/Sources/Crypto/Signatures/ECDSA.swift index cfed2c14..6e8dd9f8 100644 --- a/Sources/Crypto/Signatures/ECDSA.swift +++ b/Sources/Crypto/Signatures/ECDSA.swift @@ -48,7 +48,7 @@ extension P256.Signing { /// collection of contiguous bytes. public init(rawRepresentation: D) throws { guard rawRepresentation.count == 2 * P256.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.rawRepresentation = Data(rawRepresentation) @@ -56,7 +56,7 @@ extension P256.Signing { internal init(_ dataRepresentation: Data) throws { guard dataRepresentation.count == 2 * P256.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.rawRepresentation = dataRepresentation @@ -85,7 +85,7 @@ extension P256.Signing { let coordinateByteCount = P256.coordinateByteCount guard signature.r.count <= coordinateByteCount && signature.s.count <= coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } // r and s must be padded out to the coordinate byte count. @@ -211,7 +211,7 @@ extension P384.Signing { /// collection of contiguous bytes. public init(rawRepresentation: D) throws { guard rawRepresentation.count == 2 * P384.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.rawRepresentation = Data(rawRepresentation) @@ -219,7 +219,7 @@ extension P384.Signing { internal init(_ dataRepresentation: Data) throws { guard dataRepresentation.count == 2 * P384.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.rawRepresentation = dataRepresentation @@ -248,7 +248,7 @@ extension P384.Signing { let coordinateByteCount = P384.coordinateByteCount guard signature.r.count <= coordinateByteCount && signature.s.count <= coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } // r and s must be padded out to the coordinate byte count. @@ -374,7 +374,7 @@ extension P521.Signing { /// collection of contiguous bytes. public init(rawRepresentation: D) throws { guard rawRepresentation.count == 2 * P521.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.rawRepresentation = Data(rawRepresentation) @@ -382,7 +382,7 @@ extension P521.Signing { internal init(_ dataRepresentation: Data) throws { guard dataRepresentation.count == 2 * P521.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.rawRepresentation = dataRepresentation @@ -411,7 +411,7 @@ extension P521.Signing { let coordinateByteCount = P521.coordinateByteCount guard signature.r.count <= coordinateByteCount && signature.s.count <= coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } // r and s must be padded out to the coordinate byte count. diff --git a/Sources/Crypto/Signatures/ECDSA.swift.gyb b/Sources/Crypto/Signatures/ECDSA.swift.gyb index 952a6f6a..ff60d8c9 100644 --- a/Sources/Crypto/Signatures/ECDSA.swift.gyb +++ b/Sources/Crypto/Signatures/ECDSA.swift.gyb @@ -58,7 +58,7 @@ extension ${CURVE}.Signing { /// collection of contiguous bytes. public init(rawRepresentation: D) throws { guard rawRepresentation.count == 2 * ${CURVE}.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.rawRepresentation = Data(rawRepresentation) @@ -66,7 +66,7 @@ extension ${CURVE}.Signing { internal init(_ dataRepresentation: Data) throws { guard dataRepresentation.count == 2 * ${CURVE}.coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.rawRepresentation = dataRepresentation @@ -95,7 +95,7 @@ extension ${CURVE}.Signing { let coordinateByteCount = ${CURVE}.coordinateByteCount guard signature.r.count <= coordinateByteCount && signature.s.count <= coordinateByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } // r and s must be padded out to the coordinate byte count. diff --git a/Sources/Crypto/Util/BoringSSL/CryptoKitErrors_boring.swift b/Sources/Crypto/Util/BoringSSL/CryptoErrors_boring.swift similarity index 91% rename from Sources/Crypto/Util/BoringSSL/CryptoKitErrors_boring.swift rename to Sources/Crypto/Util/BoringSSL/CryptoErrors_boring.swift index dd3ef128..5903f979 100644 --- a/Sources/Crypto/Util/BoringSSL/CryptoKitErrors_boring.swift +++ b/Sources/Crypto/Util/BoringSSL/CryptoErrors_boring.swift @@ -16,10 +16,10 @@ #else @_implementationOnly import CCryptoBoringSSL -extension CryptoKitError { +extension CryptoError { /// A helper function that packs the value of `ERR_get_error` into the internal error field. @usableFromInline - static func internalBoringSSLError() -> CryptoKitError { + static func internalBoringSSLError() -> CryptoError { .underlyingCoreCryptoError(error: Int32(bitPattern: CCryptoBoringSSL_ERR_get_error())) } } diff --git a/Sources/CryptoBoringWrapper/CMakeLists.txt b/Sources/CryptoBoringWrapper/CMakeLists.txt index 97dc9afe..db1a0dfe 100644 --- a/Sources/CryptoBoringWrapper/CMakeLists.txt +++ b/Sources/CryptoBoringWrapper/CMakeLists.txt @@ -14,7 +14,7 @@ add_library(CryptoBoringWrapper STATIC "AEAD/BoringSSLAEAD.swift" - "CryptoKitErrors_boring.swift" + "CryptoErrors_boring.swift" "Util/ArbitraryPrecisionInteger_boring.swift" "Util/FiniteFieldArithmeticContext_boring.swift") diff --git a/Sources/CryptoBoringWrapper/CryptoKitErrors_boring.swift b/Sources/CryptoBoringWrapper/CryptoErrors_boring.swift similarity index 100% rename from Sources/CryptoBoringWrapper/CryptoKitErrors_boring.swift rename to Sources/CryptoBoringWrapper/CryptoErrors_boring.swift diff --git a/Sources/_CryptoExtras/AES/AES_CBC.swift b/Sources/_CryptoExtras/AES/AES_CBC.swift index 3363ddbd..7ce7ed00 100644 --- a/Sources/_CryptoExtras/AES/AES_CBC.swift +++ b/Sources/_CryptoExtras/AES/AES_CBC.swift @@ -55,13 +55,13 @@ extension AES { /// - Note: If `noPadding` is set to `true`, `plainText` has to be a multiple of the blockSize (16 bytes). Otherwise an error will be thrown. public static func encrypt(_ plaintext: Plaintext, using key: SymmetricKey, iv: AES._CBC.IV, noPadding: Bool) throws -> Data { guard [128, 192, 256].contains(key.bitCount) else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } let requiresFullPaddingBlock = (plaintext.count % AES._CBC.blockSize) == 0 if noPadding && !requiresFullPaddingBlock { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } var ciphertext = Data() @@ -115,7 +115,7 @@ extension AES { /// - Returns: The decrypted message. public static func decrypt(_ ciphertext: Ciphertext, using key: SymmetricKey, iv: AES._CBC.IV, noPadding: Bool) throws -> Data { guard [128, 192, 256].contains(key.bitCount) else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } var plaintext = Data() @@ -177,7 +177,7 @@ extension AES._CBC { public init(ivBytes: IVBytes) throws where IVBytes.Element == UInt8 { // We support a 128-bit IV. guard ivBytes.count == 16 else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } self.ivBytes = ( @@ -197,13 +197,13 @@ extension Data { guard let paddingBytes = self.last else { // Degenerate case, empty string. This is forbidden: // we must always pad. - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } guard paddingBytes > 0 && self.count >= paddingBytes && self.suffix(Int(paddingBytes)).allSatisfy({ $0 == paddingBytes }) else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self = self.dropLast(Int(paddingBytes)) diff --git a/Sources/_CryptoExtras/AES/AES_CFB.swift b/Sources/_CryptoExtras/AES/AES_CFB.swift index c11ade31..aae6a0fd 100644 --- a/Sources/_CryptoExtras/AES/AES_CFB.swift +++ b/Sources/_CryptoExtras/AES/AES_CFB.swift @@ -54,7 +54,7 @@ extension AES._CFB { public init(ivBytes: IVBytes) throws where IVBytes.Element == UInt8 { guard ivBytes.count == 16 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.ivBytes = (0, 0) diff --git a/Sources/_CryptoExtras/AES/AES_CTR.swift b/Sources/_CryptoExtras/AES/AES_CTR.swift index 0972e6c6..4448f768 100644 --- a/Sources/_CryptoExtras/AES/AES_CTR.swift +++ b/Sources/_CryptoExtras/AES/AES_CTR.swift @@ -63,7 +63,7 @@ extension AES._CTR { // We support a 96-bit nonce (with a 32-bit counter, initialized to 0) or a full 128-bit // expression. guard nonceBytes.count == 12 || nonceBytes.count == 16 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.nonceBytes = ( diff --git a/Sources/_CryptoExtras/AES/AES_GCM_SIV.swift b/Sources/_CryptoExtras/AES/AES_GCM_SIV.swift index 8bce512c..b1a97432 100644 --- a/Sources/_CryptoExtras/AES/AES_GCM_SIV.swift +++ b/Sources/_CryptoExtras/AES/AES_GCM_SIV.swift @@ -96,7 +96,7 @@ extension AES.GCM._SIV { public init(data: D) throws { if data.count != AES.GCM._SIV.nonceByteCount { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.bytes = Data(data) @@ -138,7 +138,7 @@ extension AES.GCM._SIV { let aesGCMOverhead = 12 + 16 if combined.count < aesGCMOverhead { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.combined = Data(combined) @@ -146,7 +146,7 @@ extension AES.GCM._SIV { public init(nonce: AES.GCM._SIV.Nonce, ciphertext: C, tag: T) throws { guard tag.count == AES.GCM._SIV.tagByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.combined = Data(nonce) + ciphertext + tag diff --git a/Sources/_CryptoExtras/AES/Block Function.swift b/Sources/_CryptoExtras/AES/Block Function.swift index 3db5f73d..35c078d3 100644 --- a/Sources/_CryptoExtras/AES/Block Function.swift +++ b/Sources/_CryptoExtras/AES/Block Function.swift @@ -49,11 +49,11 @@ extension AES { private static func permuteBlock(_ payload: inout Payload, key: SymmetricKey, permutation: Permutation) throws where Payload.Element == UInt8 { if payload.count != Int(Self.blockSize) { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } if !AES.isValidKey(key) { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } let requiresSlowPath: Bool = try payload.withContiguousMutableStorageIfAvailable { storage in diff --git a/Sources/_CryptoExtras/AES/BoringSSL/AES_CFB_boring.swift b/Sources/_CryptoExtras/AES/BoringSSL/AES_CFB_boring.swift index e6be4760..b62c8761 100644 --- a/Sources/_CryptoExtras/AES/BoringSSL/AES_CFB_boring.swift +++ b/Sources/_CryptoExtras/AES/BoringSSL/AES_CFB_boring.swift @@ -40,7 +40,7 @@ enum OpenSSLAESCFBImpl { iv: AES._CFB.IV ) throws -> Data { guard [128, 192, 256].contains(key.bitCount) else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } return plaintext.withUnsafeBytes { plaintextBufferPtr in Self._encryptOrDecrypt(mode, plaintextBufferPtr, using: key, iv: iv) diff --git a/Sources/_CryptoExtras/AES/BoringSSL/AES_CTR_boring.swift b/Sources/_CryptoExtras/AES/BoringSSL/AES_CTR_boring.swift index 1ec7c94b..375ad8be 100644 --- a/Sources/_CryptoExtras/AES/BoringSSL/AES_CTR_boring.swift +++ b/Sources/_CryptoExtras/AES/BoringSSL/AES_CTR_boring.swift @@ -25,7 +25,7 @@ enum OpenSSLAESCTRImpl { nonce: AES._CTR.Nonce ) throws -> Data { guard [128, 192, 256].contains(key.bitCount) else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } return plaintext.withUnsafeBytes { plaintextBufferPtr in Self._encrypt(plaintextBufferPtr, using: key, nonce: nonce) diff --git a/Sources/_CryptoExtras/AES/BoringSSL/AES_GCM_SIV_boring.swift b/Sources/_CryptoExtras/AES/BoringSSL/AES_GCM_SIV_boring.swift index 37697b4c..24371936 100644 --- a/Sources/_CryptoExtras/AES/BoringSSL/AES_GCM_SIV_boring.swift +++ b/Sources/_CryptoExtras/AES/BoringSSL/AES_GCM_SIV_boring.swift @@ -27,7 +27,7 @@ extension BoringSSLAEAD { let context = try AEADContext(cipher: self, key: key) return try context.seal(message: message, nonce: nonce, authenticatedData: authenticatedData) } catch CryptoBoringWrapperError.underlyingCoreCryptoError(let errorCode) { - throw CryptoKitError.underlyingCoreCryptoError(error: errorCode) + throw CryptoError.underlyingCoreCryptoError(error: errorCode) } } @@ -37,7 +37,7 @@ extension BoringSSLAEAD { let context = try AEADContext(cipher: self, key: key) return try context.open(combinedCiphertextAndTag: combinedCiphertextAndTag, nonce: nonce, authenticatedData: authenticatedData) } catch CryptoBoringWrapperError.underlyingCoreCryptoError(let errorCode) { - throw CryptoKitError.underlyingCoreCryptoError(error: errorCode) + throw CryptoError.underlyingCoreCryptoError(error: errorCode) } } } @@ -81,7 +81,7 @@ enum OpenSSLAESGCMSIVImpl { case 256: return .aes256gcmsiv default: - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } } } diff --git a/Sources/_CryptoExtras/CMakeLists.txt b/Sources/_CryptoExtras/CMakeLists.txt index eef4376d..676de586 100644 --- a/Sources/_CryptoExtras/CMakeLists.txt +++ b/Sources/_CryptoExtras/CMakeLists.txt @@ -20,7 +20,7 @@ add_library(_CryptoExtras "RSA/RSA_boring.swift" "RSA/RSA_security.swift" "Util/BoringSSLHelpers.swift" - "Util/CryptoKitErrors_boring.swift" + "Util/CryptoErrors_boring.swift" "Util/DigestType.swift" "Util/Error.swift" "Util/PEMDocument.swift" diff --git a/Sources/_CryptoExtras/ChaCha20CTR/BoringSSL/ChaCha20CTR_boring.swift b/Sources/_CryptoExtras/ChaCha20CTR/BoringSSL/ChaCha20CTR_boring.swift index 3be2ccaa..c98a64b7 100644 --- a/Sources/_CryptoExtras/ChaCha20CTR/BoringSSL/ChaCha20CTR_boring.swift +++ b/Sources/_CryptoExtras/ChaCha20CTR/BoringSSL/ChaCha20CTR_boring.swift @@ -21,7 +21,7 @@ import Foundation enum OpenSSLChaCha20CTRImpl { static func encrypt(key: SymmetricKey, message: M, counter: UInt32, nonce: N) throws -> Data { guard key.bitCount == Insecure.ChaCha20CTR.keyBitsCount else { - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } // If our message, conforming to DataProtocol, happens to be allocated contiguously in memory, then we can grab the first, and only, contiguous region and operate on it diff --git a/Sources/_CryptoExtras/ChaCha20CTR/ChaCha20CTR.swift b/Sources/_CryptoExtras/ChaCha20CTR/ChaCha20CTR.swift index 449bd7a0..1c17d9bf 100644 --- a/Sources/_CryptoExtras/ChaCha20CTR/ChaCha20CTR.swift +++ b/Sources/_CryptoExtras/ChaCha20CTR/ChaCha20CTR.swift @@ -66,7 +66,7 @@ extension Insecure.ChaCha20CTR { public init(data: D) throws { if data.count != Insecure.ChaCha20CTR.nonceByteCount { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.bytes = Data(data) @@ -94,7 +94,7 @@ extension Insecure.ChaCha20CTR { /// Explicitly set the Counter's offset using a byte sequence public init(data: D) throws { if data.count != Insecure.ChaCha20CTR.counterByteCount { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } let startIndex = data.startIndex diff --git a/Sources/_CryptoExtras/RSA/RSA+BlindSigning.swift b/Sources/_CryptoExtras/RSA/RSA+BlindSigning.swift index a197704e..822b2787 100644 --- a/Sources/_CryptoExtras/RSA/RSA+BlindSigning.swift +++ b/Sources/_CryptoExtras/RSA/RSA+BlindSigning.swift @@ -49,7 +49,7 @@ extension _RSA.BlindSigning { self.parameters = parameters guard self.keySizeInBits >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -63,7 +63,7 @@ extension _RSA.BlindSigning { self.parameters = parameters guard self.keySizeInBits >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -76,7 +76,7 @@ extension _RSA.BlindSigning { self.parameters = parameters guard self.keySizeInBits >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -90,7 +90,7 @@ extension _RSA.BlindSigning { self.parameters = parameters guard self.keySizeInBits >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -148,7 +148,7 @@ extension _RSA.BlindSigning { self.parameters = parameters guard self.keySizeInBits >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -162,7 +162,7 @@ extension _RSA.BlindSigning { self.parameters = parameters guard self.keySizeInBits >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -175,7 +175,7 @@ extension _RSA.BlindSigning { self.parameters = parameters guard self.keySizeInBits >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -189,7 +189,7 @@ extension _RSA.BlindSigning { self.parameters = parameters guard self.keySizeInBits >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -205,7 +205,7 @@ extension _RSA.BlindSigning { /// key size requirements should validate `keySize` before use. public init(keySize: _RSA.Signing.KeySize, parameters: Parameters = .RSABSSA_SHA384_PSS_Randomized) throws { guard keySize.bitCount >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.backing = try BackingPrivateKey(keySize: keySize) self.parameters = parameters @@ -218,7 +218,7 @@ extension _RSA.BlindSigning { /// - Warning: Key sizes less than 2048 are not recommended and should only be used for compatibility reasons. public init(unsafeKeySize keySize: _RSA.Signing.KeySize, parameters: Parameters = .RSABSSA_SHA384_PSS_Randomized) throws { guard keySize.bitCount >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.backing = try BackingPrivateKey(keySize: keySize) self.parameters = parameters @@ -475,7 +475,7 @@ extension _RSA.BlindSigning.PublicKey { extension _RSA.BlindSigning { /// Errors defined in the RSA Blind Signatures protocol. /// - /// - NOTE: This type does not conform to `Swift.Error`, it is used to construct a `CryptoKitError`. + /// - NOTE: This type does not conform to `Swift.Error`, it is used to construct a `CryptoError`. /// /// - Seealso: [RFC 9474: Errors](https://www.rfc-editor.org/rfc/rfc9474.html#name-errors). enum ProtocolError { @@ -489,8 +489,8 @@ extension _RSA.BlindSigning { } } -extension CryptoKitError { - /// Map an error from the RSA Blind Signatures protocol to a CryptoKitError. +extension CryptoError { + /// Map an error from the RSA Blind Signatures protocol to a CryptoError. init(_ error: _RSA.BlindSigning.ProtocolError) { switch error { case .messageTooLong: diff --git a/Sources/_CryptoExtras/RSA/RSA.swift b/Sources/_CryptoExtras/RSA/RSA.swift index a7d5652c..97ec5cdb 100644 --- a/Sources/_CryptoExtras/RSA/RSA.swift +++ b/Sources/_CryptoExtras/RSA/RSA.swift @@ -89,7 +89,7 @@ extension _RSA.Signing { self.backing = try BackingPublicKey(derRepresentation: sanitizedDer) guard self.keySizeInBits >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -105,7 +105,7 @@ extension _RSA.Signing { self.backing = try BackingPublicKey(derRepresentation: sanitizedDer) guard self.keySizeInBits >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -163,7 +163,7 @@ extension _RSA.Signing { self.backing = try BackingPrivateKey(pemRepresentation: pemRepresentation) guard self.keySizeInBits >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -176,7 +176,7 @@ extension _RSA.Signing { self.backing = try BackingPrivateKey(pemRepresentation: pemRepresentation) guard self.keySizeInBits >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -188,7 +188,7 @@ extension _RSA.Signing { self.backing = try BackingPrivateKey(derRepresentation: derRepresentation) guard self.keySizeInBits >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -201,7 +201,7 @@ extension _RSA.Signing { self.backing = try BackingPrivateKey(derRepresentation: derRepresentation) guard self.keySizeInBits >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } @@ -222,7 +222,7 @@ extension _RSA.Signing { /// key size requirements should validate `keySize` before use. public init(keySize: _RSA.Signing.KeySize) throws { guard keySize.bitCount >= 2048 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.backing = try BackingPrivateKey(keySize: keySize) } @@ -234,7 +234,7 @@ extension _RSA.Signing { /// - Warning: Key sizes less than 2048 are not recommended and should only be used for compatibility reasons. public init(unsafeKeySize keySize: _RSA.Signing.KeySize) throws { guard keySize.bitCount >= 1024 else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } self.backing = try BackingPrivateKey(keySize: keySize) } @@ -486,7 +486,7 @@ extension _RSA.Encryption { /// for their use-case. public init(pemRepresentation: String) throws { self.backing = try BackingPublicKey(pemRepresentation: pemRepresentation) - guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoKitError.incorrectParameterSize } + guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoError.incorrectParameterSize } } /// Construct an RSA public key from a PEM representation. @@ -496,7 +496,7 @@ extension _RSA.Encryption { /// - Warning: Key sizes less than 2048 are not recommended and should only be used for compatibility reasons. public init(unsafePEMRepresentation pemRepresentation: String) throws { self.backing = try BackingPublicKey(pemRepresentation: pemRepresentation) - guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoKitError.incorrectParameterSize } + guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoError.incorrectParameterSize } } /// Construct an RSA public key from a DER representation. @@ -505,7 +505,7 @@ extension _RSA.Encryption { /// for their use-case. public init(derRepresentation: Bytes) throws { self.backing = try BackingPublicKey(derRepresentation: derRepresentation) - guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoKitError.incorrectParameterSize } + guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoError.incorrectParameterSize } } /// Construct an RSA public key from a DER representation. @@ -515,7 +515,7 @@ extension _RSA.Encryption { /// - Warning: Key sizes less than 2048 are not recommended and should only be used for compatibility reasons. public init(unsafeDERRepresentation derRepresentation: Bytes) throws { self.backing = try BackingPublicKey(derRepresentation: derRepresentation) - guard self.keySizeInBits >= 1024, self.keySizeInBits % 8 == 0 else { throw CryptoKitError.incorrectParameterSize } + guard self.keySizeInBits >= 1024, self.keySizeInBits % 8 == 0 else { throw CryptoError.incorrectParameterSize } } /// Construct an RSA public key with the specified parameters. @@ -552,7 +552,7 @@ extension _RSA.Encryption { /// for their use-case. public init(pemRepresentation: String) throws { self.backing = try BackingPrivateKey(pemRepresentation: pemRepresentation) - guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoKitError.incorrectParameterSize } + guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoError.incorrectParameterSize } } /// Construct an RSA public key from a PEM representation. @@ -562,7 +562,7 @@ extension _RSA.Encryption { /// - Warning: Key sizes less than 2048 are not recommended and should only be used for compatibility reasons. public init(unsafePEMRepresentation pemRepresentation: String) throws { self.backing = try BackingPrivateKey(pemRepresentation: pemRepresentation) - guard self.keySizeInBits >= 1024, self.keySizeInBits % 8 == 0 else { throw CryptoKitError.incorrectParameterSize } + guard self.keySizeInBits >= 1024, self.keySizeInBits % 8 == 0 else { throw CryptoError.incorrectParameterSize } } /// Construct an RSA private key from a DER representation. @@ -571,7 +571,7 @@ extension _RSA.Encryption { /// for their use-case. public init(derRepresentation: Bytes) throws { self.backing = try BackingPrivateKey(derRepresentation: derRepresentation) - guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoKitError.incorrectParameterSize } + guard self.keySizeInBits >= 2048, self.keySizeInBits % 8 == 0 else { throw CryptoError.incorrectParameterSize } } /// Construct an RSA public key from a DER representation. @@ -581,7 +581,7 @@ extension _RSA.Encryption { /// - Warning: Key sizes less than 2048 are not recommended and should only be used for compatibility reasons. public init(unsafeDERRepresentation derRepresentation: Bytes) throws { self.backing = try BackingPrivateKey(derRepresentation: derRepresentation) - guard self.keySizeInBits >= 1024, self.keySizeInBits % 8 == 0 else { throw CryptoKitError.incorrectParameterSize } + guard self.keySizeInBits >= 1024, self.keySizeInBits % 8 == 0 else { throw CryptoError.incorrectParameterSize } } @@ -601,7 +601,7 @@ extension _RSA.Encryption { /// This constructor will refuse to generate keys smaller than 2048 bits. Callers that want to enforce minimum /// key size requirements should validate `keySize` before use. public init(keySize: _RSA.Signing.KeySize) throws { - guard keySize.bitCount >= 2048 else { throw CryptoKitError.incorrectParameterSize } + guard keySize.bitCount >= 2048 else { throw CryptoError.incorrectParameterSize } self.backing = try BackingPrivateKey(keySize: keySize) } @@ -611,7 +611,7 @@ extension _RSA.Encryption { /// key size requirements should validate `keySize` before use. /// - Warning: Key sizes less than 2048 are not recommended and should only be used for compatibility reasons. public init(unsafeKeySize keySize: _RSA.Signing.KeySize) throws { - guard keySize.bitCount >= 1024 else { throw CryptoKitError.incorrectParameterSize } + guard keySize.bitCount >= 1024 else { throw CryptoError.incorrectParameterSize } self.backing = try BackingPrivateKey(keySize: keySize) } @@ -735,7 +735,7 @@ extension _RSA { let r = k >> t guard k.isEven else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } var y: ArbitraryPrecisionInteger = 0 @@ -776,6 +776,6 @@ extension _RSA { i &+= 1 } - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } diff --git a/Sources/_CryptoExtras/RSA/RSA_boring.swift b/Sources/_CryptoExtras/RSA/RSA_boring.swift index 8c776145..77418c19 100644 --- a/Sources/_CryptoExtras/RSA/RSA_boring.swift +++ b/Sources/_CryptoExtras/RSA/RSA_boring.swift @@ -177,7 +177,7 @@ extension BoringSSLRSAPublicKey { let rsaPublicKey = try pemRepresentation.withUTF8 { utf8Ptr in return try BIOHelper.withReadOnlyMemoryBIO(wrapping: utf8Ptr) { bio in guard let key = CCryptoBoringSSL_PEM_read_bio_RSA_PUBKEY(bio, nil, nil, nil) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return key } @@ -188,7 +188,7 @@ extension BoringSSLRSAPublicKey { let rsaPublicKey = try pemRepresentation.withUTF8 { utf8Ptr in return try BIOHelper.withReadOnlyMemoryBIO(wrapping: utf8Ptr) { bio in guard let key = CCryptoBoringSSL_PEM_read_bio_RSAPublicKey(bio, nil, nil, nil) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return key } @@ -219,7 +219,7 @@ extension BoringSSLRSAPublicKey { let rsaPublicKey = try contiguousDerRepresentation.withUnsafeBytes { derPtr in return try BIOHelper.withReadOnlyMemoryBIO(wrapping: derPtr) { bio in guard let key = CCryptoBoringSSL_d2i_RSA_PUBKEY_bio(bio, nil) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return key } @@ -230,7 +230,7 @@ extension BoringSSLRSAPublicKey { let rsaPublicKey = try contiguousDerRepresentation.withUnsafeBytes { derPtr in return try BIOHelper.withReadOnlyMemoryBIO(wrapping: derPtr) { bio in guard let key = CCryptoBoringSSL_d2i_RSAPublicKey_bio(bio, nil) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return key } @@ -253,7 +253,7 @@ extension BoringSSLRSAPublicKey { e.withUnsafeBignumPointer { e in CCryptoBoringSSL_RSA_new_public_key(n, e) } - }) else { throw CryptoKitError.internalBoringSSLError() } + }) else { throw CryptoError.internalBoringSSLError() } CCryptoBoringSSL_EVP_PKEY_assign_RSA(self.pointer, rsaPtr) } @@ -372,7 +372,7 @@ extension BoringSSLRSAPublicKey { precondition(writtenLength == bufferPtr.count, "PKEY encrypt actual written length should match RSA key size.") guard rc == 1 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } } @@ -403,7 +403,7 @@ extension BoringSSLRSAPublicKey { let c = try m.isCoprime(with: n) // 5. If c is false, raise an "invalid input" error and stop - if !c { throw CryptoKitError(_RSA.BlindSigning.ProtocolError.invalidInput) } + if !c { throw CryptoError(_RSA.BlindSigning.ProtocolError.invalidInput) } // 6. r = random_integer_uniform(1, n) // 7. inv = inverse_mod(r, n) @@ -443,7 +443,7 @@ extension BoringSSLRSAPublicKey { // 1. If len(blind_sig) != modulus_len, raise an "unexpected input size" error and stop guard blindSignature.rawRepresentation.count == modulusByteCount else { - throw CryptoKitError(_RSA.BlindSigning.ProtocolError.unexpectedInputSize) + throw CryptoError(_RSA.BlindSigning.ProtocolError.unexpectedInputSize) } // 2. z = bytes_to_int(blind_sig) @@ -463,7 +463,7 @@ extension BoringSSLRSAPublicKey { if result { return sig } else { - throw CryptoKitError(_RSA.BlindSigning.ProtocolError.invalidSignature) + throw CryptoError(_RSA.BlindSigning.ProtocolError.invalidSignature) } } @@ -506,7 +506,7 @@ extension BoringSSLRSAPrivateKey { let rsaPrivateKey = try pemRepresentation.withUTF8 { utf8Ptr in return try BIOHelper.withReadOnlyMemoryBIO(wrapping: utf8Ptr) { bio in guard let key = CCryptoBoringSSL_PEM_read_bio_RSAPrivateKey(bio, nil, nil, nil) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return key @@ -532,7 +532,7 @@ extension BoringSSLRSAPrivateKey { } else if let pointer = Backing.pkcs1DERPrivateKey(contiguousDerRepresentation) { rsaPrivateKey = pointer } else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } CCryptoBoringSSL_EVP_PKEY_assign_RSA(self.pointer, rsaPrivateKey) } @@ -550,7 +550,7 @@ extension BoringSSLRSAPrivateKey { let dp = try FiniteFieldArithmeticContext(fieldSize: p - 1).residue(d) let dq = try FiniteFieldArithmeticContext(fieldSize: q - 1).residue(d) guard let qi = try FiniteFieldArithmeticContext(fieldSize: p).inverse(q) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } // Create BoringSSL RSA key. @@ -570,7 +570,7 @@ extension BoringSSLRSAPrivateKey { } } } - }) else { throw CryptoKitError.internalBoringSSLError() } + }) else { throw CryptoError.internalBoringSSLError() } CCryptoBoringSSL_EVP_PKEY_assign_RSA(self.pointer, rsaPtr) } @@ -615,7 +615,7 @@ extension BoringSSLRSAPrivateKey { } guard rc == 1 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } self.pointer = CCryptoBoringSSL_EVP_PKEY_new() @@ -725,7 +725,7 @@ extension BoringSSLRSAPrivateKey { } } if rc != 1 { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } length = outputLength @@ -770,7 +770,7 @@ extension BoringSSLRSAPrivateKey { ) guard rc == 1 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } return CInt(writtenLength) @@ -786,7 +786,7 @@ extension BoringSSLRSAPrivateKey { let signatureByteCount = Int(CCryptoBoringSSL_RSA_size(rsaPrivateKey)) guard message.count == signatureByteCount else { - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } let messageBytes: ContiguousBytes = message.regions.count == 1 ? message.regions.first! : Array(message) @@ -806,9 +806,9 @@ extension BoringSSLRSAPrivateKey { ) == 1 else { switch ERR_GET_REASON(CCryptoBoringSSL_ERR_peek_last_error()) { case RSA_R_DATA_TOO_LARGE_FOR_MODULUS: - throw CryptoKitError(_RSA.BlindSigning.ProtocolError.messageRepresentativeOutOfRange) + throw CryptoError(_RSA.BlindSigning.ProtocolError.messageRepresentativeOutOfRange) default: - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } precondition(outputCount == signatureBufferPtr.count) @@ -838,13 +838,13 @@ extension BoringSSLRSAPrivateKey { signatureBufferPtr.count, RSA_NO_PADDING ) == 1 else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } guard outputCount == blindedMessageBufferPtr.count, memcmp(verificationBufferPtr.baseAddress!, blindedMessageBufferPtr.baseAddress!, blindedMessageBufferPtr.count) == 0 else { - throw CryptoKitError(_RSA.BlindSigning.ProtocolError.signingFailure) + throw CryptoError(_RSA.BlindSigning.ProtocolError.signingFailure) } } } @@ -918,9 +918,9 @@ enum BlindSigningHelpers { }) == 1 else { switch ERR_GET_REASON(CCryptoBoringSSL_ERR_peek_last_error()) { case RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE: - throw CryptoKitError(_RSA.BlindSigning.ProtocolError.messageTooLong) + throw CryptoError(_RSA.BlindSigning.ProtocolError.messageTooLong) default: - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } } return try ArbitraryPrecisionInteger(bytes: encodedMessageBufferPtr) diff --git a/Sources/_CryptoExtras/RSA/RSA_security.swift b/Sources/_CryptoExtras/RSA/RSA_security.swift index 114012de..a00fcd83 100644 --- a/Sources/_CryptoExtras/RSA/RSA_security.swift +++ b/Sources/_CryptoExtras/RSA/RSA_security.swift @@ -262,9 +262,9 @@ extension SecKeyAlgorithm { self = .rsaSignatureDigestPKCS1v15SHA512 case (_, .pssZero): // Explicitly unsupported: only used in RSABSSA, which is implemented using BoringSSL on all platforms. - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize default: - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } diff --git a/Sources/_CryptoExtras/Util/BoringSSLHelpers.swift b/Sources/_CryptoExtras/Util/BoringSSLHelpers.swift index 49f929a8..1c6595cd 100644 --- a/Sources/_CryptoExtras/Util/BoringSSLHelpers.swift +++ b/Sources/_CryptoExtras/Util/BoringSSLHelpers.swift @@ -57,7 +57,7 @@ extension Data { var innerLength = 0 guard 1 == CCryptoBoringSSL_BIO_mem_contents(bio, &innerPointer, &innerLength) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } self = Data(UnsafeBufferPointer(start: innerPointer, count: innerLength)) @@ -70,7 +70,7 @@ extension String { var innerLength = 0 guard 1 == CCryptoBoringSSL_BIO_mem_contents(bio, &innerPointer, &innerLength) else { - throw CryptoKitError.internalBoringSSLError() + throw CryptoError.internalBoringSSLError() } self = String(decoding: UnsafeBufferPointer(start: innerPointer, count: innerLength), as: UTF8.self) diff --git a/Sources/_CryptoExtras/Util/CryptoKitErrors_boring.swift b/Sources/_CryptoExtras/Util/CryptoKitErrors_boring.swift index fc3d312f..ba914c68 100644 --- a/Sources/_CryptoExtras/Util/CryptoKitErrors_boring.swift +++ b/Sources/_CryptoExtras/Util/CryptoKitErrors_boring.swift @@ -15,10 +15,10 @@ @_implementationOnly import CCryptoBoringSSL import Crypto -extension CryptoKitError { +extension CryptoError { /// A helper function that packs the value of `ERR_get_error` into the internal error field. @usableFromInline - static func internalBoringSSLError() -> CryptoKitError { + static func internalBoringSSLError() -> CryptoError { return .underlyingCoreCryptoError(error: Int32(bitPattern: CCryptoBoringSSL_ERR_get_error())) } } diff --git a/Sources/_CryptoExtras/Util/DigestType.swift b/Sources/_CryptoExtras/Util/DigestType.swift index dc66bbf6..1acccffd 100644 --- a/Sources/_CryptoExtras/Util/DigestType.swift +++ b/Sources/_CryptoExtras/Util/DigestType.swift @@ -50,7 +50,7 @@ struct DigestType { case is SHA512.Digest.Type: self = .sha512 default: - throw CryptoKitError.incorrectParameterSize + throw CryptoError.incorrectParameterSize } } } diff --git a/Tests/CryptoTests/ASN1/ASN1Tests.swift b/Tests/CryptoTests/ASN1/ASN1Tests.swift index bded0427..a959d8c8 100644 --- a/Tests/CryptoTests/ASN1/ASN1Tests.swift +++ b/Tests/CryptoTests/ASN1/ASN1Tests.swift @@ -235,7 +235,7 @@ class ASN1Tests: XCTestCase { if !expectSuccessfulParse { XCTFail("Unexpected successful parse with: \(decodedSPKI[...])") } - } catch let error as CryptoKitASN1Error { + } catch let error as CryptoASN1Error { if expectSuccessfulParse { XCTFail("Unexpected failure (error: \(error)) with \(decodedSPKI[...])") } @@ -250,19 +250,19 @@ class ASN1Tests: XCTestCase { let parsed = try ASN1.parse(decodedReal) XCTAssertThrowsError(try ASN1.ASN1ObjectIdentifier(asn1Encoded: parsed)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .unexpectedFieldType) + XCTAssertEqual(error as? CryptoASN1Error, .unexpectedFieldType) } XCTAssertThrowsError(try ASN1.sequence(parsed, identifier: .sequence, { _ in })) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .unexpectedFieldType) + XCTAssertEqual(error as? CryptoASN1Error, .unexpectedFieldType) } XCTAssertThrowsError(try ASN1.ASN1OctetString(asn1Encoded: parsed)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .unexpectedFieldType) + XCTAssertEqual(error as? CryptoASN1Error, .unexpectedFieldType) } XCTAssertThrowsError(try ASN1.ASN1BitString(asn1Encoded: parsed)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .unexpectedFieldType) + XCTAssertEqual(error as? CryptoASN1Error, .unexpectedFieldType) } XCTAssertThrowsError(try Int(asn1Encoded: parsed)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .unexpectedFieldType) + XCTAssertEqual(error as? CryptoASN1Error, .unexpectedFieldType) } } @@ -271,7 +271,7 @@ class ASN1Tests: XCTestCase { let base64Node = "CQUDMUUtMQkFAzFFLTE=" let decodedReal = Array(Data(base64Encoded: base64Node)!) XCTAssertThrowsError(try ASN1.parse(decodedReal)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .invalidASN1Object) + XCTAssertEqual(error as? CryptoASN1Error, .invalidASN1Object) } } @@ -280,13 +280,13 @@ class ASN1Tests: XCTestCase { let base64Node = "AgEBAA==" let decodedInteger = Array(Data(base64Encoded: base64Node)!) XCTAssertThrowsError(try ASN1.parse(decodedInteger)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .invalidASN1Object) + XCTAssertEqual(error as? CryptoASN1Error, .invalidASN1Object) } } func testEmptyStringsDontDecode() throws { XCTAssertThrowsError(try ASN1.parse([])) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .truncatedASN1Field) + XCTAssertEqual(error as? CryptoASN1Error, .truncatedASN1Field) } } @@ -295,7 +295,7 @@ class ASN1Tests: XCTestCase { let base64Node = "vzcDAgEB" let decodedInteger = Array(Data(base64Encoded: base64Node)!) XCTAssertThrowsError(try ASN1.parse(decodedInteger)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .invalidFieldIdentifier) + XCTAssertEqual(error as? CryptoASN1Error, .invalidFieldIdentifier) } } @@ -310,7 +310,7 @@ class ASN1Tests: XCTestCase { // This is fine. XCTAssertNoThrow(try ASN1.ASN1OctetString(asn1Encoded: &nodes)) } - } catch let error as CryptoKitASN1Error { + } catch let error as CryptoASN1Error { XCTAssertEqual(error, .invalidASN1Object) } } @@ -334,7 +334,7 @@ class ASN1Tests: XCTestCase { XCTAssertNoThrow(try ASN1.ASN1OctetString(asn1Encoded: &nodes)) _ = try Stub(asn1Encoded: &nodes) } - } catch let error as CryptoKitASN1Error { + } catch let error as CryptoASN1Error { XCTAssertEqual(error, .invalidASN1Object) } } @@ -343,7 +343,7 @@ class ASN1Tests: XCTestCase { // This the first octets of a constructed object of unknown tag type (private, number 7) whose length // is indefinite. We reject this immediately, not even noticing that the rest of the data isn't here. XCTAssertThrowsError(try ASN1.parse([0xe7, 0x80])) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .unsupportedFieldLength) + XCTAssertEqual(error as? CryptoASN1Error, .unsupportedFieldLength) } } @@ -355,7 +355,7 @@ class ASN1Tests: XCTestCase { let parsed = try ASN1.parse(badNode) XCTAssertThrowsError(try ASN1.ASN1ObjectIdentifier(asn1Encoded: parsed)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .invalidASN1Object) + XCTAssertEqual(error as? CryptoASN1Error, .invalidASN1Object) } } @@ -368,7 +368,7 @@ class ASN1Tests: XCTestCase { let parsed = try ASN1.parse(badNode) XCTAssertThrowsError(try Int(asn1Encoded: parsed)) { error in - XCTAssertEqual(error as? CryptoKitASN1Error, .invalidASN1Object) + XCTAssertEqual(error as? CryptoASN1Error, .invalidASN1Object) } } @@ -407,7 +407,7 @@ O9zxi7HTvuXyQr7QKSBtdCGmHym+WoPsbA== """ for index in simplePEM.indices.dropLast() { XCTAssertThrowsError(try ASN1.PEMDocument(pemString: String(simplePEM[.. Bool { +extension CryptoError: Equatable { + public static func == (lhs: CryptoError, rhs: CryptoError) -> Bool { switch (lhs, rhs) { case (.incorrectKeySize, .incorrectKeySize): return true diff --git a/Tests/CryptoTests/SecureBytes/SecureBytesTests.swift b/Tests/CryptoTests/SecureBytes/SecureBytesTests.swift index 85ebb882..a28f649d 100644 --- a/Tests/CryptoTests/SecureBytes/SecureBytesTests.swift +++ b/Tests/CryptoTests/SecureBytes/SecureBytesTests.swift @@ -169,11 +169,11 @@ final class SecureBytesTests: XCTestCase { func testThrowingInitialization() throws { _ = try SecureBytes(unsafeUninitializedCapacity: 5) { (_, _) in - throw CryptoKitError.incorrectKeySize + throw CryptoError.incorrectKeySize } } XCTAssertThrowsError(try testThrowingInitialization()) { error in - guard case .some(.incorrectKeySize) = error as? CryptoKitError else { + guard case .some(.incorrectKeySize) = error as? CryptoError else { XCTFail("unexpected error: \(error)") return } diff --git a/Tests/CryptoTests/Signatures/ECDSA/ECDSASignatureTests.swift b/Tests/CryptoTests/Signatures/ECDSA/ECDSASignatureTests.swift index c60b3317..e3b8b854 100644 --- a/Tests/CryptoTests/Signatures/ECDSA/ECDSASignatureTests.swift +++ b/Tests/CryptoTests/Signatures/ECDSA/ECDSASignatureTests.swift @@ -227,21 +227,21 @@ class SignatureTests: XCTestCase { func testProperSignatureSizes() throws { XCTAssertThrowsError(try P256.Signing.ECDSASignature(rawRepresentation: Array("hello".utf8))) { error in - guard case .some(.incorrectParameterSize) = error as? CryptoKitError else { + guard case .some(.incorrectParameterSize) = error as? CryptoError else { XCTFail("Incorrect error: \(error)") return } } XCTAssertThrowsError(try P384.Signing.ECDSASignature(rawRepresentation: Array("hello".utf8))) { error in - guard case .some(.incorrectParameterSize) = error as? CryptoKitError else { + guard case .some(.incorrectParameterSize) = error as? CryptoError else { XCTFail("Incorrect error: \(error)") return } } XCTAssertThrowsError(try P521.Signing.ECDSASignature(rawRepresentation: Array("hello".utf8))) { error in - guard case .some(.incorrectParameterSize) = error as? CryptoKitError else { + guard case .some(.incorrectParameterSize) = error as? CryptoError else { XCTFail("Incorrect error: \(error)") return } diff --git a/Tests/_CryptoExtrasTests/AES-GCM-SIV-Runner.swift b/Tests/_CryptoExtrasTests/AES-GCM-SIV-Runner.swift index 227e73c3..d8248a80 100644 --- a/Tests/_CryptoExtrasTests/AES-GCM-SIV-Runner.swift +++ b/Tests/_CryptoExtrasTests/AES-GCM-SIV-Runner.swift @@ -87,7 +87,7 @@ final class AESGCMSIVTests: XCTestCase { XCTAssertEqual(Array(nonceFromDiscontiguous), testNonceBytes) XCTAssertThrowsError(try AES.GCM._SIV.Nonce(data: DispatchData.empty)) { error in - guard case .some(.incorrectParameterSize) = error as? CryptoKitError else { + guard case .some(.incorrectParameterSize) = error as? CryptoError else { XCTFail("Unexpected error") return } @@ -107,7 +107,7 @@ final class AESGCMSIVTests: XCTestCase { // Empty dispatchdatas don't work, they are too small. XCTAssertThrowsError(try AES.GCM._SIV.SealedBox(combined: DispatchData.empty)) { error in - guard case .some(.incorrectParameterSize) = error as? CryptoKitError else { + guard case .some(.incorrectParameterSize) = error as? CryptoError else { XCTFail("Unexpected error: \(error)") return } @@ -136,7 +136,7 @@ final class AESGCMSIVTests: XCTestCase { // Empty dispatchdatas for the tag don't work, they are too small. XCTAssertThrowsError(try AES.GCM._SIV.SealedBox(nonce: nonce, ciphertext: ciphertext, tag: DispatchData.empty)) { error in - guard case .some(.incorrectParameterSize) = error as? CryptoKitError else { + guard case .some(.incorrectParameterSize) = error as? CryptoError else { XCTFail("Unexpected error: \(error)") return } diff --git a/Tests/_CryptoExtrasTests/AES_CBCTests.swift b/Tests/_CryptoExtrasTests/AES_CBCTests.swift index b42131c6..3eb7a4e5 100644 --- a/Tests/_CryptoExtrasTests/AES_CBCTests.swift +++ b/Tests/_CryptoExtrasTests/AES_CBCTests.swift @@ -152,7 +152,7 @@ final class CBCTests: XCTestCase { let iv = try AES._CBC.IV(ivBytes: Array(hexString: "00000000000000000000000000000000")) let input = try Data(hexString: "6741b46d1390dac577e3236b") XCTAssertThrowsError(try AES._CBC.encrypt(input, using: SymmetricKey(data: key), iv: iv, noPadding: true)) { error in - guard let error = error as? CryptoKitError, case .incorrectParameterSize = error else { + guard let error = error as? CryptoError, case .incorrectParameterSize = error else { XCTFail("Unexpected error: \(error)") return } diff --git a/Tests/_CryptoExtrasTests/ChaCha20CTRTests.swift b/Tests/_CryptoExtrasTests/ChaCha20CTRTests.swift index b86bfcaa..7fb3ee41 100644 --- a/Tests/_CryptoExtrasTests/ChaCha20CTRTests.swift +++ b/Tests/_CryptoExtrasTests/ChaCha20CTRTests.swift @@ -51,32 +51,32 @@ class ChaCha20CTRTests: XCTestCase { func testChaCha20CTR_InvalidParameters() throws { let keyTooLong: SymmetricKey = SymmetricKey(data: [214, 89, 118, 13, 43, 164, 52, 162, 38, 253, 55, 179, 92, 105, 226, 218, 130, 17, 209, 12, 79, 18, 83, 135, 135, 214, 86, 69, 213, 209, 184, 226, 22]) XCTAssertThrowsError(try Insecure.ChaCha20CTR.encrypt(Array(repeating: 0, count: 5), using: keyTooLong, nonce: Insecure.ChaCha20CTR.Nonce())) { error in - guard case CryptoKitError.incorrectKeySize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } + guard case CryptoError.incorrectKeySize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } } let keyTooShort: SymmetricKey = SymmetricKey(data: [214, 89, 118, 13, 43, 164, 52, 162, 38, 253, 55, 179, 92, 105, 226, 218, 130, 17, 209, 12, 79, 18, 83, 135, 135, 214, 86, 69, 213, 209, 184]) XCTAssertThrowsError(try Insecure.ChaCha20CTR.encrypt(Array(repeating: 0, count: 5), using: keyTooShort, nonce: Insecure.ChaCha20CTR.Nonce())) { error in - guard case CryptoKitError.incorrectKeySize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } + guard case CryptoError.incorrectKeySize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } } let nonceTooLong: [UInt8] = [188, 39, 215, 134, 244, 188, 43, 178, 15, 33, 98, 186, 14] XCTAssertThrowsError(try Insecure.ChaCha20CTR.Nonce(data: nonceTooLong)) { error in - guard case CryptoKitError.incorrectParameterSize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } + guard case CryptoError.incorrectParameterSize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } } let nonceTooShort: [UInt8] = [188, 39, 215, 134, 244, 188, 43, 178, 15, 33, 98] XCTAssertThrowsError(try Insecure.ChaCha20CTR.Nonce(data: nonceTooShort)) { error in - guard case CryptoKitError.incorrectParameterSize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } + guard case CryptoError.incorrectParameterSize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } } let counterTooLong: [UInt8] = [231, 182, 185, 50, 82] XCTAssertThrowsError(try Insecure.ChaCha20CTR.Counter(data: counterTooLong)) { error in - guard case CryptoKitError.incorrectParameterSize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } + guard case CryptoError.incorrectParameterSize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } } let counterTooShort: [UInt8] = [231, 182, 185] XCTAssertThrowsError(try Insecure.ChaCha20CTR.Counter(data: counterTooShort)) { error in - guard case CryptoKitError.incorrectParameterSize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } + guard case CryptoError.incorrectParameterSize = error else { return XCTFail("Error thrown was of unexpected type: \(error)") } } let key: SymmetricKey = SymmetricKey(data: [214, 89, 118, 13, 43, 164, 52, 162, 38, 253, 55, 179, 92, 105, 226, 218, 130, 17, 209, 12, 79, 18, 83, 135, 135, 214, 86, 69, 213, 209, 184, 226]) diff --git a/Tests/_CryptoExtrasTests/TestRSABlindSigning.swift b/Tests/_CryptoExtrasTests/TestRSABlindSigning.swift index fa42b2ee..9df2500a 100644 --- a/Tests/_CryptoExtrasTests/TestRSABlindSigning.swift +++ b/Tests/_CryptoExtrasTests/TestRSABlindSigning.swift @@ -161,7 +161,7 @@ final class TestRSABlindSigning: XCTestCase { let privateKey = try _RSA.BlindSigning.PrivateKey(pemRepresentation: privateKeyPEM) let blindedMessage = try Data(hexString: blindedMessageHexString) XCTAssertThrowsError(try privateKey.blindSignature(for: blindedMessage)) { error in - guard let error = error as? CryptoKitError, case .incorrectParameterSize = error else { + guard let error = error as? CryptoError, case .incorrectParameterSize = error else { XCTFail("Unexpected error: \(error)") return }