From b05b9a8c82e1232135a974cadf1a0c41d6db8963 Mon Sep 17 00:00:00 2001 From: Boris Buegling Date: Thu, 2 Mar 2023 14:47:36 -0800 Subject: [PATCH 1/4] Integrate swift-certificates library This integrates the swift-certificates library into the build. --- CMakeLists.txt | 2 ++ Package.swift | 6 ++++-- Utilities/bootstrap | 21 ++++++++++++++++----- 3 files changed, 22 insertions(+), 7 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 3d0db5ce519..eb9147df45e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -54,6 +54,8 @@ if(FIND_PM_DEPS) find_package(ArgumentParser CONFIG REQUIRED) find_package(SwiftDriver CONFIG REQUIRED) find_package(SwiftCollections CONFIG REQUIRED) + find_package(SwiftASN1 CONFIG REQUIRED) + find_package(SwiftCertificates CONFIG REQUIRED) endif() find_package(dispatch QUIET) diff --git a/Package.swift b/Package.swift index 4e82c00b44c..f9cf7049e3e 100644 --- a/Package.swift +++ b/Package.swift @@ -294,10 +294,10 @@ let package = Package( .target( name: "PackageSigning", dependencies: [ - // TODO: uncomment once we resolve build problems -// .product(name: "Crypto", package: "swift-crypto"), + .product(name: "Crypto", package: "swift-crypto"), "Basics", "PackageModel", + .product(name: "X509", package: "swift-certificates"), ], exclude: ["CMakeLists.txt"] ), @@ -733,6 +733,7 @@ if ProcessInfo.processInfo.environment["SWIFTCI_USE_LOCAL_DEPS"] == nil { .package(url: "https://github.com/apple/swift-crypto.git", .upToNextMinor(from: minimumCryptoVersion)), .package(url: "https://github.com/apple/swift-system.git", .upToNextMinor(from: "1.1.1")), .package(url: "https://github.com/apple/swift-collections.git", .upToNextMinor(from: "1.0.1")), + .package(url: "https://github.com/apple/swift-certificates.git", branch: "main"), ] } else { package.dependencies += [ @@ -742,6 +743,7 @@ if ProcessInfo.processInfo.environment["SWIFTCI_USE_LOCAL_DEPS"] == nil { .package(path: "../swift-crypto"), .package(path: "../swift-system"), .package(path: "../swift-collections"), + .package(path: "../swift-certificates"), ] } diff --git a/Utilities/bootstrap b/Utilities/bootstrap index 746c05ab1a0..82bdf9f5380 100755 --- a/Utilities/bootstrap +++ b/Utilities/bootstrap @@ -187,6 +187,8 @@ def parse_global_args(args): args.source_dirs["swift-driver"] = os.path.join(args.project_root, "..", "swift-driver") args.source_dirs["swift-system"] = os.path.join(args.project_root, "..", "swift-system") args.source_dirs["swift-collections"] = os.path.join(args.project_root, "..", "swift-collections") + args.source_dirs["swift-certificates"] = os.path.join(args.project_root, "..", "swift-certificates") + args.source_dirs["swift-asn1"] = os.path.join(args.project_root, "..", "swift-asn1") args.source_root = os.path.join(args.project_root, "Sources") if platform.system() == 'Darwin': @@ -351,6 +353,9 @@ def build(args): ] build_dependency(args, "swift-driver", swift_driver_cmake_flags) build_dependency(args, "swift-collections") + build_dependency(args, "swift-asn1") + build_dependency(args, "swift-certificates", + ["-DSwiftASN1_DIR=" + os.path.join(args.build_dirs["swift-asn1"], "cmake/modules")]) build_swiftpm_with_cmake(args) build_swiftpm_with_swiftpm(args,integrated_swift_driver=False) @@ -592,11 +597,13 @@ def build_swiftpm_with_cmake(args): cmake_flags = [ get_llbuild_cmake_arg(args), - "-DTSC_DIR=" + os.path.join(args.build_dirs["tsc"], "cmake/modules"), - "-DArgumentParser_DIR=" + os.path.join(args.build_dirs["swift-argument-parser"], "cmake/modules"), - "-DSwiftDriver_DIR=" + os.path.join(args.build_dirs["swift-driver"], "cmake/modules"), - "-DSwiftSystem_DIR=" + os.path.join(args.build_dirs["swift-system"], "cmake/modules"), - "-DSwiftCollections_DIR=" + os.path.join(args.build_dirs["swift-collections"], "cmake/modules"), + "-DTSC_DIR=" + os.path.join(args.build_dirs["tsc"], "cmake/modules"), + "-DArgumentParser_DIR=" + os.path.join(args.build_dirs["swift-argument-parser"], "cmake/modules"), + "-DSwiftDriver_DIR=" + os.path.join(args.build_dirs["swift-driver"], "cmake/modules"), + "-DSwiftSystem_DIR=" + os.path.join(args.build_dirs["swift-system"], "cmake/modules"), + "-DSwiftCollections_DIR=" + os.path.join(args.build_dirs["swift-collections"], "cmake/modules"), + "-DSwiftASN1_DIR=" + os.path.join(args.build_dirs["swift-asn1"], "cmake/modules"), + "-DSwiftCertificates_DIR=" + os.path.join(args.build_dirs["swift-certificates"], "cmake/modules"), ] if platform.system() == 'Darwin': @@ -614,6 +621,8 @@ def build_swiftpm_with_cmake(args): add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-driver"], "lib")) add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-system"], "lib")) add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-collections"], "lib")) + add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-asn1"], "lib")) + add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-certificates"], "lib")) # rpaths for compatibility libraries for lib_path in get_swift_backdeploy_library_paths(args): @@ -727,6 +736,8 @@ def get_swiftpm_env_cmd(args): os.path.join(args.build_dirs["swift-driver"], "lib"), os.path.join(args.build_dirs["swift-system"], "lib"), os.path.join(args.build_dirs["swift-collections"], "lib"), + os.path.join(args.build_dirs["swift-asn1"], "lib"), + os.path.join(args.build_dirs["swift-certificates"], "lib"), ] + args.target_info["paths"]["runtimeLibraryPaths"]) if platform.system() == 'Darwin': From 84cfd918ab037cb3fe4ddccc4cc4c1b7d5e327fb Mon Sep 17 00:00:00 2001 From: Boris Buegling Date: Thu, 2 Mar 2023 16:29:53 -0800 Subject: [PATCH 2/4] Add swift-crypto back to bootstrap Co-authored-by: Yim Lee --- Utilities/Docker/docker-compose.yaml | 3 ++- Utilities/bootstrap | 7 ++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/Utilities/Docker/docker-compose.yaml b/Utilities/Docker/docker-compose.yaml index c2ef5f721a3..6d1d0de820d 100644 --- a/Utilities/Docker/docker-compose.yaml +++ b/Utilities/Docker/docker-compose.yaml @@ -1,6 +1,6 @@ # This source file is part of the Swift open source project # -# Copyright (c) 2021 Apple Inc. and the Swift project authors +# Copyright (c) 2021-2023 Apple Inc. and the Swift project authors # Licensed under Apache License v2.0 with Runtime Library Exception # # See http://swift.org/LICENSE.txt for license information @@ -36,6 +36,7 @@ services: - ../../../swift-tools-support-core:/code/swift-tools-support-core:z - ../../../yams:/code/yams:z - ../../../swift-argument-parser:/code/swift-argument-parser:z + - ../../../swift-crypto:/code/swift-crypto:z - ../../../swift-driver:/code/swift-driver:z - ../../../swift-llbuild:/code/llbuild:z - ../../../swift-system:/code/swift-system:z diff --git a/Utilities/bootstrap b/Utilities/bootstrap index 82bdf9f5380..6fff0ad1362 100755 --- a/Utilities/bootstrap +++ b/Utilities/bootstrap @@ -4,7 +4,7 @@ """ This source file is part of the Swift open source project // -// Copyright (c) 2014-2021 Apple Inc. and the Swift project authors +// Copyright (c) 2014-2023 Apple Inc. and the Swift project authors Licensed under Apache License v2.0 with Runtime Library Exception See http://swift.org/LICENSE.txt for license information @@ -184,6 +184,7 @@ def parse_global_args(args): args.source_dirs["tsc"] = os.path.join(args.project_root, "..", "swift-tools-support-core") args.source_dirs["yams"] = os.path.join(args.project_root, "..", "yams") args.source_dirs["swift-argument-parser"] = os.path.join(args.project_root, "..", "swift-argument-parser") + args.source_dirs["swift-crypto"] = os.path.join(args.project_root, "..", "swift-crypto") args.source_dirs["swift-driver"] = os.path.join(args.project_root, "..", "swift-driver") args.source_dirs["swift-system"] = os.path.join(args.project_root, "..", "swift-system") args.source_dirs["swift-collections"] = os.path.join(args.project_root, "..", "swift-collections") @@ -353,6 +354,7 @@ def build(args): ] build_dependency(args, "swift-driver", swift_driver_cmake_flags) build_dependency(args, "swift-collections") + build_dependency(args, "swift-crypto") build_dependency(args, "swift-asn1") build_dependency(args, "swift-certificates", ["-DSwiftASN1_DIR=" + os.path.join(args.build_dirs["swift-asn1"], "cmake/modules")]) @@ -602,6 +604,7 @@ def build_swiftpm_with_cmake(args): "-DSwiftDriver_DIR=" + os.path.join(args.build_dirs["swift-driver"], "cmake/modules"), "-DSwiftSystem_DIR=" + os.path.join(args.build_dirs["swift-system"], "cmake/modules"), "-DSwiftCollections_DIR=" + os.path.join(args.build_dirs["swift-collections"], "cmake/modules"), + "-DSwiftCrypto_DIR=" + os.path.join(args.build_dirs["swift-crypto"], "cmake/modules"), "-DSwiftASN1_DIR=" + os.path.join(args.build_dirs["swift-asn1"], "cmake/modules"), "-DSwiftCertificates_DIR=" + os.path.join(args.build_dirs["swift-certificates"], "cmake/modules"), ] @@ -618,6 +621,7 @@ def build_swiftpm_with_cmake(args): if platform.system() == "Darwin": add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["yams"], "lib")) add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-argument-parser"], "lib")) + add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-crypto"], "lib")) add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-driver"], "lib")) add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-system"], "lib")) add_rpath_for_cmake_build(args, os.path.join(args.build_dirs["swift-collections"], "lib")) @@ -733,6 +737,7 @@ def get_swiftpm_env_cmd(args): os.path.join(args.build_dirs["llbuild"], "lib"), os.path.join(args.build_dirs["yams"], "lib"), os.path.join(args.build_dirs["swift-argument-parser"], "lib"), + os.path.join(args.build_dirs["swift-crypto"], "lib"), os.path.join(args.build_dirs["swift-driver"], "lib"), os.path.join(args.build_dirs["swift-system"], "lib"), os.path.join(args.build_dirs["swift-collections"], "lib"), From a0497d3f2301757476301f719d23195b3bffde09 Mon Sep 17 00:00:00 2001 From: Boris Buegling Date: Thu, 2 Mar 2023 17:34:01 -0800 Subject: [PATCH 3/4] Fix CMake build --- CMakeLists.txt | 1 - Utilities/bootstrap | 3 ++- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index eb9147df45e..e71c52a9507 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -54,7 +54,6 @@ if(FIND_PM_DEPS) find_package(ArgumentParser CONFIG REQUIRED) find_package(SwiftDriver CONFIG REQUIRED) find_package(SwiftCollections CONFIG REQUIRED) - find_package(SwiftASN1 CONFIG REQUIRED) find_package(SwiftCertificates CONFIG REQUIRED) endif() diff --git a/Utilities/bootstrap b/Utilities/bootstrap index 6fff0ad1362..07dc89bd16a 100755 --- a/Utilities/bootstrap +++ b/Utilities/bootstrap @@ -357,7 +357,8 @@ def build(args): build_dependency(args, "swift-crypto") build_dependency(args, "swift-asn1") build_dependency(args, "swift-certificates", - ["-DSwiftASN1_DIR=" + os.path.join(args.build_dirs["swift-asn1"], "cmake/modules")]) + ["-DSwiftASN1_DIR=" + os.path.join(args.build_dirs["swift-asn1"], "cmake/modules"), + "-DSwiftCrypto_DIR=" + os.path.join(args.build_dirs["swift-crypto"], "cmake/modules")]) build_swiftpm_with_cmake(args) build_swiftpm_with_swiftpm(args,integrated_swift_driver=False) From 3bfb85a89cff13f47f110eb58d115bdb6aa84422 Mon Sep 17 00:00:00 2001 From: Boris Buegling Date: Fri, 3 Mar 2023 10:13:12 -0800 Subject: [PATCH 4/4] Fix up docs and swift-crypto --- CMakeLists.txt | 1 + CONTRIBUTING.md | 21 +++++++++++++++++++ Package.swift | 12 ++--------- .../Certificate/Certificate.swift | 8 ------- .../Certificate/CertificatePolicy.swift | 4 ---- Utilities/Docker/docker-compose.yaml | 2 ++ 6 files changed, 26 insertions(+), 22 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index e71c52a9507..65115fbf15b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -55,6 +55,7 @@ if(FIND_PM_DEPS) find_package(SwiftDriver CONFIG REQUIRED) find_package(SwiftCollections CONFIG REQUIRED) find_package(SwiftCertificates CONFIG REQUIRED) + find_package(SwiftCrypto CONFIG REQUIRED) endif() find_package(dispatch QUIET) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 0d72f271698..b750b816b37 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -198,6 +198,24 @@ Clone the following repositories beside the SwiftPM directory: For example, if the latest tag is 1.0.1: ```sh $> git clone https://github.com/apple/swift-collections --branch 1.0.1 + ``` + +7. [swift-crypto] and check out tag with the [latest version](https://github.com/apple/swift-crypto/tags). + + For example, if the latest tag is 2.3.0: + ```sh + $> git clone https://github.com/apple/swift-crypto --branch 2.3.0 + ``` + +8. [swift-asn1] + ```sh + $> git clone https://github.com/apple/swift-asn1 + ``` + +9. [swift-certificates] + ```sh + $> git clone https://github.com/apple/swift-certificates + ``` [swift-argument-parser]: https://github.com/apple/swift-argument-parser [swift-collections]: https://github.com/apple/swift-collections @@ -205,6 +223,9 @@ Clone the following repositories beside the SwiftPM directory: [swift-llbuild]: https://github.com/apple/swift-llbuild [swift-system]: https://github.com/apple/swift-system [swift-tools-support-core]: https://github.com/apple/swift-tools-support-core +[swift-crypto]: https://github.com/apple/swift-crypto +[swift-asn1]: https://github.com/apple/swift-asn1 +[swift-certificates]: https://github.com/apple/swift-certificates [Yams]: https://github.com/jpsim/yams diff --git a/Package.swift b/Package.swift index f9cf7049e3e..80a1cf22047 100644 --- a/Package.swift +++ b/Package.swift @@ -55,13 +55,6 @@ automatic linking type with `-auto` suffix appended to product's name. */ let autoProducts = [swiftPMProduct, swiftPMDataModelProduct] -let useSwiftCryptoV2 = ProcessInfo.processInfo.environment["SWIFTPM_USE_SWIFT_CRYPTO_V1"] == nil -let minimumCryptoVersion: Version = useSwiftCryptoV2 ? "2.2.3" : "1.1.7" -var swiftSettings: [SwiftSetting] = [] -if useSwiftCryptoV2 { - swiftSettings.append(.define("CRYPTO_v2")) -} - var packageCollectionsSigningTargets = [Target]() var packageCollectionsSigningDeps: [Target.Dependency] = [ "Basics", @@ -96,8 +89,7 @@ packageCollectionsSigningTargets.append( .target( /** Package collections signing */ name: "PackageCollectionsSigning", - dependencies: packageCollectionsSigningDeps, - swiftSettings: swiftSettings + dependencies: packageCollectionsSigningDeps ) ) @@ -730,7 +722,7 @@ if ProcessInfo.processInfo.environment["SWIFTCI_USE_LOCAL_DEPS"] == nil { // dependency version changes here with those projects. .package(url: "https://github.com/apple/swift-argument-parser.git", .upToNextMinor(from: "1.2.2")), .package(url: "https://github.com/apple/swift-driver.git", .branch(relatedDependenciesBranch)), - .package(url: "https://github.com/apple/swift-crypto.git", .upToNextMinor(from: minimumCryptoVersion)), + .package(url: "https://github.com/apple/swift-crypto.git", .upToNextMinor(from: "2.3.0")), .package(url: "https://github.com/apple/swift-system.git", .upToNextMinor(from: "1.1.1")), .package(url: "https://github.com/apple/swift-collections.git", .upToNextMinor(from: "1.0.1")), .package(url: "https://github.com/apple/swift-certificates.git", branch: "main"), diff --git a/Sources/PackageCollectionsSigning/Certificate/Certificate.swift b/Sources/PackageCollectionsSigning/Certificate/Certificate.swift index d0219fa975d..c10bc72c483 100644 --- a/Sources/PackageCollectionsSigning/Certificate/Certificate.swift +++ b/Sources/PackageCollectionsSigning/Certificate/Certificate.swift @@ -113,11 +113,7 @@ struct CoreCertificate { #elseif os(Linux) || os(Windows) || os(Android) final class BoringSSLCertificate { - #if CRYPTO_v2 typealias Pointer = OpaquePointer - #else - typealias Pointer = UnsafeMutablePointer - #endif private let underlying: Pointer @@ -203,11 +199,7 @@ final class BoringSSLCertificate { } private extension CertificateName { - #if CRYPTO_v2 typealias Pointer = OpaquePointer - #else - typealias Pointer = UnsafeMutablePointer - #endif init(x509Name: Pointer) { func getStringValue(from name: Pointer, of nid: CInt) -> String? { diff --git a/Sources/PackageCollectionsSigning/Certificate/CertificatePolicy.swift b/Sources/PackageCollectionsSigning/Certificate/CertificatePolicy.swift index cd5b5b2cdae..213c5f939ee 100644 --- a/Sources/PackageCollectionsSigning/Certificate/CertificatePolicy.swift +++ b/Sources/PackageCollectionsSigning/Certificate/CertificatePolicy.swift @@ -102,11 +102,7 @@ extension CertificatePolicy { } #elseif os(Linux) || os(Windows) || os(Android) - #if CRYPTO_v2 typealias BoringSSLVerifyCallback = @convention(c) (CInt, OpaquePointer?) -> CInt - #else - typealias BoringSSLVerifyCallback = @convention(c) (CInt, UnsafeMutablePointer?) -> CInt - #endif /// Verifies a certificate chain. /// diff --git a/Utilities/Docker/docker-compose.yaml b/Utilities/Docker/docker-compose.yaml index 6d1d0de820d..10881642a47 100644 --- a/Utilities/Docker/docker-compose.yaml +++ b/Utilities/Docker/docker-compose.yaml @@ -41,6 +41,8 @@ services: - ../../../swift-llbuild:/code/llbuild:z - ../../../swift-system:/code/swift-system:z - ../../../swift-collections:/code/swift-collections:z + - ../../../swift-asn1:/code/swift-asn1:z + - ../../../swift-certificates:/code/swift-certificates:z working_dir: /code/swift-package-manager cap_drop: - CAP_NET_RAW