[Collections] Signing (all, 2): signed collections

This is part 2 of a series of PRs to support package collection signing on **all** platforms. Originally swiftlang#3242.

Depends on swiftlang#3260, swiftlang#3264

Author: yim-lee

Sources/PackageCollectionsSigning/CMakeLists.txt

@@ -24,6 +24,7 @@ add_library(PackageCollectionsSigning
   Key/Key+EC.swift
   Key/Key+RSA.swift
   PackageCollectionSigning.swift
+  Signing/BoringSSLSigning.swift
   Signing/Signature.swift
   Signing/Signing.swift
   Signing/Signing+ECKey.swift

Sources/PackageCollectionsSigning/Key/Key+RSA.swift

@@ -106,12 +106,15 @@ struct CoreRSAPublicKey: PublicKey {
 #else
 final class BoringSSLRSAPrivateKey: PrivateKey, BoringSSLKey {
     let underlying: UnsafeMutablePointer<CCryptoBoringSSL.RSA>
-    static let algorithm: OpaquePointer = CCryptoBoringSSL_EVP_sha256()
 
     deinit {
         CCryptoBoringSSL_RSA_free(self.underlying)
     }
 
+    var sizeInBits: Int {
+        toBits(bytes: Int(CCryptoBoringSSL_RSA_size(self.underlying)))
+    }
+
     init<Data>(pem data: Data) throws where Data: DataProtocol {
         let key = try Self.load(pem: data) { bio in
             CCryptoBoringSSL_PEM_read_bio_PrivateKey(bio, nil, nil, nil)
@@ -128,12 +131,15 @@ final class BoringSSLRSAPrivateKey: PrivateKey, BoringSSLKey {
 
 final class BoringSSLRSAPublicKey: PublicKey, BoringSSLKey {
     let underlying: UnsafeMutablePointer<CCryptoBoringSSL.RSA>
-    static let algorithm: OpaquePointer = CCryptoBoringSSL_EVP_sha256()
 
     deinit {
         CCryptoBoringSSL_RSA_free(self.underlying)
     }
 
+    var sizeInBits: Int {
+        toBits(bytes: Int(CCryptoBoringSSL_RSA_size(self.underlying)))
+    }
+
     /// `data` should be in the PKCS #1 format
     init(data: Data) throws {
         let bytes = data.copyBytes()

Sources/PackageCollectionsSigning/Signing/BoringSSLSigning.swift

@@ -0,0 +1,80 @@
+/*
+ This source file is part of the Swift.org open source project
+
+ Copyright (c) 2021 Apple Inc. and the Swift project authors
+ Licensed under Apache License v2.0 with Runtime Library Exception
+
+ See http://swift.org/LICENSE.txt for license information
+ See http://swift.org/CONTRIBUTORS.txt for Swift project authors
+ */
+
+//===----------------------------------------------------------------------===//
+//
+// This source file is part of the Vapor open source project
+//
+// Copyright (c) 2017-2020 Vapor project authors
+// Licensed under MIT
+//
+// See LICENSE for license information
+//
+// SPDX-License-Identifier: MIT
+//
+//===----------------------------------------------------------------------===//
+
+#if !canImport(Security)
+import Foundation
+
+@_implementationOnly import CCryptoBoringSSL
+
+protocol BoringSSLSigning {
+    var algorithm: BoringSSLEVP { get }
+}
+
+struct BoringSSLEVP {
+    let underlying: OpaquePointer
+
+    init(type: EVPType) {
+        switch type {
+        case .sha256:
+            self.underlying = CCryptoBoringSSL_EVP_sha256()
+        }
+    }
+
+    enum EVPType {
+        case sha256
+    }
+}
+
+extension BoringSSLSigning {
+    // Source: https://github.com/vapor/jwt-kit/blob/master/Sources/JWTKit/Utilities/OpenSSLSigner.swift
+    func digest<Message>(_ message: Message) throws -> [UInt8] where Message: DataProtocol {
+        let context = CCryptoBoringSSL_EVP_MD_CTX_new()
+        defer { CCryptoBoringSSL_EVP_MD_CTX_free(context) }
+
+        guard CCryptoBoringSSL_EVP_DigestInit_ex(context, self.algorithm.underlying, nil) == 1 else {
+            throw BoringSSLSigningError.digestInitializationFailure
+        }
+
+        let message = message.copyBytes()
+
+        guard CCryptoBoringSSL_EVP_DigestUpdate(context, message, numericCast(message.count)) == 1 else {
+            throw BoringSSLSigningError.digestUpdateFailure
+        }
+
+        var digest: [UInt8] = .init(repeating: 0, count: Int(EVP_MAX_MD_SIZE))
+        var digestLength: UInt32 = 0
+
+        guard CCryptoBoringSSL_EVP_DigestFinal_ex(context, &digest, &digestLength) == 1 else {
+            throw BoringSSLSigningError.digestFinalizationFailure
+        }
+
+        return .init(digest[0 ..< Int(digestLength)])
+    }
+}
+
+enum BoringSSLSigningError: Error {
+    case digestInitializationFailure
+    case digestUpdateFailure
+    case digestFinalizationFailure
+}
+#endif

Sources/PackageCollectionsSigning/Signing/Signing+RSAKey.swift

@@ -8,10 +8,25 @@
  See http://swift.org/CONTRIBUTORS.txt for Swift project authors
  */
 
+//===----------------------------------------------------------------------===//
+//
+// This source file is part of the Vapor open source project
+//
+// Copyright (c) 2017-2020 Vapor project authors
+// Licensed under MIT
+//
+// See LICENSE for license information
+//
+// SPDX-License-Identifier: MIT
+//
+//===----------------------------------------------------------------------===//
+
 import struct Foundation.Data
 
 #if os(macOS)
 import Security
+#else
+@_implementationOnly import CCryptoBoringSSL
 #endif
 
 // MARK: - MessageSigner and MessageValidator conformance using the Security framework
@@ -45,15 +60,57 @@ extension CoreRSAPublicKey {
 // MARK: - MessageSigner and MessageValidator conformance using BoringSSL
 
 #else
-extension BoringSSLRSAPrivateKey {
+// Reference: https://github.com/vapor/jwt-kit/blob/master/Sources/JWTKit/RSA/RSASigner.swift
+extension BoringSSLRSAPrivateKey: BoringSSLSigning {
+    private static let algorithm = BoringSSLEVP(type: .sha256)
+
+    var algorithm: BoringSSLEVP {
+        Self.algorithm
+    }
+
     func sign(message: Data) throws -> Data {
-        fatalError("Not implemented: \(#function)")
+        let digest = try self.digest(message)
+
+        var signatureLength: UInt32 = 0
+        var signature = [UInt8](
+            repeating: 0,
+            count: Int(CCryptoBoringSSL_RSA_size(self.underlying))
+        )
+
+        guard CCryptoBoringSSL_RSA_sign(
+            CCryptoBoringSSL_EVP_MD_type(self.algorithm.underlying),
+            digest,
+            numericCast(digest.count),
+            &signature,
+            &signatureLength,
+            self.underlying
+        ) == 1 else {
+            throw SigningError.signFailure
+        }
+
+        return Data(signature[0 ..< numericCast(signatureLength)])
     }
 }
 
-extension BoringSSLRSAPublicKey {
+extension BoringSSLRSAPublicKey: BoringSSLSigning {
+    private static let algorithm = BoringSSLEVP(type: .sha256)
+
+    var algorithm: BoringSSLEVP {
+        Self.algorithm
+    }
+
     func isValidSignature(_ signature: Data, for message: Data) throws -> Bool {
-        fatalError("Not implemented: \(#function)")
+        let digest = try self.digest(message)
+        let signature = signature.copyBytes()
+
+        return CCryptoBoringSSL_RSA_verify(
+            CCryptoBoringSSL_EVP_MD_type(self.algorithm.underlying),
+            digest,
+            numericCast(digest.count),
+            signature,
+            numericCast(signature.count),
+            self.underlying
+        ) == 1
     }
 }
 #endif