Marked insecure HashFunctions as insecure_ and fixed an issue which…

… prevented compilation on Linux targets

The issue was caused by the use of Darwin API for PAGE_SIZE instead of a standaridised POSIX call

Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_boring.swift

@@ -31,7 +31,7 @@ internal struct BoringSSLPBKDF2 {
     ///    - outputByteCount: The length in bytes of resulting symmetric key.
     ///    - rounds: The number of rounds which should be used to perform key derivation.
     /// - Returns: The derived symmetric key.
-    public static func deriveKey<Passphrase: DataProtocol, Salt: DataProtocol>(from password: Passphrase, salt: Salt, using hashFunction: KDF.Insecure.PBKDF2.HashFunction, outputByteCount: Int, rounds: Int) throws -> SymmetricKey {
+    static func deriveKey<Passphrase: DataProtocol, Salt: DataProtocol>(from password: Passphrase, salt: Salt, using hashFunction: KDF.Insecure.PBKDF2.HashFunction, outputByteCount: Int, rounds: Int) throws -> SymmetricKey {
         // This should be SecureBytes, but we can't use that here.
         var derivedKeyData = Data(count: outputByteCount)
 
@@ -59,11 +59,11 @@ internal struct BoringSSLPBKDF2 {
 extension KDF.Insecure.PBKDF2.HashFunction {
     var digest: OpaquePointer {
         switch self {
-        case .md5:
+        case .insecure_md5:
             return CCryptoBoringSSL_EVP_md5()
-        case .sha1:
+        case .insecure_sha1:
             return CCryptoBoringSSL_EVP_sha1()
-        case .sha224:
+        case .insecure_sha224:
             return CCryptoBoringSSL_EVP_sha224()
         case .sha256:
             return CCryptoBoringSSL_EVP_sha256()

Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_commoncrypto.swift

@@ -30,7 +30,7 @@ internal struct CommonCryptoPBKDF2 {
     ///    - outputByteCount: The length in bytes of resulting symmetric key.
     ///    - rounds: The number of rounds which should be used to perform key derivation.
     /// - Returns: The derived symmetric key.
-    public static func deriveKey<Passphrase: DataProtocol, Salt: DataProtocol>(from password: Passphrase, salt: Salt, using hashFunction: KDF.Insecure.PBKDF2.HashFunction, outputByteCount: Int, rounds: Int) throws -> SymmetricKey {
+    static func deriveKey<Passphrase: DataProtocol, Salt: DataProtocol>(from password: Passphrase, salt: Salt, using hashFunction: KDF.Insecure.PBKDF2.HashFunction, outputByteCount: Int, rounds: Int) throws -> SymmetricKey {
         // This should be SecureBytes, but we can't use that here.
         var derivedKeyData = Data(count: outputByteCount)
 
@@ -64,11 +64,11 @@ internal struct CommonCryptoPBKDF2 {
 extension KDF.Insecure.PBKDF2.HashFunction {
     var ccHash: CCPBKDFAlgorithm {
         switch self {
-        case .md5:
+        case .insecure_md5:
             return CCPBKDFAlgorithm(kCCHmacAlgMD5)
-        case .sha1:
+        case .insecure_sha1:
             return CCPBKDFAlgorithm(kCCPRFHmacAlgSHA1)
-        case .sha224:
+        case .insecure_sha224:
             return CCPBKDFAlgorithm(kCCPRFHmacAlgSHA224)
         case .sha256:
             return CCPBKDFAlgorithm(kCCPRFHmacAlgSHA256)

Sources/_CryptoExtras/Key Derivation/PBKDF2/PBKDF2.swift

@@ -43,9 +43,9 @@ extension KDF.Insecure {
         public struct HashFunction: Equatable, Hashable {
             public let rawValue: String
 
-            public static let md5 = HashFunction(rawValue: "md5")
-            public static let sha1 = HashFunction(rawValue: "sha1")
-            public static let sha224 = HashFunction(rawValue: "sha224")
+            public static let insecure_md5 = HashFunction(rawValue: "insecure_md5")
+            public static let insecure_sha1 = HashFunction(rawValue: "insecure_sha1")
+            public static let insecure_sha224 = HashFunction(rawValue: "insecure_sha224")
             public static let sha256 = HashFunction(rawValue: "sha256")
             public static let sha384 = HashFunction(rawValue: "sha384")
             public static let sha512 = HashFunction(rawValue: "sha512")

Sources/_CryptoExtras/Key Derivation/Scrypt/BoringSSL/Scrypt_boring.swift

@@ -36,8 +36,8 @@ internal struct BoringSSLScrypt {
         // This should be SecureBytes, but we can't use that here.
         var derivedKeyData = Data(count: outputByteCount)
 
-        // This computes the maximum amount of memory that will be used by the scrypt algorithm with an additional memory page to spare. This value will be used by the BoringSSL as the memory limit for the algorithm.
-        let maxMemory = maxMemory ?? 128 * rounds * blockSize * parallelism + Int(vm_page_size)
+        // This computes the maximum amount of memory that will be used by the scrypt algorithm with an additional memory page to spare. This value will be used by the BoringSSL as the memory limit for the algorithm. An additional memory page is added to the computed value (using POSIX specification) to ensure that the memory limit is not too tight.
+        let maxMemory = maxMemory ?? (128 * rounds * blockSize * parallelism + Int(sysconf(_SC_PAGESIZE)))
 
         let result = derivedKeyData.withUnsafeMutableBytes { derivedKeyBytes -> Int32 in
             let saltBytes: ContiguousBytes = salt.regions.count == 1 ? salt.regions.first! : Array(salt)

Tests/_CryptoExtrasTests/PBKDF2Tests.swift

@@ -72,7 +72,7 @@ class PBKDF2Tests: XCTestCase {
 
         for vector in vectors {
             precondition(vector.hash == "SHA-1")
-            try orFail { try self.testRFCVector(vector, hash: .sha1) }
+            try orFail { try self.testRFCVector(vector, hash: .insecure_sha1) }
         }
     }
 }