From add4813763d39192160b9bf529d5cef922d51aab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adam=20Kope=C4=87?= <adamkopec5@icloud.com>
Date: Mon, 17 Jun 2024 15:29:53 +0200
Subject: [PATCH] Marked insecure HashFunctions as `insecure_` and fixed an
 issue which prevented compilation on Linux targets The issue was caused by
 the use of Darwin API for PAGE_SIZE instead of a standaridised POSIX call

---
 .../Key Derivation/PBKDF2/BoringSSL/PBKDF2_boring.swift   | 8 ++++----
 .../PBKDF2/BoringSSL/PBKDF2_commoncrypto.swift            | 8 ++++----
 Sources/_CryptoExtras/Key Derivation/PBKDF2/PBKDF2.swift  | 6 +++---
 .../Key Derivation/Scrypt/BoringSSL/Scrypt_boring.swift   | 4 ++--
 Tests/_CryptoExtrasTests/PBKDF2Tests.swift                | 2 +-
 5 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_boring.swift b/Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_boring.swift
index a72a77b2..5dff99b7 100644
--- a/Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_boring.swift	
+++ b/Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_boring.swift	
@@ -31,7 +31,7 @@ internal struct BoringSSLPBKDF2 {
     ///    - outputByteCount: The length in bytes of resulting symmetric key.
     ///    - rounds: The number of rounds which should be used to perform key derivation.
     /// - Returns: The derived symmetric key.
-    public static func deriveKey<Passphrase: DataProtocol, Salt: DataProtocol>(from password: Passphrase, salt: Salt, using hashFunction: KDF.Insecure.PBKDF2.HashFunction, outputByteCount: Int, rounds: Int) throws -> SymmetricKey {
+    static func deriveKey<Passphrase: DataProtocol, Salt: DataProtocol>(from password: Passphrase, salt: Salt, using hashFunction: KDF.Insecure.PBKDF2.HashFunction, outputByteCount: Int, rounds: Int) throws -> SymmetricKey {
         // This should be SecureBytes, but we can't use that here.
         var derivedKeyData = Data(count: outputByteCount)
         
@@ -59,11 +59,11 @@ internal struct BoringSSLPBKDF2 {
 extension KDF.Insecure.PBKDF2.HashFunction {
     var digest: OpaquePointer {
         switch self {
-        case .md5:
+        case .insecure_md5:
             return CCryptoBoringSSL_EVP_md5()
-        case .sha1:
+        case .insecure_sha1:
             return CCryptoBoringSSL_EVP_sha1()
-        case .sha224:
+        case .insecure_sha224:
             return CCryptoBoringSSL_EVP_sha224()
         case .sha256:
             return CCryptoBoringSSL_EVP_sha256()
diff --git a/Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_commoncrypto.swift b/Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_commoncrypto.swift
index 25bc406b..be64e5df 100644
--- a/Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_commoncrypto.swift	
+++ b/Sources/_CryptoExtras/Key Derivation/PBKDF2/BoringSSL/PBKDF2_commoncrypto.swift	
@@ -30,7 +30,7 @@ internal struct CommonCryptoPBKDF2 {
     ///    - outputByteCount: The length in bytes of resulting symmetric key.
     ///    - rounds: The number of rounds which should be used to perform key derivation.
     /// - Returns: The derived symmetric key.
-    public static func deriveKey<Passphrase: DataProtocol, Salt: DataProtocol>(from password: Passphrase, salt: Salt, using hashFunction: KDF.Insecure.PBKDF2.HashFunction, outputByteCount: Int, rounds: Int) throws -> SymmetricKey {
+    static func deriveKey<Passphrase: DataProtocol, Salt: DataProtocol>(from password: Passphrase, salt: Salt, using hashFunction: KDF.Insecure.PBKDF2.HashFunction, outputByteCount: Int, rounds: Int) throws -> SymmetricKey {
         // This should be SecureBytes, but we can't use that here.
         var derivedKeyData = Data(count: outputByteCount)
         
@@ -64,11 +64,11 @@ internal struct CommonCryptoPBKDF2 {
 extension KDF.Insecure.PBKDF2.HashFunction {
     var ccHash: CCPBKDFAlgorithm {
         switch self {
-        case .md5:
+        case .insecure_md5:
             return CCPBKDFAlgorithm(kCCHmacAlgMD5)
-        case .sha1:
+        case .insecure_sha1:
             return CCPBKDFAlgorithm(kCCPRFHmacAlgSHA1)
-        case .sha224:
+        case .insecure_sha224:
             return CCPBKDFAlgorithm(kCCPRFHmacAlgSHA224)
         case .sha256:
             return CCPBKDFAlgorithm(kCCPRFHmacAlgSHA256)
diff --git a/Sources/_CryptoExtras/Key Derivation/PBKDF2/PBKDF2.swift b/Sources/_CryptoExtras/Key Derivation/PBKDF2/PBKDF2.swift
index 453c8c78..55332906 100644
--- a/Sources/_CryptoExtras/Key Derivation/PBKDF2/PBKDF2.swift	
+++ b/Sources/_CryptoExtras/Key Derivation/PBKDF2/PBKDF2.swift	
@@ -43,9 +43,9 @@ extension KDF.Insecure {
         public struct HashFunction: Equatable, Hashable {
             public let rawValue: String
             
-            public static let md5 = HashFunction(rawValue: "md5")
-            public static let sha1 = HashFunction(rawValue: "sha1")
-            public static let sha224 = HashFunction(rawValue: "sha224")
+            public static let insecure_md5 = HashFunction(rawValue: "insecure_md5")
+            public static let insecure_sha1 = HashFunction(rawValue: "insecure_sha1")
+            public static let insecure_sha224 = HashFunction(rawValue: "insecure_sha224")
             public static let sha256 = HashFunction(rawValue: "sha256")
             public static let sha384 = HashFunction(rawValue: "sha384")
             public static let sha512 = HashFunction(rawValue: "sha512")
diff --git a/Sources/_CryptoExtras/Key Derivation/Scrypt/BoringSSL/Scrypt_boring.swift b/Sources/_CryptoExtras/Key Derivation/Scrypt/BoringSSL/Scrypt_boring.swift
index d5d4920d..98422ecc 100644
--- a/Sources/_CryptoExtras/Key Derivation/Scrypt/BoringSSL/Scrypt_boring.swift	
+++ b/Sources/_CryptoExtras/Key Derivation/Scrypt/BoringSSL/Scrypt_boring.swift	
@@ -36,8 +36,8 @@ internal struct BoringSSLScrypt {
         // This should be SecureBytes, but we can't use that here.
         var derivedKeyData = Data(count: outputByteCount)
         
-        // This computes the maximum amount of memory that will be used by the scrypt algorithm with an additional memory page to spare. This value will be used by the BoringSSL as the memory limit for the algorithm.
-        let maxMemory = maxMemory ?? 128 * rounds * blockSize * parallelism + Int(vm_page_size)
+        // This computes the maximum amount of memory that will be used by the scrypt algorithm with an additional memory page to spare. This value will be used by the BoringSSL as the memory limit for the algorithm. An additional memory page is added to the computed value (using POSIX specification) to ensure that the memory limit is not too tight.
+        let maxMemory = maxMemory ?? (128 * rounds * blockSize * parallelism + Int(sysconf(_SC_PAGESIZE)))
         
         let result = derivedKeyData.withUnsafeMutableBytes { derivedKeyBytes -> Int32 in
             let saltBytes: ContiguousBytes = salt.regions.count == 1 ? salt.regions.first! : Array(salt)
diff --git a/Tests/_CryptoExtrasTests/PBKDF2Tests.swift b/Tests/_CryptoExtrasTests/PBKDF2Tests.swift
index 81514af8..b5626b0c 100644
--- a/Tests/_CryptoExtrasTests/PBKDF2Tests.swift
+++ b/Tests/_CryptoExtrasTests/PBKDF2Tests.swift
@@ -72,7 +72,7 @@ class PBKDF2Tests: XCTestCase {
         
         for vector in vectors {
             precondition(vector.hash == "SHA-1")
-            try orFail { try self.testRFCVector(vector, hash: .sha1) }
+            try orFail { try self.testRFCVector(vector, hash: .insecure_sha1) }
         }
     }
 }