Typealias CryptoKitError

README.md

@@ -128,7 +128,7 @@ What this means for you is that you should depend on Swift Crypto with a version
 In SwiftPM that can be easily done specifying for example `from: "1.0.0"` meaning that you support Swift Crypto in every version starting from 1.0.0 up to (excluding) 2.0.0.
 SemVer and Swift Crypto's Public API guarantees should result in a working program without having to worry about testing every single version for compatibility.
 
-Swift Crypto 2.0.0 was released in September 2021. The only breaking change between Swift Crypto 2.0.0 and 1.0.0 was the addition of new cases in the `CryptoKitError` enumeration. For most users, then, it's safe to depend on either the 1.0.0 _or_ 2.0.0 series of releases.
+Swift Crypto 2.0.0 was released in September 2021. The only breaking change between Swift Crypto 2.0.0 and 1.0.0 was the addition of new cases in the `CryptoError` enumeration. For most users, then, it's safe to depend on either the 1.0.0 _or_ 2.0.0 series of releases.
 
 To do so, please use the following dependency in your `Package.swift`:
 

Sources/CCryptoBoringSSL/CMakeLists.txt

@@ -262,78 +262,16 @@ add_library(CCryptoBoringSSL STATIC
 
 if(CMAKE_SYSTEM_NAME STREQUAL Darwin AND CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x86_64")
   target_sources(CCryptoBoringSSL PRIVATE
-    gen/bcm/aes-gcm-avx10-x86_64-apple.S
-    gen/bcm/aesni-gcm-x86_64-apple.S
-    gen/bcm/aesni-x86_64-apple.S
-    gen/bcm/ghash-ssse3-x86_64-apple.S
-    gen/bcm/ghash-x86_64-apple.S
-    gen/bcm/p256-x86_64-asm-apple.S
-    gen/bcm/p256_beeu-x86_64-asm-apple.S
-    gen/bcm/rdrand-x86_64-apple.S
-    gen/bcm/rsaz-avx2-apple.S
-    gen/bcm/sha1-x86_64-apple.S
-    gen/bcm/sha256-x86_64-apple.S
-    gen/bcm/sha512-x86_64-apple.S
-    gen/bcm/vpaes-x86_64-apple.S
-    gen/bcm/x86_64-mont-apple.S
-    gen/bcm/x86_64-mont5-apple.S
-    gen/crypto/aes128gcmsiv-x86_64-apple.S
-    gen/crypto/chacha-x86_64-apple.S
-    gen/crypto/chacha20_poly1305_x86_64-apple.S
-    gen/crypto/md5-x86_64-apple.S)
+)
 elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD|OpenBSD" AND CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x86_64")
   target_sources(CCryptoBoringSSL PRIVATE
-    gen/bcm/aes-gcm-avx10-x86_64-linux.S
-    gen/bcm/aesni-gcm-x86_64-linux.S
-    gen/bcm/aesni-x86_64-linux.S
-    gen/bcm/ghash-ssse3-x86_64-linux.S
-    gen/bcm/ghash-x86_64-linux.S
-    gen/bcm/p256-x86_64-asm-linux.S
-    gen/bcm/p256_beeu-x86_64-asm-linux.S
-    gen/bcm/rdrand-x86_64-linux.S
-    gen/bcm/rsaz-avx2-linux.S
-    gen/bcm/sha1-x86_64-linux.S
-    gen/bcm/sha256-x86_64-linux.S
-    gen/bcm/sha512-x86_64-linux.S
-    gen/bcm/vpaes-x86_64-linux.S
-    gen/bcm/x86_64-mont-linux.S
-    gen/bcm/x86_64-mont5-linux.S
-    gen/crypto/aes128gcmsiv-x86_64-linux.S
-    gen/crypto/chacha-x86_64-linux.S
-    gen/crypto/chacha20_poly1305_x86_64-linux.S
-    gen/crypto/md5-x86_64-linux.S)
+)
 elseif(CMAKE_SYSTEM_NAME STREQUAL Darwin AND CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64")
   target_sources(CCryptoBoringSSL PRIVATE
-    gen/bcm/aesv8-armv8-apple.S
-    gen/bcm/aesv8-gcm-armv8-apple.S
-    gen/bcm/armv8-mont-apple.S
-    gen/bcm/bn-armv8-apple.S
-    gen/bcm/ghash-neon-armv8-apple.S
-    gen/bcm/ghashv8-armv8-apple.S
-    gen/bcm/p256-armv8-asm-apple.S
-    gen/bcm/p256_beeu-armv8-asm-apple.S
-    gen/bcm/sha1-armv8-apple.S
-    gen/bcm/sha256-armv8-apple.S
-    gen/bcm/sha512-armv8-apple.S
-    gen/bcm/vpaes-armv8-apple.S
-    gen/crypto/chacha-armv8-apple.S
-    gen/crypto/chacha20_poly1305_armv8-apple.S)
+)
 elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD|OpenBSD" AND CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64")
   target_sources(CCryptoBoringSSL PRIVATE
-    gen/bcm/aesv8-armv8-linux.S
-    gen/bcm/aesv8-gcm-armv8-linux.S
-    gen/bcm/armv8-mont-linux.S
-    gen/bcm/bn-armv8-linux.S
-    gen/bcm/ghash-neon-armv8-linux.S
-    gen/bcm/ghashv8-armv8-linux.S
-    gen/bcm/p256-armv8-asm-linux.S
-    gen/bcm/p256_beeu-armv8-asm-linux.S
-    gen/bcm/sha1-armv8-linux.S
-    gen/bcm/sha256-armv8-linux.S
-    gen/bcm/sha512-armv8-linux.S
-    gen/bcm/vpaes-armv8-linux.S
-    gen/crypto/chacha-armv8-linux.S
-    gen/crypto/chacha20_poly1305_armv8-linux.S)
+)
 else()
    message(FATAL_ERROR "platform sources are not defined here")
 endif()

Sources/Crypto/CMakeLists.txt

@@ -36,6 +36,7 @@ add_library(Crypto
   "ASN1/PKCS8PrivateKey.swift"
   "ASN1/SEC1PrivateKey.swift"
   "ASN1/SubjectPublicKeyInfo.swift"
+  "CryptoError_boring.swift"
   "CryptoKitErrors.swift"
   "Digests/BoringSSL/Digest_boring.swift"
   "Digests/Digest.swift"

Sources/Crypto/CryptoError_boring.swift

@@ -0,0 +1,18 @@
+//===----------------------------------------------------------------------===//
+//
+// This source file is part of the SwiftCrypto open source project
+//
+// Copyright (c) 2019-2025 Apple Inc. and the SwiftCrypto project authors
+// Licensed under Apache License v2.0
+//
+// See LICENSE.txt for license information
+// See CONTRIBUTORS.txt for the list of SwiftCrypto project authors
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+//===----------------------------------------------------------------------===//
+
+@available(iOS 13.0, macOS 10.15, watchOS 6.0, tvOS 13.0, *)
+public typealias CryptoError = CryptoKitError
+@available(iOS 14, macOS 11, tvOS 14, watchOS 7, *)
+public typealias CryptoASN1Error = CryptoKitASN1Error

Sources/_CryptoExtras/MLDSA/MLDSA65_boring.swift

@@ -35,7 +35,7 @@ extension MLDSA65 {
         ///
         /// - Parameter seedRepresentation: The seed to use to generate the private key.
         ///
-        /// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 32 bytes long.
+        /// - Throws: `CryptoError.incorrectKeySize` if the seed is not 32 bytes long.
         public init(seedRepresentation: some DataProtocol) throws {
             self.backing = try Backing(seedRepresentation: seedRepresentation)
         }
@@ -111,7 +111,7 @@ extension MLDSA65 {
             ///
             /// - Parameter seedRepresentation: The seed to use to generate the private key.
             ///
-            /// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 32 bytes long.
+            /// - Throws: `CryptoError.incorrectKeySize` if the seed is not 32 bytes long.
             init(seedRepresentation: some DataProtocol) throws {
                 guard seedRepresentation.count == MLDSA65.seedByteCount else {
                     throw CryptoKitError.incorrectKeySize
@@ -191,7 +191,7 @@ extension MLDSA65 {
         ///
         /// - Parameter rawRepresentation: The public key bytes.
         ///
-        /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
+        /// - Throws: `CryptoError.incorrectKeySize` if the raw representation is not the correct size.
         public init(rawRepresentation: some DataProtocol) throws {
             self.backing = try Backing(rawRepresentation: rawRepresentation)
         }
@@ -244,7 +244,7 @@ extension MLDSA65 {
             ///
             /// - Parameter rawRepresentation: The public key bytes.
             ///
-            /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
+            /// - Throws: `CryptoError.incorrectKeySize` if the raw representation is not the correct size.
             init(rawRepresentation: some DataProtocol) throws {
                 guard rawRepresentation.count == MLDSA65.PublicKey.Backing.byteCount else {
                     throw CryptoKitError.incorrectKeySize

Sources/_CryptoExtras/MLKEM/MLKEM_boring.swift

@@ -46,7 +46,7 @@ extension MLKEM768 {
         ///
         /// - Parameter seedRepresentation: The seed to use to generate the private key.
         ///
-        /// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 64 bytes long.
+        /// - Throws: `CryptoError.incorrectKeySize` if the seed is not 64 bytes long.
         public init(seedRepresentation: some DataProtocol) throws {
             self.backing = try Backing(seedRepresentation: seedRepresentation)
         }
@@ -65,7 +65,7 @@ extension MLKEM768 {
         ///
         /// - Parameter encapsulated: The encapsulated shared secret.
         ///
-        /// - Throws: `CryptoKitError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
+        /// - Throws: `CryptoError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
         ///
         /// - Returns: The symmetric key.
         public func decapsulate(_ encapsulated: some DataProtocol) throws -> SymmetricKey {
@@ -104,7 +104,7 @@ extension MLKEM768 {
             ///
             /// - Parameter seedRepresentation: The seed to use to generate the private key.
             ///
-            /// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 64 bytes long.
+            /// - Throws: `CryptoError.incorrectKeySize` if the seed is not 64 bytes long.
             init(seedRepresentation: some DataProtocol) throws {
                 guard seedRepresentation.count == MLKEM.seedByteCount else {
                     throw CryptoKitError.incorrectKeySize
@@ -135,7 +135,7 @@ extension MLKEM768 {
             ///
             /// - Parameter encapsulated: The encapsulated shared secret.
             ///
-            /// - Throws: `CryptoKitError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
+            /// - Throws: `CryptoError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
             ///
             /// - Returns: The symmetric key.
             func decapsulate(_ encapsulated: some DataProtocol) throws -> SymmetricKey {
@@ -184,7 +184,7 @@ extension MLKEM768 {
         ///
         /// - Parameter rawRepresentation: The public key bytes.
         ///
-        /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
+        /// - Throws: `CryptoError.incorrectKeySize` if the raw representation is not the correct size.
         public init(rawRepresentation: some DataProtocol) throws {
             self.backing = try Backing(rawRepresentation: rawRepresentation)
         }
@@ -216,7 +216,7 @@ extension MLKEM768 {
             ///
             /// - Parameter rawRepresentation: The public key bytes.
             ///
-            /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
+            /// - Throws: `CryptoError.incorrectKeySize` if the raw representation is not the correct size.
             init(rawRepresentation: some DataProtocol) throws {
                 guard rawRepresentation.count == MLKEM768.PublicKey.byteCount else {
                     throw CryptoKitError.incorrectKeySize
@@ -317,7 +317,7 @@ extension MLKEM1024 {
         ///
         /// - Parameter seedRepresentation: The seed to use to generate the private key.
         ///
-        /// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 64 bytes long.
+        /// - Throws: `CryptoError.incorrectKeySize` if the seed is not 64 bytes long.
         public init(seedRepresentation: some DataProtocol) throws {
             self.backing = try Backing(seedRepresentation: seedRepresentation)
         }
@@ -336,7 +336,7 @@ extension MLKEM1024 {
         ///
         /// - Parameter encapsulated: The encapsulated shared secret.
         ///
-        /// - Throws: `CryptoKitError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
+        /// - Throws: `CryptoError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
         ///
         /// - Returns: The symmetric key.
         public func decapsulate(_ encapsulated: some DataProtocol) throws -> SymmetricKey {
@@ -375,7 +375,7 @@ extension MLKEM1024 {
             ///
             /// - Parameter seedRepresentation: The seed to use to generate the private key.
             ///
-            /// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 64 bytes long.
+            /// - Throws: `CryptoError.incorrectKeySize` if the seed is not 64 bytes long.
             init(seedRepresentation: some DataProtocol) throws {
                 guard seedRepresentation.count == MLKEM.seedByteCount else {
                     throw CryptoKitError.incorrectKeySize
@@ -406,7 +406,7 @@ extension MLKEM1024 {
             ///
             /// - Parameter encapsulated: The encapsulated shared secret.
             ///
-            /// - Throws: `CryptoKitError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
+            /// - Throws: `CryptoError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
             ///
             /// - Returns: The symmetric key.
             func decapsulate(_ encapsulated: some DataProtocol) throws -> SymmetricKey {
@@ -455,7 +455,7 @@ extension MLKEM1024 {
         ///
         /// - Parameter rawRepresentation: The public key bytes.
         ///
-        /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
+        /// - Throws: `CryptoError.incorrectKeySize` if the raw representation is not the correct size.
         public init(rawRepresentation: some DataProtocol) throws {
             self.backing = try Backing(rawRepresentation: rawRepresentation)
         }
@@ -487,7 +487,7 @@ extension MLKEM1024 {
             ///
             /// - Parameter rawRepresentation: The public key bytes.
             ///
-            /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
+            /// - Throws: `CryptoError.incorrectKeySize` if the raw representation is not the correct size.
             init(rawRepresentation: some DataProtocol) throws {
                 guard rawRepresentation.count == MLKEM1024.PublicKey.byteCount else {
                     throw CryptoKitError.incorrectKeySize

Sources/_CryptoExtras/MLKEM/MLKEM_boring.swift.gyb

@@ -50,7 +50,7 @@ extension MLKEM${parameter_set} {
         ///
         /// - Parameter seedRepresentation: The seed to use to generate the private key.
         ///
-        /// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 64 bytes long.
+        /// - Throws: `CryptoError.incorrectKeySize` if the seed is not 64 bytes long.
         public init(seedRepresentation: some DataProtocol) throws {
             self.backing = try Backing(seedRepresentation: seedRepresentation)
         }
@@ -69,7 +69,7 @@ extension MLKEM${parameter_set} {
         ///
         /// - Parameter encapsulated: The encapsulated shared secret.
         ///
-        /// - Throws: `CryptoKitError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
+        /// - Throws: `CryptoError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
         ///
         /// - Returns: The symmetric key.
         public func decapsulate(_ encapsulated: some DataProtocol) throws -> SymmetricKey {
@@ -108,7 +108,7 @@ extension MLKEM${parameter_set} {
             ///
             /// - Parameter seedRepresentation: The seed to use to generate the private key.
             ///
-            /// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 64 bytes long.
+            /// - Throws: `CryptoError.incorrectKeySize` if the seed is not 64 bytes long.
             init(seedRepresentation: some DataProtocol) throws {
                 guard seedRepresentation.count == MLKEM.seedByteCount else {
                     throw CryptoKitError.incorrectKeySize
@@ -139,7 +139,7 @@ extension MLKEM${parameter_set} {
             ///
             /// - Parameter encapsulated: The encapsulated shared secret.
             ///
-            /// - Throws: `CryptoKitError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
+            /// - Throws: `CryptoError.incorrectParameterSize` if the encapsulated shared secret is not 1088 bytes long.
             ///
             /// - Returns: The symmetric key.
             func decapsulate(_ encapsulated: some DataProtocol) throws -> SymmetricKey {
@@ -188,7 +188,7 @@ extension MLKEM${parameter_set} {
         ///
         /// - Parameter rawRepresentation: The public key bytes.
         ///
-        /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
+        /// - Throws: `CryptoError.incorrectKeySize` if the raw representation is not the correct size.
         public init(rawRepresentation: some DataProtocol) throws {
             self.backing = try Backing(rawRepresentation: rawRepresentation)
         }
@@ -220,7 +220,7 @@ extension MLKEM${parameter_set} {
             ///
             /// - Parameter rawRepresentation: The public key bytes.
             ///
-            /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
+            /// - Throws: `CryptoError.incorrectKeySize` if the raw representation is not the correct size.
             init(rawRepresentation: some DataProtocol) throws {
                 guard rawRepresentation.count == MLKEM${parameter_set}.PublicKey.byteCount else {
                     throw CryptoKitError.incorrectKeySize

Sources/_CryptoExtras/RSA/RSA+BlindSigning.swift

@@ -495,7 +495,7 @@ extension _RSA.BlindSigning.PublicKey {
 extension _RSA.BlindSigning {
     /// Errors defined in the RSA Blind Signatures protocol.
     ///
-    /// - NOTE: This type does not conform to `Swift.Error`, it is used to construct a `CryptoKitError`.
+    /// - NOTE: This type does not conform to `Swift.Error`, it is used to construct a `CryptoError`.
     ///
     /// - Seealso: [RFC 9474: Errors](https://www.rfc-editor.org/rfc/rfc9474.html#name-errors).
     @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *)
@@ -512,7 +512,7 @@ extension _RSA.BlindSigning {
 
 @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *)
 extension CryptoKitError {
-    /// Map an error from the RSA Blind Signatures protocol to a CryptoKitError.
+    /// Map an error from the RSA Blind Signatures protocol to a CryptoError.
     init(_ error: _RSA.BlindSigning.ProtocolError) {
         switch error {
         case .messageTooLong: