OpenBSD support. (#349)

OpenBSD support.

### Checklist
- [X] I've run tests to see all new and existing tests pass
- [X] I've followed the code style of the rest of the project
- [X] I've read the [Contribution Guidelines](CONTRIBUTING.md)
- [X] I've updated the documentation if necessary (_not necessary_)

#### If you've made changes to `gyb` files
- [X] I've run `.script/generate_boilerplate_files_with_gyb` and
included updated generated files in a commit of this pull request (_not
applicable_)

### Motivation:

swift-crypto is a required dependency for swift-package-manager, and
must build and run on OpenBSD.

### Modifications:

    OpenBSD support for cmake/swiftpm.
    
* Add to patterns for CMakeLists. Also provide a helpful error so future
porters have a slightly better idea of what might need to be updated.
    
* Proactively reverse sense in some system name checks so they read as
"if not Darwin". This is likely safer to do here than elsewhere since
there are likely not going to be other platforms for which swift-crypto
      already exists.
    
    * Add to Package.swift

    ManagedBuffer.capacity is unavailable on OpenBSD.
    
    ManagedBuffer.capacity depends on malloc introspection (e.g.,
`malloc_size`), which is not available on this platform -- and is thus
    marked as such.
    
    Here, SecureBytes uses a ManagedBuffer in Backing. We have capacity
    tracked in the BackingHeader, and most of the references to the
ManagedBuffer.capacity property can be replaced with references to the
capacity in the header. However, since capacity in the header is marked
as internal which conflicts with some of the @inline functions, so we
    must change those to @usableFromInline for the platform as well.

    Add conditional for RandomBytes.

    Required for tests to build on OpenBSD.

### Result:

swift-crypto builds and runs on OpenBSD.

---------

Co-authored-by: Cory Benfield <[email protected]>

Author: 3405691582

Package.swift

@@ -56,6 +56,7 @@ if development || isFreeBSD {
         Platform.android,
         Platform.windows,
         Platform.wasi,
+        Platform.openbsd,
     ]
     swiftSettings = [
         .define("CRYPTO_IN_SWIFTPM"),

Sources/CCryptoBoringSSL/CMakeLists.txt

@@ -281,7 +281,7 @@ if(CMAKE_SYSTEM_NAME STREQUAL Darwin AND CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x
     gen/crypto/chacha-x86_64-apple.S
     gen/crypto/chacha20_poly1305_x86_64-apple.S
     gen/crypto/md5-x86_64-apple.S)
-elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD" AND CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x86_64")
+elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD|OpenBSD" AND CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x86_64")
   target_sources(CCryptoBoringSSL PRIVATE
     gen/bcm/aes-gcm-avx10-x86_64-linux.S
     gen/bcm/aesni-gcm-x86_64-linux.S
@@ -318,7 +318,7 @@ elseif(CMAKE_SYSTEM_NAME STREQUAL Darwin AND CMAKE_SYSTEM_PROCESSOR MATCHES "arm
     gen/bcm/vpaes-armv8-apple.S
     gen/crypto/chacha-armv8-apple.S
     gen/crypto/chacha20_poly1305_armv8-apple.S)
-elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD" AND CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64")
+elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD|OpenBSD" AND CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64")
   target_sources(CCryptoBoringSSL PRIVATE
     gen/bcm/aesv8-armv8-linux.S
     gen/bcm/aesv8-gcm-armv8-linux.S
@@ -334,6 +334,8 @@ elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android|FreeBSD" AND CMAKE_SYSTEM_PROCES
     gen/bcm/vpaes-armv8-linux.S
     gen/crypto/chacha-armv8-linux.S
     gen/crypto/chacha20_poly1305_armv8-linux.S)
+else()
+   message(FATAL_ERROR "platform sources are not defined here")
 endif()
 
 target_include_directories(CCryptoBoringSSL PUBLIC

Sources/Crypto/CMakeLists.txt

@@ -97,7 +97,7 @@ add_library(Crypto
 target_compile_definitions(Crypto PRIVATE
   "$<$<COMPILE_LANGUAGE:Swift>:CRYPTO_IN_SWIFTPM>")
 
-if(CMAKE_SYSTEM_NAME STREQUAL "Linux" OR CMAKE_SYSTEM_NAME STREQUAL "Windows" OR CMAKE_SYSTEM_NAME STREQUAL "Android" OR CMAKE_SYSTEM_NAME STREQUAL "WASI" OR CMAKE_SYSTEM_NAME STREQUAL FreeBSD)
+if(NOT CMAKE_SYSTEM_NAME STREQUAL "Darwin")
   target_compile_definitions(Crypto PRIVATE
     "$<$<COMPILE_LANGUAGE:Swift>:CRYPTO_IN_SWIFTPM_FORCE_BUILD_API>")
 endif()

Sources/Crypto/Util/SecureBytes.swift

@@ -62,7 +62,8 @@ extension SecureBytes {
     @inlinable
     mutating func append<C: Collection>(_ data: C) where C.Element == UInt8 {
         let requiredCapacity = self.count + data.count
-        if !isKnownUniquelyReferenced(&self.backing) || requiredCapacity > self.backing.capacity {
+        let backingCapacity = self.backing.allocatedCapacity
+        if !isKnownUniquelyReferenced(&self.backing) || requiredCapacity > backingCapacity {
             let newBacking = Backing.create(capacity: requiredCapacity)
             newBacking._appendBytes(self.backing, inRange: 0..<self.count)
             self.backing = newBacking
@@ -72,7 +73,8 @@ extension SecureBytes {
 
     @usableFromInline
     mutating func reserveCapacity(_ n: Int) {
-        if self.backing.capacity >= n {
+        let backingCapacity = self.backing.allocatedCapacity
+        if backingCapacity >= n {
             return
         }
 
@@ -157,8 +159,9 @@ extension SecureBytes: RangeReplaceableCollection {
     @inlinable
     mutating func replaceSubrange<C: Collection>(_ subrange: Range<Index>, with newElements: C) where C.Element == UInt8 {
         let requiredCapacity = self.backing.count - subrange.count + newElements.count
+        let backingCapacity = self.backing.allocatedCapacity
 
-        if !isKnownUniquelyReferenced(&self.backing) || requiredCapacity > self.backing.capacity {
+        if !isKnownUniquelyReferenced(&self.backing) || requiredCapacity > backingCapacity {
             // We have to allocate anyway, so let's use a nice straightforward copy.
             let newBacking = Backing.create(capacity: requiredCapacity)
 
@@ -292,7 +295,7 @@ extension SecureBytes {
                     targetPtr.copyMemory(from: bytesPtr)
                 }
                 backing.count = bytesPtr.count
-                precondition(backing.count <= backing.capacity)
+                precondition(backing.count <= backing.allocatedCapacity)
                 return backing
             }
         }
@@ -343,6 +346,15 @@ extension SecureBytes {
 
 @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *)
 extension SecureBytes.Backing {
+    @usableFromInline
+    var allocatedCapacity: Int {
+#if os(OpenBSD)
+        return self.header.capacity
+#else
+        return self.capacity
+#endif
+    }
+
     func replaceSubrangeFittingWithinCapacity<C: Collection>(_ subrange: Range<Int>, with newElements: C) where C.Element == UInt8 {
         // This function is called when have a unique reference to the backing storage, and we have enough room to store these bytes without
         // any problem. We have one pre-existing buffer made up of 4 regions: a prefix set of bytes that are
@@ -362,7 +374,7 @@ extension SecureBytes.Backing {
         // for R1 and then move the suffix, as if R2 is larger than R1 we'll have thrown some suffix bytes away. So we have
         // to move suffix first. What we do is take the bytes in suffix, and move them (via memmove). We can then copy
         // R2 in, and feel confident that the space in memory is right.
-        precondition(self.count - subrange.count + newElements.count <= self.capacity, "Insufficient capacity")
+        precondition(self.count - subrange.count + newElements.count <= self.allocatedCapacity, "Insufficient capacity")
 
         let moveDistance = newElements.count - subrange.count
         let suffixRange = subrange.upperBound..<self.count
@@ -375,7 +387,7 @@ extension SecureBytes.Backing {
     /* private but inlinable */ func _appendBytes<C: Collection>(_ bytes: C) where C.Element == UInt8 {
         let byteCount = bytes.count
 
-        precondition(self.capacity - self.count - byteCount >= 0, "Insufficient space for byte copying, must have reallocated!")
+        precondition(self.allocatedCapacity - self.count - byteCount >= 0, "Insufficient space for byte copying, must have reallocated!")
 
         let lowerOffset = self.count
         self._withVeryUnsafeMutableBytes { bytesPtr in
@@ -389,8 +401,8 @@ extension SecureBytes.Backing {
     /// is not enough room.
     /* private but inlinable */ func _appendBytes(_ backing: SecureBytes.Backing, inRange range: Range<Int>) {
         precondition(range.lowerBound >= 0)
-        precondition(range.upperBound <= backing.capacity)
-        precondition(self.capacity - self.count - range.count >= 0, "Insufficient space for byte copying, must have reallocated!")
+        precondition(range.upperBound <= backing.allocatedCapacity)
+        precondition(self.allocatedCapacity - self.count - range.count >= 0, "Insufficient space for byte copying, must have reallocated!")
 
         backing.withUnsafeBytes { backingPtr in
             let ptrSlice = UnsafeRawBufferPointer(rebasing: backingPtr[range])
@@ -411,11 +423,11 @@ extension SecureBytes.Backing {
     /* private but usableFromInline */ func _moveBytes(range: Range<Int>, by delta: Int) {
         // We have to check that the range is within the delta, as is the new location.
         precondition(range.lowerBound >= 0)
-        precondition(range.upperBound <= self.capacity)
+        precondition(range.upperBound <= self.allocatedCapacity)
 
         let shiftedRange = (range.lowerBound + delta)..<(range.upperBound + delta)
         precondition(shiftedRange.lowerBound > 0)
-        precondition(shiftedRange.upperBound <= self.capacity)
+        precondition(shiftedRange.upperBound <= self.allocatedCapacity)
 
         self._withVeryUnsafeMutableBytes { backingPtr in
             let source = UnsafeRawBufferPointer(rebasing: backingPtr[range])
@@ -428,7 +440,7 @@ extension SecureBytes.Backing {
     @inlinable
     /* private but inlinable */ func _copyBytes<C: Collection>(_ bytes: C, at offset: Int) where C.Element == UInt8 {
         precondition(offset >= 0)
-        precondition(offset + bytes.count <= self.capacity)
+        precondition(offset + bytes.count <= self.allocatedCapacity)
 
         let byteRange = offset..<(offset + bytes.count)
 
@@ -460,7 +472,7 @@ extension SecureBytes.Backing: ContiguousBytes {
     /// Very unsafe in the sense that this points to uninitialized memory. Used only for implementations within this file.
     @inlinable
     /* private but inlinable */ func _withVeryUnsafeMutableBytes<T>(_ body: (UnsafeMutableRawBufferPointer) throws -> T) rethrows -> T {
-        let capacity = self.capacity
+        let capacity = self.allocatedCapacity
 
         return try self.withUnsafeMutablePointerToElements { elementsPtr in
             return try body(UnsafeMutableRawBufferPointer(start: elementsPtr, count: capacity))

Sources/CryptoBoringWrapper/Util/RandomBytes.swift

@@ -20,7 +20,7 @@ extension UnsafeMutableRawBufferPointer {
             return
         }
 
-        #if canImport(Darwin) || os(Linux) || os(Android) || os(Windows) || os(FreeBSD)
+        #if canImport(Darwin) || os(Linux) || os(Android) || os(Windows) || os(FreeBSD) || os(OpenBSD)
         var rng = SystemRandomNumberGenerator()
         precondition(count <= self.count)
 

Sources/_CryptoExtras/CMakeLists.txt

@@ -69,7 +69,7 @@ add_library(_CryptoExtras
 
 target_compile_options(_CryptoExtras PRIVATE -DCRYPTO_IN_SWIFTPM)
 
-if(CMAKE_SYSTEM_NAME STREQUAL "Linux" OR CMAKE_SYSTEM_NAME STREQUAL "Windows" OR CMAKE_SYSTEM_NAME STREQUAL "Android" OR CMAKE_SYSTEM_NAME STREQUAL "WASI" OR CMAKE_SYSTEM_NAME STREQUAL FreeBSD)
+if(NOT CMAKE_SYSTEM_NAME STREQUAL "Darwin")
   target_compile_options(_CryptoExtras PRIVATE -DCRYPTO_IN_SWIFTPM_FORCE_BUILD_API)
 endif()
 

Tests/CryptoTests/SecureBytes/SecureBytesTests.swift

@@ -122,28 +122,28 @@ final class SecureBytesTests: XCTestCase {
 
     func testResizingByMakingLarger() {
         var base = SecureBytes(count: 12)
-        XCTAssertGreaterThanOrEqual(base.backing.capacity, 16)
+        XCTAssertGreaterThanOrEqual(base.backing.allocatedCapacity, 16)
         XCTAssertEqual(base.count, 12)
 
         base.append(contentsOf: 0..<16)
-        XCTAssertGreaterThanOrEqual(base.backing.capacity, 32)
+        XCTAssertGreaterThanOrEqual(base.backing.allocatedCapacity, 32)
         XCTAssertEqual(base.count, 28)
 
         base.append(contentsOf: 0..<4)
-        XCTAssertGreaterThanOrEqual(base.backing.capacity, 32)
+        XCTAssertGreaterThanOrEqual(base.backing.allocatedCapacity, 32)
         XCTAssertEqual(base.count, 32)
     }
 
     func testCountInitializerGeneratesSomewhatRandomData() {
         let base = SecureBytes(count: 16)
-        XCTAssertGreaterThanOrEqual(base.backing.capacity, 16)
+        XCTAssertGreaterThanOrEqual(base.backing.allocatedCapacity, 16)
         XCTAssertEqual(base.count, 16)
         XCTAssertNotEqual(Array(repeating: UInt8(0), count: 16), Array(base))
     }
 
     func testBackingBytesAreAppropriatelySized() {
         var base = SecureBytes(repeating: 0, count: 10)
-        XCTAssertGreaterThanOrEqual(base.backing.capacity, 16)
+        XCTAssertGreaterThanOrEqual(base.backing.allocatedCapacity, 16)
 
         base.withUnsafeBytes { XCTAssertEqual($0.count, 10) }
         base.withUnsafeMutableBytes { XCTAssertEqual($0.count, 10) }
@@ -164,7 +164,7 @@ final class SecureBytesTests: XCTestCase {
             initializedCapacity = 4
         }
 
-        XCTAssertGreaterThanOrEqual(base.backing.capacity, 8)
+        XCTAssertGreaterThanOrEqual(base.backing.allocatedCapacity, 8)
         XCTAssertEqual(Array(base), [1, 2, 3, 4])
 
         func testThrowingInitialization() throws {