swift-crypto icon indicating copy to clipboard operation
swift-crypto copied to clipboard

Published 20 hours ago verified publisher icon apple

Add SwiftWasm support / remove need for BoringSSL networking methods

Open Sajjon opened this issue 4 years ago • 1 comments

New API Proposal: SwiftWasm support

Motivation:

Hey! I try to compile swift-crypto with SwiftWasm, using command:

swift build --triple wasm32-unknown-wasi

Which produces the following compilation error:

~/Developer/Swift/swift-crypto/Sources/CCryptoBoringSSL/crypto/bio/socket_helper.c:28:10: fatal error: 'netdb.h' file not found
#include <netdb.h>
         ^~~~~~~~~
.
[358/406] Compiling curve25519.c

Which is caused by the fact that networking is not standardized/supported by WebAssembly (issue from April 2019).

However, this networking part of BoringSSL does not really seem needed for me to be able to offline be performing crypto primitives!

So feels like we should be able to skip these parts of BoringSSL?

I propose that we change the wrapper around BoringSSL so that we can use just what we need in BoringSSL so that hopefully swift-crypto can work with SwiftWasm.

Importance:

WebAssembly is on the rise (Google Trends) and SwiftWasm seems to be the primary project bringing Wasm support to Swift. If it is possible to make swift-crypto work with SwiftWasm with a small amount of work I think it would be very beneficial to the Swift and WebAssembly community.

Sajjon avatar Dec 09 '20 17:12 Sajjon

I think it would be interesting to see what changes are necessary to get the complete compile to function. With those in mind we can then see whether the BoringSSL team are open to providing a completely separate compile mode that removes this functionality for the WASM target more broadly.

I'd also be curious as to whether a more sensible forward-looking route would be to provide a WASM-specific backend for Swift Crypto that delegates to WebCrypto instead of BoringSSL and simply not even bother shipping Boring.

Lukasa avatar Dec 09 '20 17:12 Lukasa

@Lukasa My 2c on delegating to WebCrypto - not every WASM environment supports it. I think its important to recognize platforms like Compute@Edge which are running wasm server side and not client side, so simply delegating to web api's is a big mistake in my opinion.

AndrewBarba avatar Feb 02 '23 17:02 AndrewBarba

I have an initial implementation here: https://github.com/apple/swift-crypto/pull/145

I've verified that this complies and runs on WASM applications.

AndrewBarba avatar Feb 08 '23 20:02 AndrewBarba

Merged https://github.com/apple/swift-crypto/pull/145 💯

AndrewBarba avatar Feb 09 '23 15:02 AndrewBarba