diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 16cd8cfa..33812da5 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -37,3 +37,5 @@ jobs: with: runner_pool: nightly build_scheme: swift-certificates + xcode_16_2_build_arguments_override: "-Xswiftc -Xfrontend -Xswiftc -require-explicit-sendable" + xcode_16_3_build_arguments_override: "-Xswiftc -Xfrontend -Xswiftc -require-explicit-sendable" diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 53e9f00f..39556b5a 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -54,3 +54,5 @@ jobs: with: runner_pool: general build_scheme: swift-certificates + xcode_16_2_build_arguments_override: "-Xswiftc -Xfrontend -Xswiftc -require-explicit-sendable" + xcode_16_3_build_arguments_override: "-Xswiftc -Xfrontend -Xswiftc -require-explicit-sendable" diff --git a/Sources/X509/CSR/CSRAttribute.swift b/Sources/X509/CSR/CSRAttribute.swift index 62ed3a68..aeeec4a8 100644 --- a/Sources/X509/CSR/CSRAttribute.swift +++ b/Sources/X509/CSR/CSRAttribute.swift @@ -122,7 +122,7 @@ extension CertificateSigningRequest.Attribute: DERImplicitlyTaggable { extension ASN1ObjectIdentifier { /// Object Identifiers that identify attributes applied to CSRs. - public enum CSRAttributes { + public enum CSRAttributes: Sendable { /// A request to apply specific certificate extensions. public static let extensionRequest: ASN1ObjectIdentifier = [1, 2, 840, 113549, 1, 9, 14] } diff --git a/Sources/X509/CryptographicMessageSyntax/CMSOperations.swift b/Sources/X509/CryptographicMessageSyntax/CMSOperations.swift index 9c279c18..ad7685aa 100644 --- a/Sources/X509/CryptographicMessageSyntax/CMSOperations.swift +++ b/Sources/X509/CryptographicMessageSyntax/CMSOperations.swift @@ -20,7 +20,7 @@ import SwiftASN1 import Crypto @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -public enum CMS { +public enum CMS: Sendable { @_spi(CMS) @inlinable public static func sign( @@ -447,7 +447,7 @@ public enum CMS { @_spi(CMS) public typealias SignatureVerificationResult = Result - public struct Valid: Hashable { + public struct Valid: Hashable, Sendable { public var signer: Certificate @inlinable diff --git a/Sources/X509/Digests.swift b/Sources/X509/Digests.swift index 2217f48a..ea2e858c 100644 --- a/Sources/X509/Digests.swift +++ b/Sources/X509/Digests.swift @@ -17,11 +17,11 @@ import FoundationEssentials #else import Foundation #endif -import Crypto +@preconcurrency import Crypto @usableFromInline @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -enum Digest { +enum Digest: Sendable { case insecureSHA1(Insecure.SHA1Digest) case sha256(SHA256Digest) case sha384(SHA384Digest) diff --git a/Sources/X509/DistinguishedNameBuilder/CommonName.swift b/Sources/X509/DistinguishedNameBuilder/CommonName.swift index 953519a0..8fff93f3 100644 --- a/Sources/X509/DistinguishedNameBuilder/CommonName.swift +++ b/Sources/X509/DistinguishedNameBuilder/CommonName.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the Common Name (CN) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct CommonName: RelativeDistinguishedNameConvertible { +public struct CommonName: RelativeDistinguishedNameConvertible, Sendable { /// The value of the common name public var name: String diff --git a/Sources/X509/DistinguishedNameBuilder/CountryName.swift b/Sources/X509/DistinguishedNameBuilder/CountryName.swift index 78282756..47b76345 100644 --- a/Sources/X509/DistinguishedNameBuilder/CountryName.swift +++ b/Sources/X509/DistinguishedNameBuilder/CountryName.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the Country Name (C) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct CountryName: RelativeDistinguishedNameConvertible { +public struct CountryName: RelativeDistinguishedNameConvertible, Sendable { /// The value of the country name field. public var name: String diff --git a/Sources/X509/DistinguishedNameBuilder/DNBuilder.swift b/Sources/X509/DistinguishedNameBuilder/DNBuilder.swift index fe12419a..e3eae009 100644 --- a/Sources/X509/DistinguishedNameBuilder/DNBuilder.swift +++ b/Sources/X509/DistinguishedNameBuilder/DNBuilder.swift @@ -30,7 +30,7 @@ /// Users can extend this syntax for their own extensions by conforming their semantic type to ``RelativeDistinguishedNameConvertible``. /// This is the only requirement for adding new extensions to this builder syntax. @resultBuilder -public struct DistinguishedNameBuilder { +public struct DistinguishedNameBuilder: Sendable { @inlinable public static func buildExpression( _ expression: Extension diff --git a/Sources/X509/DistinguishedNameBuilder/DomainComponent.swift b/Sources/X509/DistinguishedNameBuilder/DomainComponent.swift index 55b6645b..1d2854a9 100644 --- a/Sources/X509/DistinguishedNameBuilder/DomainComponent.swift +++ b/Sources/X509/DistinguishedNameBuilder/DomainComponent.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the Domain Component (DC) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct DomainComponent: RelativeDistinguishedNameConvertible { +public struct DomainComponent: RelativeDistinguishedNameConvertible, Sendable { /// The value of the organizational unit name field. public var name: String diff --git a/Sources/X509/DistinguishedNameBuilder/EmailAddress.swift b/Sources/X509/DistinguishedNameBuilder/EmailAddress.swift index e3c8760d..01bd5f4c 100644 --- a/Sources/X509/DistinguishedNameBuilder/EmailAddress.swift +++ b/Sources/X509/DistinguishedNameBuilder/EmailAddress.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the Domain Component (E) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct EmailAddress: RelativeDistinguishedNameConvertible { +public struct EmailAddress: RelativeDistinguishedNameConvertible, Sendable { /// The value of the email name field. public var name: String diff --git a/Sources/X509/DistinguishedNameBuilder/LocalityName.swift b/Sources/X509/DistinguishedNameBuilder/LocalityName.swift index e9d528ca..164bb6f3 100644 --- a/Sources/X509/DistinguishedNameBuilder/LocalityName.swift +++ b/Sources/X509/DistinguishedNameBuilder/LocalityName.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the Locality Name (L) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct LocalityName: RelativeDistinguishedNameConvertible { +public struct LocalityName: RelativeDistinguishedNameConvertible, Sendable { /// The value of the locality name field. public var name: String diff --git a/Sources/X509/DistinguishedNameBuilder/OrganizationName.swift b/Sources/X509/DistinguishedNameBuilder/OrganizationName.swift index cca062dd..0adbe6b1 100644 --- a/Sources/X509/DistinguishedNameBuilder/OrganizationName.swift +++ b/Sources/X509/DistinguishedNameBuilder/OrganizationName.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the Organization Name (O) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct OrganizationName: RelativeDistinguishedNameConvertible { +public struct OrganizationName: RelativeDistinguishedNameConvertible, Sendable { /// The value of the organization name field. public var name: String diff --git a/Sources/X509/DistinguishedNameBuilder/OrganizationalUnitName.swift b/Sources/X509/DistinguishedNameBuilder/OrganizationalUnitName.swift index 12c64096..0cfb7958 100644 --- a/Sources/X509/DistinguishedNameBuilder/OrganizationalUnitName.swift +++ b/Sources/X509/DistinguishedNameBuilder/OrganizationalUnitName.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the Organizational Unit Name (OU) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct OrganizationalUnitName: RelativeDistinguishedNameConvertible { +public struct OrganizationalUnitName: RelativeDistinguishedNameConvertible, Sendable { /// The value of the organizational unit name field. public var name: String diff --git a/Sources/X509/DistinguishedNameBuilder/StateOrProvinceName.swift b/Sources/X509/DistinguishedNameBuilder/StateOrProvinceName.swift index 139203ad..68d3c735 100644 --- a/Sources/X509/DistinguishedNameBuilder/StateOrProvinceName.swift +++ b/Sources/X509/DistinguishedNameBuilder/StateOrProvinceName.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the State or Province Name (ST) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct StateOrProvinceName: RelativeDistinguishedNameConvertible { +public struct StateOrProvinceName: RelativeDistinguishedNameConvertible, Sendable { /// The value of the state or province name field. public var name: String diff --git a/Sources/X509/DistinguishedNameBuilder/StreetAddress.swift b/Sources/X509/DistinguishedNameBuilder/StreetAddress.swift index c25971e6..4ad87c70 100644 --- a/Sources/X509/DistinguishedNameBuilder/StreetAddress.swift +++ b/Sources/X509/DistinguishedNameBuilder/StreetAddress.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// Set the Street Address (STREET) of a ``DistinguishedName``. /// /// This type is used in ``DistinguishedNameBuilder`` contexts. -public struct StreetAddress: RelativeDistinguishedNameConvertible { +public struct StreetAddress: RelativeDistinguishedNameConvertible, Sendable { /// The value of the street address field. public var name: String diff --git a/Sources/X509/Extension Types/AuthorityInformationAccess.swift b/Sources/X509/Extension Types/AuthorityInformationAccess.swift index ae92f4fc..ad72b4a1 100644 --- a/Sources/X509/Extension Types/AuthorityInformationAccess.swift +++ b/Sources/X509/Extension Types/AuthorityInformationAccess.swift @@ -255,7 +255,7 @@ extension AuthorityInformationAccess: CertificateExtensionConvertible { // accessMethod OBJECT IDENTIFIER, // accessLocation GeneralName } @usableFromInline -struct AuthorityInfoAccessSyntax: DERImplicitlyTaggable { +struct AuthorityInfoAccessSyntax: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { .sequence @@ -285,7 +285,7 @@ struct AuthorityInfoAccessSyntax: DERImplicitlyTaggable { } @usableFromInline -struct AIAAccessDescription: DERImplicitlyTaggable { +struct AIAAccessDescription: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { .sequence @@ -329,7 +329,7 @@ struct AIAAccessDescription: DERImplicitlyTaggable { extension ASN1ObjectIdentifier { @usableFromInline - enum AccessMethodIdentifiers { + enum AccessMethodIdentifiers: Sendable { @usableFromInline static let ocspServer: ASN1ObjectIdentifier = [1, 3, 6, 1, 5, 5, 7, 48, 1] diff --git a/Sources/X509/Extension Types/AuthorityKeyIdentifier.swift b/Sources/X509/Extension Types/AuthorityKeyIdentifier.swift index 83da8481..fcf0169d 100644 --- a/Sources/X509/Extension Types/AuthorityKeyIdentifier.swift +++ b/Sources/X509/Extension Types/AuthorityKeyIdentifier.swift @@ -133,7 +133,7 @@ extension AuthorityKeyIdentifier: CertificateExtensionConvertible { // MARK: ASN1 helpers @usableFromInline -struct AuthorityKeyIdentifierValue: DERImplicitlyTaggable { +struct AuthorityKeyIdentifierValue: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { .sequence diff --git a/Sources/X509/Extension Types/BasicConstraints.swift b/Sources/X509/Extension Types/BasicConstraints.swift index aec194b5..d74d2c06 100644 --- a/Sources/X509/Extension Types/BasicConstraints.swift +++ b/Sources/X509/Extension Types/BasicConstraints.swift @@ -101,7 +101,7 @@ extension BasicConstraints: CertificateExtensionConvertible { // MARK: ASN1 helpers @usableFromInline -struct BasicConstraintsValue: DERImplicitlyTaggable { +struct BasicConstraintsValue: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { .sequence diff --git a/Sources/X509/Extension Types/ExtendedKeyUsage.swift b/Sources/X509/Extension Types/ExtendedKeyUsage.swift index 83e9e1ad..cc36fcdd 100644 --- a/Sources/X509/Extension Types/ExtendedKeyUsage.swift +++ b/Sources/X509/Extension Types/ExtendedKeyUsage.swift @@ -374,7 +374,7 @@ extension ASN1ObjectIdentifier { /// An acceptable usage for a certificate as attested in an /// ``ExtendedKeyUsage`` /// extension. - public enum ExtendedKeyUsage { + public enum ExtendedKeyUsage: Sendable { /// The public key may be used for any purpose. public static let any: ASN1ObjectIdentifier = [2, 5, 29, 37, 0] @@ -402,7 +402,7 @@ extension ASN1ObjectIdentifier { } @usableFromInline -struct ASN1ExtendedKeyUsage: DERImplicitlyTaggable { +struct ASN1ExtendedKeyUsage: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { .sequence diff --git a/Sources/X509/Extension Types/ExtensionIdentifiers.swift b/Sources/X509/Extension Types/ExtensionIdentifiers.swift index 752f6538..46f210c5 100644 --- a/Sources/X509/Extension Types/ExtensionIdentifiers.swift +++ b/Sources/X509/Extension Types/ExtensionIdentifiers.swift @@ -16,7 +16,7 @@ import SwiftASN1 extension ASN1ObjectIdentifier { /// OIDs that identify known X509 extensions. - public enum X509ExtensionID { + public enum X509ExtensionID: Sendable { /// Identifies the authority key identifier extension, corresponding to /// ``AuthorityKeyIdentifier``. public static let authorityKeyIdentifier: ASN1ObjectIdentifier = [2, 5, 29, 35] diff --git a/Sources/X509/Extension Types/NameConstraints.swift b/Sources/X509/Extension Types/NameConstraints.swift index 8a52ed6c..7b616ead 100644 --- a/Sources/X509/Extension Types/NameConstraints.swift +++ b/Sources/X509/Extension Types/NameConstraints.swift @@ -61,7 +61,7 @@ public struct NameConstraints { hasher.combine(contentsOf: self) } - public struct Index: Comparable { + public struct Index: Comparable, Sendable { @inlinable public static func < (lhs: Self, rhs: Self) -> Bool { lhs.wrapped < rhs.wrapped @@ -157,7 +157,7 @@ public struct NameConstraints { hasher.combine(contentsOf: self) } - public struct Index: Comparable { + public struct Index: Comparable, Sendable { @inlinable public static func < (lhs: Self, rhs: Self) -> Bool { lhs.wrapped < rhs.wrapped @@ -253,7 +253,7 @@ public struct NameConstraints { hasher.combine(contentsOf: self) } - public struct Index: Comparable { + public struct Index: Comparable, Sendable { @inlinable public static func < (lhs: Self, rhs: Self) -> Bool { lhs.wrapped < rhs.wrapped @@ -349,7 +349,7 @@ public struct NameConstraints { hasher.combine(contentsOf: self) } - public struct Index: Comparable { + public struct Index: Comparable, Sendable { @inlinable public static func < (lhs: Self, rhs: Self) -> Bool { lhs.wrapped < rhs.wrapped @@ -749,7 +749,7 @@ extension NameConstraints: CertificateExtensionConvertible { // MARK: ASN1 Helpers @usableFromInline @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -struct NameConstraintsValue: DERImplicitlyTaggable { +struct NameConstraintsValue: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { .sequence @@ -837,7 +837,7 @@ struct NameConstraintsValue: DERImplicitlyTaggable { // [GeneralSubtree] will force a heap allocation. Instead, we inline the definition of GeneralSubtree into // GeneralSubtrees, to avoid the extra allocation. @usableFromInline -struct GeneralSubtrees: DERImplicitlyTaggable { +struct GeneralSubtrees: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { .sequence diff --git a/Sources/X509/ExtensionsBuilder.swift b/Sources/X509/ExtensionsBuilder.swift index fcfa6803..04241b79 100644 --- a/Sources/X509/ExtensionsBuilder.swift +++ b/Sources/X509/ExtensionsBuilder.swift @@ -40,7 +40,7 @@ /// Users are also able to mark specific extensions as critical by using the ``Critical`` helper type. @resultBuilder @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -public struct ExtensionsBuilder { +public struct ExtensionsBuilder: Sendable { @inlinable public static func buildExpression( _ expression: Extension @@ -147,3 +147,6 @@ public struct Critical: Certific return ext } } + +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension Critical: Sendable where BaseExtension: Sendable {} diff --git a/Sources/X509/GeneralName.swift b/Sources/X509/GeneralName.swift index a592257e..491a9e3c 100644 --- a/Sources/X509/GeneralName.swift +++ b/Sources/X509/GeneralName.swift @@ -204,7 +204,7 @@ extension GeneralName.OtherName: CustomStringConvertible { } @usableFromInline -struct GeneralNames: DERImplicitlyTaggable { +struct GeneralNames: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { .sequence diff --git a/Sources/X509/Lock.swift b/Sources/X509/Lock.swift index 550409f9..b29a74da 100644 --- a/Sources/X509/Lock.swift +++ b/Sources/X509/Lock.swift @@ -44,7 +44,7 @@ typealias LockPrimitive = pthread_mutex_t #endif @usableFromInline -enum LockOperations {} +enum LockOperations: Sendable {} extension LockOperations { @inlinable @@ -196,6 +196,9 @@ final class LockStorage: ManagedBuffer { } } +@available(*, unavailable) +extension LockStorage: Sendable {} + /// A threading lock based on `libpthread` instead of `libdispatch`. /// /// - Note: ``CertificatesLock`` has reference semantics. diff --git a/Sources/X509/OCSP/DirectoryString.swift b/Sources/X509/OCSP/DirectoryString.swift index 893ff711..c22c605f 100644 --- a/Sources/X509/OCSP/DirectoryString.swift +++ b/Sources/X509/OCSP/DirectoryString.swift @@ -27,7 +27,7 @@ import SwiftASN1 /// Note that these upper bounds are measured in _characters_, not bytes. /// @usableFromInline -enum DirectoryString: DERParseable, DERSerializable, Hashable { +enum DirectoryString: DERParseable, DERSerializable, Hashable, Sendable { case teletexString(ASN1TeletexString) case printableString(ASN1PrintableString) case universalString(ASN1UniversalString) diff --git a/Sources/X509/OCSP/OCSPPolicy.swift b/Sources/X509/OCSP/OCSPPolicy.swift index 27ebc097..e4bf1f03 100644 --- a/Sources/X509/OCSP/OCSPPolicy.swift +++ b/Sources/X509/OCSP/OCSPPolicy.swift @@ -184,7 +184,7 @@ public struct OCSPFailureMode: Hashable, Sendable { } @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -public struct OCSPVerifierPolicy: VerifierPolicy { +public struct OCSPVerifierPolicy: VerifierPolicy, Sendable { public let verifyingCriticalExtensions: [ASN1ObjectIdentifier] = [] struct Storage: Sendable { diff --git a/Sources/X509/PKCS8PrivateKey.swift b/Sources/X509/PKCS8PrivateKey.swift index 003457e0..afcab820 100644 --- a/Sources/X509/PKCS8PrivateKey.swift +++ b/Sources/X509/PKCS8PrivateKey.swift @@ -47,7 +47,7 @@ import SwiftASN1 // We disregard the attributes because we don't support them anyway. // @usableFromInline -struct PKCS8PrivateKey: DERImplicitlyTaggable { +struct PKCS8PrivateKey: DERImplicitlyTaggable, Sendable { @inlinable static var defaultIdentifier: ASN1Identifier { return .sequence diff --git a/Sources/X509/RDNAttribute.swift b/Sources/X509/RDNAttribute.swift index ef390de9..f70748a1 100644 --- a/Sources/X509/RDNAttribute.swift +++ b/Sources/X509/RDNAttribute.swift @@ -317,7 +317,7 @@ extension RelativeDistinguishedName.Attribute { extension ASN1ObjectIdentifier { /// Common object identifiers used within ``RelativeDistinguishedName/Attribute``s. - public enum RDNAttributeType { + public enum RDNAttributeType: Sendable { /// The 'countryName' attribute type contains a two-letter /// ISO 3166 country code. public static let countryName: ASN1ObjectIdentifier = [2, 5, 4, 6] diff --git a/Sources/X509/SEC1PrivateKey.swift b/Sources/X509/SEC1PrivateKey.swift index d67e4cb2..17a6d034 100644 --- a/Sources/X509/SEC1PrivateKey.swift +++ b/Sources/X509/SEC1PrivateKey.swift @@ -37,7 +37,7 @@ import SwiftASN1 // publicKey [1] EXPLICIT BIT STRING OPTIONAL // } @usableFromInline -struct SEC1PrivateKey: DERImplicitlyTaggable, PEMRepresentable { +struct SEC1PrivateKey: DERImplicitlyTaggable, PEMRepresentable, Sendable { @usableFromInline static let defaultPEMDiscriminator: String = "EC PRIVATE KEY" diff --git a/Sources/X509/Verifier/AllOfPolicies.swift b/Sources/X509/Verifier/AllOfPolicies.swift index 0f3c0df8..c75b5465 100644 --- a/Sources/X509/Verifier/AllOfPolicies.swift +++ b/Sources/X509/Verifier/AllOfPolicies.swift @@ -58,3 +58,6 @@ public struct AllOfPolicies: VerifierPolicy { await self.policy.chainMeetsPolicyRequirements(chain: chain) } } + +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension AllOfPolicies: Sendable where Policy: Sendable {} diff --git a/Sources/X509/Verifier/AnyPolicy.swift b/Sources/X509/Verifier/AnyPolicy.swift index 64e6ad12..6f4654de 100644 --- a/Sources/X509/Verifier/AnyPolicy.swift +++ b/Sources/X509/Verifier/AnyPolicy.swift @@ -56,6 +56,9 @@ public struct AnyPolicy: VerifierPolicy { } } +@available(*, unavailable) +extension AnyPolicy: Sendable {} + @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) struct LegacyPolicySet: VerifierPolicy { let verifyingCriticalExtensions: [ASN1ObjectIdentifier] diff --git a/Sources/X509/Verifier/CertificateStore.swift b/Sources/X509/Verifier/CertificateStore.swift index 01a10516..1f3abe81 100644 --- a/Sources/X509/Verifier/CertificateStore.swift +++ b/Sources/X509/Verifier/CertificateStore.swift @@ -128,7 +128,7 @@ extension CertificateStore { @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension CertificateStore { @usableFromInline - enum Resolved { + enum Resolved: Sendable { case custom(AnyCustomCertificateStore) case concrete(ConcreteResolved) } @@ -158,7 +158,7 @@ extension CertificateStore.Resolved { @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension CertificateStore { @usableFromInline - struct ConcreteResolved { + struct ConcreteResolved: Sendable { @usableFromInline var systemTrustRoots: [DistinguishedName: [Certificate]] diff --git a/Sources/X509/Verifier/OneOfPolicies.swift b/Sources/X509/Verifier/OneOfPolicies.swift index 6d56b137..30be8da1 100644 --- a/Sources/X509/Verifier/OneOfPolicies.swift +++ b/Sources/X509/Verifier/OneOfPolicies.swift @@ -27,7 +27,7 @@ import SwiftASN1 /// } /// ``` @resultBuilder -public struct OneOfPolicyBuilder {} +public struct OneOfPolicyBuilder: Sendable {} @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension OneOfPolicyBuilder { @@ -41,7 +41,7 @@ extension OneOfPolicyBuilder { @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension OneOfPolicyBuilder { @usableFromInline - struct Empty: VerifierPolicy { + struct Empty: VerifierPolicy, Sendable { @inlinable var verifyingCriticalExtensions: [SwiftASN1.ASN1ObjectIdentifier] { [] } @@ -116,6 +116,9 @@ extension OneOfPolicyBuilder { } } +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension OneOfPolicyBuilder.Tuple2: Sendable where First: Sendable, Second: Sendable {} + // MARK: if @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension OneOfPolicyBuilder { @@ -147,6 +150,9 @@ extension OneOfPolicyBuilder { } } +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension OneOfPolicyBuilder.WrappedOptional: Sendable where Wrapped: Sendable {} + // MARK: if/else and switch @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension OneOfPolicyBuilder { @@ -203,3 +209,6 @@ public struct OneOfPolicies: VerifierPolicy { await self.policy.chainMeetsPolicyRequirements(chain: chain) } } + +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension OneOfPolicies: Sendable where Policy: Sendable {} diff --git a/Sources/X509/Verifier/PolicyBuilder.swift b/Sources/X509/Verifier/PolicyBuilder.swift index 7e27188c..af3ff21a 100644 --- a/Sources/X509/Verifier/PolicyBuilder.swift +++ b/Sources/X509/Verifier/PolicyBuilder.swift @@ -26,7 +26,7 @@ import SwiftASN1 /// } /// ``` @resultBuilder -public struct PolicyBuilder {} +public struct PolicyBuilder: Sendable {} @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension PolicyBuilder { @@ -40,7 +40,7 @@ extension PolicyBuilder { @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension PolicyBuilder { @usableFromInline - struct Empty: VerifierPolicy { + struct Empty: VerifierPolicy, Sendable { @inlinable var verifyingCriticalExtensions: [SwiftASN1.ASN1ObjectIdentifier] { [] } @@ -108,6 +108,9 @@ extension PolicyBuilder { } } +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension PolicyBuilder.Tuple2: Sendable where First: Sendable, Second: Sendable {} + // MARK: if @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension PolicyBuilder { @@ -138,6 +141,9 @@ extension PolicyBuilder { } } +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension PolicyBuilder.WrappedOptional: Sendable where Wrapped: Sendable {} + // MARK: if/else and switch @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension PolicyBuilder { @@ -195,6 +201,12 @@ extension PolicyBuilder { } } +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension PolicyBuilder._Either: Sendable where First: Sendable, Second: Sendable {} + +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension PolicyBuilder._Either.Storage: Sendable where First: Sendable, Second: Sendable {} + @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) extension PolicyBuilder { @usableFromInline @@ -231,3 +243,6 @@ extension PolicyBuilder { return AnyPolicy(cachedPolicy) } } + +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension PolicyBuilder.CachedVerifyingCriticalExtensions: Sendable where Wrapped: Sendable {} diff --git a/Sources/X509/Verifier/RFC5280/BasicConstraintsPolicy.swift b/Sources/X509/Verifier/RFC5280/BasicConstraintsPolicy.swift index 216fd90c..27712f27 100644 --- a/Sources/X509/Verifier/RFC5280/BasicConstraintsPolicy.swift +++ b/Sources/X509/Verifier/RFC5280/BasicConstraintsPolicy.swift @@ -21,7 +21,7 @@ import SwiftASN1 /// A sub-policy of the ``RFC5280Policy`` that polices the basicConstraints extension. @usableFromInline @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -struct BasicConstraintsPolicy: VerifierPolicy { +struct BasicConstraintsPolicy: VerifierPolicy, Sendable { @usableFromInline let verifyingCriticalExtensions: [ASN1ObjectIdentifier] = [ .X509ExtensionID.basicConstraints diff --git a/Sources/X509/Verifier/RFC5280/DNSNames.swift b/Sources/X509/Verifier/RFC5280/DNSNames.swift index 1eb9a00b..9ae28afd 100644 --- a/Sources/X509/Verifier/RFC5280/DNSNames.swift +++ b/Sources/X509/Verifier/RFC5280/DNSNames.swift @@ -225,7 +225,7 @@ extension String.UTF8View { } @usableFromInline -struct ReverseDNSLabelSequence: Sequence { +struct ReverseDNSLabelSequence: Sequence, Sendable { @usableFromInline var base: String.UTF8View.SubSequence @@ -240,7 +240,7 @@ struct ReverseDNSLabelSequence: Sequence { } @usableFromInline - struct Iterator: IteratorProtocol { + struct Iterator: IteratorProtocol, Sendable { @usableFromInline var base: String.UTF8View.SubSequence? @@ -297,7 +297,7 @@ extension String.UTF8View.SubSequence { } @usableFromInline - enum LabelContents { + enum LabelContents: Sendable { case allASCII(nonNumerics: Int) case nonASCII } diff --git a/Sources/X509/Verifier/RFC5280/ExpiryPolicy.swift b/Sources/X509/Verifier/RFC5280/ExpiryPolicy.swift index 33b4ba70..5f8690e4 100644 --- a/Sources/X509/Verifier/RFC5280/ExpiryPolicy.swift +++ b/Sources/X509/Verifier/RFC5280/ExpiryPolicy.swift @@ -22,7 +22,7 @@ import SwiftASN1 /// A sub-policy of the ``RFC5280Policy`` that polices expiry. @usableFromInline @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -struct ExpiryPolicy: VerifierPolicy { +struct ExpiryPolicy: VerifierPolicy, Sendable { @usableFromInline let verifyingCriticalExtensions: [ASN1ObjectIdentifier] = [] diff --git a/Sources/X509/Verifier/RFC5280/NameConstraintsPolicy.swift b/Sources/X509/Verifier/RFC5280/NameConstraintsPolicy.swift index cf1e3828..0c7ffacd 100644 --- a/Sources/X509/Verifier/RFC5280/NameConstraintsPolicy.swift +++ b/Sources/X509/Verifier/RFC5280/NameConstraintsPolicy.swift @@ -21,7 +21,7 @@ import SwiftASN1 /// A sub-policy of the ``RFC5280Policy`` that polices the nameConstraints extension. @usableFromInline @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -struct NameConstraintsPolicy: VerifierPolicy { +struct NameConstraintsPolicy: VerifierPolicy, Sendable { @usableFromInline let verifyingCriticalExtensions: [ASN1ObjectIdentifier] = [ .X509ExtensionID.nameConstraints @@ -237,7 +237,7 @@ extension Certificate { } @usableFromInline - struct NameSequence: Sequence { + struct NameSequence: Sequence, Sendable { @usableFromInline var subject: DistinguishedName @@ -256,7 +256,7 @@ extension Certificate { } @usableFromInline - struct Iterator: IteratorProtocol { + struct Iterator: IteratorProtocol, Sendable { @usableFromInline var subject: DistinguishedName? diff --git a/Sources/X509/Verifier/RFC5280/RFC5280Policy.swift b/Sources/X509/Verifier/RFC5280/RFC5280Policy.swift index a53ddb67..188d3214 100644 --- a/Sources/X509/Verifier/RFC5280/RFC5280Policy.swift +++ b/Sources/X509/Verifier/RFC5280/RFC5280Policy.swift @@ -28,7 +28,7 @@ import SwiftASN1 /// 3. Basic Constraints. Police the constraints contained in the ``BasicConstraints`` extension. /// 4. Name Constraints. Police the constraints contained in the ``NameConstraints`` extension. @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -public struct RFC5280Policy: VerifierPolicy { +public struct RFC5280Policy: VerifierPolicy, Sendable { public let verifyingCriticalExtensions: [ASN1ObjectIdentifier] = [ .X509ExtensionID.basicConstraints, .X509ExtensionID.nameConstraints, diff --git a/Sources/X509/Verifier/RFC5280/VersionPolicy.swift b/Sources/X509/Verifier/RFC5280/VersionPolicy.swift index c8560795..5564e982 100644 --- a/Sources/X509/Verifier/RFC5280/VersionPolicy.swift +++ b/Sources/X509/Verifier/RFC5280/VersionPolicy.swift @@ -17,7 +17,7 @@ import SwiftASN1 /// A sub-policy of the ``RFC5280Policy`` that polices that version 1 certificates do not contain extensions. @usableFromInline @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) -struct VersionPolicy: VerifierPolicy { +struct VersionPolicy: VerifierPolicy, Sendable { @inlinable var verifyingCriticalExtensions: [SwiftASN1.ASN1ObjectIdentifier] { [] } diff --git a/Sources/X509/Verifier/ServerIdentityPolicy.swift b/Sources/X509/Verifier/ServerIdentityPolicy.swift index 0b600417..23c7287b 100644 --- a/Sources/X509/Verifier/ServerIdentityPolicy.swift +++ b/Sources/X509/Verifier/ServerIdentityPolicy.swift @@ -38,7 +38,7 @@ import Musl /// RFC 6125 (https://tools.ietf.org/search/rfc6125), which loosely speaking /// defines the common algorithm used for validating that an X.509 certificate /// is valid for a given service -public struct ServerIdentityPolicy { +public struct ServerIdentityPolicy: Sendable { @usableFromInline var serverHostname: LazyServerHostname? @@ -88,25 +88,25 @@ extension ServerIdentityPolicy: VerifierPolicy { extension ServerIdentityPolicy { @usableFromInline - enum IPAddress { + enum IPAddress: Sendable { case v4(in_addr) case v6(in6_addr) } @usableFromInline - enum LazyIPAddress { + enum LazyIPAddress: Sendable { case ipAddress(IPAddress) case string(String) } @usableFromInline - enum LazyServerHostname { + enum LazyServerHostname: Sendable { case string(String) case prepared(PreparedServerHostname) } @usableFromInline - struct PreparedServerHostname { + struct PreparedServerHostname: Sendable { var bytes: ArraySlice var firstPeriodIndex: ArraySlice.Index? diff --git a/Sources/X509/Verifier/Verifier.swift b/Sources/X509/Verifier/Verifier.swift index 8f5785db..58cb7cdb 100644 --- a/Sources/X509/Verifier/Verifier.swift +++ b/Sources/X509/Verifier/Verifier.swift @@ -184,6 +184,9 @@ public struct Verifier { } } +@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) +extension Verifier: Sendable where Policy: Sendable {} + @available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *) public enum VerificationResult: Hashable, Sendable { case validCertificate([Certificate])