Agility

CMakeLists.txt

@@ -1,44 +1,33 @@
 # SPDX-FileCopyrightText: Copyright (c) 2022 The ObjCrypto Project Authors 
 # SPDX-License-Identifier: BSD-2-Clause
 
-
 cmake_minimum_required( VERSION 3.13..3.25 )
 
-
-#if ( ${APPLE} AND NOT DEFINED ANDROID_PLATFORM )
-#  set( CMAKE_OSX_ARCHITECTURES "arm64;x86_64" CACHE STRING "OSX arch to compile")
-#endif ()
-
-
 project( objCrypto
             VERSION 0.1.2
-            DESCRIPTION "C++ Libraary to encrypt and decrypt objects"
+            DESCRIPTION "C++ Library to encrypt and decrypt objects"
             HOMEPAGE_URL "https://github.com/fluffy/objCrypto"
             LANGUAGES C CXX)
 
 if ( ${APPLE} )
-   set( OBJ_CRYPTO_USE_BORINGSSL False CACHE BOOL "use boring SSL for crypto"  )
+   set( OBJ_CRYPTO_USE_BORINGSSL False CACHE BOOL "use BoringSSL for crypto"  )
 else ()
-   set( OBJ_CRYPTO_USE_BORINGSSL True CACHE BOOL "use boring SSL for crypto"  )
+   set( OBJ_CRYPTO_USE_BORINGSSL True CACHE BOOL "use BoringSSL for crypto"  )
 endif ()
 
 if ( WIN32 )
    set( BUILD_TESTS False CACHE BOOL "build tests"  )
 else ()
-   set( BUILD_TESTS True CACHE BOOL "butild tests"  )
+   set( BUILD_TESTS True CACHE BOOL "build tests"  )
 endif ()
 
 set( BUILD_SHARED_LIBS True CACHE BOOL "build as shared library"  )
 
-option( BUILD_TESTS "Build test programs" ON)
-option( OBJ_CRYPTO_USE_BORINGSSL "Use Booringssl for crypto" )
+option( BUILD_TESTS "Build test programs")
+option( OBJ_CRYPTO_USE_BORINGSSL "Use BoringSSL for crypto" )
 option( BUILD_SHARED_LIBS "Build as shared library" )
 
-
 set( CMAKE_CXX_STANDARD 17 )
-#set( CMAKE_C_STANDARD 17 )
-#set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /std:c++17")
-
 
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 set(CMAKE_C_STANDARD_REQUIRED ON)
@@ -48,9 +37,7 @@ message( "BUILD_TESTS  is set to ${BUILD_TESTS} " )
 message( "BUILD_SHARED_LIBS is set to ${BUILD_SHARED_LIBS} " ) 
 message( "CMAKE_OSX_ARCHITECTURES is set to ${CMAKE_OSX_ARCHITECTURES} " )
 
-include(CTest)
-
-
+# Pull submodules 
 find_package(Git QUIET)
 
 if(GIT_FOUND AND EXISTS "${PROJECT_SOURCE_DIR}/.git")
@@ -68,6 +55,7 @@ add_subdirectory( contrib )
 add_subdirectory( src )
 
 if( BUILD_TESTS )
+    include(CTest)
     add_subdirectory( test )  
     add_subdirectory( example )  
 endif()
@@ -76,5 +64,3 @@ include(GNUInstallDirs)
 
 install(FILES ${CMAKE_BINARY_DIR}/objCrypto.pc
     DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/pkgconfig)
-
-

example/objCryptoExampleA.cc

@@ -9,25 +9,25 @@
 using namespace ObjCrypto;
 
 int main( /*int argc, char* argv[]*/ ) {
-  ObjCryptoErr err;
+  Error err;
 
   // Set up cryptor object to keep track of keys
   ObjCryptor cryptor;
 
-  // Create a key 
+  // Create a key
   KeyID keyId = 5;
-  // Key size need to match the chosen algorithm 
+  // Key size need to match the chosen algorithm
   Key128 key128 = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C,
                    0x6D, 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x08};
   KeyInfo keyInfo(ObjCryptoAlg::AES_128_GCM_64, key128);
-  // tag size needs to match chosen algorithm 
+  // tag size needs to match chosen algorithm
   std::vector<uint8_t> tag( 64 / 8);
 
-  // Add the key to the cryptor 
+  // Add the key to the cryptor
   err = cryptor.addKey(keyId, keyInfo);
-  assert(err == ObjCryptoErr::None);
+  assert(err == Error::None);
 
-  // Form the nonce, data to encrypt, and extra data to authenticate 
+  // Form the nonce, data to encrypt, and extra data to authenticate
   Nonce nonce = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE,
                  0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88};
   std::vector<uint8_t> plainTextIn = {
@@ -41,16 +41,16 @@ int main( /*int argc, char* argv[]*/ ) {
                                    0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2};
 
 
-  // encrypt plain text and create authentication tag 
+  // encrypt plain text and create authentication tag
   std::vector<uint8_t> cipherText(plainTextIn.size());
   err = cryptor.seal(keyId, nonce, plainTextIn, authData, tag, cipherText);
-  assert(err == ObjCryptoErr::None);
+  assert(err == Error::None);
 
-  // decrypt the cipher text and check the authentication tag 
+  // decrypt the cipher text and check the authentication tag
   std::vector<uint8_t> plainTextOut(plainTextIn.size());
   err = cryptor.unseal(keyId, nonce, cipherText, authData, tag, plainTextOut);
-  assert(err != ObjCryptoErr::DecryptAuthFail);
-  assert(err == ObjCryptoErr::None);
+  assert(err != Error::DecryptAuthFail);
+  assert(err == Error::None);
 
   return 0;
 }

include/objCrypto/objCrypto.h

@@ -24,7 +24,8 @@ namespace ObjCrypto {
 
 enum class ObjCryptoAlg : uint8_t {
   Invalid = 0,
-  NUL_128_NUL_0 = 0x10,    // NULL cipher wiith 128 bit key and 0 byte tag
+  NUL_128_NUL_0 = 0x10,    // NULL cipher with 128 bit key and 0 bit tag
+  NUL_128_NUL_64 = 0x11,   // NULL cipher with 128 bit key and 64 bit tag
   NUL_128_NUL_128 = 0x12,  // NULL cipher with 128 bit key and 128 bit tag
   AES_128_CTR_0 = 0x20,    // AES128 counter mode with no authentication
   AES_128_GCM_64 = 0x21,   // AES128 GCM mode with 64 bit tag
@@ -34,18 +35,17 @@ enum class ObjCryptoAlg : uint8_t {
   AES_256_GCM_128 = 0x32   // AES128 GCM mode with 128 bit tag
 };
 
-typedef std::array<uint8_t, 128 / 8> Key128;
-typedef std::array<uint8_t, 256 / 8> Key256;
-typedef std::variant<Key128, Key256> Key;
-typedef std::pair<ObjCryptoAlg, Key> KeyInfo;
+using Key128 = std::array<uint8_t, 16>;
+using Key256 = std::array<uint8_t, 32>;
+using Key = std::variant<Key128, Key256>;
+using KeyInfo = std::pair<ObjCryptoAlg, Key>;
 
-typedef uint32_t KeyID;
+using KeyID = uint32_t;
+using Nonce = std::array<uint8_t, 12>;
 
-typedef std::array<uint8_t, 96 / 8> Nonce;
-typedef std::array<uint8_t, 128 / 8> IV;
-
-enum class ObjCryptoErr : uint8_t {
+enum class Error : uint8_t {
   None = 0,
+  CryptoLibraryFail,
   DecryptAuthFail,
   InvalidKeyID,
   UnkownCryptoAlg,
@@ -56,30 +56,24 @@ enum class ObjCryptoErr : uint8_t {
 
 class ObjCryptor {
  private:
-  std::map<KeyID, const KeyInfo> keyInfoMap;
-
-  IV formIV(const Nonce &nonce) const;
+  std::map<KeyID, KeyInfo> keyInfoMap;
 
  public:
-  OBJCRYPTO_EXPORT ObjCryptor();
-
-  OBJCRYPTO_EXPORT ~ObjCryptor();
-
   OBJCRYPTO_EXPORT static int16_t version();
 
-  OBJCRYPTO_EXPORT ObjCryptoErr addKey(const KeyID keyID, const KeyInfo &key);
+  OBJCRYPTO_EXPORT Error addKey(const KeyID keyID, const KeyInfo &key);
 
-  OBJCRYPTO_EXPORT ObjCryptoErr eraseKey(KeyID keyID);
+  OBJCRYPTO_EXPORT Error eraseKey(KeyID keyID);
 
   OBJCRYPTO_EXPORT bool haveKey(KeyID keyID) const;
 
-  OBJCRYPTO_EXPORT ObjCryptoErr seal(KeyID keyID, const Nonce &nonce,
+  OBJCRYPTO_EXPORT Error seal(KeyID keyID, const Nonce &nonce,
                                      const std::vector<uint8_t> &plainText,
                                      const std::vector<uint8_t> &authData,
                                      std::vector<uint8_t> &tag,
                                      std::vector<uint8_t> &cipherText) const;
 
-  OBJCRYPTO_EXPORT ObjCryptoErr unseal(KeyID keyID, const Nonce &nonce,
+  OBJCRYPTO_EXPORT Error unseal(KeyID keyID, const Nonce &nonce,
                                        const std::vector<uint8_t> &cipherText,
                                        const std::vector<uint8_t> &authData,
                                        const std::vector<uint8_t> &tag,

src/CMakeLists.txt

@@ -25,9 +25,8 @@ add_library(
 target_sources( objCrypto 
   PRIVATE
   objCrypto.cc
-  aes-ctr.cc 
-  aes-gcm.cc )
-
+  crypto/common.cc
+)
 
 # Lots of wwarnings as errors 
 if (MSVC) 
@@ -44,13 +43,16 @@ set_target_properties( objCrypto PROPERTIES POSITION_INDEPENDENT_CODE ON)
 set(CMAKE_POSITION_INDEPENDENT_CODE ON)
 
 if ( ${OBJ_CRYPTO_USE_BORINGSSL} )
-   target_link_libraries( objCrypto PRIVATE crypto )
-   if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
-     target_link_libraries( objCrypto PRIVATE pthread )
-   endif ()
+    target_sources( objCrypto PRIVATE crypto/openssl.cc )
+    target_link_libraries( objCrypto PRIVATE crypto )
+    if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
+        target_link_libraries( objCrypto PRIVATE pthread )
+    endif ()
+else ()
+    target_sources( objCrypto PRIVATE crypto/apple.cc )
 endif ()
 
-target_include_directories( objCrypto PUBLIC ${PROJECT_SOURCE_DIR}/include )
+target_include_directories( objCrypto PUBLIC ${PROJECT_SOURCE_DIR}/include ${PROJECT_SOURCE_DIR}/src )
 
 set_target_properties( objCrypto PROPERTIES PUBLIC_HEADER
  "${PROJECT_SOURCE_DIR}/include/objCrypto/objCrypto.h;${PROJECT_SOURCE_DIR}/include/objCrypto/objCryptoVersion.h" )