refactor!: MbedTLS on Windows, switch to uint32

author: vnugent <public@vaughnnugent.com> 2024-04-23 18:19:31 -0400
committer: vnugent <public@vaughnnugent.com> 2024-04-23 18:19:31 -0400
commit: 7cb7a93de4f6f5e741bc5129e3d928e44f050930 (patch)
tree: ae5c564a0c3c60d0b4dac13ac8e8e3ebf7906ab1
parent: 30e8dda6cbea86bdee6d5dfe48514385d3b9f81b (diff)
112 files changed, 151 insertions, 113 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 008a54c..b5bdd54 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -9,6 +9,7 @@ option(NC_DISABLE_INPUT_VALIDATION "Disables public function input validation" O
 option(NC_FETCH_MBEDTLS "Fetch Mbed-TLS from it's source repository locally" OFF)
 option(NC_INCLUDE_MONOCYPHER "Statically link to vendored monocypher library" ON)
 set(CRYPTO_LIB "none" CACHE STRING "The crypto library to link to (mbedtls, openssl, none)")
+set(CRYPTO_LIB_DIR "" CACHE STRING "The path to the crypto library if it's not globally available")
 
 string(TOLOWER ${CMAKE_BUILD_TYPE} build_type)
 
@@ -72,14 +73,14 @@ set(CMAKE_POSITION_INDEPENDENT_CODE ON)
 
 set(NOSCRYPT_SRCS 
 	"src/noscrypt.c"	
-	"src/internal/nc-crypto.c"				#pulls in c impl files as needed
+	"src/crypto/nc-crypto.c"				#pulls in c impl files as needed
 )
 
 set(NOSCRYPT_HEADERS
-	"src/noscrypt.h"
-	"src/platform.h"
-	"src/internal/nc-crypto.h"
-	"src/internal/nc-util.h"
+	"include/noscrypt.h"
+	"include/platform.h"
+	"include/nc-util.h"
+	"src/crypto/nc-crypto.h"
 )
 
 #static/shared library
@@ -104,11 +105,36 @@ if(CRYPTO_LIB STREQUAL "mbedtls")
 
 	message(STATUS "Linking to MbedTLS crypto library")
 
-	target_link_libraries(${CMAKE_PROJECT_NAME} PRIVATE mbedcrypto PRIVATE mbedtls)
-	target_link_libraries(${CMAKE_PROJECT_NAME}_static PRIVATE mbedcrypto PRIVATE mbedtls)
+	target_include_directories(${CMAKE_PROJECT_NAME} SYSTEM PRIVATE vendor)
+	target_include_directories(${CMAKE_PROJECT_NAME}_static SYSTEM PRIVATE vendor)
+
+	if(NC_FETCH_MBEDTLS)
+		#link to included mbedtls
+		target_link_libraries(${CMAKE_PROJECT_NAME} PRIVATE mbedcrypto PRIVATE mbedtls)
+		target_link_libraries(${CMAKE_PROJECT_NAME}_static PRIVATE mbedcrypto PRIVATE mbedtls)
+	else()
+		#find the library
+		find_library(MBEDTLS_LIB_CRYPTO
+			NAMES mbedcrypto libmbedcrypto 
+			PATHS ${CRYPTO_LIB_DIR}
+		)
+		
+		find_library(MBEDTLS_LIB_TLS
+			NAMES mbedtls libmbedtls
+			PATHS ${CRYPTO_LIB_DIR}
+		)
+
+		message(STATUS "Found mbedtls crypto library at ${MBEDTLS_LIB_CRYPTO}")
+		message(STATUS "Found mbedtls tls library at ${MBEDTLS_LIB_TLS}")
+
+		#link to the library
+		target_link_libraries(${CMAKE_PROJECT_NAME} PRIVATE ${MBEDTLS_LIB_CRYPTO} PRIVATE ${MBEDTLS_LIB_TLS})
+		target_link_libraries(${CMAKE_PROJECT_NAME}_static PRIVATE ${MBEDTLS_LIB_CRYPTO} PRIVATE ${MBEDTLS_LIB_TLS})
+	endif()
 
 	#enable mbedtls crypto library bindings
 	target_compile_definitions(${CMAKE_PROJECT_NAME} PRIVATE MBEDTLS_CRYPTO_LIB)
+	target_compile_definitions(${CMAKE_PROJECT_NAME}_static PRIVATE MBEDTLS_CRYPTO_LIB)
 
 elseif(CRYPTO_LIB STREQUAL "openssl")
 
@@ -119,6 +145,7 @@ elseif(CRYPTO_LIB STREQUAL "openssl")
 
 	#enable openssl crypto library bindings
 	target_compile_definitions(${CMAKE_PROJECT_NAME} PRIVATE OPENSSL_CRYPTO_LIB)
+	target_compile_definitions(${CMAKE_PROJECT_NAME}_static PRIVATE OPENSSL_CRYPTO_LIB)
 
 else()
 	#the library should be self sufficient in handling default crypto implementations
@@ -135,6 +162,7 @@ endif()
 #setup flags for windows compilation
 if(MSVC)
 
+	#link bcrypt for Windows platforms
     target_link_libraries(${CMAKE_PROJECT_NAME} PRIVATE "bcrypt.lib")
 	target_link_libraries(${CMAKE_PROJECT_NAME}_static PRIVATE "bcrypt.lib")
 	
@@ -176,7 +204,7 @@ elseif(CMAKE_COMPILER_IS_GNUCC)
 			PRIVATE 
 		
 			-g
-			-0g
+			-Og
 			-Wall
 			-Werror
 			-pedantic
@@ -197,8 +225,8 @@ endif()
 
 if(NC_INCLUDE_MONOCYPHER)
 
-	target_include_directories(${CMAKE_PROJECT_NAME} PRIVATE "vendor/monocypher")	
-	target_include_directories(${CMAKE_PROJECT_NAME}_static PRIVATE "vendor/monocypher")	
+	target_include_directories(${CMAKE_PROJECT_NAME} SYSTEM PRIVATE "vendor/monocypher")	
+	target_include_directories(${CMAKE_PROJECT_NAME}_static SYSTEM PRIVATE "vendor/monocypher")	
 
 	#add monocypher as a static dep to the project
 	add_library(monocypher STATIC 
@@ -208,10 +236,6 @@ if(NC_INCLUDE_MONOCYPHER)
 
 	target_link_libraries(${CMAKE_PROJECT_NAME} PRIVATE monocypher)
 	target_link_libraries(${CMAKE_PROJECT_NAME}_static PRIVATE monocypher)
-
-	#enable monocypher crypto library bindings
-	target_compile_definitions(${CMAKE_PROJECT_NAME} PRIVATE NC_ENABLE_MONOCYPHER)
-	target_compile_definitions(${CMAKE_PROJECT_NAME}_static PRIVATE NC_ENABLE_MONOCYPHER)
 	
 	target_compile_features(monocypher PRIVATE c_std_99)			#targets c99
 
@@ -220,16 +244,21 @@ if(NC_INCLUDE_MONOCYPHER)
 			/sdl						#enable additional security checks
 			/TC							#compile as c
 			/GS							#buffer security check
-		
-			$<$<CONFIG:Debug>:/FC>				#show full path in diagnostics
-			$<$<CONFIG:Debug>:/showIncludes>	#show a list of all included header files during build
-		
-			#$<$<CONFIG:Debug>:/wd4820>	#disable warnings for struct padding and spectre mitigation wuen WX is enabled
-			#$<$<CONFIG:Debug>:/wd5045>	#disable warnings for spectre mitigation insertion
 		)
+
+		#enable monocypher crypto library bindings
+		target_compile_definitions(${CMAKE_PROJECT_NAME} PRIVATE NC_ENABLE_MONOCYPHER)
+		target_compile_definitions(${CMAKE_PROJECT_NAME}_static PRIVATE NC_ENABLE_MONOCYPHER)
+
 	elseif(CMAKE_COMPILER_IS_GNUCC)
 		#from monocypher's Makefile
 		target_compile_options(monocypher PRIVATE -pedantic -Wall -Wextra -O3 -march=native)
+
+		#enable monocypher crypto library bindings
+		target_compile_definitions(${CMAKE_PROJECT_NAME} PRIVATE NC_ENABLE_MONOCYPHER)
+		target_compile_definitions(${CMAKE_PROJECT_NAME}_static PRIVATE NC_ENABLE_MONOCYPHER)
+	else()
+		message(WARNING "Monocypher is not supported on this platform")
 	endif()
 endif()
 
@@ -240,7 +269,7 @@ if(NC_BUILD_TESTS)
 	#add test executable and link to library
 	add_executable(nctest tests/test.c)
 	target_link_libraries(nctest ${CMAKE_PROJECT_NAME}_static)
-	target_include_directories(nctest PRIVATE "src")
+	target_include_directories(nctest PRIVATE include)
 
 	#enable c11 for testing
 	target_compile_features(nctest PRIVATE c_std_11)
diff --git a/src/internal/nc-util.h b/include/nc-util.h
index 9f72470..23399e8 100644
--- a/src/internal/nc-util.h
+++ b/include/nc-util.h
@@ -24,12 +24,13 @@
 #ifndef NC_UTIL_H
 #define NC_UTIL_H
 
+#include "platform.h"
+
 /* NULL */
 #ifndef NULL
 	#define NULL ((void*)0)
 #endif /*  !NULL */
 
-
 #ifdef DEBUG
 	/* Must include assert.h for assertions */
 	#include <assert.h> 
@@ -64,22 +65,22 @@
 typedef struct memory_span_struct
 {
 	uint8_t* data;
-	uint64_t size;
+	uint32_t size;
 } span_t;
 
 typedef struct read_only_memory_span_struct
 {
 	const uint8_t* data;
-	uint64_t size;
+	uint32_t size;
 } cspan_t;
 
-static void ncSpanInitC(cspan_t* span, const uint8_t* data, uint64_t size)
+_nc_fn_inline void ncSpanInitC(cspan_t* span, const uint8_t* data, uint32_t size)
 {
 	span->data = data;
 	span->size = size;
 }
 
-static void ncSpanInit(span_t* span, uint8_t* data, uint64_t size)
+_nc_fn_inline void ncSpanInit(span_t* span, uint8_t* data, uint32_t size)
 {
 	span->data = data;
 	span->size = size;
diff --git a/src/noscrypt.h b/include/noscrypt.h
index a8a42ee..68ae8f7 100644
--- a/src/noscrypt.h
+++ b/include/noscrypt.h
@@ -158,7 +158,7 @@ typedef struct nc_encryption_struct {
 	/* The size of the data buffers. Buffers must 
 	* be the same size or larger than this value
 	*/
-	uint64_t dataSize;
+	uint32_t dataSize;
 
 } NCEncryptionArgs;
 
@@ -178,7 +178,7 @@ typedef struct nc_mac_verify {
 	const uint8_t* payload;
 
 	/* The size of the payload data */
-	uint64_t payloadSize;
+	uint32_t payloadSize;
 
 } NCMacVerifyArgs;
 
@@ -319,7 +319,7 @@ NC_EXPORT NCResult NC_CC NCSignData(
 	const NCSecretKey* sk,
 	const uint8_t random32[32],
 	const uint8_t* data,
-	const uint64_t dataSize,
+	const uint32_t dataSize,
 	uint8_t sig64[64]
 );
 
@@ -336,7 +336,7 @@ NC_EXPORT NCResult NC_CC NCVerifyData(
 	const NCContext* ctx,
 	const NCPublicKey* pk,
 	const uint8_t* data,
-	const uint64_t dataSize,
+	const uint32_t dataSize,
 	const uint8_t sig64[64]
 );
 
@@ -555,7 +555,7 @@ NC_EXPORT NCResult NCComputeMac(
 	const NCContext* ctx,
 	const uint8_t hmacKey[NC_HMAC_KEY_SIZE],
 	const uint8_t* payload,
-	uint64_t payloadSize,
+	uint32_t payloadSize,
 	uint8_t hmacOut[NC_ENCRYPTION_MAC_SIZE]
 );
 
diff --git a/src/platform.h b/include/platform.h
index 8abaadd..8abaadd 100644
--- a/src/platform.h
+++ b/include/platform.h
diff --git a/src/internal/impl/bcrypt.c b/src/crypto/impl/bcrypt.c
index 8ae6c5a..970f68f 100644
--- a/src/internal/impl/bcrypt.c
+++ b/src/crypto/impl/bcrypt.c
@@ -31,8 +31,7 @@
 #include <Windows.h>
 #include <bcrypt.h>
 
-#include "../../platform.h"
-#include "../nc-util.h"
+#include "nc-util.h"
 
 #define IF_BC_FAIL(x) if(!BCRYPT_SUCCESS(x))
 
@@ -97,7 +96,7 @@ _IMPLSTB NTSTATUS _bcCreate(struct _bcrypt_ctx* ctx)
 	return _bcCreateHmac(ctx, &key);
 }
 
-_IMPLSTB NTSTATUS _bcHashDataRaw(const struct _bcrypt_ctx* ctx, const uint8_t* data, uint64_t len)
+_IMPLSTB NTSTATUS _bcHashDataRaw(const struct _bcrypt_ctx* ctx, const uint8_t* data, uint32_t len)
 {
 	return BCryptHashData(ctx->hHash, (uint8_t*)data, len, 0);
 }
@@ -213,12 +212,12 @@ _IMPLSTB void _bcDestroyCtx(struct _bcrypt_ctx* ctx)
 
 #ifndef _IMPL_CRYPTO_SHA256_HKDF_EXPAND
 
-	#define _IMPL_CRYPTO_SHA256_HKDF_EXPAND		_fallbackHkdfExpand
+	#define _IMPL_CRYPTO_SHA256_HKDF_EXPAND		_bcrypt_fallback_hkdf_expand
 
 	/* Include string for memmove */
 	#include <string.h>
 
-	static void ncWriteSpanS(span_t* span, uint64_t offset, const uint8_t* data, uint64_t size)
+	static void ncWriteSpanS(span_t* span, uint32_t offset, const uint8_t* data, uint32_t size)
 	{
 		DEBUG_ASSERT2(span != NULL, "Expected span to be non-null")
 		DEBUG_ASSERT2(data != NULL, "Expected data to be non-null")
@@ -239,13 +238,13 @@ _IMPLSTB void _bcDestroyCtx(struct _bcrypt_ctx* ctx)
 
 	#define _BC_MIN(a, b) (a < b ? a : b)
 
-	_IMPLSTB cstatus_t _fallbackHkdfExpand(const cspan_t* prk, const cspan_t* info, span_t* okm)
+	_IMPLSTB cstatus_t _bcrypt_fallback_hkdf_expand(const cspan_t* prk, const cspan_t* info, span_t* okm)
 	{
 		cstatus_t result;
 		struct _bcrypt_ctx ctx;
 
 		uint8_t counter;
-		uint64_t tLen, okmOffset;
+		uint32_t tLen, okmOffset;
 		uint8_t t[HKDF_IN_BUF_SIZE];
 
 		_IMPL_SECURE_ZERO_MEMSET(t, sizeof(t));
@@ -274,7 +273,6 @@ _IMPLSTB void _bcDestroyCtx(struct _bcrypt_ctx* ctx)
 			tLen = _BC_MIN(okm->size - okmOffset, SHA256_DIGEST_SIZE);
 
 			DEBUG_ASSERT(tLen <= sizeof(t));
-			DEBUG_ASSERT((tLen + okmOffset) < okm->size);
 
 			/* write the T buffer back to okm */
 			ncWriteSpanS(okm, okmOffset, t, tLen);
diff --git a/src/internal/impl/mbedtls.c b/src/crypto/impl/mbedtls.c
index 54caa44..ae36bbd 100644
--- a/src/internal/impl/mbedtls.c
+++ b/src/crypto/impl/mbedtls.c
@@ -35,8 +35,7 @@
 #include <mbedtls/chacha20.h>
 #include <mbedtls/constant_time.h>
 
-#include "../../platform.h"
-#include "../nc-util.h"
+#include "nc-util.h"
 
 /*
 *		EXPORT SUPPORTED FUNCTION OVERRIDES
@@ -51,21 +50,38 @@ _IMPLSTB const mbedtls_md_info_t* _mbed_sha256_alg(void)
 	return info;
 }
 
+#if SIZE_MAX < UINT64_MAX
+	#define _ssize_guard(x) if(x > SIZE_MAX) return CSTATUS_FAIL;
+	#define _ssize_guard_int(x) if(x > SIZE_MAX) return 1;
+#else
+	#define _ssize_guard(x)
+	#define _ssize_guard_int(x)
+#endif
+
 #ifndef _IMPL_CHACHA20_CRYPT
 	
 	/* Export chacha20 computation */
 	#define _IMPL_CHACHA20_CRYPT _mbed_chacha20_encrypt	
 
-	_IMPLSTB int _mbed_chacha20_encrypt(
+	_IMPLSTB cstatus_t _mbed_chacha20_encrypt(
 		const uint8_t* key,
 		const uint8_t* nonce,
 		const uint8_t* input,
 		uint8_t* output,
-		size_t dataLen
+		uint32_t dataLen
 	)
 	{
+		_ssize_guard(dataLen)
+
 		/* Counter always starts at 0 */
-		return mbedtls_chacha20_crypt(key, nonce, 0x00u, dataLen, input, output);
+		return mbedtls_chacha20_crypt(
+			key, 
+			nonce, 
+			0x00u,		/* nip-44 counter version */
+			dataLen, 
+			input, 
+			output
+		) == 0 ? CSTATUS_OK : CSTATUS_FAIL;
 	}
 
 #endif
@@ -75,9 +91,16 @@ _IMPLSTB const mbedtls_md_info_t* _mbed_sha256_alg(void)
 	
 	#define _IMPL_CRYPTO_SHA256_DIGEST			_mbed_sha256_digest	
 
-	_IMPLSTB CStatus _mbed_sha256_digest(const uint8_t* data, size_t dataSize,uint8_t* digestOut32)
+	_IMPLSTB cstatus_t _mbed_sha256_digest(const cspan_t* data, sha256_t digestOut32)
 	{
-		return mbedtls_sha256(data, dataSize, digestOut32, 0);
+		_ssize_guard(data->size)
+
+		return mbedtls_sha256(
+			data->data, 
+			data->size, 
+			digestOut32, 
+			0				/* Set 0 for sha256 mode */
+		) == 0 ? CSTATUS_OK : CSTATUS_FAIL;
 	}
 
 #endif
@@ -87,18 +110,21 @@ _IMPLSTB const mbedtls_md_info_t* _mbed_sha256_alg(void)
 
 	#define _IMPL_CRYPTO_SHA256_HMAC			_mbed_sha256_hmac
 
-	_IMPLSTB CStatus _mbed_sha256_hmac(
-		const uint8_t* key, size_t keyLen,
-		const uint8_t* data, size_t dataLen,
-		void* hmacOut32
-	)
+	_IMPLSTB cstatus_t _mbed_sha256_hmac(const cspan_t* key, const cspan_t* data, sha256_t hmacOut32)
 	{
+		_ssize_guard(data->size)
+
+		/* Keys should never be large enough for this to matter, but sanity check. */
+		DEBUG_ASSERT2(key->size < SIZE_MAX, "Expected key size to be less than SIZE_MAX")
+
 		return mbedtls_md_hmac(
 			_mbed_sha256_alg(),
-			key, keyLen,
-			data, dataLen,
+			key->data, 
+			key->size,
+			data->data, 
+			data->size,
 			hmacOut32
-		);
+		) == 0 ? CSTATUS_OK : CSTATUS_FAIL;
 	}
 #endif
 
@@ -107,51 +133,37 @@ _IMPLSTB const mbedtls_md_info_t* _mbed_sha256_alg(void)
 
 	#define _IMPL_CRYPTO_SHA256_HKDF_EXPAND		_mbed_sha256_hkdf_expand
 
-	_IMPLSTB int _mbed_sha256_hkdf_expand(
-		const uint8_t* prk, size_t prkLen,
-		const uint8_t* info, size_t infoLen,
-		void* okm, size_t okmLen
-	)
+	_IMPLSTB cstatus_t _mbed_sha256_hkdf_expand(const cspan_t* prk, const cspan_t* info, span_t* okm)
 	{
+		/* These sizes should never be large enough to overflow on <64bit platforms, but sanity check */
+		DEBUG_ASSERT(okm->size < SIZE_MAX)
+		DEBUG_ASSERT(prk->size < SIZE_MAX)
+		DEBUG_ASSERT(info->size < SIZE_MAX)
+
 		return mbedtls_hkdf_expand(
 			_mbed_sha256_alg(),
-			prk, prkLen,
-			info, infoLen,
-			okm, okmLen
-		);
+			prk->data, 
+			prk->size,
+			info->data, 
+			info->size,
+			okm->data, 
+			okm->size
+		) == 0 ? CSTATUS_OK : CSTATUS_FAIL;
 	}
 
 #endif
 
-/* Export hkdf extract if not already defined */
-#ifndef _IMPL_CRYPTO_SHA256_HKDF_EXTRACT
-
-	#define _IMPL_CRYPTO_SHA256_HKDF_EXTRACT		_mbed_sha256_hkdf_extract
-
-	_IMPLSTB int _mbed_sha256_hkdf_extract(
-		const uint8_t* salt, size_t saltLen,
-		const uint8_t* ikm, size_t ikmLen,
-		void* prk
-	)
-	{
-		return mbedtls_hkdf_extract(
-			_mbed_sha256_alg(),
-			salt, saltLen,
-			ikm, ikmLen,
-			prk
-		);
-	}
-#endif
-
 /* Export fixed-time compare if not already defined */
 #ifndef _IMPL_CRYPTO_FIXED_TIME_COMPARE
 
 	#define _IMPL_CRYPTO_FIXED_TIME_COMPARE		_mbed_fixed_time_compare
 
 	/* fixed-time memcmp */
-	_IMPLSTB int _mbed_fixed_time_compare(const uint8_t* a, const uint8_t* b, size_t size)
+	_IMPLSTB uint32_t _mbed_fixed_time_compare(const uint8_t* a, const uint8_t* b, uint32_t size)
 	{
-		return mbedtls_ct_memcmp(a, b, size);
+		_ssize_guard_int(size)
+
+		return (uint32_t)mbedtls_ct_memcmp(a, b, size);
 	}
 #endif
 
diff --git a/src/internal/impl/monocypher.c b/src/crypto/impl/monocypher.c
index 6e93c63..790f5e9 100644
--- a/src/internal/impl/monocypher.c
+++ b/src/crypto/impl/monocypher.c
@@ -31,8 +31,7 @@
 
 #include <monocypher.h>
 
-#include "../../platform.h"
-#include "../nc-util.h"
+#include "nc-util.h"
 
 /* Export secure memse0 */
 #ifndef _IMPL_SECURE_ZERO_MEMSET
@@ -51,7 +50,7 @@
 		const uint8_t* nonce,
 		const uint8_t* input,
 		uint8_t* output,
-		uint64_t dataLen
+		uint32_t dataLen
 	)
 	{
 		if(dataLen > SIZE_MAX)
diff --git a/src/internal/impl/openssl.c b/src/crypto/impl/openssl.c
index d0cdb8c..1217e60 100644
--- a/src/internal/impl/openssl.c
+++ b/src/crypto/impl/openssl.c
@@ -25,8 +25,7 @@
 
 #include <openssl/sha.h>
 
-#include "../../platform.h"
-#include "../nc-util.h"
+#include "nc-util.h"
 
 /*
 *		EXPORT SUPPORTED FUNCTIONS AS MACROS
diff --git a/src/internal/nc-crypto.c b/src/crypto/nc-crypto.c
index 9cd2c3e..fb2c0da 100644
--- a/src/internal/nc-crypto.c
+++ b/src/crypto/nc-crypto.c
@@ -20,7 +20,6 @@
 
 #include "nc-util.h"
 #include "nc-crypto.h"
-#include "../platform.h"
 
 /*
 *  Functions are not forced inline, just suggested.
@@ -131,7 +130,7 @@
 	* integer size
 	*/
 
-	static uint32_t _fallbackFixedTimeCompare(const uint8_t* a, const uint8_t* b, uint64_t size)
+	static uint32_t _fallbackFixedTimeCompare(const uint8_t* a, const uint8_t* b, uint32_t size)
 	{
 		size_t i;
 		uint32_t result;
@@ -164,7 +163,7 @@
 * for the desired crypto impl.
 */
 
-void ncCryptoSecureZero(void* ptr, uint64_t size)
+void ncCryptoSecureZero(void* ptr, uint32_t size)
 {
 	DEBUG_ASSERT2(ptr != NULL, "Expected ptr to be non-null")
 
@@ -175,7 +174,7 @@ void ncCryptoSecureZero(void* ptr, uint64_t size)
 	_IMPL_SECURE_ZERO_MEMSET(ptr, size);
 }
 
-uint32_t ncCryptoFixedTimeComp(const uint8_t* a, const uint8_t* b, uint64_t size)
+uint32_t ncCryptoFixedTimeComp(const uint8_t* a, const uint8_t* b, uint32_t size)
 {
 	DEBUG_ASSERT2(a != NULL, "Expected a to be non-null")
 	DEBUG_ASSERT2(b != NULL, "Expected b to be non-null")
@@ -226,7 +225,7 @@ cstatus_t ncCryptoSha256HkdfExpand(const cspan_t* prk, const cspan_t* info, span
 	* "length of output keying material in octets (<= 255 * HashLen)"
 	*/
 
-	if(okm->size > (uint64_t)(0xFFu * SHA256_DIGEST_SIZE))
+	if(okm->size > (uint32_t)(0xFFu * SHA256_DIGEST_SIZE))
 	{
 		return CSTATUS_FAIL;
 	}
@@ -257,7 +256,7 @@ cstatus_t ncCryptoChacha20(
 	const uint8_t nonce[CHACHA_NONCE_SIZE],
 	const uint8_t* input,
 	uint8_t* output,
-	uint64_t dataSize
+	uint32_t dataSize
 )
 {
 	DEBUG_ASSERT2(key != NULL,		"Expected key to be non-null")
@@ -265,5 +264,9 @@ cstatus_t ncCryptoChacha20(
 	DEBUG_ASSERT2(input != NULL,	"Expected input to be non-null")
 	DEBUG_ASSERT2(output != NULL,	"Expected output to be non-null")
 
+#ifndef _IMPL_CHACHA20_CRYPT
+	#error "No chacha20 implementation defined"
+#endif /* !_IMPL_CHACHA20_CRYPT */
+
 	return _IMPL_CHACHA20_CRYPT(key, nonce, input, output, dataSize);
 }
diff --git a/src/internal/nc-crypto.h b/src/crypto/nc-crypto.h
index 3487b2b..64d4ad8 100644
--- a/src/internal/nc-crypto.h
+++ b/src/crypto/nc-crypto.h
@@ -50,9 +50,9 @@ typedef uint8_t sha256_t[SHA256_DIGEST_SIZE];
 #endif
 
 
-uint32_t ncCryptoFixedTimeComp(const uint8_t* a, const uint8_t* b, uint64_t size);
+uint32_t ncCryptoFixedTimeComp(const uint8_t* a, const uint8_t* b, uint32_t size);
 
-void ncCryptoSecureZero(void* ptr, uint64_t size);
+void ncCryptoSecureZero(void* ptr, uint32_t size);
 
 cstatus_t ncCryptoDigestSha256(const cspan_t* data, sha256_t digestOut32);
 
@@ -67,7 +67,7 @@ cstatus_t ncCryptoChacha20(
 	const uint8_t nonce[CHACHA_NONCE_SIZE],
 	const uint8_t* input,
 	uint8_t* output,
-	uint64_t dataSize
+	uint32_t dataSize
 );
 
 #endif /* !_NC_CRYPTO_H */
diff --git a/src/noscrypt.c b/src/noscrypt.c
index 4715d50..00684b8 100644
--- a/src/noscrypt.c
+++ b/src/noscrypt.c
@@ -20,8 +20,8 @@
 
 #include "noscrypt.h"
 
-#include "internal/nc-util.h"
-#include "internal/nc-crypto.h"
+#include "nc-util.h"
+#include "crypto/nc-crypto.h"
 
 #include <secp256k1_ecdh.h>
 #include <secp256k1_schnorrsig.h>
@@ -84,7 +84,7 @@ struct nc_expand_keys {
 /* Pointer typecast must work between expanded keys 
 * and message key, size must be identical to work 
 */
-STATIC_ASSERT(sizeof(struct nc_expand_keys) == sizeof(struct message_key), "Expected struct nc_expand_keys to be the same size as struct message_key");
+STATIC_ASSERT(sizeof(struct nc_expand_keys) == sizeof(struct message_key), "Expected struct nc_expand_keys to be the same size as struct message_key")
 
 /*
 * Check that the fallback hkdf extract internal buffer is large enough
@@ -569,7 +569,7 @@ NC_EXPORT NCResult NC_CC NCSignData(
 	const NCSecretKey* sk,
 	const uint8_t random32[32],
 	const uint8_t* data,
-	uint64_t dataSize,
+	uint32_t dataSize,
 	uint8_t sig64[64]
 )
 {
@@ -630,7 +630,7 @@ NC_EXPORT NCResult NC_CC NCVerifyData(
 	const NCContext* ctx,
 	const NCPublicKey* pk,
 	const uint8_t* data,
-	const uint64_t dataSize,
+	const uint32_t dataSize,
 	const uint8_t sig64[64]
 )
 {
@@ -857,7 +857,7 @@ NC_EXPORT NCResult NCComputeMac(
 	const NCContext* ctx,
 	const uint8_t hmacKey[NC_HMAC_KEY_SIZE],
 	const uint8_t* payload,
-	uint64_t payloadSize,
+	uint32_t payloadSize,
 	uint8_t hmacOut[NC_ENCRYPTION_MAC_SIZE]
 )
 {
@@ -905,6 +905,10 @@ NC_EXPORT NCResult NC_CC NCVerifyMac(
 	NCMacVerifyArgs* args
 )
 {
+	NCResult result;
+	struct shared_secret sharedSecret;
+	struct conversation_key conversationKey;
+
 	CHECK_NULL_ARG(ctx, 0)
 	CHECK_CONTEXT_STATE(ctx, 0)
 	CHECK_NULL_ARG(sk, 1)
@@ -916,10 +920,6 @@ NC_EXPORT NCResult NC_CC NCVerifyMac(
 	CHECK_INVALID_ARG(args->nonce32, 3)
 	CHECK_ARG_RANGE(args->payloadSize, NIP44_MIN_ENC_MESSAGE_SIZE, NIP44_MAX_ENC_MESSAGE_SIZE, 3)
 
-	NCResult result;
-	struct shared_secret sharedSecret;
-	struct conversation_key conversationKey;
-
 	/* Computed the shared point so we can get the converstation key */
 	if ((result = _computeSharedSecret(ctx, sk, pk, &sharedSecret)) != NC_SUCCESS)
 	{
diff --git a/tests/hex.h b/tests/hex.h
index 3348028..5e90ce9 100644
--- a/tests/hex.h
+++ b/tests/hex.h
@@ -26,7 +26,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include "../src/internal/nc-util.h"
+#include <nc-util.h>
 
 typedef struct hexBytes
 {
diff --git a/tests/test.c b/tests/test.c
index e94e3fd..2503925 100644
--- a/tests/test.c
+++ b/tests/test.c
@@ -24,9 +24,6 @@
 #include <stdlib.h>
 
 #include <noscrypt.h>
-#include <mbedtls/sha256.h>
-#include <mbedtls/platform_util.h>
-
 #ifdef _NC_IS_WINDOWS
 	#define IS_WINDOWS
 #endif
diff --git a/include/mbedtls/aes.h b/vendor/mbedtls/aes.h
index 77ecffd..77ecffd 100644
--- a/include/mbedtls/aes.h
+++ b/vendor/mbedtls/aes.h
diff --git a/include/mbedtls/aria.h b/vendor/mbedtls/aria.h
index abb8a3d..abb8a3d 100644
--- a/include/mbedtls/aria.h
+++ b/vendor/mbedtls/aria.h
diff --git a/include/mbedtls/asn1.h b/vendor/mbedtls/asn1.h
index 830458b..830458b 100644
--- a/include/mbedtls/asn1.h
+++ b/vendor/mbedtls/asn1.h
diff --git a/include/mbedtls/asn1write.h b/vendor/mbedtls/asn1write.h
index 7af4aba..7af4aba 100644
--- a/include/mbedtls/asn1write.h
+++ b/vendor/mbedtls/asn1write.h
diff --git a/include/mbedtls/base64.h b/vendor/mbedtls/base64.h
index 8f459b7..8f459b7 100644
--- a/include/mbedtls/base64.h
+++ b/vendor/mbedtls/base64.h
diff --git a/include/mbedtls/bignum.h b/vendor/mbedtls/bignum.h
index 931e06d..931e06d 100644
--- a/include/mbedtls/bignum.h
+++ b/vendor/mbedtls/bignum.h
diff --git a/include/mbedtls/build_info.h b/vendor/mbedtls/build_info.h
index 87e3c2e..87e3c2e 100644
--- a/include/mbedtls/build_info.h
+++ b/vendor/mbedtls/build_info.h
diff --git a/include/mbedtls/camellia.h b/vendor/mbedtls/camellia.h
index 6c674fe..6c674fe 100644
--- a/include/mbedtls/camellia.h
+++ b/vendor/mbedtls/camellia.h
diff --git a/include/mbedtls/ccm.h b/vendor/mbedtls/ccm.h
index a98111b..a98111b 100644
--- a/include/mbedtls/ccm.h
+++ b/vendor/mbedtls/ccm.h
diff --git a/include/mbedtls/chacha20.h b/vendor/mbedtls/chacha20.h
index 680fe36..680fe36 100644
--- a/include/mbedtls/chacha20.h
+++ b/vendor/mbedtls/chacha20.h
diff --git a/include/mbedtls/chachapoly.h b/vendor/mbedtls/chachapoly.h
index 3dc21e3..3dc21e3 100644
--- a/include/mbedtls/chachapoly.h
+++ b/vendor/mbedtls/chachapoly.h
diff --git a/include/mbedtls/check_config.h b/vendor/mbedtls/check_config.h
index e479ef3..e479ef3 100644
--- a/include/mbedtls/check_config.h
+++ b/vendor/mbedtls/check_config.h
diff --git a/include/mbedtls/cipher.h b/vendor/mbedtls/cipher.h
index 2596baa..2596baa 100644
--- a/include/mbedtls/cipher.h
+++ b/vendor/mbedtls/cipher.h
diff --git a/include/mbedtls/cmac.h b/vendor/mbedtls/cmac.h
index 97b86fc..97b86fc 100644
--- a/include/mbedtls/cmac.h
+++ b/vendor/mbedtls/cmac.h
diff --git a/include/mbedtls/compat-2.x.h b/vendor/mbedtls/compat-2.x.h
index 096341b..096341b 100644
--- a/include/mbedtls/compat-2.x.h
+++ b/vendor/mbedtls/compat-2.x.h
diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/vendor/mbedtls/config_adjust_legacy_crypto.h
index f769765..f769765 100644
--- a/include/mbedtls/config_adjust_legacy_crypto.h
+++ b/vendor/mbedtls/config_adjust_legacy_crypto.h
diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/vendor/mbedtls/config_adjust_legacy_from_psa.h
index ab18d98..ab18d98 100644
--- a/include/mbedtls/config_adjust_legacy_from_psa.h
+++ b/vendor/mbedtls/config_adjust_legacy_from_psa.h
diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/vendor/mbedtls/config_adjust_psa_from_legacy.h
index c31a462..c31a462 100644
--- a/include/mbedtls/config_adjust_psa_from_legacy.h
+++ b/vendor/mbedtls/config_adjust_psa_from_legacy.h
diff --git a/include/mbedtls/config_adjust_psa_superset_legacy.h b/vendor/mbedtls/config_adjust_psa_superset_legacy.h
index 3a55c3f..3a55c3f 100644
--- a/include/mbedtls/config_adjust_psa_superset_legacy.h
+++ b/vendor/mbedtls/config_adjust_psa_superset_legacy.h
diff --git a/include/mbedtls/config_adjust_ssl.h b/vendor/mbedtls/config_adjust_ssl.h
index 8415f3e..8415f3e 100644
--- a/include/mbedtls/config_adjust_ssl.h
+++ b/vendor/mbedtls/config_adjust_ssl.h
diff --git a/include/mbedtls/config_adjust_x509.h b/vendor/mbedtls/config_adjust_x509.h
index 346c8ae..346c8ae 100644
--- a/include/mbedtls/config_adjust_x509.h
+++ b/vendor/mbedtls/config_adjust_x509.h
diff --git a/include/mbedtls/config_psa.h b/vendor/mbedtls/config_psa.h
index 17da61b..17da61b 100644
--- a/include/mbedtls/config_psa.h
+++ b/vendor/mbedtls/config_psa.h
diff --git a/include/mbedtls/constant_time.h b/vendor/mbedtls/constant_time.h
index d31bff6..d31bff6 100644
--- a/include/mbedtls/constant_time.h
+++ b/vendor/mbedtls/constant_time.h
diff --git a/include/mbedtls/ctr_drbg.h b/vendor/mbedtls/ctr_drbg.h
index d1f19e6..d1f19e6 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/vendor/mbedtls/ctr_drbg.h
diff --git a/include/mbedtls/debug.h b/vendor/mbedtls/debug.h
index 0aef2ed..0aef2ed 100644
--- a/include/mbedtls/debug.h
+++ b/vendor/mbedtls/debug.h
diff --git a/include/mbedtls/des.h b/vendor/mbedtls/des.h
index 2b097a1..2b097a1 100644
--- a/include/mbedtls/des.h
+++ b/vendor/mbedtls/des.h
diff --git a/include/mbedtls/dhm.h b/vendor/mbedtls/dhm.h
index fcba3d2..fcba3d2 100644
--- a/include/mbedtls/dhm.h
+++ b/vendor/mbedtls/dhm.h
diff --git a/include/mbedtls/ecdh.h b/vendor/mbedtls/ecdh.h
index 792db79..792db79 100644
--- a/include/mbedtls/ecdh.h
+++ b/vendor/mbedtls/ecdh.h
diff --git a/include/mbedtls/ecdsa.h b/vendor/mbedtls/ecdsa.h
index 2ecf349..2ecf349 100644
--- a/include/mbedtls/ecdsa.h
+++ b/vendor/mbedtls/ecdsa.h
diff --git a/include/mbedtls/ecjpake.h b/vendor/mbedtls/ecjpake.h
index c2148a2..c2148a2 100644
--- a/include/mbedtls/ecjpake.h
+++ b/vendor/mbedtls/ecjpake.h
diff --git a/include/mbedtls/ecp.h b/vendor/mbedtls/ecp.h
index 7f5e880..7f5e880 100644
--- a/include/mbedtls/ecp.h
+++ b/vendor/mbedtls/ecp.h
diff --git a/include/mbedtls/entropy.h b/vendor/mbedtls/entropy.h
index 20fd687..20fd687 100644
--- a/include/mbedtls/entropy.h
+++ b/vendor/mbedtls/entropy.h
diff --git a/include/mbedtls/error.h b/vendor/mbedtls/error.h
index 186589a..186589a 100644
--- a/include/mbedtls/error.h
+++ b/vendor/mbedtls/error.h
diff --git a/include/mbedtls/gcm.h b/vendor/mbedtls/gcm.h
index 837cecc..837cecc 100644
--- a/include/mbedtls/gcm.h
+++ b/vendor/mbedtls/gcm.h
diff --git a/include/mbedtls/hkdf.h b/vendor/mbedtls/hkdf.h
index 930e93f..930e93f 100644
--- a/include/mbedtls/hkdf.h
+++ b/vendor/mbedtls/hkdf.h
diff --git a/include/mbedtls/hmac_drbg.h b/vendor/mbedtls/hmac_drbg.h
index 18b1b75..18b1b75 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/vendor/mbedtls/hmac_drbg.h
diff --git a/include/mbedtls/lms.h b/vendor/mbedtls/lms.h
index 95fce21..95fce21 100644
--- a/include/mbedtls/lms.h
+++ b/vendor/mbedtls/lms.h
diff --git a/include/mbedtls/mbedtls_config.h b/vendor/mbedtls/mbedtls_config.h
index e1456b9..e1456b9 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/vendor/mbedtls/mbedtls_config.h
diff --git a/include/mbedtls/md.h b/vendor/mbedtls/md.h
index ff7b133..ff7b133 100644
--- a/include/mbedtls/md.h
+++ b/vendor/mbedtls/md.h
diff --git a/include/mbedtls/md5.h b/vendor/mbedtls/md5.h
index 6bf0754..6bf0754 100644
--- a/include/mbedtls/md5.h
+++ b/vendor/mbedtls/md5.h
diff --git a/include/mbedtls/memory_buffer_alloc.h b/vendor/mbedtls/memory_buffer_alloc.h
index b527d9b..b527d9b 100644
--- a/include/mbedtls/memory_buffer_alloc.h
+++ b/vendor/mbedtls/memory_buffer_alloc.h
diff --git a/include/mbedtls/net_sockets.h b/vendor/mbedtls/net_sockets.h
index 026f627..026f627 100644
--- a/include/mbedtls/net_sockets.h
+++ b/vendor/mbedtls/net_sockets.h
diff --git a/include/mbedtls/nist_kw.h b/vendor/mbedtls/nist_kw.h
index d353f3d..d353f3d 100644
--- a/include/mbedtls/nist_kw.h
+++ b/vendor/mbedtls/nist_kw.h
diff --git a/include/mbedtls/oid.h b/vendor/mbedtls/oid.h
index e48817d..e48817d 100644
--- a/include/mbedtls/oid.h
+++ b/vendor/mbedtls/oid.h
diff --git a/include/mbedtls/pem.h b/vendor/mbedtls/pem.h
index cc617a9..cc617a9 100644
--- a/include/mbedtls/pem.h
+++ b/vendor/mbedtls/pem.h
diff --git a/include/mbedtls/pk.h b/vendor/mbedtls/pk.h
index 24b1188..24b1188 100644
--- a/include/mbedtls/pk.h
+++ b/vendor/mbedtls/pk.h
diff --git a/include/mbedtls/pkcs12.h b/vendor/mbedtls/pkcs12.h
index 42e8453..42e8453 100644
--- a/include/mbedtls/pkcs12.h
+++ b/vendor/mbedtls/pkcs12.h
diff --git a/include/mbedtls/pkcs5.h b/vendor/mbedtls/pkcs5.h
index e004f45..e004f45 100644
--- a/include/mbedtls/pkcs5.h
+++ b/vendor/mbedtls/pkcs5.h
diff --git a/include/mbedtls/pkcs7.h b/vendor/mbedtls/pkcs7.h
index 70b25a9..70b25a9 100644
--- a/include/mbedtls/pkcs7.h
+++ b/vendor/mbedtls/pkcs7.h
diff --git a/include/mbedtls/platform.h b/vendor/mbedtls/platform.h
index de3d71d..de3d71d 100644
--- a/include/mbedtls/platform.h
+++ b/vendor/mbedtls/platform.h
diff --git a/include/mbedtls/platform_time.h b/vendor/mbedtls/platform_time.h
index 97f1963..97f1963 100644
--- a/include/mbedtls/platform_time.h
+++ b/vendor/mbedtls/platform_time.h
diff --git a/include/mbedtls/platform_util.h b/vendor/mbedtls/platform_util.h
index cba02ab..cba02ab 100644
--- a/include/mbedtls/platform_util.h
+++ b/vendor/mbedtls/platform_util.h
diff --git a/include/mbedtls/poly1305.h b/vendor/mbedtls/poly1305.h
index 61bcaa6..61bcaa6 100644
--- a/include/mbedtls/poly1305.h
+++ b/vendor/mbedtls/poly1305.h
diff --git a/include/mbedtls/private_access.h b/vendor/mbedtls/private_access.h
index 580f3eb..580f3eb 100644
--- a/include/mbedtls/private_access.h
+++ b/vendor/mbedtls/private_access.h
diff --git a/include/psa/build_info.h b/vendor/mbedtls/psa/build_info.h
index 3ee6cd7..3ee6cd7 100644
--- a/include/psa/build_info.h
+++ b/vendor/mbedtls/psa/build_info.h
diff --git a/include/psa/crypto.h b/vendor/mbedtls/psa/crypto.h
index fe10ee0..fe10ee0 100644
--- a/include/psa/crypto.h
+++ b/vendor/mbedtls/psa/crypto.h
diff --git a/include/psa/crypto_adjust_auto_enabled.h b/vendor/mbedtls/psa/crypto_adjust_auto_enabled.h
index 63fb29e..63fb29e 100644
--- a/include/psa/crypto_adjust_auto_enabled.h
+++ b/vendor/mbedtls/psa/crypto_adjust_auto_enabled.h
diff --git a/include/psa/crypto_adjust_config_key_pair_types.h b/vendor/mbedtls/psa/crypto_adjust_config_key_pair_types.h
index 63afc0e..63afc0e 100644
--- a/include/psa/crypto_adjust_config_key_pair_types.h
+++ b/vendor/mbedtls/psa/crypto_adjust_config_key_pair_types.h
diff --git a/include/psa/crypto_adjust_config_synonyms.h b/vendor/mbedtls/psa/crypto_adjust_config_synonyms.h
index cf33465..cf33465 100644
--- a/include/psa/crypto_adjust_config_synonyms.h
+++ b/vendor/mbedtls/psa/crypto_adjust_config_synonyms.h
diff --git a/include/psa/crypto_builtin_composites.h b/vendor/mbedtls/psa/crypto_builtin_composites.h
index 35c2e29..35c2e29 100644
--- a/include/psa/crypto_builtin_composites.h
+++ b/vendor/mbedtls/psa/crypto_builtin_composites.h
diff --git a/include/psa/crypto_builtin_key_derivation.h b/vendor/mbedtls/psa/crypto_builtin_key_derivation.h
index 6b91ae7..6b91ae7 100644
--- a/include/psa/crypto_builtin_key_derivation.h
+++ b/vendor/mbedtls/psa/crypto_builtin_key_derivation.h
diff --git a/include/psa/crypto_builtin_primitives.h b/vendor/mbedtls/psa/crypto_builtin_primitives.h
index 98ab4d3..98ab4d3 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/vendor/mbedtls/psa/crypto_builtin_primitives.h
diff --git a/include/psa/crypto_compat.h b/vendor/mbedtls/psa/crypto_compat.h
index f896fae..f896fae 100644
--- a/include/psa/crypto_compat.h
+++ b/vendor/mbedtls/psa/crypto_compat.h
diff --git a/include/psa/crypto_config.h b/vendor/mbedtls/psa/crypto_config.h
index 5bf00f4..5bf00f4 100644
--- a/include/psa/crypto_config.h
+++ b/vendor/mbedtls/psa/crypto_config.h
diff --git a/include/psa/crypto_driver_common.h b/vendor/mbedtls/psa/crypto_driver_common.h
index cc11d3b..cc11d3b 100644
--- a/include/psa/crypto_driver_common.h
+++ b/vendor/mbedtls/psa/crypto_driver_common.h
diff --git a/include/psa/crypto_driver_contexts_composites.h b/vendor/mbedtls/psa/crypto_driver_contexts_composites.h
index d717c51..d717c51 100644
--- a/include/psa/crypto_driver_contexts_composites.h
+++ b/vendor/mbedtls/psa/crypto_driver_contexts_composites.h
diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/vendor/mbedtls/psa/crypto_driver_contexts_key_derivation.h
index 2119051..2119051 100644
--- a/include/psa/crypto_driver_contexts_key_derivation.h
+++ b/vendor/mbedtls/psa/crypto_driver_contexts_key_derivation.h
diff --git a/include/psa/crypto_driver_contexts_primitives.h b/vendor/mbedtls/psa/crypto_driver_contexts_primitives.h
index c90a5fb..c90a5fb 100644
--- a/include/psa/crypto_driver_contexts_primitives.h
+++ b/vendor/mbedtls/psa/crypto_driver_contexts_primitives.h
diff --git a/include/psa/crypto_extra.h b/vendor/mbedtls/psa/crypto_extra.h
index ef29b77..ef29b77 100644
--- a/include/psa/crypto_extra.h
+++ b/vendor/mbedtls/psa/crypto_extra.h
diff --git a/include/psa/crypto_legacy.h b/vendor/mbedtls/psa/crypto_legacy.h
index 7df3614..7df3614 100644
--- a/include/psa/crypto_legacy.h
+++ b/vendor/mbedtls/psa/crypto_legacy.h
diff --git a/include/psa/crypto_platform.h b/vendor/mbedtls/psa/crypto_platform.h
index f32a101..f32a101 100644
--- a/include/psa/crypto_platform.h
+++ b/vendor/mbedtls/psa/crypto_platform.h
diff --git a/include/psa/crypto_se_driver.h b/vendor/mbedtls/psa/crypto_se_driver.h
index 9ce14bb..9ce14bb 100644
--- a/include/psa/crypto_se_driver.h
+++ b/vendor/mbedtls/psa/crypto_se_driver.h
diff --git a/include/psa/crypto_sizes.h b/vendor/mbedtls/psa/crypto_sizes.h
index d22bf10..d22bf10 100644
--- a/include/psa/crypto_sizes.h
+++ b/vendor/mbedtls/psa/crypto_sizes.h
diff --git a/include/psa/crypto_struct.h b/vendor/mbedtls/psa/crypto_struct.h
index d5ea8d5..d5ea8d5 100644
--- a/include/psa/crypto_struct.h
+++ b/vendor/mbedtls/psa/crypto_struct.h
diff --git a/include/psa/crypto_types.h b/vendor/mbedtls/psa/crypto_types.h
index 5a1318d..5a1318d 100644
--- a/include/psa/crypto_types.h
+++ b/vendor/mbedtls/psa/crypto_types.h
diff --git a/include/psa/crypto_values.h b/vendor/mbedtls/psa/crypto_values.h
index a17879b..a17879b 100644
--- a/include/psa/crypto_values.h
+++ b/vendor/mbedtls/psa/crypto_values.h
diff --git a/include/mbedtls/psa_util.h b/vendor/mbedtls/psa_util.h
index 643e8aa..643e8aa 100644
--- a/include/mbedtls/psa_util.h
+++ b/vendor/mbedtls/psa_util.h
diff --git a/include/mbedtls/ripemd160.h b/vendor/mbedtls/ripemd160.h
index 279f92b..279f92b 100644
--- a/include/mbedtls/ripemd160.h
+++ b/vendor/mbedtls/ripemd160.h
diff --git a/include/mbedtls/rsa.h b/vendor/mbedtls/rsa.h
index be831f1..be831f1 100644
--- a/include/mbedtls/rsa.h
+++ b/vendor/mbedtls/rsa.h
diff --git a/include/mbedtls/sha1.h b/vendor/mbedtls/sha1.h
index 592ffd1..592ffd1 100644
--- a/include/mbedtls/sha1.h
+++ b/vendor/mbedtls/sha1.h
diff --git a/include/mbedtls/sha256.h b/vendor/mbedtls/sha256.h
index 4ee780f..4ee780f 100644
--- a/include/mbedtls/sha256.h
+++ b/vendor/mbedtls/sha256.h
diff --git a/include/mbedtls/sha3.h b/vendor/mbedtls/sha3.h
index 3eeee65..3eeee65 100644
--- a/include/mbedtls/sha3.h
+++ b/vendor/mbedtls/sha3.h
diff --git a/include/mbedtls/sha512.h b/vendor/mbedtls/sha512.h
index 1c20e4c..1c20e4c 100644
--- a/include/mbedtls/sha512.h
+++ b/vendor/mbedtls/sha512.h
diff --git a/include/mbedtls/ssl.h b/vendor/mbedtls/ssl.h
index 89f7b81..89f7b81 100644
--- a/include/mbedtls/ssl.h
+++ b/vendor/mbedtls/ssl.h
diff --git a/include/mbedtls/ssl_cache.h b/vendor/mbedtls/ssl_cache.h
index a1307b4..a1307b4 100644
--- a/include/mbedtls/ssl_cache.h
+++ b/vendor/mbedtls/ssl_cache.h
diff --git a/include/mbedtls/ssl_ciphersuites.h b/vendor/mbedtls/ssl_ciphersuites.h
index 8cecbb6..8cecbb6 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/vendor/mbedtls/ssl_ciphersuites.h
diff --git a/include/mbedtls/ssl_cookie.h b/vendor/mbedtls/ssl_cookie.h
index 71c258e..71c258e 100644
--- a/include/mbedtls/ssl_cookie.h
+++ b/vendor/mbedtls/ssl_cookie.h
diff --git a/include/mbedtls/ssl_ticket.h b/vendor/mbedtls/ssl_ticket.h
index 6d59c12..6d59c12 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/vendor/mbedtls/ssl_ticket.h
diff --git a/include/mbedtls/threading.h b/vendor/mbedtls/threading.h
index ed16a23..ed16a23 100644
--- a/include/mbedtls/threading.h
+++ b/vendor/mbedtls/threading.h
diff --git a/include/mbedtls/timing.h b/vendor/mbedtls/timing.h
index 62ae102..62ae102 100644
--- a/include/mbedtls/timing.h
+++ b/vendor/mbedtls/timing.h
diff --git a/include/mbedtls/version.h b/vendor/mbedtls/version.h
index 637f9d3..637f9d3 100644
--- a/include/mbedtls/version.h
+++ b/vendor/mbedtls/version.h
diff --git a/include/mbedtls/x509.h b/vendor/mbedtls/x509.h
index e2e0667..e2e0667 100644
--- a/include/mbedtls/x509.h
+++ b/vendor/mbedtls/x509.h
diff --git a/include/mbedtls/x509_crl.h b/vendor/mbedtls/x509_crl.h
index 6625a44..6625a44 100644
--- a/include/mbedtls/x509_crl.h
+++ b/vendor/mbedtls/x509_crl.h
diff --git a/include/mbedtls/x509_crt.h b/vendor/mbedtls/x509_crt.h
index 3f1a1e7..3f1a1e7 100644
--- a/include/mbedtls/x509_crt.h
+++ b/vendor/mbedtls/x509_crt.h
diff --git a/include/mbedtls/x509_csr.h b/vendor/mbedtls/x509_csr.h
index e54010b..e54010b 100644
--- a/include/mbedtls/x509_csr.h
+++ b/vendor/mbedtls/x509_csr.h
diff --git a/include/secp256k1.h b/vendor/secp256k1/secp256k1.h
index f4053f2..f4053f2 100644
--- a/include/secp256k1.h
+++ b/vendor/secp256k1/secp256k1.h
diff --git a/include/secp256k1_ecdh.h b/vendor/secp256k1/secp256k1_ecdh.h
index 4d9da34..4d9da34 100644
--- a/include/secp256k1_ecdh.h
+++ b/vendor/secp256k1/secp256k1_ecdh.h
diff --git a/include/secp256k1_extrakeys.h b/vendor/secp256k1/secp256k1_extrakeys.h
index 4cc6d4f..4cc6d4f 100644
--- a/include/secp256k1_extrakeys.h
+++ b/vendor/secp256k1/secp256k1_extrakeys.h
diff --git a/include/secp256k1_schnorrsig.h b/vendor/secp256k1/secp256k1_schnorrsig.h
index 5c338f4..5c338f4 100644
--- a/include/secp256k1_schnorrsig.h
+++ b/vendor/secp256k1/secp256k1_schnorrsig.h
author	vnugent <public@vaughnnugent.com>	2024-04-23 18:19:31 -0400
committer	vnugent <public@vaughnnugent.com>	2024-04-23 18:19:31 -0400
commit	7cb7a93de4f6f5e741bc5129e3d928e44f050930 (patch)
tree	ae5c564a0c3c60d0b4dac13ac8e8e3ebf7906ab1
parent	30e8dda6cbea86bdee6d5dfe48514385d3b9f81b (diff)