fix: Properly build mbedtls & cmake fixes

CMakeLists.txt

@@ -56,6 +56,7 @@ if(NC_FETCH_SECP256K1)
 
 	FetchContent_MakeAvailable(libsecp256k1)
 
+	#Must force FPIC when using secp256k1, ld linker complains otherwise
 	set_target_properties(
 		secp256k1 
 		secp256k1_precomputed 
@@ -79,10 +80,6 @@ endif()
 #		MAIN PROJECT
 #-----------------------------
 
-set(CMAKE_C_STANDARD 90)					#Setup the compiler options for c90 shared library
-set(CMAKE_C_STANDARD_REQUIRED ON)
-set(CMAKE_C_EXTENSIONS OFF)
-
 set(NOSCRYPT_SRCS 
 	"src/noscrypt.c"	
 	"src/hkdf.c"
@@ -100,8 +97,22 @@ set(NOSCRYPT_HEADERS
 #static/shared library
 add_library(${_NC_PROJ_NAME} SHARED ${NOSCRYPT_SRCS} ${NOSCRYPT_HEADERS})
 add_library(${_NC_PROJ_NAME}_static STATIC ${NOSCRYPT_SRCS} ${NOSCRYPT_HEADERS})
-target_compile_features(${_NC_PROJ_NAME} PUBLIC c_std_90)	#force compiler to use c90 standard for library
-set_target_properties(${_NC_PROJ_NAME} PROPERTIES POSITION_INDEPENDENT_CODE ON)
+set_target_properties(${_NC_PROJ_NAME} PROPERTIES POSITION_INDEPENDENT_CODE ON)		#fPIC for shared library
+
+#set specific cmake commands to target our projects only
+set_target_properties(
+	${_NC_PROJ_NAME} 
+	${_NC_PROJ_NAME}_static 
+
+	#Setup the compiler options for c90 standard
+	PROPERTIES 
+	C_STANDARD 90
+	C_STANDARD_REQUIRED ON
+	C_EXTENSIONS ON			#enables c++ style comments (only required for mbedtls stuff)
+)
+
+target_compile_features(${_NC_PROJ_NAME} PRIVATE c_std_90)	#force compiler to use c90 standard for library
+target_compile_features(${_NC_PROJ_NAME}_static PRIVATE c_std_90)	#force compiler to use c90 standard for library
 
 target_include_directories(${_NC_PROJ_NAME} PRIVATE include)
 target_include_directories(${_NC_PROJ_NAME}_static PRIVATE include)
@@ -136,6 +147,11 @@ endif()
 #Include mbedtls if enabled
 if(NC_FETCH_MBEDTLS)
 
+	###############
+	# NOTE: Must disable shared libraries to avoid linking errors when using mbedtls
+	###############
+	set(BUILD_SHARED_LIBS OFF)
+
 	set(ENABLE_PROGRAMS OFF)
 	set(ENABLE_TESTING OFF)
 	set(USE_SHARED_MBEDTLS_LIBRARY OFF)

README.md

@@ -1,4 +1,17 @@
-# noscrypt
+# noscrypt  
+
+<h4 align="left">
+  <a href="https://github.com/VnUgE/noscrypt/blob/master/LICENSE">
+    <img src="https://img.shields.io/badge/license-LGPL2.1-green.svg" alt="LGPL2.1" />
+  </a>
+  <a href="https://github.com/VnUgE/noscrypt/tags">
+    <img src="https://img.shields.io/github/v/tag/vnuge/noscrypt" alt="Latest tag"/>
+  </a>
+  <a href="https://github.com/VnUgE/noscrypt/commits">
+    <img src="https://img.shields.io/github/last-commit/vnuge/noscrypt/master" alt="Latest commit"/>
+  </a>
+</h4>
+
 *A compact, C90 cross-platform, cryptography library built specifically for nostr*
 
 ## What is noscrypt?
@@ -17,8 +30,6 @@ NCVerifyMac()
 ... extended functions
 ```
 
-There are no functions that handle key generation, because secp256k1 simply requires a 32byte random number that needs to only be validated. I assume most applications will prefer and or have better random number generators than I can assume. Use your preferred or platform CSRNG.  
-
 ## Motivation
 At the time of building this project I have not come across any C-only libraries that exposed functionality for nostr specific cryptography. IMO it is easy to use the secp256k1 library incorrectly. In the process of building [NVault](https://github.com/VnUgE/NVault) NIP-44 came out in December and I realized my libraries were falling short for my needs for proper and safe nostr cryptographic operations, and I needed to start over and start with a good base that has all the basic  functionality built with trusted and tested libraries.  
 
@@ -47,11 +58,11 @@ The following table lists the supported platforms and cryptography libraries tha
 | FreeBSD | OpenSSL (3.0), Mbed-TLS         | GCC Only |    |
 
 
-## Packages and Docs
+## Getting started
 GitHub is simply a mirror for my projects. Extended documentation, pre-compiled binaries and source code bundles are always available on my website, along with PGP signatures and checksums.    
 
-[Docs and Articles](https://www.vaughnnugent.com/resources/software/articles?tags=docs,_noscrypt)  
-[Builds and Source](https://www.vaughnnugent.com/resources/software/modules/noscrypt)  
+- **[Documentation](https://www.vaughnnugent.com/resources/software/articles?tags=docs,_noscrypt)**  
+- **[Signed builds and sourcecode ](https://www.vaughnnugent.com/resources/software/modules/noscrypt)**  
 
 ### Getting the package
 There are 3 ways to get the source code to build this project.  
@@ -60,25 +71,54 @@ There are 3 ways to get the source code to build this project.
 3. Download a github archive or release when they are available  
 
 ## Building
-Please see extended documentation for all custom build configurations and tips. For now, here is enough to get most developers going. 
+**The following build commands may be incomplete.** Please read documentation (link above) for all custom build configurations and tips.
 
-### CMake
+### Using CMake
 ```shell
 cmake -S . -Bbuild/ -DCMAKE_BUILD_TYPE=Release
 ```
 
-#### Enable built-in tets and debug mode
+Enable built-in tests and debug mode
 ```shell
 cmake -S . -Bbuild/test -DCMAKE_BUILD_TYPE=Debug -DNC_BUILD_TESTS=ON
 ```
 
-#### Specify the crypto library
+Specify the crypto library
 ```shell
 cmake -S . -Bbuild/ -DCMAKE_BUILD_TYPE=Release -DCRYPTO_LIB=<openssl | mbedtls | bcrypt>
 ```
 
-### Easy mode
-A [Taskfile](https://taskfile.dev) file is included for easy building if you wish to build in easy mode! Use the `task --list-all` to see all available commands. The default command `task` will build the library in release mode using defaults. You may specify extra cmake build variables using the `USER_ARGS` variable on the command line.
+Install library globally
+```shell
+cmake --install build/
+```
+
+### Using Task
+A [Taskfile](https://taskfile.dev) file is included for easy building if you wish to build in easy mode! Use the `task --list` to see all available commands. The default command `task` will build the library locally in release mode using defaults. 
+
+```shell
+task 
+```
+Build in debug mode with tests enabled
+```shell
+task build-debug
+```
+
+Build in debug mode, with testing enabled, then runs the test executable after it's built
+```shell
+task test
+```
+
+Install globally. Run after running the default task or `build-debug` task
+```shell
+task install
+```
+
+Task accepts any extra arguments following `--` and passes them to the cmake build command.   
+Example:
+```shell
+task <command> -- -DCMAKE_X_X=x
+```
 
 ## Notes
 #### Builds

src/nc-util.h

@@ -24,7 +24,7 @@
 #ifndef _NC_UTIL_H
 #define _NC_UTIL_H
 
-#include "platform.h"
+#include <platform.h>
 
 /* NULL */
 #ifndef NULL
@@ -48,7 +48,7 @@
 	* so static_assret very likely will not be available. 
 	*/
 	#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
-		#define STATIC_ASSERT(x, m) static_assert(x, m)
+		#define STATIC_ASSERT(x, m) static_assert(x, m);
 	#elif !defined(STATIC_ASSERT)
 		#define STATIC_ASSERT(x, m)
 		#pragma message("Static assertions are not supported by this language version")

src/noscrypt.c

@@ -21,6 +21,7 @@
 #include "noscrypt.h"
 
 #include "nc-util.h"
+#include "hkdf.h"
 #include "nc-crypto.h"
 
 #include <secp256k1/secp256k1_ecdh.h>
@@ -103,13 +104,17 @@ STATIC_ASSERT(sizeof(struct nc_expand_keys) == sizeof(struct message_key), "Expe
 * Check that the fallback hkdf extract internal buffer is large enough
 * for full converstation key buffers 
 */
-STATIC_ASSERT(HKDF_IN_BUF_SIZE >= NC_CONV_KEY_SIZE + 8, "HKDF Buffer size is too small for Safe HKDF operations")
+STATIC_ASSERT(HKDF_IN_BUF_SIZE >= NC_CONV_KEY_SIZE + 8, "HKDF Buffer size is too small for safe HKDF operations")
 
 /*
 * Internal helper functions to do common structure conversions
 */
 
-static _nc_fn_inline int _convertToXonly(const NCContext* ctx, const NCPublicKey* compressedPubKey, secp256k1_xonly_pubkey* xonly)
+static _nc_fn_inline int _convertToXonly(
+	const NCContext* ctx, 
+	const NCPublicKey* compressedPubKey, 
+	secp256k1_xonly_pubkey* xonly
+)
 {
 	DEBUG_ASSERT2(ctx != NULL, "Expected valid context")
 	DEBUG_ASSERT2(compressedPubKey != NULL, "Expected a valid public 32byte key structure")
@@ -456,6 +461,8 @@ NC_EXPORT NCResult NC_CC NCInitContext(
 	CHECK_NULL_ARG(ctx, 0)
 	CHECK_NULL_ARG(entropy, 1)
 
+	ZERO_FILL(ctx, sizeof(NCContext));
+
 	ctx->secpCtx = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
 
 	/*