Build fixups for AEGIS

Summary: * minor: remove libsodium in AEGISCipher.h (internal implementation detail) * adds cmake targets Differential Revision: D45323104 fbshipit-source-id: a696598c4ea314f2e0f74e237f9b2f55121c32ad
paulbiss · May 17, 2023 · 674a019 · 674a019
1 parent 67aa54f
commit 674a019
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 4 deletions.
diff --git a/third-party/fizz/src/fizz/CMakeLists.txt b/third-party/fizz/src/fizz/CMakeLists.txt
@@ -157,6 +157,7 @@ set(FIZZ_SOURCES
   crypto/exchange/X25519.cpp
   crypto/aead/OpenSSLEVPCipher.cpp
   crypto/aead/IOBufUtil.cpp
+  crypto/aead/AEGISCipher.cpp
   crypto/signature/Signature.cpp
   crypto/Hkdf.cpp
   crypto/KeyDerivation.cpp
@@ -400,6 +401,7 @@ if(BUILD_TESTS)
   add_gtest(client/test/ClientProtocolTest.cpp ClientProtocolTest)
   add_gtest(client/test/FizzClientTest.cpp FizzClientTest)
   add_gtest(crypto/aead/test/OpenSSLEVPCipherTest.cpp OpenSSLEVPCipherTest)
+  add_gtest(crypto/aead/test/AEGISCipherTest.cpp AEGISCipherTest)
   add_gtest(crypto/aead/test/IOBufUtilTest.cpp IOBufUtilTest)
   add_gtest(crypto/exchange/test/X25519KeyExchangeTest.cpp X25519KeyExchangeTest)
   add_gtest(crypto/exchange/test/ECKeyExchangeTest.cpp ECKeyExchangeTest)

diff --git a/third-party/fizz/src/fizz/crypto/aead/AEGISCipher.cpp b/third-party/fizz/src/fizz/crypto/aead/AEGISCipher.cpp
@@ -7,13 +7,21 @@
  */
 
 #include <fizz/crypto/aead/AEGISCipher.h>
+
+#if FIZZ_HAS_AEGIS
+
 #include <folly/lang/CheckedMath.h>
 #include <sodium.h>
 #include <sodium/crypto_aead_aegis128l.h>
+#include <sodium/crypto_aead_aegis256.h>
 #include <functional>
 
 namespace fizz {
 
+static_assert(
+    fizz::AEGISCipher::kMaxIVLength == crypto_aead_aegis256_NPUBBYTES,
+    "Invalid AEGISCipher::kMaxIVLength");
+
 namespace {
 
 std::unique_ptr<folly::IOBuf> aegisEncrypt(
@@ -213,3 +221,5 @@ std::array<uint8_t, AEGISCipher::kMaxIVLength> AEGISCipher::createIV(
   return iv;
 }
 } // namespace fizz
+
+#endif
diff --git a/third-party/fizz/src/fizz/crypto/aead/AEGISCipher.h b/third-party/fizz/src/fizz/crypto/aead/AEGISCipher.h
@@ -5,9 +5,12 @@
  *  This source code is licensed under the BSD-style license found in the
  *  LICENSE file in the root directory of this source tree.
  */
-
 #pragma once
 
+#include <fizz/fizz-config.h>
+
+#if FIZZ_HAS_AEGIS
+
 #include <fizz/crypto/aead/Aead.h>
 #include <fizz/crypto/aead/IOBufUtil.h>
 #include <folly/Conv.h>
@@ -16,13 +19,11 @@
 #include <folly/String.h>
 #include <folly/lang/Bits.h>
 #include <folly/ssl/OpenSSLPtrTypes.h>
-#include <sodium.h>
-#include <sodium/crypto_aead_aegis256.h>
 
 namespace fizz {
 class AEGISCipher : public Aead {
  public:
-  static constexpr size_t kMaxIVLength = crypto_aead_aegis256_NPUBBYTES;
+  static constexpr size_t kMaxIVLength = 32;
 
   static std::unique_ptr<Aead> makeCipher();
 
@@ -89,3 +90,5 @@ class AEGISCipher : public Aead {
   size_t tagLength_;
 };
 } // namespace fizz
+
+#endif
diff --git a/third-party/fizz/src/fizz/crypto/aead/test/AEGISCipherTest.cpp b/third-party/fizz/src/fizz/crypto/aead/test/AEGISCipherTest.cpp
@@ -6,6 +6,8 @@
  *  LICENSE file in the root directory of this source tree.
  */
 
+#include <fizz/fizz-config.h>
+
 #include <folly/portability/GTest.h>
 
 #include <fizz/crypto/aead/AEGISCipher.h>
@@ -20,6 +22,7 @@
 
 using namespace folly;
 
+#if FIZZ_HAS_AEGIS
 namespace fizz {
 namespace test {
 
@@ -119,3 +122,6 @@ INSTANTIATE_TEST_SUITE_P(
             false}));
 } // namespace test
 } // namespace fizz
+#else
+TEST(AegisCipherTest, AegisNotSupported) {}
+#endif