Implement crypto digest context in terms of software sha2 implementation (#61)

This pull request introduces the `nat20` cryptographic implementation to
the codebase.
This is a free standing implementation of the n20_crypto_digest_context
subset
of the crypto interface.

It provides an implementation of the digest function in terms of the
software
Implementation added in #56. The function hmac is implemented in terms
of this digest function and the hkdf family of function is implemented
in terms
of the hmac function.

- [x] The digest subset of the crypto test suite is run against the new
implementation.

Author: werwurm

CMakeLists.txt

@@ -72,13 +72,15 @@ set(LIBNAT20_PUB_HEADERS
 
 set(LIBNAT20_CRYPTO_NAT20_SOURCES
     # Add the core library source files here.
+    src/crypto/nat20/crypto.c
     src/crypto/nat20/sha256.c
     src/crypto/nat20/sha512.c
 )
 
 set(LIBNAT20_CRYPTO_NAT20_PUB_HEADERS
     # Add the public headers here.
     # These files will be included in the generation of the API documentation.
+    include/nat20/crypto/nat20/crypto.h
     include/nat20/crypto/nat20/sha.h
 )
 
@@ -270,6 +272,9 @@ if (NAT20_WITH_TESTS)
     target_link_libraries(nat20_crypto_test_bin nat20_crypto_boringssl)
     add_definitions(-DN20_CONFIG_ENABLE_CRYPTO_TEST_IMPL=1)
 
+    target_sources(nat20_crypto_test_bin
+        PRIVATE src/crypto/test/crypto_nat20.cpp
+    )
     target_link_libraries(nat20_crypto_test_bin nat20_crypto_nat20)
 
 

include/nat20/crypto/nat20/crypto.h

@@ -0,0 +1,63 @@
+/*
+ * Copyright 2025 Aurora Operations, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <nat20/crypto.h>
+#include <nat20/error.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Open a new NAT20 cryptographic (digest) context.
+ *
+ * This is the factory function to create a crypto digest context
+ * @ref n20_crypto_digest_context_t implementing SHA2
+ * (SHA-224, SHA-256, SHA-384, SHA-512), HMAC, and HKDF without
+ * external library dependencies.
+ *
+ * Each call to this function must be matched with a call to
+ * @ref n20_crypto_nat20_close.
+ *
+ * In the current implementation the context returned is a singleton,
+ * and @ref n20_crypto_nat20_close is a no-op. But this may change
+ * in the future, and cannot be relied on.
+ *
+ * @param ctx_out Pointer to the context to be initialized.
+ * @return n20_error_t Error code indicating success or failure.
+ */
+n20_error_t n20_crypto_nat20_open(n20_crypto_digest_context_t** ctx_out);
+
+/**
+ * @brief Close the NAT20 cryptographic context.
+ *
+ * This function closes and frees the resources associated with the
+ * context @ref ctx_out.
+ *
+ * In the current implementation this is a no-op, as the context
+ * is a singleton. But this may change in the future, and must
+ * not be relied on.
+ *
+ * @param ctx_out Pointer to the context to be closed.
+ * @return n20_error_t Error code indicating success or failure.
+ */
+n20_error_t n20_crypto_nat20_close(n20_crypto_digest_context_t* ctx_out);
+
+#ifdef __cplusplus
+}
+#endif