/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:8;coding:utf-8 -*-│ │vi: set net ft=c ts=4 sts=4 sw=4 fenc=utf-8 :vi│ ╞══════════════════════════════════════════════════════════════════════════════╡ │ Python 3 │ │ https://docs.python.org/3/license.html │ ╚─────────────────────────────────────────────────────────────────────────────*/ #define PY_SSIZE_T_CLEAN #include "libc/calls/calls.h" #include "libc/log/backtrace.internal.h" #include "libc/stdio/stdio.h" #include "libc/str/str.h" #include "third_party/mbedtls/error.h" #include "third_party/mbedtls/md.h" #include "third_party/python/Include/Python.h" #include "third_party/python/Include/import.h" #include "third_party/python/Include/pystrhex.h" #include "third_party/python/Include/structmember.h" #include "third_party/python/Include/yoink.h" #include "third_party/python/Modules/hashlib.h" /* clang-format off */ PYTHON_PROVIDE("_hashlib"); PYTHON_PROVIDE("_hashlib.HASH"); PYTHON_PROVIDE("_hashlib.__doc__"); PYTHON_PROVIDE("_hashlib.__loader__"); PYTHON_PROVIDE("_hashlib.__name__"); PYTHON_PROVIDE("_hashlib.__package__"); PYTHON_PROVIDE("_hashlib.__spec__"); PYTHON_PROVIDE("_hashlib.new"); PYTHON_PROVIDE("_hashlib.mbedtls_md5"); PYTHON_PROVIDE("_hashlib.mbedtls_md_meth_names"); PYTHON_PROVIDE("_hashlib.mbedtls_sha1"); PYTHON_PROVIDE("_hashlib.mbedtls_sha224"); PYTHON_PROVIDE("_hashlib.mbedtls_sha256"); PYTHON_PROVIDE("_hashlib.mbedtls_sha384"); PYTHON_PROVIDE("_hashlib.mbedtls_sha512"); #include "third_party/python/Modules/clinic/_hashmbedtls.inc" /*[clinic input] module _hashlib [clinic start generated code]*/ /*[clinic end generated code: output=da39a3ee5e6b4b0d input=c2b4ff081bac4be1]*/ #define MUNCH_SIZE 65536 #ifndef HASH_OBJ_CONSTRUCTOR #define HASH_OBJ_CONSTRUCTOR 0 #endif typedef struct { PyObject_HEAD PyObject *name; mbedtls_md_context_t ctx; #ifdef WITH_THREAD PyThread_type_lock lock; #endif } EVPobject; static PyTypeObject EVPtype; static PyObject *CONST_MD5_name_obj; static PyObject *CONST_SHA1_name_obj; static PyObject *CONST_SHA224_name_obj; static PyObject *CONST_SHA256_name_obj; static PyObject *CONST_SHA384_name_obj; static PyObject *CONST_SHA512_name_obj; static PyObject *CONST_BLAKE2B256_name_obj; static PyObject * SetMbedtlsError(PyObject *exc, int rc) { char b[128]; mbedtls_strerror(rc, b, sizeof(b)); PyErr_SetString(exc, b); return NULL; } static EVPobject * newEVPobject(PyObject *name) { EVPobject *self; if ((self = PyObject_New(EVPobject, &EVPtype))) { mbedtls_md_init(&self->ctx); Py_INCREF(name); self->name = name; #ifdef WITH_THREAD self->lock = 0; #endif } return self; } static int EVP_hash(EVPobject *self, const void *vp, Py_ssize_t len) { int rc; unsigned int process; const unsigned char *cp; for (cp = vp; 0 < len; len -= process, cp += process) { if (len > MUNCH_SIZE) { process = MUNCH_SIZE; } else { process = Py_SAFE_DOWNCAST(len, Py_ssize_t, unsigned int); } if ((rc = mbedtls_md_update(&self->ctx, cp, process)) < 0) { return rc; } } return 0; } /* Internal methods for a hash object */ static void EVP_dealloc(EVPobject *self) { #ifdef WITH_THREAD if (self->lock) PyThread_free_lock(self->lock); #endif mbedtls_md_free(&self->ctx); Py_XDECREF(self->name); PyObject_Del(self); } static int locked_mbedtls_md_clone(mbedtls_md_context_t *new_ctx_p, EVPobject *self) { int rc; ENTER_HASHLIB(self); if (!(rc = mbedtls_md_setup(new_ctx_p, self->ctx.md_info, 0))) { rc = mbedtls_md_clone(new_ctx_p, &self->ctx); } LEAVE_HASHLIB(self); return rc; } /* External methods for a hash object */ PyDoc_STRVAR(EVP_copy__doc__, "Return a copy of the hash object."); static PyObject * EVP_copy(EVPobject *self, PyObject *unused) { int rc; EVPobject *newobj; if ((newobj = newEVPobject(self->name))) { if ((rc = locked_mbedtls_md_clone(&newobj->ctx, self))) { EVP_dealloc(newobj); return SetMbedtlsError(PyExc_ValueError, rc); } } return (PyObject *)newobj; } PyDoc_STRVAR(EVP_digest__doc__, "Return the digest value as a bytes object."); static PyObject * EVP_digest(EVPobject *self, PyObject *unused) { int rc; PyObject *retval; unsigned int digest_size; mbedtls_md_context_t temp_ctx; unsigned char digest[MBEDTLS_MD_MAX_SIZE]; mbedtls_md_init(&temp_ctx); if (!(rc = locked_mbedtls_md_clone(&temp_ctx, self))) { digest_size = mbedtls_md_get_size(temp_ctx.md_info); if (!(rc = mbedtls_md_finish(&temp_ctx, digest))) { retval = PyBytes_FromStringAndSize((const char *)digest, digest_size); } else { retval = SetMbedtlsError(PyExc_ValueError, rc); } } else { retval = SetMbedtlsError(PyExc_ValueError, rc); } mbedtls_md_free(&temp_ctx); return retval; } PyDoc_STRVAR(EVP_hexdigest__doc__, "Return the digest value as a string of hexadecimal digits."); static PyObject * EVP_hexdigest(EVPobject *self, PyObject *unused) { int rc; PyObject *retval; unsigned int digest_size; mbedtls_md_context_t temp_ctx; unsigned char digest[MBEDTLS_MD_MAX_SIZE]; mbedtls_md_init(&temp_ctx); if (!(rc = locked_mbedtls_md_clone(&temp_ctx, self))) { digest_size = mbedtls_md_get_size(temp_ctx.md_info); if (!(rc = mbedtls_md_finish(&temp_ctx, digest))) { retval = _Py_strhex((const char *)digest, digest_size); } else { retval = SetMbedtlsError(PyExc_ValueError, rc); } } else { retval = SetMbedtlsError(PyExc_ValueError, rc); } mbedtls_md_free(&temp_ctx); return retval; } PyDoc_STRVAR(EVP_update__doc__, "Update this hash object's state with the provided string."); static PyObject * EVP_update(EVPobject *self, PyObject *args) { PyObject *obj; Py_buffer view; if (!PyArg_ParseTuple(args, "O:update", &obj)) return 0; GET_BUFFER_VIEW_OR_ERROUT(obj, &view); EVP_hash(self, view.buf, view.len); PyBuffer_Release(&view); Py_RETURN_NONE; } static PyMethodDef EVP_methods[] = { {"update", (PyCFunction)EVP_update, METH_VARARGS, EVP_update__doc__}, {"digest", (PyCFunction)EVP_digest, METH_NOARGS, EVP_digest__doc__}, {"hexdigest", (PyCFunction)EVP_hexdigest, METH_NOARGS, EVP_hexdigest__doc__}, {"copy", (PyCFunction)EVP_copy, METH_NOARGS, EVP_copy__doc__}, {NULL, NULL} /* sentinel */ }; static PyObject * EVP_get_block_size(EVPobject *self, void *closure) { return PyLong_FromLong(mbedtls_md_get_block_size(self->ctx.md_info)); } static PyObject * EVP_get_digest_size(EVPobject *self, void *closure) { return PyLong_FromLong(mbedtls_md_get_size(self->ctx.md_info)); } static PyMemberDef EVP_members[] = { {"name", T_OBJECT, offsetof(EVPobject, name), READONLY, PyDoc_STR("algorithm name.")}, {NULL} }; static PyGetSetDef EVP_getseters[] = { {"digest_size", (getter)EVP_get_digest_size, NULL, NULL, NULL}, {"block_size", (getter)EVP_get_block_size, NULL, NULL, NULL}, {NULL} }; static PyObject * EVP_repr(EVPobject *self) { return PyUnicode_FromFormat("<%U HASH object @ %p>", self->name, self); } #if HASH_OBJ_CONSTRUCTOR #error wut static int EVP_tp_init(EVPobject *self, PyObject *args, PyObject *kwds) { static char *kwlist[] = {"name", "string", NULL}; PyObject *name_obj = NULL; PyObject *data_obj = NULL; Py_buffer view; char *nameStr; const mbedtls_md_info_t *digest; if (!PyArg_ParseTupleAndKeywords(args, kwds, "O|O:HASH", kwlist, &name_obj, &data_obj)) { return -1; } if (data_obj) GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view); if (!PyArg_Parse(name_obj, "s", &nameStr)) { PyErr_SetString(PyExc_TypeError, "name must be a string"); if (data_obj) PyBuffer_Release(&view); return -1; } digest = mbedtls_md_info_from_string(nameStr); if (!digest) { PyErr_SetString(PyExc_ValueError, "unknown hash function"); if (data_obj) PyBuffer_Release(&view); return -1; } if (!EVP_DigestInit(self->ctx, digest)) { SetMbedtlsError(PyExc_ValueError); if (data_obj) PyBuffer_Release(&view); return -1; } Py_INCREF(name_obj); Py_XSETREF(self->name, name_obj); if (data_obj) { if (view.len >= HASHLIB_GIL_MINSIZE) { Py_BEGIN_ALLOW_THREADS EVP_hash(self, view.buf, view.len); Py_END_ALLOW_THREADS } else { EVP_hash(self, view.buf, view.len); } PyBuffer_Release(&view); } return 0; } #endif PyDoc_STRVAR(hashtype_doc, "A hash represents the object used to calculate a checksum of a\n\ string of information.\n\ \n\ Methods:\n\ \n\ update() -- updates the current digest with an additional string\n\ digest() -- return the current digest value\n\ hexdigest() -- return the current digest as a string of hexadecimal digits\n\ copy() -- return a copy of the current hash object\n\ \n\ Attributes:\n\ \n\ name -- the hash algorithm being used by this object\n\ digest_size -- number of bytes in this hashes output\n"); static PyTypeObject EVPtype = { PyVarObject_HEAD_INIT(NULL, 0) "_hashlib.HASH", /*tp_name*/ sizeof(EVPobject), /*tp_basicsize*/ 0, /*tp_itemsize*/ /* methods */ (destructor)EVP_dealloc, /*tp_dealloc*/ 0, /*tp_print*/ 0, /*tp_getattr*/ 0, /*tp_setattr*/ 0, /*tp_reserved*/ (reprfunc)EVP_repr, /*tp_repr*/ 0, /*tp_as_number*/ 0, /*tp_as_sequence*/ 0, /*tp_as_mapping*/ 0, /*tp_hash*/ 0, /*tp_call*/ 0, /*tp_str*/ 0, /*tp_getattro*/ 0, /*tp_setattro*/ 0, /*tp_as_buffer*/ Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, /*tp_flags*/ hashtype_doc, /*tp_doc*/ 0, /*tp_traverse*/ 0, /*tp_clear*/ 0, /*tp_richcompare*/ 0, /*tp_weaklistoffset*/ 0, /*tp_iter*/ 0, /*tp_iternext*/ EVP_methods, /* tp_methods */ EVP_members, /* tp_members */ EVP_getseters, /* tp_getset */ #if 1 0, /* tp_base */ 0, /* tp_dict */ 0, /* tp_descr_get */ 0, /* tp_descr_set */ 0, /* tp_dictoffset */ #endif #if HASH_OBJ_CONSTRUCTOR (initproc)EVP_tp_init, /* tp_init */ #endif }; static PyObject * EVPnew(PyObject *name_obj, const mbedtls_md_info_t *digest, const unsigned char *cp, Py_ssize_t len) { int rc; EVPobject *self; if (!digest) { PyErr_SetString(PyExc_ValueError, "unsupported hash type"); return NULL; } if ((self = newEVPobject(name_obj)) == NULL) return NULL; if ((rc = mbedtls_md_setup(&self->ctx, digest, 0))) { SetMbedtlsError(PyExc_ValueError, rc); Py_DECREF(self); return NULL; } if (cp && len) { if (len >= HASHLIB_GIL_MINSIZE) { Py_BEGIN_ALLOW_THREADS EVP_hash(self, cp, len); Py_END_ALLOW_THREADS } else { EVP_hash(self, cp, len); } } return (PyObject *)self; } /* The module-level function: new() */ PyDoc_STRVAR(EVP_new__doc__, "Return a new hash object using the named algorithm.\n\ An optional string argument may be provided and will be\n\ automatically hashed.\n\ \n\ The MD5 and SHA1 algorithms are always supported.\n"); static PyObject * EVP_new(PyObject *self, PyObject *args, PyObject *kwdict) { static char *kwlist[] = {"name", "string", NULL}; PyObject *name_obj = NULL; PyObject *data_obj = NULL; Py_buffer view = { 0 }; PyObject *ret_obj; char *name; const mbedtls_md_info_t *digest; if (!PyArg_ParseTupleAndKeywords(args, kwdict, "O|O:new", kwlist, &name_obj, &data_obj)) { return NULL; } if (!PyArg_Parse(name_obj, "s", &name)) { PyErr_SetString(PyExc_TypeError, "name must be a string"); return NULL; } if (data_obj) GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view); digest = mbedtls_md_info_from_string(name); ret_obj = EVPnew(name_obj, digest, (unsigned char*)view.buf, view.len); if (data_obj) PyBuffer_Release(&view); return ret_obj; } #if (MBEDTLS_VERSION_NUMBER >= 0x10000000 && !defined(MBEDTLS_NO_HMAC) \ && !defined(MBEDTLS_NO_SHA)) #define PY_PBKDF2_HMAC 1 #if !HAS_FAST_PKCS5_PBKDF2_HMAC /* Improved implementation of PKCS5_PBKDF2_HMAC() * * PKCS5_PBKDF2_HMAC_fast() hashes the password exactly one time instead of * `iter` times. Today (2013) the iteration count is typically 100,000 or * more. The improved algorithm is not subject to a Denial-of-Service * vulnerability with overly large passwords. * * Also Mbedtls < 1.0 don't provide PKCS5_PBKDF2_HMAC(), only * PKCS5_PBKDF2_SHA1. */ static int PKCS5_PBKDF2_HMAC_fast(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const mbedtls_md_info_t *digest, int keylen, unsigned char *out) { unsigned char digtmp[MBEDTLS_MD_MAX_SIZE], *p, itmp[4]; int cplen, j, k, tkeylen, mdlen; unsigned long i = 1; HMAC_CTX hctx_tpl, hctx; mdlen = mbedtls_md_get_size(digest); if (mdlen < 0) return 0; HMAC_CTX_init(&hctx_tpl); HMAC_CTX_init(&hctx); p = out; tkeylen = keylen; if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) { HMAC_CTX_cleanup(&hctx_tpl); return 0; } while (tkeylen) { if (tkeylen > mdlen) cplen = mdlen; else cplen = tkeylen; /* We are unlikely to ever use more than 256 blocks (5120 bits!) * but just in case... */ itmp[0] = (unsigned char)((i >> 24) & 0xff); itmp[1] = (unsigned char)((i >> 16) & 0xff); itmp[2] = (unsigned char)((i >> 8) & 0xff); itmp[3] = (unsigned char)(i & 0xff); if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { HMAC_CTX_cleanup(&hctx_tpl); return 0; } if (!HMAC_Update(&hctx, salt, saltlen) || !HMAC_Update(&hctx, itmp, 4) || !HMAC_Final(&hctx, digtmp, NULL)) { HMAC_CTX_cleanup(&hctx_tpl); HMAC_CTX_cleanup(&hctx); return 0; } HMAC_CTX_cleanup(&hctx); memcpy(p, digtmp, cplen); for (j = 1; j < iter; j++) { if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { HMAC_CTX_cleanup(&hctx_tpl); return 0; } if (!HMAC_Update(&hctx, digtmp, mdlen) || !HMAC_Final(&hctx, digtmp, NULL)) { HMAC_CTX_cleanup(&hctx_tpl); HMAC_CTX_cleanup(&hctx); return 0; } HMAC_CTX_cleanup(&hctx); for (k = 0; k < cplen; k++) { p[k] ^= digtmp[k]; } } tkeylen-= cplen; i++; p+= cplen; } HMAC_CTX_cleanup(&hctx_tpl); return 1; } #endif PyDoc_STRVAR(pbkdf2_hmac__doc__, "pbkdf2_hmac(hash_name, password, salt, iterations, dklen=None) -> key\n\ \n\ Password based key derivation function 2 (PKCS #5 v2.0) with HMAC as\n\ pseudorandom function."); static PyObject * pbkdf2_hmac(PyObject *self, PyObject *args, PyObject *kwdict) { static char *kwlist[] = {"hash_name", "password", "salt", "iterations", "dklen", NULL}; PyObject *key_obj = NULL, *dklen_obj = Py_None; char *name, *key; Py_buffer password, salt; long iterations, dklen; int retval; const mbedtls_md_info_t *digest; if (!PyArg_ParseTupleAndKeywords(args, kwdict, "sy*y*l|O:pbkdf2_hmac", kwlist, &name, &password, &salt, &iterations, &dklen_obj)) { return NULL; } digest = mbedtls_md_info_from_string(name); if (digest == NULL) { PyErr_SetString(PyExc_ValueError, "unsupported hash type"); goto end; } if (password.len > INT_MAX) { PyErr_SetString(PyExc_OverflowError, "password is too long."); goto end; } if (salt.len > INT_MAX) { PyErr_SetString(PyExc_OverflowError, "salt is too long."); goto end; } if (iterations < 1) { PyErr_SetString(PyExc_ValueError, "iteration value must be greater than 0."); goto end; } if (iterations > INT_MAX) { PyErr_SetString(PyExc_OverflowError, "iteration value is too great."); goto end; } if (dklen_obj == Py_None) { dklen = mbedtls_md_get_size(digest); } else { dklen = PyLong_AsLong(dklen_obj); if ((dklen == -1) && PyErr_Occurred()) { goto end; } } if (dklen < 1) { PyErr_SetString(PyExc_ValueError, "key length must be greater than 0."); goto end; } if (dklen > INT_MAX) { /* INT_MAX is always smaller than dkLen max (2^32 - 1) * hLen */ PyErr_SetString(PyExc_OverflowError, "key length is too great."); goto end; } key_obj = PyBytes_FromStringAndSize(NULL, dklen); if (key_obj == NULL) { goto end; } key = PyBytes_AS_STRING(key_obj); Py_BEGIN_ALLOW_THREADS #if HAS_FAST_PKCS5_PBKDF2_HMAC retval = PKCS5_PBKDF2_HMAC((char*)password.buf, (int)password.len, (unsigned char *)salt.buf, (int)salt.len, iterations, digest, dklen, (unsigned char *)key); #else retval = PKCS5_PBKDF2_HMAC_fast((char*)password.buf, (int)password.len, (unsigned char *)salt.buf, (int)salt.len, iterations, digest, dklen, (unsigned char *)key); #endif Py_END_ALLOW_THREADS if (retval) { Py_CLEAR(key_obj); SetMbedtlsError(PyExc_ValueError, retval); goto end; } end: PyBuffer_Release(&password); PyBuffer_Release(&salt); return key_obj; } #endif #if MBEDTLS_VERSION_NUMBER > 0x10100000L && !defined(MBEDTLS_NO_SCRYPT) && !defined(LIBRESSL_VERSION_NUMBER) #define PY_SCRYPT 1 /* XXX: Parameters salt, n, r and p should be required keyword-only parameters. They are optional in the Argument Clinic declaration only due to a limitation of PyArg_ParseTupleAndKeywords. */ /*[clinic input] _hashlib.scrypt password: Py_buffer * salt: Py_buffer = None n as n_obj: object(subclass_of='&PyLong_Type') = None r as r_obj: object(subclass_of='&PyLong_Type') = None p as p_obj: object(subclass_of='&PyLong_Type') = None maxmem: long = 0 dklen: long = 64 scrypt password-based key derivation function. [clinic start generated code]*/ static PyObject * _hashlib_scrypt_impl(PyObject *module, Py_buffer *password, Py_buffer *salt, PyObject *n_obj, PyObject *r_obj, PyObject *p_obj, long maxmem, long dklen) /*[clinic end generated code: output=14849e2aa2b7b46c input=48a7d63bf3f75c42]*/ { PyObject *key_obj = NULL; char *key; int retval; unsigned long n, r, p; if (password->len > INT_MAX) { PyErr_SetString(PyExc_OverflowError, "password is too long."); return NULL; } if (salt->buf == NULL) { PyErr_SetString(PyExc_TypeError, "salt is required"); return NULL; } if (salt->len > INT_MAX) { PyErr_SetString(PyExc_OverflowError, "salt is too long."); return NULL; } n = PyLong_AsUnsignedLong(n_obj); if (n == (unsigned long) -1 && PyErr_Occurred()) { PyErr_SetString(PyExc_TypeError, "n is required and must be an unsigned int"); return NULL; } if (n < 2 || n & (n - 1)) { PyErr_SetString(PyExc_ValueError, "n must be a power of 2."); return NULL; } r = PyLong_AsUnsignedLong(r_obj); if (r == (unsigned long) -1 && PyErr_Occurred()) { PyErr_SetString(PyExc_TypeError, "r is required and must be an unsigned int"); return NULL; } p = PyLong_AsUnsignedLong(p_obj); if (p == (unsigned long) -1 && PyErr_Occurred()) { PyErr_SetString(PyExc_TypeError, "p is required and must be an unsigned int"); return NULL; } if (maxmem < 0 || maxmem > INT_MAX) { /* Mbedtls 1.1.0 restricts maxmem to 32MB. It may change in the future. The maxmem constant is private to Mbedtls. */ PyErr_Format(PyExc_ValueError, "maxmem must be positive and smaller than %d", INT_MAX); return NULL; } if (dklen < 1 || dklen > INT_MAX) { PyErr_Format(PyExc_ValueError, "dklen must be greater than 0 and smaller than %d", INT_MAX); return NULL; } /* let Mbedtls validate the rest */ retval = EVP_PBE_scrypt(NULL, 0, NULL, 0, n, r, p, maxmem, NULL, 0); if (!retval) { /* sorry, can't do much better */ PyErr_SetString(PyExc_ValueError, "Invalid paramemter combination for n, r, p, maxmem."); return NULL; } key_obj = PyBytes_FromStringAndSize(NULL, dklen); if (key_obj == NULL) { return NULL; } key = PyBytes_AS_STRING(key_obj); Py_BEGIN_ALLOW_THREADS retval = EVP_PBE_scrypt( (const char*)password->buf, (size_t)password->len, (const unsigned char *)salt->buf, (size_t)salt->len, n, r, p, maxmem, (unsigned char *)key, (size_t)dklen ); Py_END_ALLOW_THREADS if (!retval) { Py_CLEAR(key_obj); SetMbedtlsError(PyExc_ValueError); return NULL; } return key_obj; } #endif static PyObject * GenerateHashNameList(void) { int i; char *s; uint8_t *p; PyObject *set, *name; if ((set = PyFrozenSet_New(0))) { for (p = mbedtls_md_list(); *p != MBEDTLS_MD_NONE; ++p) { s = strdup(mbedtls_md_info_from_type(*p)->name); for (i = 0; s[i]; ++i) s[i] = tolower(s[i]); name = PyUnicode_FromString(s); PySet_Add(set, name); Py_DECREF(name); free(s); } } return set; } /* * This macro generates constructor function definitions for specific * hash algorithms. These constructors are much faster than calling * the generic one passing it a python string and are noticeably * faster than calling a python new() wrapper. That is important for * code that wants to make hashes of a bunch of small strings. * The first call will lazy-initialize, which reports an exception * if initialization fails. */ #define GEN_CONSTRUCTOR(NAME, STRNAME) \ static PyObject * \ EVP_new_ ## NAME (PyObject *self, PyObject *args) \ { \ PyObject *ret; \ PyObject *data = 0; \ Py_buffer view = { 0 }; \ if (!PyArg_ParseTuple(args, "|O:" STRNAME , &data)) return 0; \ if (data) GET_BUFFER_VIEW_OR_ERROUT(data, &view); \ ret = EVPnew(CONST_ ## NAME ## _name_obj, \ mbedtls_md_info_from_type(MBEDTLS_MD_ ## NAME), \ (unsigned char *)view.buf, view.len); \ if (data) PyBuffer_Release(&view); \ return ret; \ } /* a PyMethodDef structure for the constructor */ #define CONSTRUCTOR_METH_DEF(NAME, STRNAME) \ {"mbedtls_" STRNAME, (PyCFunction)EVP_new_ ## NAME, METH_VARARGS, \ PyDoc_STR("Returns a " STRNAME \ " hash object; optionally initialized with a string") \ } /* used in the init function to setup a constructor: initialize Mbedtls constructor constants if they haven't been initialized already. */ #define INIT_CONSTRUCTOR_CONSTANTS(NAME, STRNAME) \ if (CONST_ ## NAME ## _name_obj == NULL) { \ CONST_ ## NAME ## _name_obj = PyUnicode_FromString(#NAME); \ } GEN_CONSTRUCTOR(MD5, "md5") GEN_CONSTRUCTOR(SHA1, "sha1") GEN_CONSTRUCTOR(SHA224, "sha224") GEN_CONSTRUCTOR(SHA256, "sha256") GEN_CONSTRUCTOR(SHA384, "sha384") GEN_CONSTRUCTOR(SHA512, "sha512") GEN_CONSTRUCTOR(BLAKE2B256, "blake2b256") /* List of functions exported by this module */ static struct PyMethodDef EVP_functions[] = { {"new", (PyCFunction)EVP_new, METH_VARARGS|METH_KEYWORDS, EVP_new__doc__}, #ifdef PY_PBKDF2_HMAC {"pbkdf2_hmac", (PyCFunction)pbkdf2_hmac, METH_VARARGS|METH_KEYWORDS, pbkdf2_hmac__doc__}, #endif _HASHLIB_SCRYPT_METHODDEF CONSTRUCTOR_METH_DEF(MD5, "md5"), CONSTRUCTOR_METH_DEF(SHA1, "sha1"), CONSTRUCTOR_METH_DEF(SHA224, "sha224"), CONSTRUCTOR_METH_DEF(SHA256, "sha256"), CONSTRUCTOR_METH_DEF(SHA384, "sha384"), CONSTRUCTOR_METH_DEF(SHA512, "sha512"), CONSTRUCTOR_METH_DEF(BLAKE2B256, "blake2b256"), {NULL} }; static struct PyModuleDef _hashlibmodule = { PyModuleDef_HEAD_INIT, "_hashlib", NULL, -1, EVP_functions, NULL, NULL, NULL, NULL }; PyMODINIT_FUNC PyInit__hashlib(void) { PyObject *m, *mbedtls_md_meth_names; Py_TYPE(&EVPtype) = &PyType_Type; if (PyType_Ready(&EVPtype) < 0) return NULL; if (!(m = PyModule_Create(&_hashlibmodule))) return NULL; if (!(mbedtls_md_meth_names = GenerateHashNameList())) { Py_DECREF(m); return NULL; } if (PyModule_AddObject(m, "mbedtls_md_meth_names", mbedtls_md_meth_names)) { Py_DECREF(m); return NULL; } Py_INCREF((PyObject *)&EVPtype); PyModule_AddObject(m, "HASH", (PyObject *)&EVPtype); INIT_CONSTRUCTOR_CONSTANTS(MD5, "md5") INIT_CONSTRUCTOR_CONSTANTS(SHA1, "sha1") INIT_CONSTRUCTOR_CONSTANTS(SHA224, "sha224") INIT_CONSTRUCTOR_CONSTANTS(SHA256, "sha256") INIT_CONSTRUCTOR_CONSTANTS(SHA384, "sha384") INIT_CONSTRUCTOR_CONSTANTS(SHA512, "sha512") INIT_CONSTRUCTOR_CONSTANTS(BLAKE2B256, "blake2b256") return m; } _Section(".rodata.pytab.1") const struct _inittab _PyImport_Inittab__hashlib = { "_hashlib", PyInit__hashlib, };