diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 50f3cb5..3343417 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,10 +15,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: actions/setup-python@v3 + - uses: actions/setup-python@v4 with: - python-version: "3.9" - - uses: pre-commit/action@v2.0.3 + python-version: "3.10" + - uses: pre-commit/action@v3.0.0 # Make sure commit messages follow the conventional commits convention: # https://www.conventionalcommits.org @@ -29,7 +29,7 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 - - uses: wagoid/commitlint-github-action@v5 + - uses: wagoid/commitlint-github-action@v5.3.1 test: strategy: @@ -43,22 +43,29 @@ jobs: - "3.11" os: - ubuntu-latest - - windows-latest - macOS-latest + extension: + - "skip_cython" + - "use_cython" runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v3 - - name: Install poetry - run: pipx install poetry - name: Set up Python uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - cache: "poetry" + - uses: snok/install-poetry@v1.3.3 - name: Install Dependencies - run: poetry install + run: | + if [ "${{ matrix.extension }}" = "skip_cython" ]; then + SKIP_CYTHON=1 poetry install --only=main,dev + else + poetry install --only=main,dev + fi + shell: bash - name: Test with Pytest run: poetry run pytest --cov-report=xml + shell: bash - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: @@ -89,3 +96,75 @@ jobs: with: github_token: ${{ secrets.GITHUB_TOKEN }} pypi_token: ${{ secrets.PYPI_TOKEN }} + + build_wheels: + needs: [release] + + name: Build wheels on ${{ matrix.os }} + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: + - macos-11 + - ubuntu-20.04 + - windows-2022 + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: "main" + + # Used to host cibuildwheel + - name: Set up Python + uses: actions/setup-python@v4 + + - name: Install python-semantic-release + run: python -m pip install python-semantic-release + + - name: Get Release Tag + id: release_tag + shell: bash + run: | + echo "::set-output name=newest_release_tag::$(semantic-release print-version --current)" + + - uses: actions/checkout@v3 + with: + ref: "v${{ steps.release_tag.outputs.newest_release_tag }}" + fetch-depth: 0 + + - name: Install cibuildwheel + run: python -m pip install cibuildwheel==2.12.0 + + - name: Build wheels + run: python -m cibuildwheel --output-dir wheelhouse + # to supply options, put them in 'env', like: + env: + CIBW_SKIP: cp36-* pp36-* + CIBW_BEFORE_ALL_LINUX: apt-get install -y gcc || yum install -y gcc || apk add gcc + CIBW_BUILD_VERBOSITY: 3 + REQUIRE_CYTHON: 1 + + - uses: actions/upload-artifact@v3 + with: + path: ./wheelhouse/*.whl + + upload_pypi: + needs: [build_wheels] + runs-on: ubuntu-latest + environment: release + + steps: + - uses: actions/download-artifact@v3 + with: + # unpacks default artifact into dist/ + # if `name: artifact` is omitted, the action will create extra parent dir + name: artifact + path: dist + + - uses: pypa/gh-action-pypi-publish@v1.5.0 + with: + user: __token__ + password: ${{ secrets.PYPI_TOKEN }} + + # To test: repository_url: https://test.pypi.org/legacy/ diff --git a/build_ext.py b/build_ext.py new file mode 100644 index 0000000..caea69a --- /dev/null +++ b/build_ext.py @@ -0,0 +1,35 @@ +"""Build optional cython modules.""" + +import os +from distutils.command.build_ext import build_ext + + +class BuildExt(build_ext): + def build_extensions(self): # type: ignore + try: + super().build_extensions() + except Exception: # nosec + pass + + +def build(setup_kwargs): # type: ignore + if os.environ.get("SKIP_CYTHON", False): + return + try: + from Cython.Build import cythonize + + setup_kwargs.update( + dict( + ext_modules=cythonize( + [ + "src/chacha20poly1305_reuseable/__init__.py", + ], + compiler_directives={"language_level": "3"}, # Python 3 + ), + cmdclass=dict(build_ext=BuildExt), + ) + ) + except Exception: + if os.environ.get("REQUIRE_CYTHON"): + raise + pass diff --git a/poetry.lock b/poetry.lock index ddf4556..de1329c 100644 --- a/poetry.lock +++ b/poetry.lock @@ -110,63 +110,63 @@ files = [ [[package]] name = "coverage" -version = "7.2.2" +version = "7.2.3" description = "Code coverage measurement for Python" category = "dev" optional = false python-versions = ">=3.7" files = [ - {file = "coverage-7.2.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:c90e73bdecb7b0d1cea65a08cb41e9d672ac6d7995603d6465ed4914b98b9ad7"}, - {file = "coverage-7.2.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:e2926b8abedf750c2ecf5035c07515770944acf02e1c46ab08f6348d24c5f94d"}, - {file = "coverage-7.2.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:57b77b9099f172804e695a40ebaa374f79e4fb8b92f3e167f66facbf92e8e7f5"}, - {file = "coverage-7.2.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:efe1c0adad110bf0ad7fb59f833880e489a61e39d699d37249bdf42f80590169"}, - {file = "coverage-7.2.2-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2199988e0bc8325d941b209f4fd1c6fa007024b1442c5576f1a32ca2e48941e6"}, - {file = "coverage-7.2.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:81f63e0fb74effd5be736cfe07d710307cc0a3ccb8f4741f7f053c057615a137"}, - {file = "coverage-7.2.2-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:186e0fc9cf497365036d51d4d2ab76113fb74f729bd25da0975daab2e107fd90"}, - {file = "coverage-7.2.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:420f94a35e3e00a2b43ad5740f935358e24478354ce41c99407cddd283be00d2"}, - {file = "coverage-7.2.2-cp310-cp310-win32.whl", hash = "sha256:38004671848b5745bb05d4d621526fca30cee164db42a1f185615f39dc997292"}, - {file = "coverage-7.2.2-cp310-cp310-win_amd64.whl", hash = "sha256:0ce383d5f56d0729d2dd40e53fe3afeb8f2237244b0975e1427bfb2cf0d32bab"}, - {file = "coverage-7.2.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:3eb55b7b26389dd4f8ae911ba9bc8c027411163839dea4c8b8be54c4ee9ae10b"}, - {file = "coverage-7.2.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:d2b96123a453a2d7f3995ddb9f28d01fd112319a7a4d5ca99796a7ff43f02af5"}, - {file = "coverage-7.2.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:299bc75cb2a41e6741b5e470b8c9fb78d931edbd0cd009c58e5c84de57c06731"}, - {file = "coverage-7.2.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:5e1df45c23d4230e3d56d04414f9057eba501f78db60d4eeecfcb940501b08fd"}, - {file = "coverage-7.2.2-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:006ed5582e9cbc8115d2e22d6d2144a0725db542f654d9d4fda86793832f873d"}, - {file = "coverage-7.2.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:d683d230b5774816e7d784d7ed8444f2a40e7a450e5720d58af593cb0b94a212"}, - {file = "coverage-7.2.2-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:8efb48fa743d1c1a65ee8787b5b552681610f06c40a40b7ef94a5b517d885c54"}, - {file = "coverage-7.2.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:4c752d5264053a7cf2fe81c9e14f8a4fb261370a7bb344c2a011836a96fb3f57"}, - {file = "coverage-7.2.2-cp311-cp311-win32.whl", hash = "sha256:55272f33da9a5d7cccd3774aeca7a01e500a614eaea2a77091e9be000ecd401d"}, - {file = "coverage-7.2.2-cp311-cp311-win_amd64.whl", hash = "sha256:92ebc1619650409da324d001b3a36f14f63644c7f0a588e331f3b0f67491f512"}, - {file = "coverage-7.2.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:5afdad4cc4cc199fdf3e18088812edcf8f4c5a3c8e6cb69127513ad4cb7471a9"}, - {file = "coverage-7.2.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0484d9dd1e6f481b24070c87561c8d7151bdd8b044c93ac99faafd01f695c78e"}, - {file = "coverage-7.2.2-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d530191aa9c66ab4f190be8ac8cc7cfd8f4f3217da379606f3dd4e3d83feba69"}, - {file = "coverage-7.2.2-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4ac0f522c3b6109c4b764ffec71bf04ebc0523e926ca7cbe6c5ac88f84faced0"}, - {file = "coverage-7.2.2-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:ba279aae162b20444881fc3ed4e4f934c1cf8620f3dab3b531480cf602c76b7f"}, - {file = "coverage-7.2.2-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:53d0fd4c17175aded9c633e319360d41a1f3c6e352ba94edcb0fa5167e2bad67"}, - {file = "coverage-7.2.2-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:8c99cb7c26a3039a8a4ee3ca1efdde471e61b4837108847fb7d5be7789ed8fd9"}, - {file = "coverage-7.2.2-cp37-cp37m-win32.whl", hash = "sha256:5cc0783844c84af2522e3a99b9b761a979a3ef10fb87fc4048d1ee174e18a7d8"}, - {file = "coverage-7.2.2-cp37-cp37m-win_amd64.whl", hash = "sha256:817295f06eacdc8623dc4df7d8b49cea65925030d4e1e2a7c7218380c0072c25"}, - {file = "coverage-7.2.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:6146910231ece63facfc5984234ad1b06a36cecc9fd0c028e59ac7c9b18c38c6"}, - {file = "coverage-7.2.2-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:387fb46cb8e53ba7304d80aadca5dca84a2fbf6fe3faf6951d8cf2d46485d1e5"}, - {file = "coverage-7.2.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:046936ab032a2810dcaafd39cc4ef6dd295df1a7cbead08fe996d4765fca9fe4"}, - {file = "coverage-7.2.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e627dee428a176ffb13697a2c4318d3f60b2ccdde3acdc9b3f304206ec130ccd"}, - {file = "coverage-7.2.2-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4fa54fb483decc45f94011898727802309a109d89446a3c76387d016057d2c84"}, - {file = "coverage-7.2.2-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:3668291b50b69a0c1ef9f462c7df2c235da3c4073f49543b01e7eb1dee7dd540"}, - {file = "coverage-7.2.2-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:7c20b731211261dc9739bbe080c579a1835b0c2d9b274e5fcd903c3a7821cf88"}, - {file = "coverage-7.2.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:5764e1f7471cb8f64b8cda0554f3d4c4085ae4b417bfeab236799863703e5de2"}, - {file = "coverage-7.2.2-cp38-cp38-win32.whl", hash = "sha256:4f01911c010122f49a3e9bdc730eccc66f9b72bd410a3a9d3cb8448bb50d65d3"}, - {file = "coverage-7.2.2-cp38-cp38-win_amd64.whl", hash = "sha256:c448b5c9e3df5448a362208b8d4b9ed85305528313fca1b479f14f9fe0d873b8"}, - {file = "coverage-7.2.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:bfe7085783cda55e53510482fa7b5efc761fad1abe4d653b32710eb548ebdd2d"}, - {file = "coverage-7.2.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:9d22e94e6dc86de981b1b684b342bec5e331401599ce652900ec59db52940005"}, - {file = "coverage-7.2.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:507e4720791977934bba016101579b8c500fb21c5fa3cd4cf256477331ddd988"}, - {file = "coverage-7.2.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:bc4803779f0e4b06a2361f666e76f5c2e3715e8e379889d02251ec911befd149"}, - {file = "coverage-7.2.2-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:db8c2c5ace167fd25ab5dd732714c51d4633f58bac21fb0ff63b0349f62755a8"}, - {file = "coverage-7.2.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:4f68ee32d7c4164f1e2c8797535a6d0a3733355f5861e0f667e37df2d4b07140"}, - {file = "coverage-7.2.2-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:d52f0a114b6a58305b11a5cdecd42b2e7f1ec77eb20e2b33969d702feafdd016"}, - {file = "coverage-7.2.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:797aad79e7b6182cb49c08cc5d2f7aa7b2128133b0926060d0a8889ac43843be"}, - {file = "coverage-7.2.2-cp39-cp39-win32.whl", hash = "sha256:db45eec1dfccdadb179b0f9ca616872c6f700d23945ecc8f21bb105d74b1c5fc"}, - {file = "coverage-7.2.2-cp39-cp39-win_amd64.whl", hash = "sha256:8dbe2647bf58d2c5a6c5bcc685f23b5f371909a5624e9f5cd51436d6a9f6c6ef"}, - {file = "coverage-7.2.2-pp37.pp38.pp39-none-any.whl", hash = "sha256:872d6ce1f5be73f05bea4df498c140b9e7ee5418bfa2cc8204e7f9b817caa968"}, - {file = "coverage-7.2.2.tar.gz", hash = "sha256:36dd42da34fe94ed98c39887b86db9d06777b1c8f860520e21126a75507024f2"}, + {file = "coverage-7.2.3-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:e58c0d41d336569d63d1b113bd573db8363bc4146f39444125b7f8060e4e04f5"}, + {file = "coverage-7.2.3-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:344e714bd0fe921fc72d97404ebbdbf9127bac0ca1ff66d7b79efc143cf7c0c4"}, + {file = "coverage-7.2.3-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:974bc90d6f6c1e59ceb1516ab00cf1cdfbb2e555795d49fa9571d611f449bcb2"}, + {file = "coverage-7.2.3-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0743b0035d4b0e32bc1df5de70fba3059662ace5b9a2a86a9f894cfe66569013"}, + {file = "coverage-7.2.3-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5d0391fb4cfc171ce40437f67eb050a340fdbd0f9f49d6353a387f1b7f9dd4fa"}, + {file = "coverage-7.2.3-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:4a42e1eff0ca9a7cb7dc9ecda41dfc7cbc17cb1d02117214be0561bd1134772b"}, + {file = "coverage-7.2.3-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:be19931a8dcbe6ab464f3339966856996b12a00f9fe53f346ab3be872d03e257"}, + {file = "coverage-7.2.3-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:72fcae5bcac3333a4cf3b8f34eec99cea1187acd55af723bcbd559adfdcb5535"}, + {file = "coverage-7.2.3-cp310-cp310-win32.whl", hash = "sha256:aeae2aa38395b18106e552833f2a50c27ea0000122bde421c31d11ed7e6f9c91"}, + {file = "coverage-7.2.3-cp310-cp310-win_amd64.whl", hash = "sha256:83957d349838a636e768251c7e9979e899a569794b44c3728eaebd11d848e58e"}, + {file = "coverage-7.2.3-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:dfd393094cd82ceb9b40df4c77976015a314b267d498268a076e940fe7be6b79"}, + {file = "coverage-7.2.3-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:182eb9ac3f2b4874a1f41b78b87db20b66da6b9cdc32737fbbf4fea0c35b23fc"}, + {file = "coverage-7.2.3-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1bb1e77a9a311346294621be905ea8a2c30d3ad371fc15bb72e98bfcfae532df"}, + {file = "coverage-7.2.3-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ca0f34363e2634deffd390a0fef1aa99168ae9ed2af01af4a1f5865e362f8623"}, + {file = "coverage-7.2.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:55416d7385774285b6e2a5feca0af9652f7f444a4fa3d29d8ab052fafef9d00d"}, + {file = "coverage-7.2.3-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:06ddd9c0249a0546997fdda5a30fbcb40f23926df0a874a60a8a185bc3a87d93"}, + {file = "coverage-7.2.3-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:fff5aaa6becf2c6a1699ae6a39e2e6fb0672c2d42eca8eb0cafa91cf2e9bd312"}, + {file = "coverage-7.2.3-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:ea53151d87c52e98133eb8ac78f1206498c015849662ca8dc246255265d9c3c4"}, + {file = "coverage-7.2.3-cp311-cp311-win32.whl", hash = "sha256:8f6c930fd70d91ddee53194e93029e3ef2aabe26725aa3c2753df057e296b925"}, + {file = "coverage-7.2.3-cp311-cp311-win_amd64.whl", hash = "sha256:fa546d66639d69aa967bf08156eb8c9d0cd6f6de84be9e8c9819f52ad499c910"}, + {file = "coverage-7.2.3-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:b2317d5ed777bf5a033e83d4f1389fd4ef045763141d8f10eb09a7035cee774c"}, + {file = "coverage-7.2.3-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:be9824c1c874b73b96288c6d3de793bf7f3a597770205068c6163ea1f326e8b9"}, + {file = "coverage-7.2.3-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:2c3b2803e730dc2797a017335827e9da6da0e84c745ce0f552e66400abdfb9a1"}, + {file = "coverage-7.2.3-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8f69770f5ca1994cb32c38965e95f57504d3aea96b6c024624fdd5bb1aa494a1"}, + {file = "coverage-7.2.3-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:1127b16220f7bfb3f1049ed4a62d26d81970a723544e8252db0efde853268e21"}, + {file = "coverage-7.2.3-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:aa784405f0c640940595fa0f14064d8e84aff0b0f762fa18393e2760a2cf5841"}, + {file = "coverage-7.2.3-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:3146b8e16fa60427e03884301bf8209221f5761ac754ee6b267642a2fd354c48"}, + {file = "coverage-7.2.3-cp37-cp37m-win32.whl", hash = "sha256:1fd78b911aea9cec3b7e1e2622c8018d51c0d2bbcf8faaf53c2497eb114911c1"}, + {file = "coverage-7.2.3-cp37-cp37m-win_amd64.whl", hash = "sha256:0f3736a5d34e091b0a611964c6262fd68ca4363df56185902528f0b75dbb9c1f"}, + {file = "coverage-7.2.3-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:981b4df72c93e3bc04478153df516d385317628bd9c10be699c93c26ddcca8ab"}, + {file = "coverage-7.2.3-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:c0045f8f23a5fb30b2eb3b8a83664d8dc4fb58faddf8155d7109166adb9f2040"}, + {file = "coverage-7.2.3-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f760073fcf8f3d6933178d67754f4f2d4e924e321f4bb0dcef0424ca0215eba1"}, + {file = "coverage-7.2.3-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c86bd45d1659b1ae3d0ba1909326b03598affbc9ed71520e0ff8c31a993ad911"}, + {file = "coverage-7.2.3-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:172db976ae6327ed4728e2507daf8a4de73c7cc89796483e0a9198fd2e47b462"}, + {file = "coverage-7.2.3-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:d2a3a6146fe9319926e1d477842ca2a63fe99af5ae690b1f5c11e6af074a6b5c"}, + {file = "coverage-7.2.3-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:f649dd53833b495c3ebd04d6eec58479454a1784987af8afb77540d6c1767abd"}, + {file = "coverage-7.2.3-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:7c4ed4e9f3b123aa403ab424430b426a1992e6f4c8fd3cb56ea520446e04d152"}, + {file = "coverage-7.2.3-cp38-cp38-win32.whl", hash = "sha256:eb0edc3ce9760d2f21637766c3aa04822030e7451981ce569a1b3456b7053f22"}, + {file = "coverage-7.2.3-cp38-cp38-win_amd64.whl", hash = "sha256:63cdeaac4ae85a179a8d6bc09b77b564c096250d759eed343a89d91bce8b6367"}, + {file = "coverage-7.2.3-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:20d1a2a76bb4eb00e4d36b9699f9b7aba93271c9c29220ad4c6a9581a0320235"}, + {file = "coverage-7.2.3-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:4ea748802cc0de4de92ef8244dd84ffd793bd2e7be784cd8394d557a3c751e21"}, + {file = "coverage-7.2.3-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:21b154aba06df42e4b96fc915512ab39595105f6c483991287021ed95776d934"}, + {file = "coverage-7.2.3-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:fd214917cabdd6f673a29d708574e9fbdb892cb77eb426d0eae3490d95ca7859"}, + {file = "coverage-7.2.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2c2e58e45fe53fab81f85474e5d4d226eeab0f27b45aa062856c89389da2f0d9"}, + {file = "coverage-7.2.3-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:87ecc7c9a1a9f912e306997ffee020297ccb5ea388421fe62a2a02747e4d5539"}, + {file = "coverage-7.2.3-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:387065e420aed3c71b61af7e82c7b6bc1c592f7e3c7a66e9f78dd178699da4fe"}, + {file = "coverage-7.2.3-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:ea3f5bc91d7d457da7d48c7a732beaf79d0c8131df3ab278e6bba6297e23c6c4"}, + {file = "coverage-7.2.3-cp39-cp39-win32.whl", hash = "sha256:ae7863a1d8db6a014b6f2ff9c1582ab1aad55a6d25bac19710a8df68921b6e30"}, + {file = "coverage-7.2.3-cp39-cp39-win_amd64.whl", hash = "sha256:3f04becd4fcda03c0160d0da9c8f0c246bc78f2f7af0feea1ec0930e7c93fa4a"}, + {file = "coverage-7.2.3-pp37.pp38.pp39-none-any.whl", hash = "sha256:965ee3e782c7892befc25575fa171b521d33798132692df428a09efacaffe8d0"}, + {file = "coverage-7.2.3.tar.gz", hash = "sha256:d298c2815fa4891edd9abe5ad6e6cb4207104c7dd9fd13aea3fdebf6f9b91259"}, ] [package.dependencies] @@ -177,35 +177,31 @@ toml = ["tomli"] [[package]] name = "cryptography" -version = "39.0.2" +version = "40.0.1" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "main" optional = false python-versions = ">=3.6" files = [ - {file = "cryptography-39.0.2-cp36-abi3-macosx_10_12_universal2.whl", hash = "sha256:2725672bb53bb92dc7b4150d233cd4b8c59615cd8288d495eaa86db00d4e5c06"}, - {file = "cryptography-39.0.2-cp36-abi3-macosx_10_12_x86_64.whl", hash = "sha256:23df8ca3f24699167daf3e23e51f7ba7334d504af63a94af468f468b975b7dd7"}, - {file = "cryptography-39.0.2-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:eb40fe69cfc6f5cdab9a5ebd022131ba21453cf7b8a7fd3631f45bbf52bed612"}, - {file = "cryptography-39.0.2-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bc0521cce2c1d541634b19f3ac661d7a64f9555135e9d8af3980965be717fd4a"}, - {file = "cryptography-39.0.2-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ffd394c7896ed7821a6d13b24657c6a34b6e2650bd84ae063cf11ccffa4f1a97"}, - {file = "cryptography-39.0.2-cp36-abi3-manylinux_2_24_x86_64.whl", hash = "sha256:e8a0772016feeb106efd28d4a328e77dc2edae84dfbac06061319fdb669ff828"}, - {file = "cryptography-39.0.2-cp36-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:8f35c17bd4faed2bc7797d2a66cbb4f986242ce2e30340ab832e5d99ae60e011"}, - {file = "cryptography-39.0.2-cp36-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:b49a88ff802e1993b7f749b1eeb31134f03c8d5c956e3c125c75558955cda536"}, - {file = "cryptography-39.0.2-cp36-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:5f8c682e736513db7d04349b4f6693690170f95aac449c56f97415c6980edef5"}, - {file = "cryptography-39.0.2-cp36-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:d7d84a512a59f4412ca8549b01f94be4161c94efc598bf09d027d67826beddc0"}, - {file = "cryptography-39.0.2-cp36-abi3-win32.whl", hash = "sha256:c43ac224aabcbf83a947eeb8b17eaf1547bce3767ee2d70093b461f31729a480"}, - {file = "cryptography-39.0.2-cp36-abi3-win_amd64.whl", hash = "sha256:788b3921d763ee35dfdb04248d0e3de11e3ca8eb22e2e48fef880c42e1f3c8f9"}, - {file = "cryptography-39.0.2-pp38-pypy38_pp73-macosx_10_12_x86_64.whl", hash = "sha256:d15809e0dbdad486f4ad0979753518f47980020b7a34e9fc56e8be4f60702fac"}, - {file = "cryptography-39.0.2-pp38-pypy38_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:50cadb9b2f961757e712a9737ef33d89b8190c3ea34d0fb6675e00edbe35d074"}, - {file = "cryptography-39.0.2-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:103e8f7155f3ce2ffa0049fe60169878d47a4364b277906386f8de21c9234aa1"}, - {file = "cryptography-39.0.2-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:6236a9610c912b129610eb1a274bdc1350b5df834d124fa84729ebeaf7da42c3"}, - {file = "cryptography-39.0.2-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:e944fe07b6f229f4c1a06a7ef906a19652bdd9fd54c761b0ff87e83ae7a30354"}, - {file = "cryptography-39.0.2-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:35d658536b0a4117c885728d1a7032bdc9a5974722ae298d6c533755a6ee3915"}, - {file = "cryptography-39.0.2-pp39-pypy39_pp73-manylinux_2_24_x86_64.whl", hash = "sha256:30b1d1bfd00f6fc80d11300a29f1d8ab2b8d9febb6ed4a38a76880ec564fae84"}, - {file = "cryptography-39.0.2-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:e029b844c21116564b8b61216befabca4b500e6816fa9f0ba49527653cae2108"}, - {file = "cryptography-39.0.2-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:fa507318e427169ade4e9eccef39e9011cdc19534f55ca2f36ec3f388c1f70f3"}, - {file = "cryptography-39.0.2-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:8bc0008ef798231fac03fe7d26e82d601d15bd16f3afaad1c6113771566570f3"}, - {file = "cryptography-39.0.2.tar.gz", hash = "sha256:bc5b871e977c8ee5a1bbc42fa8d19bcc08baf0c51cbf1586b0e87a2694dde42f"}, + {file = "cryptography-40.0.1-cp36-abi3-macosx_10_12_universal2.whl", hash = "sha256:918cb89086c7d98b1b86b9fdb70c712e5a9325ba6f7d7cfb509e784e0cfc6917"}, + {file = "cryptography-40.0.1-cp36-abi3-macosx_10_12_x86_64.whl", hash = "sha256:9618a87212cb5200500e304e43691111570e1f10ec3f35569fdfcd17e28fd797"}, + {file = "cryptography-40.0.1-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3a4805a4ca729d65570a1b7cac84eac1e431085d40387b7d3bbaa47e39890b88"}, + {file = "cryptography-40.0.1-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:63dac2d25c47f12a7b8aa60e528bfb3c51c5a6c5a9f7c86987909c6c79765554"}, + {file = "cryptography-40.0.1-cp36-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:0a4e3406cfed6b1f6d6e87ed243363652b2586b2d917b0609ca4f97072994405"}, + {file = "cryptography-40.0.1-cp36-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:1e0af458515d5e4028aad75f3bb3fe7a31e46ad920648cd59b64d3da842e4356"}, + {file = "cryptography-40.0.1-cp36-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:d8aa3609d337ad85e4eb9bb0f8bcf6e4409bfb86e706efa9a027912169e89122"}, + {file = "cryptography-40.0.1-cp36-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:cf91e428c51ef692b82ce786583e214f58392399cf65c341bc7301d096fa3ba2"}, + {file = "cryptography-40.0.1-cp36-abi3-win32.whl", hash = "sha256:650883cc064297ef3676b1db1b7b1df6081794c4ada96fa457253c4cc40f97db"}, + {file = "cryptography-40.0.1-cp36-abi3-win_amd64.whl", hash = "sha256:a805a7bce4a77d51696410005b3e85ae2839bad9aa38894afc0aa99d8e0c3160"}, + {file = "cryptography-40.0.1-pp38-pypy38_pp73-macosx_10_12_x86_64.whl", hash = "sha256:cd033d74067d8928ef00a6b1327c8ea0452523967ca4463666eeba65ca350d4c"}, + {file = "cryptography-40.0.1-pp38-pypy38_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:d36bbeb99704aabefdca5aee4eba04455d7a27ceabd16f3b3ba9bdcc31da86c4"}, + {file = "cryptography-40.0.1-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:32057d3d0ab7d4453778367ca43e99ddb711770477c4f072a51b3ca69602780a"}, + {file = "cryptography-40.0.1-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:f5d7b79fa56bc29580faafc2ff736ce05ba31feaa9d4735048b0de7d9ceb2b94"}, + {file = "cryptography-40.0.1-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:7c872413353c70e0263a9368c4993710070e70ab3e5318d85510cc91cce77e7c"}, + {file = "cryptography-40.0.1-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:28d63d75bf7ae4045b10de5413fb1d6338616e79015999ad9cf6fc538f772d41"}, + {file = "cryptography-40.0.1-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:6f2bbd72f717ce33100e6467572abaedc61f1acb87b8d546001328d7f466b778"}, + {file = "cryptography-40.0.1-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:cc3a621076d824d75ab1e1e530e66e7e8564e357dd723f2533225d40fe35c60c"}, + {file = "cryptography-40.0.1.tar.gz", hash = "sha256:2803f2f8b1e95f614419926c7e6f55d828afc614ca5ed61543877ae668cc3472"}, ] [package.dependencies] @@ -214,10 +210,10 @@ cffi = ">=1.12" [package.extras] docs = ["sphinx (>=5.3.0)", "sphinx-rtd-theme (>=1.1.1)"] docstest = ["pyenchant (>=1.6.11)", "sphinxcontrib-spelling (>=4.0.1)", "twine (>=1.12.0)"] -pep8test = ["black", "check-manifest", "mypy", "ruff", "types-pytz", "types-requests"] +pep8test = ["black", "check-manifest", "mypy", "ruff"] sdist = ["setuptools-rust (>=0.11.4)"] ssh = ["bcrypt (>=3.1.5)"] -test = ["hypothesis (>=1.11.4,!=3.79.2)", "iso8601", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-shard (>=0.1.2)", "pytest-subtests", "pytest-xdist", "pytz"] +test = ["iso8601", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-shard (>=0.1.2)", "pytest-subtests", "pytest-xdist"] test-randomorder = ["pytest-randomly"] tox = ["tox"] @@ -238,14 +234,14 @@ test = ["pytest (>=6)"] [[package]] name = "importlib-metadata" -version = "6.1.0" +version = "6.2.0" description = "Read metadata from Python packages" category = "dev" optional = false python-versions = ">=3.7" files = [ - {file = "importlib_metadata-6.1.0-py3-none-any.whl", hash = "sha256:ff80f3b5394912eb1b108fcfd444dc78b7f1f3e16b16188054bd01cb9cb86f09"}, - {file = "importlib_metadata-6.1.0.tar.gz", hash = "sha256:43ce9281e097583d758c2c708c4376371261a02c34682491a8e98352365aad20"}, + {file = "importlib_metadata-6.2.0-py3-none-any.whl", hash = "sha256:8388b74023a138c605fddd0d47cb81dd706232569f56c9aca7d9c7fdb54caeba"}, + {file = "importlib_metadata-6.2.0.tar.gz", hash = "sha256:9127aad2f49d7203e7112098c12b92e4fd1061ccd18548cdfdc49171a8c073cc"}, ] [package.dependencies] diff --git a/pyproject.toml b/pyproject.toml index 5f563e1..3ab197a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -17,6 +17,10 @@ packages = [ { include = "chacha20poly1305_reuseable", from = "src" }, ] +[tool.poetry.build] +generate-setup-file = true +script = "build_ext.py" + [tool.poetry.urls] "Bug Tracker" = "https://github.com/bdraco/chacha20poly1305-reuseable/issues" "Changelog" = "https://github.com/bdraco/chacha20poly1305-reuseable/blob/main/CHANGELOG.md" @@ -73,5 +77,5 @@ module = "tests.*" allow_untyped_defs = true [build-system] -requires = ["poetry-core>=1.0.0"] +requires = ['setuptools>=65.4.1', 'wheel', 'Cython', "poetry-core>=1.0.0"] build-backend = "poetry.core.masonry.api" diff --git a/setup.py b/setup.py deleted file mode 100644 index 95aabef..0000000 --- a/setup.py +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env python - -# This is a shim to allow GitHub to detect the package, build is done with poetry -# Taken from https://github.com/Textualize/rich - -import setuptools - -if __name__ == "__main__": - setuptools.setup(name="chacha20poly1305-reuseable") diff --git a/src/chacha20poly1305_reuseable/__init__.pxd b/src/chacha20poly1305_reuseable/__init__.pxd new file mode 100644 index 0000000..3f67c0a --- /dev/null +++ b/src/chacha20poly1305_reuseable/__init__.pxd @@ -0,0 +1,86 @@ + +import cython + + +cdef object _ENCRYPT +cdef object _DECRYPT + +cdef object InvalidTag +cdef object openssl_assert +cdef object NULL + +cdef object EVP_CIPHER_CTX_ctrl +cdef object EVP_CTRL_AEAD_SET_TAG +cdef object EVP_CTRL_AEAD_SET_IVLEN +cdef object EVP_CipherInit_ex +cdef object EVP_CIPHER_CTX_new +cdef object EVP_CIPHER_CTX_free +cdef object EVP_get_cipherbyname +cdef object EVP_CIPHER_CTX_set_key_length +cdef object EVP_CipherUpdate +cdef object EVP_CipherFinal_ex +cdef object EVP_CTRL_AEAD_GET_TAG + +cdef object ffi_gc +cdef object ffi_new +cdef object ffi_from_buffer +cdef object ffi_buffer + +cdef _check_params( + object nonce_len, + object nonce, + object data, + object associated_data +) + +cdef _create_ctx() + + +cdef _set_cipher(object ctx, object cipher_name, object operation) + +cdef _set_key_len(object ctx, object key_len) + +cdef _set_key(object ctx, object key, object operation) + +cdef _set_decrypt_tag(object ctx, object tag) + +cdef _set_nonce_len(object ctx, object nonce_len) + +cdef _set_nonce(object ctx, object nonce, object operation) + +cdef _aead_setup_with_fixed_nonce_len(object cipher_name, object key, object nonce_len, object operation) + +cdef _process_aad(object ctx, object associated_data) + +cdef _process_data(object ctx, object data) + +cdef _encrypt_with_fixed_nonce_len( + object ctx, + object nonce, + object data, + object associated_data, + object tag_length, +) + +cdef _encrypt_data( + object ctx, + object data, + object associated_data, + object tag_length +) + +cdef _tag_from_data(object data, object tag_length) + +cdef _decrypt_with_fixed_nonce_len( + object ctx, + object nonce, + object data, + object associated_data, + object tag_length +) + +cdef _decrypt_data( + object ctx, + object data, + object associated_data +) diff --git a/src/chacha20poly1305_reuseable/__init__.py b/src/chacha20poly1305_reuseable/__init__.py index 73448ce..d7daf94 100644 --- a/src/chacha20poly1305_reuseable/__init__.py +++ b/src/chacha20poly1305_reuseable/__init__.py @@ -14,9 +14,47 @@ from cryptography.hazmat.backends.openssl.backend import backend from cryptography.hazmat.primitives.ciphers.aead import ChaCha20Poly1305 +openssl_assert = backend.openssl_assert +EVP_CIPHER_CTX_ctrl = backend._lib.EVP_CIPHER_CTX_ctrl +EVP_CTRL_AEAD_SET_TAG = backend._lib.EVP_CTRL_AEAD_SET_TAG +EVP_CTRL_AEAD_SET_IVLEN = backend._lib.EVP_CTRL_AEAD_SET_IVLEN +EVP_CipherInit_ex = backend._lib.EVP_CipherInit_ex +EVP_CIPHER_CTX_new = backend._lib.EVP_CIPHER_CTX_new +EVP_CIPHER_CTX_free = backend._lib.EVP_CIPHER_CTX_free +EVP_get_cipherbyname = backend._lib.EVP_get_cipherbyname +EVP_CIPHER_CTX_set_key_length = backend._lib.EVP_CIPHER_CTX_set_key_length +EVP_CipherUpdate = backend._lib.EVP_CipherUpdate +EVP_CipherFinal_ex = backend._lib.EVP_CipherFinal_ex +EVP_CTRL_AEAD_GET_TAG = backend._lib.EVP_CTRL_AEAD_GET_TAG + +ffi_from_buffer = backend._ffi.from_buffer +ffi_gc = backend._ffi.gc +ffi_new = backend._ffi.new +ffi_buffer = backend._ffi.buffer + +NULL = backend._ffi.NULL + _ENCRYPT = 1 _DECRYPT = 0 +_bytes = bytes + + +def _check_params( + nonce_len: int, + nonce: Union[_bytes, bytearray], + data: _bytes, + associated_data: _bytes, +) -> None: + if not isinstance(nonce, (bytes, bytearray)): + raise TypeError("Nonce must be bytes or bytearray") + if not isinstance(data, bytes): + raise TypeError("data must be bytes") + if not isinstance(associated_data, bytes): + raise TypeError("associated_data must be bytes") + if len(nonce) != nonce_len: + raise ValueError("Nonce must be 12 bytes") + class ChaCha20Poly1305Reusable(ChaCha20Poly1305): """A reuseable version of ChaCha20Poly1305. @@ -33,7 +71,7 @@ class ChaCha20Poly1305Reusable(ChaCha20Poly1305): _NONCE_LEN = 12 _TAG_LENGTH = 16 - def __init__(self, key: Union[bytes, bytearray]) -> None: + def __init__(self, key: Union[_bytes, bytearray]) -> None: if not backend.aead_cipher_supported(self): raise exceptions.UnsupportedAlgorithm( "ChaCha20Poly1305Reusable is not supported by this version of OpenSSL", @@ -52,13 +90,13 @@ def __init__(self, key: Union[bytes, bytearray]) -> None: self._encrypt_ctx: Optional[object] = None @classmethod - def generate_key(cls) -> bytes: + def generate_key(cls) -> _bytes: return os.urandom(ChaCha20Poly1305Reusable._KEY_LEN) def encrypt( self, - nonce: Union[bytes, bytearray], - data: bytes, + nonce: Union[_bytes, bytearray], + data: _bytes, associated_data: typing.Optional[bytes], ) -> bytes: if not self._encrypt_ctx: @@ -76,7 +114,7 @@ def encrypt( # This is OverflowError to match what cffi would raise raise OverflowError("Data or associated data too long. Max 2**32 bytes") - self._check_params(nonce, data, associated_data) + _check_params(self._NONCE_LEN, nonce, data, associated_data) return _encrypt_with_fixed_nonce_len( self._encrypt_ctx, nonce, @@ -87,9 +125,9 @@ def encrypt( def decrypt( self, - nonce: Union[bytes, bytearray], - data: bytes, - associated_data: typing.Optional[bytes], + nonce: Union[_bytes, bytearray], + data: _bytes, + associated_data: typing.Optional[_bytes], ) -> bytes: if not self._decrypt_ctx: self._decrypt_ctx = _aead_setup_with_fixed_nonce_len( @@ -102,7 +140,7 @@ def decrypt( if associated_data is None: associated_data = b"" - self._check_params(nonce, data, associated_data) + _check_params(self._NONCE_LEN, nonce, data, associated_data) return _decrypt_with_fixed_nonce_len( self._decrypt_ctx, nonce, @@ -111,92 +149,75 @@ def decrypt( self._TAG_LENGTH, ) - def _check_params( - self, - nonce: Union[bytes, bytearray], - data: bytes, - associated_data: bytes, - ) -> None: - if not isinstance(nonce, (bytes, bytearray)): - raise TypeError("Nonce must be bytes or bytearray") - if not isinstance(data, bytes): - raise TypeError("data must be bytes") - if not isinstance(associated_data, bytes): - raise TypeError("associated_data must be bytes") - if len(nonce) != self._NONCE_LEN: - raise ValueError("Nonce must be 12 bytes") - def _create_ctx() -> object: - ctx = backend._lib.EVP_CIPHER_CTX_new() - ctx = backend._ffi.gc(ctx, backend._lib.EVP_CIPHER_CTX_free) + ctx = EVP_CIPHER_CTX_new() + ctx = ffi_gc(ctx, EVP_CIPHER_CTX_free) return ctx -def _set_cipher(ctx: object, cipher_name: bytes, operation: int) -> None: - evp_cipher = backend._lib.EVP_get_cipherbyname(cipher_name) - backend.openssl_assert(evp_cipher != backend._ffi.NULL) - res = backend._lib.EVP_CipherInit_ex( +def _set_cipher(ctx: object, cipher_name: _bytes, operation: int) -> None: + evp_cipher = EVP_get_cipherbyname(cipher_name) + openssl_assert(evp_cipher != NULL) + res = EVP_CipherInit_ex( ctx, evp_cipher, - backend._ffi.NULL, - backend._ffi.NULL, - backend._ffi.NULL, + NULL, + NULL, + NULL, int(operation == _ENCRYPT), ) - backend.openssl_assert(res != 0) + openssl_assert(res != 0) def _set_key_len(ctx: object, key_len: int) -> None: - res = backend._lib.EVP_CIPHER_CTX_set_key_length(ctx, key_len) - backend.openssl_assert(res != 0) + res = EVP_CIPHER_CTX_set_key_length(ctx, key_len) + openssl_assert(res != 0) -def _set_key(ctx: object, key: bytes, operation: int) -> None: - key_ptr = backend._ffi.from_buffer(key) - res = backend._lib.EVP_CipherInit_ex( +def _set_key(ctx: object, key: _bytes, operation: int) -> None: + key_ptr = ffi_from_buffer(key) + res = EVP_CipherInit_ex( ctx, - backend._ffi.NULL, - backend._ffi.NULL, + NULL, + NULL, key_ptr, - backend._ffi.NULL, + NULL, int(operation == _ENCRYPT), ) - backend.openssl_assert(res != 0) + openssl_assert(res != 0) -def _set_decrypt_tag(ctx: object, tag: bytes) -> None: - res = backend._lib.EVP_CIPHER_CTX_ctrl( - ctx, backend._lib.EVP_CTRL_AEAD_SET_TAG, len(tag), tag - ) - backend.openssl_assert(res != 0) +def _set_decrypt_tag(ctx: object, tag: _bytes) -> None: + res = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, len(tag), tag) + openssl_assert(res != 0) def _set_nonce_len(ctx: object, nonce_len: int) -> None: - res = backend._lib.EVP_CIPHER_CTX_ctrl( + res = EVP_CIPHER_CTX_ctrl( ctx, - backend._lib.EVP_CTRL_AEAD_SET_IVLEN, + EVP_CTRL_AEAD_SET_IVLEN, nonce_len, - backend._ffi.NULL, + NULL, ) - backend.openssl_assert(res != 0) + openssl_assert(res != 0) -def _set_nonce(ctx: object, nonce: Union[bytes, bytearray], operation: int) -> None: - nonce_ptr = backend._ffi.from_buffer(nonce) - res = backend._lib.EVP_CipherInit_ex( +def _set_nonce(ctx: object, nonce: Union[_bytes, bytearray], operation: int) -> None: + nonce_ptr = ffi_from_buffer(nonce) + res = EVP_CipherInit_ex( ctx, - backend._ffi.NULL, - backend._ffi.NULL, - backend._ffi.NULL, + NULL, + NULL, + NULL, nonce_ptr, int(operation == _ENCRYPT), ) - backend.openssl_assert(res != 0) + openssl_assert(res != 0) def _aead_setup_with_fixed_nonce_len( - cipher_name: bytes, key: Union[bytes, bytearray], nonce_len: int, operation: int + cipher_name: _bytes, key: Union[_bytes, bytearray], nonce_len: int, operation: int ) -> object: ctx = _create_ctx() _set_cipher(ctx, cipher_name, operation) @@ -206,27 +227,25 @@ def _aead_setup_with_fixed_nonce_len( return ctx -def _process_aad(ctx: object, associated_data: bytes) -> None: - outlen = backend._ffi.new("int *") - res = backend._lib.EVP_CipherUpdate( - ctx, backend._ffi.NULL, outlen, associated_data, len(associated_data) - ) - backend.openssl_assert(res != 0) +def _process_aad(ctx: object, associated_data: _bytes) -> None: + outlen = ffi_new("int *") + res = EVP_CipherUpdate(ctx, NULL, outlen, associated_data, len(associated_data)) + openssl_assert(res != 0) -def _process_data(ctx: object, data: bytes) -> bytes: - outlen = backend._ffi.new("int *") - buf = backend._ffi.new("unsigned char[]", len(data)) - res = backend._lib.EVP_CipherUpdate(ctx, buf, outlen, data, len(data)) - backend.openssl_assert(res != 0) - return backend._ffi.buffer(buf, outlen[0])[:] +def _process_data(ctx: object, data: _bytes) -> _bytes: + outlen = ffi_new("int *") + buf = ffi_new("unsigned char[]", len(data)) + res = EVP_CipherUpdate(ctx, buf, outlen, data, len(data)) + openssl_assert(res != 0) + return ffi_buffer(buf, outlen[0])[:] def _encrypt_with_fixed_nonce_len( ctx: object, - nonce: Union[bytes, bytearray], - data: bytes, - associated_data: bytes, + nonce: Union[_bytes, bytearray], + data: _bytes, + associated_data: _bytes, tag_length: int, ) -> bytes: _set_nonce(ctx, nonce, _ENCRYPT) @@ -234,25 +253,23 @@ def _encrypt_with_fixed_nonce_len( def _encrypt_data( - ctx: object, data: bytes, associated_data: bytes, tag_length: int + ctx: object, data: _bytes, associated_data: _bytes, tag_length: int ) -> bytes: _process_aad(ctx, associated_data) processed_data = _process_data(ctx, data) - outlen = backend._ffi.new("int *") - res = backend._lib.EVP_CipherFinal_ex(ctx, backend._ffi.NULL, outlen) - backend.openssl_assert(res != 0) - backend.openssl_assert(outlen[0] == 0) - tag_buf = backend._ffi.new("unsigned char[]", tag_length) - res = backend._lib.EVP_CIPHER_CTX_ctrl( - ctx, backend._lib.EVP_CTRL_AEAD_GET_TAG, tag_length, tag_buf - ) - backend.openssl_assert(res != 0) - tag = backend._ffi.buffer(tag_buf)[:] + outlen = ffi_new("int *") + res = EVP_CipherFinal_ex(ctx, NULL, outlen) + openssl_assert(res != 0) + openssl_assert(outlen[0] == 0) + tag_buf = ffi_new("unsigned char[]", tag_length) + res = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, tag_length, tag_buf) + openssl_assert(res != 0) + tag = ffi_buffer(tag_buf)[:] return processed_data + tag -def _tag_from_data(data: bytes, tag_length: int) -> bytes: +def _tag_from_data(data: _bytes, tag_length: int) -> _bytes: if len(data) < tag_length: raise InvalidTag return data[-tag_length:] @@ -260,9 +277,9 @@ def _tag_from_data(data: bytes, tag_length: int) -> bytes: def _decrypt_with_fixed_nonce_len( ctx: object, - nonce: Union[bytes, bytearray], - data: bytes, - associated_data: bytes, + nonce: Union[_bytes, bytearray], + data: _bytes, + associated_data: _bytes, tag_length: int, ) -> bytes: tag = _tag_from_data(data, tag_length) @@ -272,11 +289,11 @@ def _decrypt_with_fixed_nonce_len( return _decrypt_data(ctx, data, associated_data) -def _decrypt_data(ctx: object, data: bytes, associated_data: bytes) -> bytes: +def _decrypt_data(ctx: object, data: _bytes, associated_data: _bytes) -> _bytes: _process_aad(ctx, associated_data) processed_data = _process_data(ctx, data) - outlen = backend._ffi.new("int *") - res = backend._lib.EVP_CipherFinal_ex(ctx, backend._ffi.NULL, outlen) + outlen = ffi_new("int *") + res = EVP_CipherFinal_ex(ctx, NULL, outlen) if res == 0: backend._consume_errors() raise InvalidTag