Replace asserts (#230)

* Replace asserts in bindings/cryptohash.py

* Replace a conditional raise in bindings/sodium_core.py

* Replace asserts in bindings/crypto_scalarmult.py

* Replace asserts and raises in bindings/crypto_box.py

* Replace asserts in bindings/crypto_sign.py

* Replace conditional raises in bindings/crypto_secretbox.py

src/nacl/bindings/crypto_box.py

@@ -14,8 +14,9 @@
 
 from __future__ import absolute_import, division, print_function
 
+from nacl import exceptions as exc
 from nacl._sodium import ffi, lib
-from nacl.exceptions import CryptoError
+from nacl.utils import ensure
 
 
 __all__ = ["crypto_box_keypair", "crypto_box"]
@@ -39,7 +40,9 @@ def crypto_box_keypair():
     sk = ffi.new("unsigned char[]", crypto_box_SECRETKEYBYTES)
 
     rc = lib.crypto_box_keypair(pk, sk)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return (
         ffi.buffer(pk, crypto_box_PUBLICKEYBYTES)[:],
@@ -71,7 +74,9 @@ def crypto_box(message, nonce, pk, sk):
     ciphertext = ffi.new("unsigned char[]", len(padded))
 
     rc = lib.crypto_box(ciphertext, padded, len(padded), nonce, pk, sk)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return ffi.buffer(ciphertext, len(padded))[crypto_box_BOXZEROBYTES:]
 
@@ -99,8 +104,9 @@ def crypto_box_open(ciphertext, nonce, pk, sk):
     padded = (b"\x00" * crypto_box_BOXZEROBYTES) + ciphertext
     plaintext = ffi.new("unsigned char[]", len(padded))
 
-    if lib.crypto_box_open(plaintext, padded, len(padded), nonce, pk, sk) != 0:
-        raise CryptoError("An error occurred trying to decrypt the message")
+    res = lib.crypto_box_open(plaintext, padded, len(padded), nonce, pk, sk)
+    ensure(res == 0, "An error occurred trying to decrypt the message",
+           raising=exc.CryptoError)
 
     return ffi.buffer(plaintext, len(padded))[crypto_box_ZEROBYTES:]
 
@@ -124,7 +130,9 @@ def crypto_box_beforenm(pk, sk):
     k = ffi.new("unsigned char[]", crypto_box_BEFORENMBYTES)
 
     rc = lib.crypto_box_beforenm(k, pk, sk)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return ffi.buffer(k, crypto_box_BEFORENMBYTES)[:]
 
@@ -149,7 +157,9 @@ def crypto_box_afternm(message, nonce, k):
     ciphertext = ffi.new("unsigned char[]", len(padded))
 
     rc = lib.crypto_box_afternm(ciphertext, padded, len(padded), nonce, k)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return ffi.buffer(ciphertext, len(padded))[crypto_box_BOXZEROBYTES:]
 
@@ -173,8 +183,9 @@ def crypto_box_open_afternm(ciphertext, nonce, k):
     padded = (b"\x00" * crypto_box_BOXZEROBYTES) + ciphertext
     plaintext = ffi.new("unsigned char[]", len(padded))
 
-    if lib.crypto_box_open_afternm(
-            plaintext, padded, len(padded), nonce, k) != 0:
-        raise CryptoError("An error occurred trying to decrypt the message")
+    res = lib.crypto_box_open_afternm(
+                plaintext, padded, len(padded), nonce, k)
+    ensure(res == 0, "An error occurred trying to decrypt the message",
+           raising=exc.CryptoError)
 
     return ffi.buffer(plaintext, len(padded))[crypto_box_ZEROBYTES:]

src/nacl/bindings/crypto_hash.py

@@ -14,7 +14,9 @@
 
 from __future__ import absolute_import, division, print_function
 
+from nacl import exceptions as exc
 from nacl._sodium import ffi, lib
+from nacl.utils import ensure
 
 
 # crypto_hash_BYTES = lib.crypto_hash_bytes()
@@ -32,7 +34,9 @@ def crypto_hash(message):
     """
     digest = ffi.new("unsigned char[]", crypto_hash_BYTES)
     rc = lib.crypto_hash(digest, message, len(message))
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
     return ffi.buffer(digest, crypto_hash_BYTES)[:]
 
 
@@ -45,7 +49,9 @@ def crypto_hash_sha256(message):
     """
     digest = ffi.new("unsigned char[]", crypto_hash_sha256_BYTES)
     rc = lib.crypto_hash_sha256(digest, message, len(message))
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
     return ffi.buffer(digest, crypto_hash_sha256_BYTES)[:]
 
 
@@ -58,5 +64,7 @@ def crypto_hash_sha512(message):
     """
     digest = ffi.new("unsigned char[]", crypto_hash_sha512_BYTES)
     rc = lib.crypto_hash_sha512(digest, message, len(message))
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
     return ffi.buffer(digest, crypto_hash_sha512_BYTES)[:]

src/nacl/bindings/crypto_scalarmult.py

@@ -14,7 +14,9 @@
 
 from __future__ import absolute_import, division, print_function
 
+from nacl import exceptions as exc
 from nacl._sodium import ffi, lib
+from nacl.utils import ensure
 
 
 crypto_scalarmult_BYTES = lib.crypto_scalarmult_bytes()
@@ -32,7 +34,9 @@ def crypto_scalarmult_base(n):
     q = ffi.new("unsigned char[]", crypto_scalarmult_BYTES)
 
     rc = lib.crypto_scalarmult_base(q, n)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return ffi.buffer(q, crypto_scalarmult_SCALARBYTES)[:]
 
@@ -49,6 +53,8 @@ def crypto_scalarmult(n, p):
     q = ffi.new("unsigned char[]", crypto_scalarmult_BYTES)
 
     rc = lib.crypto_scalarmult(q, n, p)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return ffi.buffer(q, crypto_scalarmult_SCALARBYTES)[:]

src/nacl/bindings/crypto_secretbox.py

@@ -14,8 +14,9 @@
 
 from __future__ import absolute_import, division, print_function
 
+from nacl import exceptions as exc
 from nacl._sodium import ffi, lib
-from nacl.exceptions import CryptoError
+from nacl.utils import ensure
 
 
 crypto_secretbox_KEYBYTES = lib.crypto_secretbox_keybytes()
@@ -43,8 +44,8 @@ def crypto_secretbox(message, nonce, key):
     padded = b"\x00" * crypto_secretbox_ZEROBYTES + message
     ciphertext = ffi.new("unsigned char[]", len(padded))
 
-    if lib.crypto_secretbox(ciphertext, padded, len(padded), nonce, key) != 0:
-        raise CryptoError("Encryption failed")
+    res = lib.crypto_secretbox(ciphertext, padded, len(padded), nonce, key)
+    ensure(res == 0, "Encryption failed", raising=exc.CryptoError)
 
     ciphertext = ffi.buffer(ciphertext, len(padded))
     return ciphertext[crypto_secretbox_BOXZEROBYTES:]
@@ -69,9 +70,10 @@ def crypto_secretbox_open(ciphertext, nonce, key):
     padded = b"\x00" * crypto_secretbox_BOXZEROBYTES + ciphertext
     plaintext = ffi.new("unsigned char[]", len(padded))
 
-    if lib.crypto_secretbox_open(
-            plaintext, padded, len(padded), nonce, key) != 0:
-        raise CryptoError("Decryption failed. Ciphertext failed verification")
+    res = lib.crypto_secretbox_open(
+               plaintext, padded, len(padded), nonce, key)
+    ensure(res == 0, "Decryption failed. Ciphertext failed verification",
+           raising=exc.CryptoError)
 
     plaintext = ffi.buffer(plaintext, len(padded))
     return plaintext[crypto_secretbox_ZEROBYTES:]

src/nacl/bindings/crypto_sign.py

@@ -14,8 +14,9 @@
 
 from __future__ import absolute_import, division, print_function
 
+from nacl import exceptions as exc
 from nacl._sodium import ffi, lib
-from nacl.exceptions import BadSignatureError
+from nacl.utils import ensure
 
 
 crypto_sign_BYTES = lib.crypto_sign_bytes()
@@ -37,7 +38,9 @@ def crypto_sign_keypair():
     sk = ffi.new("unsigned char[]", crypto_sign_SECRETKEYBYTES)
 
     rc = lib.crypto_sign_keypair(pk, sk)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return (
         ffi.buffer(pk, crypto_sign_PUBLICKEYBYTES)[:],
@@ -59,7 +62,9 @@ def crypto_sign_seed_keypair(seed):
     sk = ffi.new("unsigned char[]", crypto_sign_SECRETKEYBYTES)
 
     rc = lib.crypto_sign_seed_keypair(pk, sk, seed)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return (
         ffi.buffer(pk, crypto_sign_PUBLICKEYBYTES)[:],
@@ -80,7 +85,9 @@ def crypto_sign(message, sk):
     signed_len = ffi.new("unsigned long long *")
 
     rc = lib.crypto_sign(signed, signed_len, message, len(message), sk)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return ffi.buffer(signed, signed_len[0])[:]
 
@@ -99,7 +106,7 @@ def crypto_sign_open(signed, pk):
 
     if lib.crypto_sign_open(
             message, message_len, signed, len(signed), pk) != 0:
-        raise BadSignatureError("Signature was forged or corrupt")
+        raise exc.BadSignatureError("Signature was forged or corrupt")
 
     return ffi.buffer(message, message_len[0])[:]
 
@@ -123,7 +130,9 @@ def crypto_sign_ed25519_pk_to_curve25519(public_key_bytes):
 
     rc = lib.crypto_sign_ed25519_pk_to_curve25519(curve_public_key,
                                                   public_key_bytes)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return ffi.buffer(curve_public_key, curve_public_key_len)[:]
 
@@ -147,6 +156,8 @@ def crypto_sign_ed25519_sk_to_curve25519(secret_key_bytes):
 
     rc = lib.crypto_sign_ed25519_sk_to_curve25519(curve_secret_key,
                                                   secret_key_bytes)
-    assert rc == 0
+    ensure(rc == 0,
+           'Unexpected library error',
+           raising=exc.RuntimeError)
 
     return ffi.buffer(curve_secret_key, curve_secret_key_len)[:]

src/nacl/bindings/sodium_core.py

@@ -13,13 +13,15 @@
 # limitations under the License.
 from __future__ import absolute_import, division, print_function
 
+from nacl import exceptions as exc
 from nacl._sodium import ffi, lib
-from nacl.exceptions import CryptoError
+from nacl.utils import ensure
 
 
 def _sodium_init():
-    if lib.sodium_init() == -1:
-        raise CryptoError("Could not initialize sodium")
+    ensure(lib.sodium_init() != -1,
+           "Could not initialize sodium",
+           raising=exc.RuntimeError)
 
 
 def sodium_init():