shithub: riscv

Download patch

ref: 4e04698ab6fddc1efe41b97be54fcf120810bf5d
parent: 8f4db30e7865232f9179f5850fe0e1ca759302cc
author: cinap_lenrek <[email protected]>
date: Mon Apr 11 16:31:14 EDT 2016

python: remove openssl support, use ape/libsec for cryptographics hash functions

--- a/sys/lib/python/hashlib.py
+++ b/sys/lib/python/hashlib.py
@@ -51,88 +51,24 @@
 
 """
 
+import _sechash
 
-def __get_builtin_constructor(name):
-    if name in ('SHA1', 'sha1'):
-        import _sha
-        return _sha.new
-    elif name in ('MD5', 'md5'):
-        import _md5
-        return _md5.new
-    elif name in ('SHA256', 'sha256', 'SHA224', 'sha224'):
-        import _sha256
-        bs = name[3:]
-        if bs == '256':
-            return _sha256.sha256
-        elif bs == '224':
-            return _sha256.sha224
-#    elif name in ('SHA512', 'sha512', 'SHA384', 'sha384'):
-#        import _sha512
-#        bs = name[3:]
-#        if bs == '512':
-#            return _sha512.sha512
-#        elif bs == '384':
-#            return _sha512.sha384
+md5 = _sechash.md5
+sha1 = _sechash.sha1
+sha224 = _sechash.sha224
+sha256 = _sechash.sha256
+sha384 = _sechash.sha384
+sha512 = _sechash.sha512
 
-    raise ValueError, "unsupported hash type"
+algs = dict()
+for a in [md5, sha1, sha224, sha256, sha384, sha512]:
+	algs[a().name.lower()] = a
 
-
-def __py_new(name, string=''):
-    """new(name, string='') - Return a new hashing object using the named algorithm;
-    optionally initialized with a string.
-    """
-    return __get_builtin_constructor(name)(string)
-
-
-def __hash_new(name, string=''):
-    """new(name, string='') - Return a new hashing object using the named algorithm;
-    optionally initialized with a string.
-    """
-    try:
-        return _hashlib.new(name, string)
-    except ValueError:
-        # If the _hashlib module (OpenSSL) doesn't support the named
-        # hash, try using our builtin implementations.
-        # This allows for SHA224/256 and SHA384/512 support even though
-        # the OpenSSL library prior to 0.9.8 doesn't provide them.
-        return __get_builtin_constructor(name)(string)
-
-
-try:
-    import _hashlib
-    # use the wrapper of the C implementation
-    new = __hash_new
-
-    for opensslFuncName in filter(lambda n: n.startswith('openssl_'), dir(_hashlib)):
-        funcName = opensslFuncName[len('openssl_'):]
-        try:
-            # try them all, some may not work due to the OpenSSL
-            # version not supporting that algorithm.
-            f = getattr(_hashlib, opensslFuncName)
-            f()
-            # Use the C function directly (very fast)
-            exec funcName + ' = f'
-        except ValueError:
-            try:
-                # Use the builtin implementation directly (fast)
-                exec funcName + ' = __get_builtin_constructor(funcName)'
-            except ValueError:
-                # this one has no builtin implementation, don't define it
-                pass
-    # clean up our locals
-    del f
-    del opensslFuncName
-    del funcName
-
-except ImportError:
-    # We don't have the _hashlib OpenSSL module?
-    # use the built in legacy interfaces via a wrapper function
-    new = __py_new
-
-    # lookup the C function to use directly for the named constructors
-    md5 = __get_builtin_constructor('md5')
-    sha1 = __get_builtin_constructor('sha1')
-    sha224 = __get_builtin_constructor('sha224')
-    sha256 = __get_builtin_constructor('sha256')
-    sha384 = __get_builtin_constructor('sha384')
-    sha512 = __get_builtin_constructor('sha512')
+def new(name, string=''):
+	"""new(name, string='') - Return a new hashing object using the named algorithm;
+	optionally initialized with a string.
+	"""
+	a = algs[name.lower()]
+	if a != None:
+		return a(string)
+	raise ValueError, "unsupported hash type"
--- a/sys/src/cmd/python/Include/pyport.h
+++ b/sys/src/cmd/python/Include/pyport.h
@@ -765,7 +765,7 @@
 #endif
 
 #ifndef Py_ULL
-#define Py_ULL(x) Py_LL(x##U)
+#define Py_ULL(x) x##ULL
 #endif
 
 #endif /* Py_PYPORT_H */
--- a/sys/src/cmd/python/Modules/config
+++ b/sys/src/cmd/python/Modules/config
@@ -4,15 +4,17 @@
 #_curses_panel
 _elementtree
 _functools
-_hashlib
+#_hashlib
 _locale
 _lsprof
-_md5
+#_md5
 _random
-_sha
-_sha256
+_sechash
+#_sha
+#_sha256
+#_sha512
 _sre
-_ssl
+#_ssl
 _struct
 _symtable
 _testcapi
--- a/sys/src/cmd/python/Modules/mkfile
+++ b/sys/src/cmd/python/Modules/mkfile
@@ -12,7 +12,7 @@
 #	_cursesmodule.$O\
 	_elementtree.$O\
 	_functoolsmodule.$O\
-	_hashopenssl.$O\
+#	_hashopenssl.$O\
 	_heapqmodule.$O\
 #	_hotshot.$O\
 	_localemodule.$O\
@@ -19,7 +19,7 @@
 	_lsprof.$O\
 	_randommodule.$O\
 	_sre.$O\
-	_ssl.$O\
+#	_ssl.$O\
 	_struct.$O\
 	_testcapimodule.$O\
 #	_tkinter.$O\
@@ -60,8 +60,8 @@
 #	linuxaudiodev.$O\
 	main.$O\
 	mathmodule.$O\
-	md5.$O\
-	md5module.$O\
+#	md5.$O\
+#	md5module.$O\
 #	mmapmodule.$O\
 #	nismodule.$O\
 	operator.$O\
@@ -77,9 +77,10 @@
 	rotatingtree.$O\
 	selectmodule.$O\
 #	sgimodule.$O\
-	sha256module.$O\
+#	sha256module.$O\
 #	sha512module.$O\
-	shamodule.$O\
+#	shamodule.$O\
+	sechashmodule.$O\
 	signalmodule.$O\
 	socketmodule.$O\
 #	spwdmodule.$O\
--- /dev/null
+++ b/sys/src/cmd/python/Modules/sechashmodule.c
@@ -1,0 +1,367 @@
+/* Plan 9 sechash(2) module */
+
+#include "Python.h"
+#include "structmember.h"
+
+#define _PLAN9_SOURCE
+#include <libsec.h>
+
+typedef struct {
+	PyObject_HEAD
+
+	char *t;
+	int n, b;
+	DigestState *(*f)(uchar *, ulong, uchar *, DigestState *);
+	DigestState s;
+} SHobject;
+
+static PyTypeObject MD5type;
+static PyTypeObject SHA1type;
+static PyTypeObject SHA224type;
+static PyTypeObject SHA256type;
+static PyTypeObject SHA384type;
+static PyTypeObject SHA512type;
+
+static void
+sh_copy(SHobject *src, SHobject *dest)
+{
+	dest->t = src->t;
+	dest->n = src->n;
+	dest->b = src->b;
+	dest->f = src->f;
+	dest->s = src->s;
+}
+
+static void
+sh_update(SHobject *s, uchar *buffer, int count)
+{
+	(*s->f)(buffer, count, NULL, &s->s);
+}
+
+static void
+sh_final(SHobject *s, uchar digest[])
+{
+	(*s->f)(NULL, 0, (uchar*)digest, &s->s);
+}
+
+static void
+sh_dealloc(PyObject *ptr)
+{
+	PyObject_Del(ptr);
+}
+
+PyDoc_STRVAR(SH_copy__doc__, "Return a copy of the hash object.");
+
+static PyObject *
+SH_copy(SHobject *self, PyObject *unused)
+{
+	SHobject *newobj;
+
+	newobj = PyObject_New(SHobject, ((PyObject*)self)->ob_type);
+	if(newobj != NULL)
+		sh_copy(self, newobj);
+	return (PyObject *)newobj;
+}
+
+PyDoc_STRVAR(SH_digest__doc__,
+"Return the digest value as a string of binary data.");
+
+static PyObject *
+SH_digest(SHobject *self, PyObject *unused)
+{
+	uchar digest[64];
+	SHobject temp;
+
+	sh_copy(self, &temp);
+	sh_final(&temp, digest);
+	return PyString_FromStringAndSize((const char *)digest, self->n);
+}
+
+PyDoc_STRVAR(SH_hexdigest__doc__,
+"Return the digest value as a string of hexadecimal digits.");
+
+static PyObject *
+SH_hexdigest(SHobject *self, PyObject *unused)
+{
+	uchar digest[64];
+	SHobject temp;
+	PyObject *retval;
+	char *hex_digest;
+	int i, j;
+
+	/* Get the raw (binary) digest value */
+	sh_copy(self, &temp);
+	sh_final(&temp, digest);
+
+	/* Create a new string */
+	retval = PyString_FromStringAndSize(NULL, self->n * 2);
+	if (!retval)
+		return NULL;
+	hex_digest = PyString_AsString(retval);
+	if (!hex_digest) {
+		Py_DECREF(retval);
+		return NULL;
+	}
+
+	/* Make hex version of the digest */
+	for (i=j=0; i<self->n; i++) {
+		char c;
+		c = (digest[i] >> 4) & 0xf;
+		c = (c>9) ? c+'a'-10 : c + '0';
+		hex_digest[j++] = c;
+		c = (digest[i] & 0xf);
+		c = (c>9) ? c+'a'-10 : c + '0';
+		hex_digest[j++] = c;
+	}
+	return retval;
+}
+
+PyDoc_STRVAR(SH_update__doc__,
+"Update this hash object's state with the provided string.");
+
+static PyObject *
+SH_update(SHobject *self, PyObject *args)
+{
+	uchar *cp;
+	int len;
+
+	if (!PyArg_ParseTuple(args, "s#:update", &cp, &len))
+		return NULL;
+	sh_update(self, cp, len);
+	Py_INCREF(Py_None);
+	return Py_None;
+}
+
+static PyMethodDef SH_methods[] = {
+	{"copy", (PyCFunction)SH_copy, METH_NOARGS, SH_copy__doc__},
+	{"digest", (PyCFunction)SH_digest, METH_NOARGS, SH_digest__doc__},
+	{"hexdigest", (PyCFunction)SH_hexdigest, METH_NOARGS, SH_hexdigest__doc__},
+	{"update", (PyCFunction)SH_update, METH_VARARGS, SH_update__doc__},
+	{NULL, NULL}
+};
+
+static PyObject *
+SH_get_block_size(PyObject *self, void *closure)
+{
+	return PyInt_FromLong(((SHobject*)self)->b);
+}
+
+static PyObject *
+SH_get_name(PyObject *self, void *closure)
+{
+	char *s = ((SHobject*)self)->t;
+	return PyString_FromStringAndSize(s, strlen(s));
+}
+
+static PyGetSetDef SH_getseters[] = {
+	{"block_size", (getter)SH_get_block_size, NULL, NULL, NULL},
+	{"name", (getter)SH_get_name, NULL, NULL, NULL},
+	{NULL}
+};
+
+static PyMemberDef SH_members[] = {
+	{"digest_size", T_INT, offsetof(SHobject, n), READONLY, NULL},
+	{"digestsize", T_INT, offsetof(SHobject, n), READONLY, NULL},
+	{NULL}
+};
+
+static PyTypeObject MD5type = {PyObject_HEAD_INIT(NULL)0,"_sechash.md5",sizeof(SHobject),0,sh_dealloc,
+	0,0,0,0,0,0,0,0,0,0,0,0,0,0,Py_TPFLAGS_DEFAULT,0,0,0,0,0,0,0,SH_methods,SH_members,SH_getseters};
+static PyTypeObject SHA1type = {PyObject_HEAD_INIT(NULL)0,"_sechash.sha1",sizeof(SHobject),0,sh_dealloc,
+	0,0,0,0,0,0,0,0,0,0,0,0,0,0,Py_TPFLAGS_DEFAULT,0,0,0,0,0,0,0,SH_methods,SH_members,SH_getseters};
+static PyTypeObject SHA224type = {PyObject_HEAD_INIT(NULL)0,"_sechash.sha224",sizeof(SHobject),0,sh_dealloc,
+	0,0,0,0,0,0,0,0,0,0,0,0,0,0,Py_TPFLAGS_DEFAULT,0,0,0,0,0,0,0,SH_methods,SH_members,SH_getseters};
+static PyTypeObject SHA256type = {PyObject_HEAD_INIT(NULL)0,"_sechash.sha256",sizeof(SHobject),0,sh_dealloc,
+	0,0,0,0,0,0,0,0,0,0,0,0,0,0,Py_TPFLAGS_DEFAULT,0,0,0,0,0,0,0,SH_methods,SH_members,SH_getseters};
+static PyTypeObject SHA384type = {PyObject_HEAD_INIT(NULL)0,"_sechash.sha384",sizeof(SHobject),0,sh_dealloc,
+	0,0,0,0,0,0,0,0,0,0,0,0,0,0,Py_TPFLAGS_DEFAULT,0,0,0,0,0,0,0,SH_methods,SH_members,SH_getseters};
+static PyTypeObject SHA512type = {PyObject_HEAD_INIT(NULL)0,"_sechash.sha512",sizeof(SHobject),0,sh_dealloc,
+	0,0,0,0,0,0,0,0,0,0,0,0,0,0,Py_TPFLAGS_DEFAULT,0,0,0,0,0,0,0,SH_methods,SH_members,SH_getseters};
+
+
+PyDoc_STRVAR(SHA512_new__doc__,
+"Return a new SHA-512 hash object; optionally initialized with a string.");
+
+static PyObject *
+SHA512_new(PyObject *self, PyObject *args, PyObject *kwdict)
+{
+	static char *kwlist[] = {"string", NULL};
+	SHobject *new;
+	uchar *cp = NULL;
+	int len;
+
+	if (!PyArg_ParseTupleAndKeywords(args, kwdict, "|s#:new", kwlist, &cp, &len))
+		return NULL;
+	if ((new = (SHobject *)PyObject_New(SHobject, &SHA512type)) == NULL)
+		return NULL;
+	memset(&new->s, 0, sizeof(new->s));
+	new->t = "SHA512";
+	new->b = 128;
+	new->n = SHA2_512dlen;
+	new->f = sha2_512;
+	if (cp)
+		sh_update(new, cp, len);
+	return (PyObject *)new;
+}
+
+PyDoc_STRVAR(SHA384_new__doc__,
+"Return a new SHA-384 hash object; optionally initialized with a string.");
+
+static PyObject *
+SHA384_new(PyObject *self, PyObject *args, PyObject *kwdict)
+{
+	static char *kwlist[] = {"string", NULL};
+	SHobject *new;
+	uchar *cp = NULL;
+	int len;
+
+	if (!PyArg_ParseTupleAndKeywords(args, kwdict, "|s#:new", kwlist, &cp, &len))
+		return NULL;
+	if ((new = (SHobject *)PyObject_New(SHobject, &SHA384type)) == NULL)
+		return NULL;
+	memset(&new->s, 0, sizeof(new->s));
+	new->t = "SHA384";
+	new->b = 128;
+	new->n = SHA2_384dlen;
+	new->f = sha2_384;
+	if (cp)
+		sh_update(new, cp, len);
+	return (PyObject *)new;
+}
+
+PyDoc_STRVAR(SHA256_new__doc__,
+"Return a new SHA-256 hash object; optionally initialized with a string.");
+
+static PyObject *
+SHA256_new(PyObject *self, PyObject *args, PyObject *kwdict)
+{
+	static char *kwlist[] = {"string", NULL};
+	SHobject *new;
+	uchar *cp = NULL;
+	int len;
+
+	if (!PyArg_ParseTupleAndKeywords(args, kwdict, "|s#:new", kwlist, &cp, &len))
+		return NULL;
+	if ((new = (SHobject *)PyObject_New(SHobject, &SHA256type)) == NULL)
+		return NULL;
+	memset(&new->s, 0, sizeof(new->s));
+	new->t = "SHA256";
+	new->b = 64;
+	new->n = SHA2_256dlen;
+	new->f = sha2_256;
+	if (cp)
+		sh_update(new, cp, len);
+	return (PyObject *)new;
+}
+
+PyDoc_STRVAR(SHA224_new__doc__,
+"Return a new SHA-224 hash object; optionally initialized with a string.");
+
+static PyObject *
+SHA224_new(PyObject *self, PyObject *args, PyObject *kwdict)
+{
+	static char *kwlist[] = {"string", NULL};
+	SHobject *new;
+	uchar *cp = NULL;
+	int len;
+
+	if (!PyArg_ParseTupleAndKeywords(args, kwdict, "|s#:new", kwlist, &cp, &len))
+		return NULL;
+	if ((new = (SHobject *)PyObject_New(SHobject, &SHA224type)) == NULL)
+		return NULL;
+	memset(&new->s, 0, sizeof(new->s));
+	new->t = "SHA224";
+	new->b = 64;
+	new->n = SHA2_224dlen;
+	new->f = sha2_224;
+	if (cp)
+		sh_update(new, cp, len);
+	return (PyObject *)new;
+}
+
+PyDoc_STRVAR(SHA1_new__doc__,
+"Return a new SHA1 hash object; optionally initialized with a string.");
+
+static PyObject *
+SHA1_new(PyObject *self, PyObject *args, PyObject *kwdict)
+{
+	static char *kwlist[] = {"string", NULL};
+	SHobject *new;
+	uchar *cp = NULL;
+	int len;
+
+	if (!PyArg_ParseTupleAndKeywords(args, kwdict, "|s#:new", kwlist, &cp, &len))
+		return NULL;
+	if ((new = (SHobject *)PyObject_New(SHobject, &SHA1type)) == NULL)
+		return NULL;
+	memset(&new->s, 0, sizeof(new->s));
+	new->t = "SHA1";
+	new->b = 64;
+	new->n = SHA1dlen;
+	new->f = sha1;
+	if (cp)
+		sh_update(new, cp, len);
+	return (PyObject *)new;
+}
+
+PyDoc_STRVAR(MD5_new__doc__,
+"Return a new MD5 hash object; optionally initialized with a string.");
+
+static PyObject *
+MD5_new(PyObject *self, PyObject *args, PyObject *kwdict)
+{
+	static char *kwlist[] = {"string", NULL};
+	SHobject *new;
+	uchar *cp = NULL;
+	int len;
+
+	if (!PyArg_ParseTupleAndKeywords(args, kwdict, "|s#:new", kwlist, &cp, &len))
+		return NULL;
+	if ((new = (SHobject *)PyObject_New(SHobject, &MD5type)) == NULL)
+		return NULL;
+	memset(&new->s, 0, sizeof(new->s));
+	new->t = "MD5";
+	new->b = 16;
+	new->n = MD5dlen;
+	new->f = md5;
+	if (cp)
+		sh_update(new, cp, len);
+	return (PyObject *)new;
+}
+
+
+/* List of functions exported by this module */
+
+static struct PyMethodDef SH_functions[] = {
+	{"sha512", (PyCFunction)SHA512_new, METH_VARARGS|METH_KEYWORDS, SHA512_new__doc__},
+	{"sha384", (PyCFunction)SHA384_new, METH_VARARGS|METH_KEYWORDS, SHA384_new__doc__},
+	{"sha256", (PyCFunction)SHA256_new, METH_VARARGS|METH_KEYWORDS, SHA256_new__doc__},
+	{"sha224", (PyCFunction)SHA224_new, METH_VARARGS|METH_KEYWORDS, SHA224_new__doc__},
+	{"sha1",   (PyCFunction)SHA1_new,   METH_VARARGS|METH_KEYWORDS, SHA1_new__doc__},
+	{"md5",    (PyCFunction)MD5_new,    METH_VARARGS|METH_KEYWORDS, MD5_new__doc__},
+	{NULL,	NULL}		 /* Sentinel */
+};
+
+PyMODINIT_FUNC
+init_sechash(void)
+{
+	MD5type.ob_type = &PyType_Type;
+	if (PyType_Ready(&MD5type) < 0)
+		return;
+	SHA1type.ob_type = &PyType_Type;
+	if (PyType_Ready(&SHA1type) < 0)
+		return;
+	SHA224type.ob_type = &PyType_Type;
+	if (PyType_Ready(&SHA224type) < 0)
+		return;
+	SHA256type.ob_type = &PyType_Type;
+	if (PyType_Ready(&SHA256type) < 0)
+		return;
+	SHA384type.ob_type = &PyType_Type;
+	if (PyType_Ready(&SHA384type) < 0)
+		return;
+	SHA512type.ob_type = &PyType_Type;
+	if (PyType_Ready(&SHA512type) < 0)
+		return;
+	Py_InitModule("_sechash", SH_functions);
+}
--- a/sys/src/cmd/python/mkfile
+++ b/sys/src/cmd/python/mkfile
@@ -14,8 +14,6 @@
 
 LIB= \
 	/$objtype/lib/ape/libpython.a\
-	/$objtype/lib/ape/libssl.a\
-	/$objtype/lib/ape/libcrypto.a
 
 LIBDIRS=Modules Objects Parser Python