diff options
| -rw-r--r-- | cryptography/hazmat/bindings/commoncrypto/binding.py | 4 | ||||
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/binding.py | 4 | ||||
| -rw-r--r-- | cryptography/hazmat/bindings/utils.py | 35 | ||||
| -rw-r--r-- | cryptography/hazmat/primitives/constant_time.py | 14 | ||||
| -rw-r--r-- | cryptography/hazmat/primitives/padding.py | 15 |
5 files changed, 35 insertions, 37 deletions
diff --git a/cryptography/hazmat/bindings/commoncrypto/binding.py b/cryptography/hazmat/bindings/commoncrypto/binding.py index e23a2fd9..0e6dffc0 100644 --- a/cryptography/hazmat/bindings/commoncrypto/binding.py +++ b/cryptography/hazmat/bindings/commoncrypto/binding.py @@ -13,7 +13,7 @@ from __future__ import absolute_import, division, print_function -from cryptography.hazmat.bindings.utils import build_ffi +from cryptography.hazmat.bindings.utils import build_ffi_for_binding class Binding(object): @@ -45,7 +45,7 @@ class Binding(object): if cls.ffi is not None and cls.lib is not None: return - cls.ffi, cls.lib = build_ffi( + cls.ffi, cls.lib = build_ffi_for_binding( module_prefix=cls._module_prefix, modules=cls._modules, extra_link_args=[ diff --git a/cryptography/hazmat/bindings/openssl/binding.py b/cryptography/hazmat/bindings/openssl/binding.py index 37891f6b..314c5147 100644 --- a/cryptography/hazmat/bindings/openssl/binding.py +++ b/cryptography/hazmat/bindings/openssl/binding.py @@ -17,7 +17,7 @@ import os import sys import threading -from cryptography.hazmat.bindings.utils import build_ffi +from cryptography.hazmat.bindings.utils import build_ffi_for_binding _OSX_PRE_INCLUDE = """ @@ -105,7 +105,7 @@ class Binding(object): link_type = os.environ.get("PYCA_WINDOWS_LINK_TYPE", "static") libraries = _get_windows_libraries(link_type) - cls.ffi, cls.lib = build_ffi( + cls.ffi, cls.lib = build_ffi_for_binding( module_prefix=cls._module_prefix, modules=cls._modules, pre_include=_OSX_PRE_INCLUDE, diff --git a/cryptography/hazmat/bindings/utils.py b/cryptography/hazmat/bindings/utils.py index 1c48116e..7d8fc66d 100644 --- a/cryptography/hazmat/bindings/utils.py +++ b/cryptography/hazmat/bindings/utils.py @@ -20,8 +20,9 @@ import sys import cffi -def build_ffi(module_prefix, modules, pre_include="", post_include="", - libraries=[], extra_compile_args=[], extra_link_args=[]): +def build_ffi_for_binding(module_prefix, modules, pre_include="", + post_include="", libraries=[], extra_compile_args=[], + extra_link_args=[]): """ Modules listed in ``modules`` should have the following attributes: @@ -36,7 +37,6 @@ def build_ffi(module_prefix, modules, pre_include="", post_include="", library to a list of names which will not be present without the condition. """ - ffi = cffi.FFI() types = [] includes = [] functions = [] @@ -53,9 +53,6 @@ def build_ffi(module_prefix, modules, pre_include="", post_include="", includes.append(module.INCLUDES) customizations.append(module.CUSTOMIZATIONS) - cdef_sources = types + functions + macros - ffi.cdef("\n".join(cdef_sources)) - # We include functions here so that if we got any of their definitions # wrong, the underlying C compiler will explode. In C you are allowed # to re-declare a function if it has the same signature. That is: @@ -64,18 +61,17 @@ def build_ffi(module_prefix, modules, pre_include="", post_include="", # is legal, but the following will fail to compile: # int foo(int); # int foo(short); - source = "\n".join( + verify_source = "\n".join( [pre_include] + includes + [post_include] + functions + customizations ) - lib = ffi.verify( - source=source, - modulename=_create_modulename(cdef_sources, source, sys.version), + ffi, lib = build_ffi( + cdef_source="\n".join(types + functions + macros), + verify_source=verify_source, libraries=libraries, - ext_package="cryptography", extra_compile_args=extra_compile_args, extra_link_args=extra_link_args, ) @@ -91,6 +87,21 @@ def build_ffi(module_prefix, modules, pre_include="", post_include="", return ffi, lib +def build_ffi(cdef_source, verify_source, libraries=[], extra_compile_args=[], + extra_link_args=[]): + ffi = cffi.FFI() + ffi.cdef(cdef_source) + lib = ffi.verify( + source=verify_source, + modulename=_create_modulename(cdef_source, verify_source, sys.version), + libraries=libraries, + ext_package="cryptography", + extra_compile_args=extra_compile_args, + extra_link_args=extra_link_args, + ) + return ffi, lib + + def _create_modulename(cdef_sources, source, sys_version): """ cffi creates a modulename internally that incorporates the cffi version. @@ -99,7 +110,7 @@ def _create_modulename(cdef_sources, source, sys_version): resolve this we build our own modulename that uses most of the same code from cffi but elides the version key. """ - key = '\x00'.join([sys_version[:3], source] + cdef_sources) + key = '\x00'.join([sys_version[:3], source, cdef_sources]) key = key.encode('utf-8') k1 = hex(binascii.crc32(key[0::2]) & 0xffffffff) k1 = k1.lstrip('0x').rstrip('L') diff --git a/cryptography/hazmat/primitives/constant_time.py b/cryptography/hazmat/primitives/constant_time.py index d75528a8..b98eb108 100644 --- a/cryptography/hazmat/primitives/constant_time.py +++ b/cryptography/hazmat/primitives/constant_time.py @@ -15,11 +15,8 @@ from __future__ import absolute_import, division, print_function import hmac import os -import sys -import cffi - -from cryptography.hazmat.bindings.utils import _create_modulename +from cryptography.hazmat.bindings.utils import build_ffi with open(os.path.join(os.path.dirname(__file__), "src/constant_time.h")) as f: @@ -29,12 +26,9 @@ with open(os.path.join(os.path.dirname(__file__), "src/constant_time.c")) as f: FUNCTIONS = f.read() -_ffi = cffi.FFI() -_ffi.cdef(TYPES) -_lib = _ffi.verify( - source=FUNCTIONS, - modulename=_create_modulename([TYPES], FUNCTIONS, sys.version), - ext_package="cryptography", +_ffi, _lib = build_ffi( + cdef_source=TYPES, + verify_source=FUNCTIONS, ) if hasattr(hmac, "compare_digest"): diff --git a/cryptography/hazmat/primitives/padding.py b/cryptography/hazmat/primitives/padding.py index 74f1ef2e..d799a7e1 100644 --- a/cryptography/hazmat/primitives/padding.py +++ b/cryptography/hazmat/primitives/padding.py @@ -13,15 +13,11 @@ from __future__ import absolute_import, division, print_function -import sys - -import cffi - import six from cryptography import utils from cryptography.exceptions import AlreadyFinalized -from cryptography.hazmat.bindings.utils import _create_modulename +from cryptography.hazmat.bindings.utils import build_ffi from cryptography.hazmat.primitives import interfaces @@ -67,12 +63,9 @@ uint8_t Cryptography_check_pkcs7_padding(const uint8_t *data, } """ -_ffi = cffi.FFI() -_ffi.cdef(TYPES) -_lib = _ffi.verify( - source=FUNCTIONS, - modulename=_create_modulename([TYPES], FUNCTIONS, sys.version), - ext_package="cryptography", +_ffi, _lib = build_ffi( + cdef_source=TYPES, + verify_source=FUNCTIONS, ) |