summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Mark Wooding [Tue, 1 Oct 2019 10:40:41 +0000 (11:40 +0100)]
Set ELF visibility to keep all of our external symbols to ourselves.
Mark Wooding [Fri, 9 Nov 2018 15:35:14 +0000 (15:35 +0000)]
algorithms.c, etc.: Support the new AEAD abstraction.
The new machinery means we can reimplement `secret_box' and
`secret_unbox' using Catacomb's `..._naclbox' AE scheme.
Mark Wooding [Fri, 9 Nov 2018 12:22:16 +0000 (12:22 +0000)]
algorithms.c, knock-on: Eliminate `f_freeme' flags.
These were being carefully set and checked on ciphers, hashes, and MACs,
for no good reason because the flag was always set. Abolish it.
The flag still exists for `grand' objects because they get injected into
Python through the `pgen' event-handling machinery, and Python mustn't
destroy them just because it loses its reference. (It also mustn't try
to hang onto them, so there's a longstanding bug in there.)
Mark Wooding [Fri, 9 Nov 2018 12:28:16 +0000 (12:28 +0000)]
bytestring.c: Implement indexing, slicing, concatenation and repeating.
Now these return bytestring objects, rather than Python strings.
Mark Wooding [Fri, 9 Nov 2018 12:16:59 +0000 (12:16 +0000)]
Consistently make keyword-lists be static and read-only.
We had an exciting mix of static and automatic storage durations, and
none were marked as `const'. Python isn't `const'-correct, so we have
to cast away the `const'-ness: introduce a new macro `KWLIST' to do
this.
Also constify some other related tables, such as method names in
`pgev_python'.
Mark Wooding [Fri, 9 Nov 2018 12:34:20 +0000 (12:34 +0000)]
catacomb-python.h: Eliminate redundant declaration of `convgcipher'.
There's another one a bit further down.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
pubkey.c: Add support for Ed448 signatures, following RFC8032.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
pubkey.c: Support the `ed2559ctx' signature scheme from RFC8032.
Main difference is the addition of a personalization string.
In the wrapper classes, forward unknown keyword arguments on to the
underlying implementation.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
Add support for SHA3 and related algorithms.
This comes in three tranches.
* There are the basic generic-interface algorithms for SHA3-*, SHAKE*,
KMAC*, etc., which basically just turn up by themselves, and the
RNGs based on SHAKE and KMAC which took a little more work.
* There's a full implementation of the cSHAKE128 and cSHAKE256 XOFs as
a new kind of object.
* Based on this, there's a full KMAC implementation, with the fiddly
bits in Python (but all the heavy lifting is done in C), with
variable-length tag and everything. Other constructions, e.g.,
TupleHash, can easily be made in the same way.
Annoyingly, KMAC can't just be made from SHAKE by multiple inheritance
because Python gets confused about how it's supposed to construct the
objects, and, in particular, which `__new__' methods are OK to use. It
seems that the relevant code is trying to use the `HEAPTYPE' flag as a
proxy for whether a type is implemented in C, which doesn't work for our
classes. So there's a bunch of ugly delegation to do.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
algorithms.c: Add basic support for Keccak[1600, n].
This takes the form of a simple object which encapsulates the
Keccak[1600, n] state and allows mix and extract operations (which
correspond to the I/O portions of absorb/squeeze and duplexing) and
step, which actually invokes the permutation to advance the state.
None of this keeps track of rate or capacity limits beyond the obvious
memory-safety checks, so you can really screw yourself if you're not
careful.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
utils.c: Raise exceptions from `convTHING' with null arguments.
This can happen as a result of using `convTHING' in an attribute `set'
function, and the Python program trying to `del' the attribute.
Unfortunately, these conversion functions are already being used in this
context, and it leads to segfaults, e.g., from
del C.Key(C.KeyFile('', C.KOPEN_WRITE | C.KOPEN_NOFILE), 0, 'k').exptime
Easy fix.
Mark Wooding [Sun, 14 May 2017 03:28:02 +0000 (04:28 +0100)]
Merge branch '1.1.x'
* 1.1.x:
Release 1.1.2.
catacomb/__init__.py: Fix up cipher etc. names better.
algorithms.c: Support the new 16-bit key-size descriptors.
group.c: Track Catacomb group internals change.
utils.c: Raise exceptions from `convTHING' with null arguments.
Return `long' objects when `int' is requested but the value won't fit.
bytestring.c: Check for cached hash more carefully.
rand.c: Careful range checking on `block' and `mp'.
*.c: Fix docstrings for methods.
Further fixing to use `Py_ssize_t' in place of int.
Conflicts:
debian/control (already wanted later catacomb-dev)
group.c (no need for compatibility with older Catacombs)
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
utils.c: Raise exceptions from `convTHING' with null arguments.
This can happen as a result of using `convTHING' in an attribute `set'
function, and the Python program trying to `del' the attribute.
Unfortunately, these conversion functions are already being used in this
context, and it leads to segfaults, e.g., from
del C.Key(C.KeyFile('', C.KOPEN_WRITE | C.KOPEN_NOFILE), 0, 'k').exptime
Easy fix.
Mark Wooding [Wed, 3 May 2017 11:48:27 +0000 (12:48 +0100)]
Return `long' objects when `int' is requested but the value won't fit.
Mostly, Python handles the error from the `int' conversion and falls
back to long, but there's something weird in iteration, where if you say
for i in ...:
print '%d' % x
then the loop finishes and /then/ you get an exception for the overflow
from the failed conversion of x to an `int'.
Follow Python's actual behaviour: have `mp_tolong_checked' take an extra
argument indicating whether to throw an exception, and modify most of
the call sites to fall back to a conversion based on `mp_topylong'.
Mark Wooding [Sun, 11 Sep 2016 23:14:16 +0000 (00:14 +0100)]
Further fixing to use `Py_ssize_t' in place of int.
This addresses the remaining compiler warnings when building for 64-bit
targets.
Mark Wooding [Wed, 26 Apr 2017 10:53:05 +0000 (11:53 +0100)]
pubkey.c, catacomb/__init__.py: Add bindings for Hamburg's X448.
Mark Wooding [Thu, 26 May 2016 08:26:09 +0000 (09:26 +0100)]
pubkey.c, ...: Support Bernstein's `
Ed25519' signature scheme.
Mark Wooding [Wed, 12 Apr 2017 17:39:01 +0000 (18:39 +0100)]
pubkey.c, ...: Support Bernstein's `X25519' key-agreement algorithm.
Mark Wooding [Wed, 3 May 2017 11:48:27 +0000 (12:48 +0100)]
Return `long' objects when `int' is requested but the value won't fit.
Mostly, Python handles the error from the `int' conversion and falls
back to long, but there's something weird in iteration, where if you say
for i in ...:
print '%d' % x
then the loop finishes and /then/ you get an exception for the overflow
from the failed conversion of x to an `int'.
Follow Python's actual behaviour: have `mp_tolong_checked' take an extra
argument indicating whether to throw an exception, and modify most of
the call sites to fall back to a conversion based on `mp_topylong'.
Mark Wooding [Thu, 26 May 2016 08:26:09 +0000 (09:26 +0100)]
bytestring.c, catacomb/__init__.py: Compare for equality in constant time.
There's an explicit `ctstreq' function which just does what you wanted.
Also, `ByteString' objects now have a rich-compare method which always
compares for equality in constant time. Ordering comparisons are
variable time still.
There's a little chicanery to retain the hash function from `str'.
Also add a simple `check' method to `GHash' and `Poly1305Hash' which
compares a hsah or MAC tag in constant time and returns a boolean
result.
Mark Wooding [Thu, 26 May 2016 08:26:09 +0000 (09:26 +0100)]
*.c: Declare `PY_SSIZE_T_CLEAN'.
Now we can process large strings on 64-bit targets. Err, win?
Mark Wooding [Thu, 26 May 2016 08:26:09 +0000 (09:26 +0100)]
algorithms.c: Add support for Poly1305.
Mark Wooding [Thu, 26 May 2016 08:26:09 +0000 (09:26 +0100)]
catacomb-python.h, util.c: Support for declaring types with weird metatypes.
Mark Wooding [Mon, 12 Sep 2016 21:27:23 +0000 (22:27 +0100)]
util.c: Add conversions between Python objects and `kludge64'.
Mark Wooding [Mon, 12 Sep 2016 21:26:53 +0000 (22:26 +0100)]
catacomb-python.h: Don't inhibit 64-bit type detection any more.
We'll be using `kludge64', and the definition must properly match up
with the library.
Mark Wooding [Mon, 12 Sep 2016 21:23:58 +0000 (22:23 +0100)]
util.c: Zap spurious whitespace.
Mark Wooding [Sun, 11 Sep 2016 23:14:16 +0000 (00:14 +0100)]
Further fixing to use `Py_ssize_t' in place of int.
This addresses the remaining compiler warnings when building for 64-bit
targets.
Mark Wooding [Mon, 22 Dec 2014 20:32:58 +0000 (20:32 +0000)]
catacomb.c, ec.c: Bindings for the new EC2OSP/OS2ECP functions.
Mark Wooding [Fri, 29 May 2015 08:34:09 +0000 (09:34 +0100)]
Use ValueError instead of SyntaxError throughout.
SyntaxError has a much more specific meaning, and some software, such as
`ipython', expect it to carry lots of other detailed information.
So abolish the `SYNERR' macro, and use `VALERR' instead consistently. I
wish I had an excuse for this blunder, but I don't.
Mark Wooding [Tue, 26 May 2015 15:02:01 +0000 (16:02 +0100)]
Fix the missing-module-names bug properly.
Introduce a wrapper `typeready' around `PyType_Ready' which sets the
module name, and call it everywhere it's needed.
Mark Wooding [Tue, 26 May 2015 15:00:32 +0000 (16:00 +0100)]
catacomb-python.h: Promote `util' to the head of the list.
If anything needs to prepare for other modules, it's common utilities.
Mark Wooding [Tue, 26 May 2015 15:00:52 +0000 (16:00 +0100)]
catacomb-python.h: Formatting fix.
Mark Wooding [Fri, 10 Apr 2015 14:19:25 +0000 (15:19 +0100)]
catacomb.c: Handle Python's randomize hashing parameters properly.
Mark Wooding [Fri, 10 Apr 2015 14:19:25 +0000 (15:19 +0100)]
Proper hashing for comparable object types.
Some of the existing object hash algorithms have changed, but I think
we'll live with that.
Mark Wooding [Fri, 10 Apr 2015 14:19:25 +0000 (15:19 +0100)]
Stamp the module name onto types properly.
Our types are `dynamic', because the Python code adds extra methods to
them. Apparently the correct thing to do in such cases is to put the
raw type name in the `tp_name' slot, and stuff the module name into
`tp_dict' by hand.
Mark Wooding [Fri, 27 Feb 2015 14:40:26 +0000 (14:40 +0000)]
mp.c: Binding for `mp_fibonacci'.
Mark Wooding [Sun, 23 Jun 2013 08:04:24 +0000 (09:04 +0100)]
Fix a few minor warnings.
Mark Wooding [Sun, 16 Jun 2013 14:22:38 +0000 (15:22 +0100)]
Overhaul formatting.
Expunge CVS droppings and use newer comment stylings.
Mark Wooding [Fri, 4 Apr 2008 23:55:18 +0000 (00:55 +0100)]
util: Actually initialize the utilities properly.
Failure to do this cases segfaults when we actually come to do things
like iteration.
Mark Wooding [Sat, 17 Feb 2007 12:18:00 +0000 (12:18 +0000)]
General: Fix lots of whitespace issues.
Mark Wooding [Wed, 25 Oct 2006 18:36:19 +0000 (19:36 +0100)]
General: Update for Python 2.5.
* This renamed the members of heap types. so there's a compatibility
macro now.
* Debian has moved on to Python 2.4 as its standard version, so track
that.
* Also provide Python 2.5 packages now that we can.
Mark Wooding [Wed, 22 Mar 2006 12:58:45 +0000 (12:58 +0000)]
getulong: Compare with LONG_MAX to decide what Python type to use.
This may reduce the number of bignums created on 64-bit machines.
Mark Wooding [Tue, 7 Mar 2006 14:25:03 +0000 (14:25 +0000)]
Remove the various `getuNN' functions and replace them with getulong().
They weren't doing any real good anyway, and the implementation was
randomly buggy.
Mark Wooding [Tue, 7 Mar 2006 14:12:42 +0000 (14:12 +0000)]
util: Report ValuError (not TypeError) for failed integer conversions.
Mark Wooding [Mon, 6 Mar 2006 16:56:41 +0000 (16:56 +0000)]
mappings: Separate mapping methods into read-only and read-write.
Mark Wooding [Sat, 28 Jan 2006 19:03:25 +0000 (19:03 +0000)]
Bug squashing.
* Fix setting functions to check for null value (interpreted as property
deletion) and raise an exception or do something else useful.
* Fix conversion of read buffer to string so it returns the remainder
rather than the whole thing.
* Make conversions between MP and Python long work on PyObjects rather
than PyLongObjects, to eliminate pointless type casts.
* Fix primefield constructor argument parsing so that it doesn't crash!
* Fix radix checking in MP conversions to exclude +/-1, and 0 for output.
This turns into a little function now.
* Do argument checking on Jacobi function.
Mark Wooding [Sat, 28 Jan 2006 18:46:07 +0000 (18:46 +0000)]
Reorganization: split out utilities; mapping methods
* Move non-project-specific Python utilities into a separate file. They
might conceivably find their way into a new project some day.
* Implement the standard mapping methods generically (i.e., in terms of
basic Python mapping operations).
* Use the mapping methods for the various key-object-related mappings.
* Start fixing setter functions for null values.
Mark Wooding [Sat, 28 Jan 2006 18:07:53 +0000 (18:07 +0000)]
algorithms: Add PRPs as objects in their own right.
mdw [Mon, 26 Sep 2005 12:58:11 +0000 (12:58 +0000)]
Checkin, Debianized and more or less complete.
mdw [Fri, 29 Apr 2005 13:11:19 +0000 (13:11 +0000)]
More fixing for modern Pythons. No longer works with 2.2. Sorry.
mdw [Wed, 27 Apr 2005 23:40:07 +0000 (23:40 +0000)]
Fixing for Python 2.3 and later.
mdw [Sun, 10 Apr 2005 23:38:11 +0000 (23:38 +0000)]
Various minor fixings.
mdw [Sun, 10 Apr 2005 18:03:11 +0000 (18:03 +0000)]
Initial check-in of catacomb-python.