def pbkdf2_hmac(hash_name, password, salt, iterations, dklen=None): if not isinstance(hash_name, str): raise TypeError("expected 'str' for name, but got %s" % type(hash_name)) c_name = _str_to_ffi_buffer(hash_name) digest = lib.EVP_get_digestbyname(c_name) if digest == ffi.NULL: raise ValueError("unsupported hash type") if dklen is None: dklen = lib.EVP_MD_size(digest) if dklen < 1: raise ValueError("key length must be greater than 0.") if dklen >= sys.maxsize: raise OverflowError("key length is too great.") if iterations < 1: raise ValueError("iteration value must be greater than 0.") if iterations >= sys.maxsize: raise OverflowError("iteration value is too great.") buf = ffi.new("unsigned char[]", dklen) c_password = ffi.from_buffer(bytes(password)) c_salt = ffi.from_buffer(bytes(salt)) r = lib.PKCS5_PBKDF2_HMAC(c_password, len(c_password), ffi.cast("unsigned char*",c_salt), len(c_salt), iterations, digest, dklen, buf) if r == 0: raise ValueError return _bytes_with_len(buf, dklen)
def update(self, string): if isinstance(string, unicode): buf = ffi.from_buffer(string.encode('ascii')) else: buf = ffi.from_buffer(string) with self.lock: # XXX try to not release the GIL for small requests lib.EVP_DigestUpdate(self.ctx, buf, len(buf))
def _str_to_ffi_buffer(view): if isinstance(view, unicode): return ffi.from_buffer(view.encode()) elif isinstance(view, memoryview): # NOTE pypy limitation StringBuffer does not allow # to get a raw address to the string! view = view.tobytes() # dont call call ffi.from_buffer(bytes(view)), arguments # like ints/bools should result in a TypeError return ffi.from_buffer(view)
def update(self, string): buf = ffi.from_buffer(string) with self.lock: # XXX try to not release the GIL for small requests lib.EVP_DigestUpdate(self.ctx, buf, len(buf))