mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-01-26 18:12:22 +01:00
e96a720f04
Python's bytecode compiler has a peephole optimizer which, among other things, can recognize constant expressions and replace them with a constant.
In `Random.byte` the expression `t2b('\0')` is recognized as a constant and is replaced with a single constant compiled into the function's bytecode.
This means that every time you run `Random.byte`, rather than creating a new `str` object (or `bytes` in Python 3) it's reusing the same one each time, and `wc_RNG_GenerateByte` is writing right into that constant object's buffer; hence the following behavior:
```
In [55]: rng = Random()
In [56]: a = rng.byte()
In [57]: a
Out[57]: "'"
In [58]: rng.byte()
Out[58]: '\x11'
In [59]: a
Out[59]: '\x11'
In [60]: rng.byte()
Out[60]: '\x16'
In [61]: a
Out[61]: '\x16'
In [62]: rng.byte.__func__.__code__.co_consts
Out[62]:
('\n Generate and return a random byte.\n ',
'\x16',
0,
'RNG generate byte error (%d)')
In [63]: rng.byte()
Out[63]: '\xad'
In [64]: rng.byte.__func__.__code__.co_consts
Out[64]:
('\n Generate and return a random byte.\n ',
'\xad',
0,
'RNG generate byte error (%d)')
```
`Random.bytes` does not necessarily have this problem since its result buffer is not a constant expression, though I feel like it could also in principle be affected if the string were interned (though I couldn't produce such a result). Nevertheless, it doesn't seem like a good idea to be updating `str` objects' buffers directly.
wolfcrypt: the wolfSSL Crypto Engine
====================================
**wolfCrypt Python**, a.k.a. ``wolfcrypt`` is a Python library that encapsulates
**wolfSSL's wolfCrypt API**.
`wolfCrypt <https://wolfssl.com/wolfSSL/Products-wolfcrypt.html>`_ is a
lightweight, portable, C-language-based crypto library
targeted at IoT, embedded, and RTOS environments primarily because of its size,
speed, and feature set. It works seamlessly in desktop, enterprise, and cloud
environments as well. It is the crypto engine behind `wolfSSl's embedded ssl
library <https://wolfssl.com/wolfSSL/Products-wolfssl.html>`_.
Installation
------------
In order to use ``wolfcrypt``, first you'll need to install ``wolfssl`` C
embedded ssl library.
Installing ``wolfssl`` :
~~~~~~~~~~~~~~~~~~~~~~~~
**Mac OSX**
.. code-block:: console
brew install wolfssl
or
.. code-block:: console
git clone https://github.com/wolfssl/wolfssl.git
cd wolfssl/
./autogen.sh
./configure --enable-sha512
make
sudo make install
**Ubuntu**
.. code-block:: console
sudo apt-get update
sudo apt-get install -y git autoconf libtool
git clone https://github.com/wolfssl/wolfssl.git
cd wolfssl/
./autogen.sh
./configure --enable-sha512
make
sudo make install
sudo ldconfig
**CentOS**
.. code-block:: console
sudo rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-6.noarch.rpm
sudo yum update
sudo yum install -y git autoconf libtool
git clone git@github.com:wolfssl/wolfssl.git
cd wolfssl
./autogen.sh
./configure --enable-sha512
make
sudo make install
echo /usr/local/lib > wolfssl.conf
sudo mv wolfssl.conf /etc/ld.so.conf
sudo ldconfig
Installing ``wolfcrypt`` :
~~~~~~~~~~~~~~~~~~~~~~~~~~
**Mac OSX**
.. code-block:: console
sudo -H pip install wolfcrypt
**Ubuntu**
.. code-block:: console
sudo apt-get install -y python-dev python3-dev python-pip libffi-dev
sudo -H pip install wolfcrypt
**CentOS**
.. code-block:: console
sudo yum install -y python-devel python3-devel python-pip libffi-devel
sudo -H pip install wolfcrypt
Testing ``wolfcrypt`` :
~~~~~~~~~~~~~~~~~~~~~~~
.. code-block:: console
python -c "from wolfcrypt.hashes import Sha; print Sha().hexdigest()"
expected output: **da39a3ee5e6b4b0d3255bfef95601890afd80709**
Testing ``wolfcrypt``'s source code with ``tox`` :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To run the unit tests in the source code, you'll need ``tox`` and a few other
requirements. The source code relies at 'WOLFSSL_DIR/wrapper/python/wolfcrypt'
where WOLFSSL_DIR is the path of ``wolfssl``'s source code.
1. Make sure that the testing requirements are installed:
.. code-block:: console
$ sudo -H pip install -r requirements-testing.txt
2. Run ``tox``:
.. code-block:: console
$ tox
...
_________________________________ summary _________________________________
py27: commands succeeded
SKIPPED: py34: InterpreterNotFound: python3.4
py35: commands succeeded
congratulations :)
Note: the test is performed using multiple versions of python. If you are
missing a version the test will be skipped with an **InterpreterNotFound
error**.