├── docs ├── index.rst ├── Makefile └── conf.py ├── setup.cfg ├── Makefile ├── .github └── workflows │ └── pythonpackage.yml ├── Changes.rst ├── setup.py ├── test └── test.py ├── common.mk ├── rehash ├── structs.py └── __init__.py ├── README.rst └── LICENSE /docs/index.rst: -------------------------------------------------------------------------------- 1 | .. include:: ../README.rst 2 | -------------------------------------------------------------------------------- /setup.cfg: -------------------------------------------------------------------------------- 1 | [bdist_wheel] 2 | universal=1 3 | [flake8] 4 | max-line-length=120 5 | ignore: E301, E302, E401, E261, E265, E226, F401, E501 6 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | test_deps: 2 | pip install coverage flake8 wheel 3 | 4 | lint: test_deps 5 | flake8 rehash 6 | 7 | test: test_deps lint 8 | coverage run --source=$$(python setup.py --name) ./test/test.py 9 | 10 | init_docs: 11 | cd docs; sphinx-quickstart 12 | 13 | docs: 14 | $(MAKE) -C docs html 15 | 16 | install: clean 17 | pip install wheel 18 | python setup.py bdist_wheel 19 | pip install --upgrade dist/*.whl 20 | 21 | clean: 22 | -rm -rf build dist 23 | -rm -rf *.egg-info 24 | 25 | .PHONY: lint test test_deps docs install clean 26 | 27 | include common.mk 28 | -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- 1 | # Minimal makefile for Sphinx documentation 2 | # 3 | 4 | # You can set these variables from the command line, and also 5 | # from the environment for the first two. 6 | SPHINXOPTS ?= 7 | SPHINXBUILD ?= sphinx-build 8 | SOURCEDIR = . 9 | BUILDDIR = _build 10 | 11 | # Put it first so that "make" without argument is like "make help". 12 | help: 13 | @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) 14 | 15 | .PHONY: help Makefile 16 | 17 | # Catch-all target: route all unknown targets to Sphinx using the new 18 | # "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). 19 | %: Makefile 20 | @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) 21 | -------------------------------------------------------------------------------- /.github/workflows/pythonpackage.yml: -------------------------------------------------------------------------------- 1 | name: Python package 2 | 3 | on: [push, pull_request] 4 | 5 | jobs: 6 | build: 7 | 8 | runs-on: ${{matrix.os}} 9 | strategy: 10 | max-parallel: 16 11 | matrix: 12 | # os: [ubuntu-18.04, ubuntu-20.04, ubuntu-22.04, macos-10.15] 13 | os: [ubuntu-18.04, ubuntu-20.04] 14 | python-version: [3.6, 3.7, 3.8, 3.9, "3.10"] 15 | 16 | steps: 17 | - uses: actions/checkout@v2 18 | - name: Set up Python ${{matrix.python-version}} 19 | uses: actions/setup-python@v2 20 | with: 21 | python-version: ${{matrix.python-version}} 22 | - name: Install dependencies 23 | run: | 24 | python -m pip install --upgrade pip 25 | pip install --quiet codecov wheel 26 | make install 27 | - name: Test 28 | run: | 29 | make test 30 | -------------------------------------------------------------------------------- /Changes.rst: -------------------------------------------------------------------------------- 1 | Changes for v1.0.1 (2022-08-28) 2 | =============================== 3 | 4 | - Disclaim support for OpenSSL 3 5 | 6 | - Test and release infrastructure improvements 7 | 8 | Changes for v1.0.0 (2019-10-23) 9 | =============================== 10 | 11 | - Update EVPobject layout for Python 3.8 12 | 13 | - Test and release infrastructure improvements 14 | 15 | - Bump version to 1.0.0 to indicate stable API 16 | 17 | Changes for v0.3.1 (2017-11-23) 18 | =============================== 19 | 20 | Fix EVPobject layout in Python 3.5.0 through 3.5.2 21 | 22 | Changes for v0.3.0 (2017-08-08) 23 | =============================== 24 | 25 | - Support Python >= 2.7, < 2.7.9, which does not have 26 | hashlib.algorithms\_guaranteed 27 | 28 | - Don't expose unsupported hashers 29 | 30 | - Documentation improvements 31 | 32 | Changes for v0.2.1 (2017-07-13) 33 | =============================== 34 | 35 | - Hashlib API compat fixes 36 | 37 | Changes for v0.2.0 (2017-07-13) 38 | =============================== 39 | 40 | - Fix for version-dependent compat with EVPobject 41 | 42 | Changes for v0.1.0 (2017-07-12) 43 | =============================== 44 | 45 | - Initial release 46 | 47 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import os, glob 4 | from setuptools import setup, find_packages 5 | 6 | setup( 7 | name='rehash', 8 | version='1.0.1', 9 | url='https://github.com/kislyuk/rehash', 10 | license='Apache Software License', 11 | author='Andrey Kislyuk', 12 | author_email='kislyuk@gmail.com', 13 | description="Resumable hashlib: a picklable interface to CPython's OpenSSL-based hashlib standard library", 14 | long_description=open('README.rst').read(), 15 | packages=find_packages(exclude=['test']), 16 | include_package_data=True, 17 | platforms=['MacOS X', 'Posix'], 18 | test_suite='test', 19 | classifiers=[ 20 | 'Intended Audience :: Developers', 21 | 'License :: OSI Approved :: Apache Software License', 22 | 'Operating System :: MacOS :: MacOS X', 23 | 'Operating System :: POSIX', 24 | 'Programming Language :: Python', 25 | 'Programming Language :: Python :: 3.6', 26 | 'Programming Language :: Python :: 3.7', 27 | 'Programming Language :: Python :: 3.8', 28 | 'Programming Language :: Python :: 3.9', 29 | 'Programming Language :: Python :: 3.10', 30 | 'Development Status :: 5 - Production/Stable', 31 | 'Topic :: Software Development :: Libraries :: Python Modules' 32 | ] 33 | ) 34 | -------------------------------------------------------------------------------- /docs/conf.py: -------------------------------------------------------------------------------- 1 | # Configuration file for the Sphinx documentation builder. 2 | # 3 | # This file only contains a selection of the most common options. For a full 4 | # list see the documentation: 5 | # https://www.sphinx-doc.org/en/master/usage/configuration.html 6 | 7 | # -- Path setup -------------------------------------------------------------- 8 | 9 | # If extensions (or modules to document with autodoc) are in another directory, 10 | # add these directories to sys.path here. If the directory is relative to the 11 | # documentation root, use os.path.abspath to make it absolute, like shown here. 12 | # 13 | # import os 14 | # import sys 15 | # sys.path.insert(0, os.path.abspath('.')) 16 | 17 | 18 | # -- Project information ----------------------------------------------------- 19 | 20 | project = 'rehash' 21 | copyright = '2019, Andrey Kislyuk' 22 | author = 'Andrey Kislyuk' 23 | 24 | 25 | # -- General configuration --------------------------------------------------- 26 | 27 | # Add any Sphinx extension module names here, as strings. They can be 28 | # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom 29 | # ones. 30 | extensions = [ 31 | ] 32 | 33 | # Add any paths that contain templates here, relative to this directory. 34 | templates_path = ['_templates'] 35 | 36 | # List of patterns, relative to source directory, that match files and 37 | # directories to ignore when looking for source files. 38 | # This pattern also affects html_static_path and html_extra_path. 39 | exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] 40 | 41 | 42 | # -- Options for HTML output ------------------------------------------------- 43 | 44 | # The theme to use for HTML and HTML Help pages. See the documentation for 45 | # a list of builtin themes. 46 | # 47 | html_theme = 'default' 48 | 49 | # Add any paths that contain custom static files (such as style sheets) here, 50 | # relative to this directory. They are copied after the builtin static files, 51 | # so a file named "default.css" will overwrite the builtin "default.css". 52 | html_static_path = ['_static'] 53 | 54 | master_doc = 'index' 55 | -------------------------------------------------------------------------------- /test/test.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import os, sys, unittest, tempfile, json, logging, pickle, hashlib, ssl 4 | 5 | sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '..'))) # noqa 6 | 7 | import rehash 8 | 9 | print("OpenSSL version:", ssl.OPENSSL_VERSION) 10 | 11 | class TestResumableHasher(unittest.TestCase): 12 | def setUp(self): 13 | logging.basicConfig(level="DEBUG") 14 | 15 | def assert_resumable(self, hasher): 16 | hasher.update(b"foo") 17 | state = pickle.dumps(hasher) 18 | hasher2 = pickle.loads(state) 19 | hasher.update(b"bar"*1024*1024) 20 | hasher2.update(b"bar"*1024*1024) 21 | self.assertEqual(hasher.digest(), hasher2.digest()) 22 | 23 | def test_basic_statements(self): 24 | for algorithm in hashlib.algorithms_guaranteed: 25 | if algorithm.startswith("blake2") or algorithm.startswith("sha3") or algorithm.startswith("shake"): 26 | with self.assertRaises(Exception): 27 | rehash.ResumableHasher(algorithm.lower()) 28 | else: 29 | print(algorithm) 30 | self.assert_resumable(rehash.new(algorithm.lower())) 31 | self.assert_resumable(rehash.new(algorithm.lower(), b"initial_data")) 32 | self.assert_resumable(rehash.ResumableHasher(algorithm.lower())) 33 | self.assert_resumable(rehash.ResumableHasher(algorithm.lower(), b"initial_data")) 34 | self.assert_resumable(getattr(rehash, algorithm)()) 35 | self.assert_resumable(getattr(rehash, algorithm)(b"initial_data")) 36 | 37 | def test_repr(self): 38 | # Some of the memory at the tail of the hasher state is uninitialized at initial state 39 | self.assertEqual( 40 | repr(rehash.sha256())[:64], 41 | "rehash.sha256(state='eJxLf8aZ1boufXfR5zwbq6/+S+uD+AJ7Mlhnr77ZLC959kE0AxWBAhDfa7Ku5N63OAIAWHETSw==')"[:64] 42 | ) 43 | rehash.opaque_repr = True 44 | self.assertEqual( 45 | repr(rehash.sha256()), 46 | "rehash.sha256()" 47 | ) 48 | 49 | def test_doc_example(self): 50 | import pickle, rehash 51 | hasher = rehash.sha256(b"foo") 52 | state = pickle.dumps(hasher) 53 | 54 | hasher2 = pickle.loads(state) 55 | hasher2.update(b"bar") 56 | 57 | assert hasher2.hexdigest() == rehash.sha256(b"foobar").hexdigest() 58 | 59 | 60 | if __name__ == '__main__': 61 | unittest.main() 62 | -------------------------------------------------------------------------------- /common.mk: -------------------------------------------------------------------------------- 1 | SHELL=/bin/bash -eo pipefail 2 | 3 | release-major: 4 | $(eval export TAG=$(shell git describe --tags --match 'v*.*.*' | perl -ne '/^v(\d+)\.(\d+)\.(\d+)/; print "v@{[$$1+1]}.0.0"')) 5 | $(MAKE) release 6 | 7 | release-minor: 8 | $(eval export TAG=$(shell git describe --tags --match 'v*.*.*' | perl -ne '/^v(\d+)\.(\d+)\.(\d+)/; print "v$$1.@{[$$2+1]}.0"')) 9 | $(MAKE) release 10 | 11 | release-patch: 12 | $(eval export TAG=$(shell git describe --tags --match 'v*.*.*' | perl -ne '/^v(\d+)\.(\d+)\.(\d+)/; print "v$$1.$$2.@{[$$3+1]}"')) 13 | $(MAKE) release 14 | 15 | release: 16 | @if ! git diff --cached --exit-code; then echo "Commit staged files before proceeding"; exit 1; fi 17 | @if [[ -z $$TAG ]]; then echo "Use release-{major,minor,patch}"; exit 1; fi 18 | @if ! type -P pandoc; then echo "Please install pandoc"; exit 1; fi 19 | @if ! type -P sponge; then echo "Please install moreutils"; exit 1; fi 20 | @if ! type -P http; then echo "Please install httpie"; exit 1; fi 21 | @if ! type -P twine; then echo "Please install twine"; exit 1; fi 22 | $(eval REMOTE=$(shell git remote get-url origin | perl -ne '/([^\/\:]+\/[^\/\:]+?)(\.git)?$$/; print $$1')) 23 | $(eval GIT_USER=$(shell git config --get user.email)) 24 | $(eval GH_AUTH=$(shell if grep -q '@github.com' ~/.git-credentials; then echo $$(grep '@github.com' ~/.git-credentials | python3 -c 'import sys, urllib.parse as p; print(p.urlparse(sys.stdin.read()).netloc.split("@")[0])'); else echo $(GIT_USER); fi)) 25 | $(eval RELEASES_API=https://api.github.com/repos/${REMOTE}/releases) 26 | $(eval UPLOADS_API=https://uploads.github.com/repos/${REMOTE}/releases) 27 | git pull 28 | git clean -x --force $$(python setup.py --name) 29 | sed -i -e "s/version=\([\'\"]\)[0-9]*\.[0-9]*\.[0-9]*/version=\1$${TAG:1}/" setup.py 30 | git add setup.py 31 | TAG_MSG=$$(mktemp); \ 32 | echo "# Changes for ${TAG} ($$(date +%Y-%m-%d))" > $$TAG_MSG; \ 33 | git log --pretty=format:%s $$(git describe --abbrev=0)..HEAD >> $$TAG_MSG; \ 34 | $${EDITOR:-emacs} $$TAG_MSG; \ 35 | if [[ -f Changes.md ]]; then cat $$TAG_MSG <(echo) Changes.md | sponge Changes.md; git add Changes.md; fi; \ 36 | if [[ -f Changes.rst ]]; then cat <(pandoc --from markdown --to rst $$TAG_MSG) <(echo) Changes.rst | sponge Changes.rst; git add Changes.rst; fi; \ 37 | git commit -m ${TAG}; \ 38 | git tag --sign --annotate --file $$TAG_MSG ${TAG} 39 | git push --follow-tags 40 | http --check-status --auth ${GH_AUTH} ${RELEASES_API} tag_name=${TAG} name=${TAG} \ 41 | body="$$(git tag --list ${TAG} -n99 | perl -pe 's/^\S+\s*// if $$. == 1' | sed 's/^\s\s\s\s//')" 42 | $(MAKE) install 43 | http --check-status --auth ${GH_AUTH} POST ${UPLOADS_API}/$$(http --auth ${GH_AUTH} ${RELEASES_API}/latest | jq .id)/assets \ 44 | name==$$(basename dist/*.whl) label=="Python Wheel" < dist/*.whl 45 | $(MAKE) release-pypi 46 | 47 | release-pypi: 48 | python -m build 49 | twine upload dist/*.tar.gz dist/*.whl --sign --verbose 50 | 51 | .PHONY: release 52 | -------------------------------------------------------------------------------- /rehash/structs.py: -------------------------------------------------------------------------------- 1 | from ssl import OPENSSL_VERSION 2 | from sys import version_info as PYTHON_VERSION 3 | from ctypes import c_void_p, POINTER, Structure, c_int, c_ulong, c_char, c_size_t, c_ssize_t, py_object 4 | 5 | PyObject_HEAD = [ 6 | ('ob_refcnt', c_size_t), 7 | ('ob_type', c_void_p) 8 | ] 9 | 10 | # OpenSSL struct evp_md_st 11 | # OpenSSL 1.0.2 and earlier: 12 | # https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/evp/evp.h#L159-L181 13 | # OpenSSL 1.1.0: 14 | # https://github.com/openssl/openssl/blob/OpenSSL_1_1_0-stable/crypto/include/internal/evp_int.h#L88-L102 15 | # OpenSSL 1.1.1 and later: 16 | # https://github.com/openssl/openssl/blob/master/include/crypto/evp.h#L247-L288 17 | class EVP_MD(Structure): 18 | _fields_ = [ 19 | ('type', c_int), 20 | ('pkey_type', c_int), 21 | ('md_size', c_int), 22 | ('flags', c_ulong), 23 | ] 24 | if OPENSSL_VERSION >= "OpenSSL 3.0.0": 25 | _fields_ += [ 26 | ('origin', c_int), 27 | ] 28 | _fields_ += [ 29 | ('init', c_void_p), 30 | ('update', c_void_p), 31 | ('final', c_void_p), 32 | ('copy', c_void_p), 33 | ('cleanup', c_void_p), 34 | ] 35 | if OPENSSL_VERSION < "OpenSSL 1.1.0": 36 | _fields_ += [ 37 | ('sign', c_void_p), 38 | ('verify', c_void_p), 39 | ('required_pkey_type', c_int * 5), 40 | ] 41 | _fields_ += [ 42 | ('block_size', c_int), 43 | ('ctx_size', c_int), 44 | ] 45 | 46 | # OpenSSL struct evp_md_ctx_st 47 | # OpenSSL 1.1.0 and earlier: 48 | # https://github.com/openssl/openssl/blob/master/crypto/evp/evp_locl.h#L12-L22 49 | # OpenSSL 1.1.1 and later, before 3.0.0: 50 | # https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/crypto/evp/evp_local.h#L12-L22 51 | # OpenSSL 3.0.0 and later: 52 | # https://github.com/openssl/openssl/blob/master/crypto/evp/evp_local.h#L16-L34 53 | class EVP_MD_CTX(Structure): 54 | _fields_ = [ 55 | ('digest', POINTER(EVP_MD)), 56 | ('engine', c_void_p), 57 | ('flags', c_ulong), 58 | ('md_data', POINTER(c_char)), 59 | ] 60 | if OPENSSL_VERSION >= "OpenSSL 3.0.0": 61 | _fields_ = [ 62 | ('reqdigest', POINTER(EVP_MD)), 63 | ] + _fields_ + [ 64 | ('pctx', c_void_p), 65 | ('update', c_void_p), 66 | ('algctx', c_void_p), 67 | ('fetched_digest', POINTER(EVP_MD)), 68 | ] 69 | 70 | # Python 3.8+: https://github.com/python/cpython/blob/master/Modules/_hashopenssl.c#L58-L64 71 | # Python 3.5.3 - 3.7: https://github.com/python/cpython/blob/3.7/Modules/_hashopenssl.c#L52-L59 72 | # Python 3 - 3.5.2: https://github.com/python/cpython/blob/3.4/Modules/_hashopenssl.c#L39-L46 73 | # Python 2.7.13+: https://github.com/python/cpython/blob/2.7/Modules/_hashopenssl.c#L71-L78 74 | class EVPobject(Structure): 75 | _fields_ = PyObject_HEAD + ( 76 | [("name", POINTER(py_object))] if PYTHON_VERSION < (3, 8) else [] 77 | ) + [ 78 | ("ctx", EVP_MD_CTX if (3, 0) < PYTHON_VERSION < (3, 5, 3) or PYTHON_VERSION < (2, 7, 13) else POINTER(EVP_MD_CTX)) 79 | ] 80 | -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- 1 | Rehash: Resumable Hashlib 2 | ========================= 3 | 4 | Rehash is a resumable interface to the OpenSSL-based hashers (message digest objects) in the 5 | CPython ``hashlib`` standard library. Rehash provides hashers that 6 | can be pickled, persisted and reconstituted from their ``repr()``, 7 | and otherwise serialized. The rest of the Rehash API is identical to 8 | ``hashlib``. 9 | 10 | Rehash hashers can be used to checkpoint and restore progress 11 | when hashing large byte streams: 12 | 13 | .. code-block:: python 14 | 15 | import pickle, rehash 16 | hasher = rehash.sha256(b"foo") 17 | state = pickle.dumps(hasher) 18 | 19 | hasher2 = pickle.loads(state) 20 | hasher2.update(b"bar") 21 | 22 | assert hasher2.hexdigest() == rehash.sha256(b"foobar").hexdigest() 23 | 24 | Installation 25 | ------------ 26 | :: 27 | 28 | pip install rehash 29 | 30 | Applications 31 | ~~~~~~~~~~~~ 32 | Rehash is useful in any situation when your VM is short-lived or preemptible, and the object you're hashing is huge. For 33 | example, Rehash can be used to hand off the hashing state of large objects between AWS Lambda functions or Google Cloud 34 | Functions, which have runtime limits of 15 and 9 minutes, respectively. 35 | 36 | .. admonition:: Non-openssl hashers 37 | 38 | ``sha3`` and ``blake2`` hash algorithms in Python 3.6 are not OpenSSL-based and not supported by rehash. 39 | 40 | .. admonition:: PyPy 41 | 42 | PyPy uses its own hasher implementations. Those are not serializable using rehash. 43 | 44 | .. admonition:: Security note 45 | 46 | By default, rehash objects present themselves with a ``repr()`` that exposes their internal state. This allows one to 47 | resume the hashing from the point where it stopped. If exposed through an untrusted channel under specific conditions, 48 | this could potentially allow an attacker to use an extension attack. If you are unsure about the implications of this, 49 | set ``rehash.opaque_repr = True`` after importing rehash. 50 | 51 | Links 52 | ----- 53 | * `Project home page (GitHub) `_ 54 | * `Documentation (Read the Docs) `_ 55 | * `Package distribution (PyPI) `_ 56 | * `Change log `_ 57 | 58 | Bugs 59 | ~~~~ 60 | Please report bugs, issues, feature requests, etc. on `GitHub `_. 61 | 62 | License 63 | ------- 64 | Licensed under the terms of the `Apache License, Version 2.0 `_. 65 | 66 | .. image:: https://github.com/kislyuk/rehash/workflows/Python%20package/badge.svg 67 | :target: https://github.com/kislyuk/rehash/actions 68 | .. image:: https://codecov.io/github/kislyuk/rehash/coverage.svg?branch=master 69 | :target: https://codecov.io/github/kislyuk/rehash?branch=master 70 | .. image:: https://img.shields.io/pypi/v/rehash.svg 71 | :target: https://pypi.python.org/pypi/rehash 72 | .. image:: https://img.shields.io/pypi/l/rehash.svg 73 | :target: https://pypi.python.org/pypi/rehash 74 | .. image:: https://readthedocs.org/projects/rehash/badge/?version=latest 75 | :target: https://rehash.readthedocs.org/ 76 | -------------------------------------------------------------------------------- /rehash/__init__.py: -------------------------------------------------------------------------------- 1 | import os, sys, hashlib, base64, zlib 2 | from ctypes import cast, memmove, POINTER, c_void_p 3 | from ssl import OPENSSL_VERSION 4 | 5 | from .structs import EVPobject 6 | 7 | opaque_repr = False 8 | 9 | class ResumableHasher(object): 10 | name = None 11 | _algorithms_guaranteed = getattr(hashlib, 12 | "algorithms_guaranteed", 13 | ["md5", "sha1", "sha224", "sha256", "sha384", "sha512"]) 14 | 15 | def __init__(self, name=None, data=None, state=None): 16 | # Starting with OpenSSL 3.0, the digest algorithm implementations use the "provider" interface described here: 17 | # https://www.openssl.org/docs/manmaster/man7/provider-digest.html 18 | # Support for serializing digest contexts for these implementations is not yet implemented. 19 | if OPENSSL_VERSION >= "OpenSSL 3.0.0": 20 | raise NotImplementedError("OpenSSL 3 is not yet supported. Please use OpenSSL 1.x") 21 | if state is not None: 22 | if not self.name: 23 | raise Exception('Parameter "name" is required') 24 | self.__setstate__(state=dict(name=name, md_data=zlib.decompress(base64.b64decode(state)))) 25 | if data is not None: 26 | self.update(data) 27 | return 28 | if self.name is not None: 29 | data = name 30 | else: 31 | self.name = name 32 | if not self.name: 33 | raise Exception('Parameter "name" is required') 34 | hasher_args = [] if data is None else [data] 35 | self._hasher = self._get_hashlib_hasher(self.name)(*hasher_args) 36 | 37 | def _get_hashlib_hasher(self, name): 38 | if name.startswith("blake2"): 39 | raise Exception("blake2 algorithms are not OpenSSL-based and not supported by rehash") 40 | if name.startswith("sha3"): 41 | # FIXME: sha3 is supported by openssl 1.1.1+ and default in cpython 42 | raise Exception("sha3 algorithms are not supported by rehash") 43 | if name.startswith("shake"): 44 | # FIXME: shake is supported by openssl 1.1.1+ and default in cpython 45 | raise Exception("shake algorithms are not supported by rehash") 46 | if name in self._algorithms_guaranteed: 47 | return getattr(hashlib, name) 48 | else: 49 | return hashlib.new(name) 50 | 51 | def _get_evp_md_ctx(self): 52 | c_evp_obj = cast(c_void_p(id(self._hasher)), POINTER(EVPobject)) 53 | if hasattr(c_evp_obj.contents.ctx, "contents"): 54 | return c_evp_obj.contents.ctx.contents 55 | else: 56 | return c_evp_obj.contents.ctx 57 | 58 | def __getstate__(self): 59 | ctx = self._get_evp_md_ctx() 60 | ctx_size = ctx.digest.contents.ctx_size 61 | hasher_state = ctx.md_data[:ctx_size] 62 | return dict(name=self.name, md_data=hasher_state) 63 | 64 | def __setstate__(self, state): 65 | self.name = state["name"] 66 | self._hasher = self._get_hashlib_hasher(self.name)() 67 | ctx = self._get_evp_md_ctx() 68 | ctx_size = ctx.digest.contents.ctx_size 69 | memmove(ctx.md_data, state["md_data"], ctx_size) 70 | 71 | def __getattr__(self, a): 72 | return getattr(self._hasher, a) 73 | 74 | def __repr__(self): 75 | if opaque_repr: 76 | return "{}.{}()".format(self.__module__, self.__class__.__name__) 77 | else: 78 | md_data = base64.b64encode(zlib.compress(self.__getstate__()["md_data"])).decode() 79 | return "{}.{}(state='{}')".format(self.__module__, self.name, md_data) 80 | 81 | 82 | new = ResumableHasher 83 | 84 | def _initialize(): 85 | module = sys.modules[__name__] 86 | for name in ResumableHasher._algorithms_guaranteed: 87 | if name.startswith("blake2") or name.startswith("sha3") or name.startswith("shake"): 88 | continue 89 | setattr(module, name, type(name, (ResumableHasher,), dict(name=name))) 90 | 91 | 92 | _initialize() 93 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright {yyyy} {name of copyright owner} 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | --------------------------------------------------------------------------------