29
29
))
30
30
31
31
NON_HMAC_DIGEST_NAMES = frozenset ({
32
- 'shake_128' , 'shake_256' , 'blake2s' , 'blake2b'
32
+ 'shake_128' , 'shake_256' ,
33
+ 'blake2s' , 'blake2b' ,
33
34
})
34
35
35
- # Mapping from a "canonical" name to a pair (HACL*, _hashlib.*, hashlib.*)
36
- # constructors. If the constructor name is None, then this means that the
37
- # algorithm can only be used by the "agile" new() interfaces.
38
36
39
37
class HashAPI (namedtuple ("HashAPI" , "builtin openssl hashlib" )):
40
38
@@ -50,6 +48,9 @@ def fullname(self, typ):
50
48
raise AssertionError (f"unknown type: { typ } " )
51
49
52
50
51
+ # Mapping from a "canonical" name to a pair (HACL*, _hashlib.*, hashlib.*)
52
+ # constructors. If the constructor name is None, then this means that the
53
+ # algorithm can only be used by the "agile" new() interfaces.
53
54
_EXPLICIT_CONSTRUCTORS = MappingProxyType ({
54
55
"md5" : HashAPI ("_md5.md5" , "openssl_md5" , "md5" ),
55
56
"sha1" : HashAPI ("_sha1.sha1" , "openssl_sha1" , "sha1" ),
@@ -66,7 +67,6 @@ def fullname(self, typ):
66
67
"blake2s" : HashAPI ("_blake2.blake2s" , None , "blake2s" ),
67
68
"blake2b" : HashAPI ("_blake2.blake2b" , None , "blake2b" ),
68
69
})
69
-
70
70
assert _EXPLICIT_CONSTRUCTORS .keys () == CANONICAL_DIGEST_NAMES
71
71
72
72
_EXPLICIT_HMAC_CONSTRUCTORS = {
@@ -78,6 +78,8 @@ def fullname(self, typ):
78
78
}
79
79
_EXPLICIT_HMAC_CONSTRUCTORS ['shake_128' ] = None
80
80
_EXPLICIT_HMAC_CONSTRUCTORS ['shake_256' ] = None
81
+ # Strictly speaking, HMAC-BLAKE is meaningless as BLAKE2 is already a
82
+ # keyed hash function. However, as it's exposed by HACL*, we test it.
81
83
_EXPLICIT_HMAC_CONSTRUCTORS ['blake2s' ] = '_hmac.compute_blake2s_32'
82
84
_EXPLICIT_HMAC_CONSTRUCTORS ['blake2b' ] = '_hmac.compute_blake2b_32'
83
85
_EXPLICIT_HMAC_CONSTRUCTORS = MappingProxyType (_EXPLICIT_HMAC_CONSTRUCTORS )
0 commit comments