search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3/smbd: remove connection_struct from get_ea_list_from_file_path
[Samba.git] / lib / crypto / py_crypto.c
blobad18d3ada0f97fdbf39b7786f970f289b734760e
1 /*
2 Unix SMB/CIFS implementation.
3 Samba crypto functions
4
5 Copyright (C) Alexander Bokovoy <ab@samba.org> 2017
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <Python.h>
22 #include "includes.h"
23 #include "python/py3compat.h"
24
25 #include <gnutls/gnutls.h>
26 #include <gnutls/crypto.h>
27 #include "lib/crypto/gnutls_helpers.h"
28
29 static PyObject *py_crypto_arcfour_crypt_blob(PyObject *module, PyObject *args)
30 {
31 DATA_BLOB data;
32 PyObject *py_data, *py_key, *result;
33 TALLOC_CTX *ctx;
34 gnutls_cipher_hd_t cipher_hnd = NULL;
35 gnutls_datum_t key;
36 int rc;
37
38 if (!PyArg_ParseTuple(args, "OO", &py_data, &py_key))
39 return NULL;
40
41 if (!PyBytes_Check(py_data)) {
42 PyErr_Format(PyExc_TypeError, "bytes expected");
43 return NULL;
44 }
45
46 if (!PyBytes_Check(py_key)) {
47 PyErr_Format(PyExc_TypeError, "bytes expected");
48 return NULL;
49 }
50
51 ctx = talloc_new(NULL);
52
53 data.length = PyBytes_Size(py_data);
54 data.data = talloc_memdup(ctx, PyBytes_AsString(py_data), data.length);
55 if (!data.data) {
56 talloc_free(ctx);
57 return PyErr_NoMemory();
58 }
59
60 key = (gnutls_datum_t) {
61 .data = (uint8_t *)PyBytes_AsString(py_key),
62 .size = PyBytes_Size(py_key),
63 };
64
65 rc = gnutls_cipher_init(&cipher_hnd,
66 GNUTLS_CIPHER_ARCFOUR_128,
67 &key,
68 NULL);
69 if (rc < 0) {
70 talloc_free(ctx);
71 PyErr_Format(PyExc_OSError, "encryption failed");
72 return NULL;
73 }
74 rc = gnutls_cipher_encrypt(cipher_hnd,
75 data.data,
76 data.length);
77 gnutls_cipher_deinit(cipher_hnd);
78 if (rc < 0) {
79 talloc_free(ctx);
80 PyErr_Format(PyExc_OSError, "encryption failed");
81 return NULL;
82 }
83
84 result = PyBytes_FromStringAndSize((const char*) data.data, data.length);
85 talloc_free(ctx);
86 return result;
87 }
88
89 static PyObject *py_crypto_set_relax_mode(PyObject *module)
90 {
91 GNUTLS_FIPS140_SET_LAX_MODE();
92
93 Py_RETURN_NONE;
94 }
95
96 static PyObject *py_crypto_set_strict_mode(PyObject *module)
97 {
98 GNUTLS_FIPS140_SET_STRICT_MODE();
99
100 Py_RETURN_NONE;
101 }
102
103 static const char py_crypto_arcfour_crypt_blob_doc[] = "arcfour_crypt_blob(data, key)\n"
104 "Encrypt the data with RC4 algorithm using the key";
105
106 static PyMethodDef py_crypto_methods[] = {
107 { "arcfour_crypt_blob", (PyCFunction)py_crypto_arcfour_crypt_blob, METH_VARARGS, py_crypto_arcfour_crypt_blob_doc },
108 { "set_relax_mode", (PyCFunction)py_crypto_set_relax_mode, METH_NOARGS, "Set fips to relax mode" },
109 { "set_strict_mode", (PyCFunction)py_crypto_set_strict_mode, METH_NOARGS, "Set fips to strict mode" },
110 {0},
111 };
112
113 static struct PyModuleDef moduledef = {
114 PyModuleDef_HEAD_INIT,
115 .m_name = "crypto",
116 .m_doc = "Crypto functions required for SMB",
117 .m_size = -1,
118 .m_methods = py_crypto_methods,
119 };
120
121 MODULE_INIT_FUNC(crypto)
122 {
123 PyObject *m;
124
125 m = PyModule_Create(&moduledef);
126 if (m == NULL)
127 return NULL;
128
129 return m;
130 }
Samba GIT mirror