2 Unix SMB/CIFS implementation.
5 Copyright (C) Alexander Bokovoy <ab@samba.org> 2017
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "python/py3compat.h"
25 #include <gnutls/gnutls.h>
26 #include <gnutls/crypto.h>
27 #include "lib/crypto/gnutls_helpers.h"
29 static PyObject
*py_crypto_arcfour_crypt_blob(PyObject
*module
, PyObject
*args
)
32 PyObject
*py_data
, *py_key
, *result
;
34 gnutls_cipher_hd_t cipher_hnd
= NULL
;
38 if (!PyArg_ParseTuple(args
, "OO", &py_data
, &py_key
))
41 if (!PyBytes_Check(py_data
)) {
42 PyErr_Format(PyExc_TypeError
, "bytes expected");
46 if (!PyBytes_Check(py_key
)) {
47 PyErr_Format(PyExc_TypeError
, "bytes expected");
51 ctx
= talloc_new(NULL
);
53 data
.length
= PyBytes_Size(py_data
);
54 data
.data
= talloc_memdup(ctx
, PyBytes_AsString(py_data
), data
.length
);
57 return PyErr_NoMemory();
60 key
= (gnutls_datum_t
) {
61 .data
= (uint8_t *)PyBytes_AsString(py_key
),
62 .size
= PyBytes_Size(py_key
),
65 rc
= gnutls_cipher_init(&cipher_hnd
,
66 GNUTLS_CIPHER_ARCFOUR_128
,
71 PyErr_Format(PyExc_OSError
, "encryption failed");
74 rc
= gnutls_cipher_encrypt(cipher_hnd
,
77 gnutls_cipher_deinit(cipher_hnd
);
80 PyErr_Format(PyExc_OSError
, "encryption failed");
84 result
= PyBytes_FromStringAndSize((const char*) data
.data
, data
.length
);
89 static PyObject
*py_crypto_set_relax_mode(PyObject
*module
)
91 GNUTLS_FIPS140_SET_LAX_MODE();
96 static PyObject
*py_crypto_set_strict_mode(PyObject
*module
)
98 GNUTLS_FIPS140_SET_STRICT_MODE();
103 static const char py_crypto_arcfour_crypt_blob_doc
[] = "arcfour_crypt_blob(data, key)\n"
104 "Encrypt the data with RC4 algorithm using the key";
106 static PyMethodDef py_crypto_methods
[] = {
107 { "arcfour_crypt_blob", (PyCFunction
)py_crypto_arcfour_crypt_blob
, METH_VARARGS
, py_crypto_arcfour_crypt_blob_doc
},
108 { "set_relax_mode", (PyCFunction
)py_crypto_set_relax_mode
, METH_NOARGS
, "Set fips to relax mode" },
109 { "set_strict_mode", (PyCFunction
)py_crypto_set_strict_mode
, METH_NOARGS
, "Set fips to strict mode" },
113 static struct PyModuleDef moduledef
= {
114 PyModuleDef_HEAD_INIT
,
116 .m_doc
= "Crypto functions required for SMB",
118 .m_methods
= py_crypto_methods
,
121 MODULE_INIT_FUNC(crypto
)
125 m
= PyModule_Create(&moduledef
);