Skip to content

Add typing: asn, exceptions, hashes, pwdbased, utils.#125

Open
roberthdevries wants to merge 12 commits into
wolfSSL:masterfrom
roberthdevries:add-more-typing
Open

Add typing: asn, exceptions, hashes, pwdbased, utils.#125
roberthdevries wants to merge 12 commits into
wolfSSL:masterfrom
roberthdevries:add-more-typing

Conversation

@roberthdevries

Copy link
Copy Markdown
Contributor

No description provided.

@roberthdevries roberthdevries force-pushed the add-more-typing branch 2 times, most recently from 65d14db to 1c2b082 Compare May 23, 2026 14:02
@Trooper-X

Copy link
Copy Markdown

This also adds the ruff and ty dependencies.
Would be nice if this MR gets merged.

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: REQUEST_CHANGES
Findings: 7 total — 7 posted, 0 skipped
6 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [High] AES-SIV single-block associated-data length uses char count of original input, not encoded byte lengthwolfcrypt/ciphers.py:397-400
  • [Medium] sign_with_seed no longer accepts bytearray/memoryview seeds (regression)wolfcrypt/ciphers.py:2513-2546
  • [Medium] make_key_from_seed now silently UTF-8-encodes a str seed instead of rejecting itwolfcrypt/ciphers.py:2360-2367
  • [Low] ChaCha init renamed size to _size, breaking the documented backward-compatible keywordwolfcrypt/ciphers.py:544
  • [Low] HKDF helpers annotate hash_cls as instance type instead of class typewolfcrypt/hkdf.py:33,78,105
  • [Low] Random no longer nulls native_object on init failure; del frees an uninitialized RNGwolfcrypt/random.py:37-52
  • [Low] RsaPublic.init made key a required positional argumentwolfcrypt/ciphers.py:771-774

Review generated by Skoll

Comment thread wolfcrypt/ciphers.py
Comment thread wolfcrypt/ciphers.py
Comment thread wolfcrypt/ciphers.py
Comment thread wolfcrypt/ciphers.py Outdated
Comment thread wolfcrypt/random.py Outdated
Comment thread wolfcrypt/ciphers.py

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: REQUEST_CHANGES
Findings: 7 total — 7 posted, 0 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [High] New undeclared runtime dependency on typing_extensionswolfcrypt/ciphers.py:28, wolfcrypt/hashes.py:28
  • [Medium] Removed _ffi.from_buffer() drops bytearray/memoryview support for seed/rand inputswolfcrypt/ciphers.py:2383, 2548, 2559, 2067, 2110
  • [Medium] **_Cipher.new() dropped kwargs, breaking PEP 272 extra keyword argumentswolfcrypt/ciphers.py:187-199
  • [Medium] HKDF functions annotate hash_cls as instance type instead of class typewolfcrypt/hkdf.py:33, 78, 105
  • [Medium] asn.py leaves function arguments unannotated while enabling ANN ruff ruleswolfcrypt/asn.py:81, 99
  • [Low] test_mldsa now relies on cffi's low-level TypeError instead of an explicit guardtests/test_mldsa.py:186
  • [Low] RsaPublic.init made key a required positional argumentwolfcrypt/ciphers.py:781

Review generated by Skoll

Comment thread wolfcrypt/ciphers.py
Comment thread wolfcrypt/asn.py Outdated
Comment thread tests/test_mldsa.py Outdated
Comment thread wolfcrypt/ciphers.py

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 3 total — 3 posted, 0 skipped
3 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] ML-DSA seed handling: bytearray/memoryview now rejected, and the two seed methods validate inconsistentlywolfcrypt/ciphers.py:2371-2392 (make_key_from_seed), 2516-2540 (sign_with_seed)
  • [Low] *ML-KEM _with_random helpers no longer accept bytearray/memoryview for randwolfcrypt/ciphers.py:2059-2077 (encapsulate_with_random), 2103-2119 (make_key_with_random)
  • [Low] hkdf.py forces a runtime import of _Hmac for a type annotation (no from future import annotations)wolfcrypt/hkdf.py:30-33

Review generated by Skoll

Comment thread wolfcrypt/ciphers.py
Comment thread wolfcrypt/hkdf.py
Comment thread wolfcrypt/ciphers.py

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 4 total — 4 posted, 0 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] ML-DSA seed validation now rejects bytearray/memoryview (regression)wolfcrypt/ciphers.py:2383,2537
  • [Medium] Advertised list/tuple seed support is untested and likely fails at the cffi boundarywolfcrypt/ciphers.py:2372,2391
  • [Low] setup.py install_requires not synced with new typing-extensions runtime dependencysetup.py:62-63
  • [Low] Hard runtime import of private cffi symbol _cffi_backend.Lib only to satisfy a castwolfcrypt/__init__.py:20-22,56

Review generated by Skoll

Comment thread wolfcrypt/ciphers.py Outdated
Comment thread wolfcrypt/ciphers.py Outdated
Comment thread setup.py Outdated
Comment thread wolfcrypt/__init__.py Outdated

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See #125 (review)
If you disagree just make note. We are getting close on this and thank you for your efforts

dgarske
dgarske previously approved these changes Jun 22, 2026
@dgarske dgarske assigned dgarske and unassigned roberthdevries Jun 22, 2026

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 4 total — 4 posted, 0 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] typing-extensions dependency has no minimum version (override requires =4.4.0)pyproject.toml:27
  • [Low] bytes(seed) silently accepts an int, dropping the friendly type check for ML-DSA seedswolfcrypt/ciphers.py:2383,2536
  • [Info] New module wolfcrypt/types.py shadows the stdlib types module namewolfcrypt/types.py:1
  • [Info] Inconsistent # ty:ignore comment lacks the space used everywhere elsewolfcrypt/__init__.py:53

Review generated by Skoll

Comment thread pyproject.toml Outdated
Comment thread wolfcrypt/ciphers.py
Comment thread wolfcrypt/types.py Outdated
Comment thread wolfcrypt/__init__.py Outdated
@dgarske dgarske assigned dgarske and unassigned roberthdevries Jun 23, 2026
@dgarske dgarske removed their assignment Jul 2, 2026

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please also resolve merge conflicts.

#125 (review)

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 2 total — 2 posted, 0 skipped
2 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Low] *MlKem _with_random drops buffer-protocol support for randwolfcrypt/ciphers.py:2096-2098,2140
  • [Low] setup.py dependencies out of sync with pyproject (typing-extensions)setup.py:62-63

Review generated by Skoll

Comment thread wolfcrypt/ciphers.py
Comment thread setup.py Outdated

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please resolve merge conflicts. Also see #125 (review)

@dgarske dgarske assigned roberthdevries and unassigned dgarske Jul 6, 2026
@dgarske dgarske assigned dgarske and unassigned roberthdevries Jul 6, 2026
@dgarske dgarske self-requested a review July 6, 2026 20:32

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 4 total — 4 posted, 0 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] make_key_with_random drops buffer-protocol handling, inconsistent with encapsulate_with_randomwolfcrypt/ciphers.py:2151
  • [Low] New TypeError validation branches (with_random / seed) are not covered by testswolfcrypt/ciphers.py:2096-2099
  • [Low] Random.native_object changed from settable attribute to read-only propertywolfcrypt/random.py:56-60
  • [Info] Abstract properties typed - int are overridden by None class attributeswolfcrypt/ciphers.py:175-177

Review generated by Skoll

Comment thread wolfcrypt/ciphers.py
ret = _lib.wc_KyberKey_MakeKeyWithRandom(
mlkem_priv.native_object, _ffi.from_buffer(rand), len(rand)
)
ret = _lib.wc_KyberKey_MakeKeyWithRandom(mlkem_priv.native_object, rand, len(rand))

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 [Medium] make_key_with_random drops buffer-protocol handling, inconsistent with encapsulate_with_random

This PR replaces _ffi.from_buffer(rand) with a bare rand in wc_KyberKey_MakeKeyWithRandom(mlkem_priv.native_object, rand, len(rand)), but does NOT add the validation/normalization that its sibling MlKemPublic.encapsulate_with_random gained in the same PR (lines 2096-2101: memoryview(rand) guard + rand = bytes(rand)). The old _ffi.from_buffer(rand) accepted any buffer-protocol object (bytes, bytearray, memoryview); passing such objects straight into cffi now depends on cffi's narrower direct-conversion rules, so a bytearray/memoryview caller that worked before can now raise TypeError. Two public entry points that take a rand buffer for the same crypto module now behave differently. Tests only exercise bytes (ref_rand_for_make_key = h2b(...)), so this asymmetry is not caught.

Fix: Mirror the validation/bytes(rand) conversion used in encapsulate_with_random so the two *_with_random APIs accept the same input types consistently.

Comment thread wolfcrypt/ciphers.py
:rtype: tuple[bytes, bytes]
"""

try:

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔵 [Low] New TypeError validation branches (with_random / seed) are not covered by tests

The PR adds a memoryview(rand) buffer-protocol guard that raises a custom TypeError in encapsulate_with_random (and analogous refactors normalize seed in make_key_from_seed/sign_with_seed). The tests exercise only the happy path with bytes; the new TypeError branch (e.g. passing a non-buffer such as an int or str) is not tested, so a regression in that guard would go unnoticed. Combined with the finding above, the divergence between make_key_with_random and encapsulate_with_random is also untested.

Fix: Add a small negative test for the new buffer-protocol validation branches.

Comment thread wolfcrypt/random.py
# Can occur during interpreter shutdown
pass

@property

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔵 [Low] Random.native_object changed from settable attribute to read-only property

native_object (a non-underscore, effectively public attribute) is converted from a plain writable attribute to a read-only @property backed by _native_object. Any external code that assigned rng.native_object = ... now fails with AttributeError (this is exactly why the test test_delete_descriptor_binding.py had to drop its r.native_object = None line). The change is otherwise reasonable and the internal __del__/init-failure handling is now safer, but this is a backward-incompatible surface change on a public name that is not called out in the ChangeLog (which only mentions 'Add typing annotations').

Fix: Confirm no external consumer sets Random.native_object; consider a brief ChangeLog note that it is now read-only. No code change required.

Comment thread wolfcrypt/ciphers.py
@abstractmethod
def block_size(self) -> int: ...

@property

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚪ [Info] Abstract properties typed - int are overridden by None class attributes

In this typing-focused PR, several abstract properties are declared to return int (_Cipher.key_size, _Cipher.block_size, _Cipher._key_sizes; _Hash.digest_size) but concrete subclasses override them with class attributes set to None (Aes.key_size = None, ChaCha.key_size = None, Sha3.digest_size = None). This is fine at runtime (ABC only checks the name exists, and the falsy None is intentionally used as a sentinel in _Cipher.__init__), but it is type-inconsistent with the abstract signatures and will produce warnings under the newly added [tool.ty] config (all = "warn"). Consider annotating these as int | None (or Optional[int]) to match reality.

Fix: Widen the abstract property annotations to int | None where subclasses legitimately use None as a sentinel, to keep the type declarations consistent.

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dgarske dgarske assigned roberthdevries and unassigned dgarske Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants