Ron Frederick ronf@timeheart.net writes:
I recently discovered the Nettle crypto library and noticed that it has an implementation of UMAC in it, which I haven’t been able to find in most of the other popular crypto libraries out there. I was hoping to call into the UMAC functions from Python, and I see Python mentioned on the Nettle home page at http://www.lysator.liu.se/~nisse/nettle/ http://www.lysator.liu.se/~nisse/nettle/, but there’s no link for it down in the “Language bindings” section, and in fact many of the other links in that section seem to point at dead pages.
I tried searching for Python bindings elsewhere, but haven’t had any luck so far. Does anyone know of any?
Sorry for the late reply. Python bindings for nettle would make a lot of sense, but I'm afraid I'm not aware of any.
Assuming there aren’t Python bindings yet, I would be tempted to try and craft my own (at least for UMAC for now). However, I’d like to be able to do it using the Python ‘ctypes’ library, and one difficulty I can see with doing that is knowing the amount of memory I should allocate for some of the structures used by this code. Specifically, for UMAC, I’d need to know the size things like “struct umac32_ctx”, “struct umac64_ctx”, “struct umac96_ctx”, and “struct umac128_ctx”. These sizes are trivial to get from C code using sizeof(), but I don’t believe there’s any good way to get them from Python using ctypes unless there’s an API call that can be made to a C function in the library which returns this information.
These sizes are arhitecture dependent. And may change between nettle release (with an ABI break, new soname, etc). It's technically possible to add functions you suggest, but it seems both ugly and unusual to me. I hope you can solve the problem in another way.
As an example of this, libsodium provides functions like crypto_stream_chacha20_keybytes() and crypto_stream_chacha20_noncebytes() which can be called to return the size of a Chacha20 key and nonce, respectively. In the C header file, these look like:
These are different; these constants are part of the algorithm specification. The defines in the header files are for convenience, but not the ultimate definition of the values.
For this UMAC example in Nettle, I could imagine similar functions which returned the value computed by sizeof() for these context structures, and also things like the UMAC key size, digest sizes, block size, and allowed nonce sizes. Has a use-case like this been considered? Is there some other way to call into Nettle from Python without writing additional glue code in C?
For hashes and ciphers without odd quirks, you can use the corresponding structs nettle_cipher and nettle_hash, defined in nettle-meta.h. Currently, not available for MAC algorithms.
Regards, /Niels