Refactored crypto module, other changes.
h3rald h3rald@h3rald.com
Mon, 04 Jan 2021 20:38:03 +0100
9 files changed,
115 insertions(+),
66 deletions(-)
M
core/interpreter.nim
→
core/interpreter.nim
@@ -31,6 +31,13 @@ var COMPILEDASSETS* {.threadvar.}: CritBitTree[string]
const USER_SYMBOL_REGEX* = "^[a-zA-Z_][a-zA-Z0-9/!?+*._-]*$" + +proc newSym*(i: In, s: string): MinValue = + return MinValue(kind: minSymbol, symVal: s, filename: i.currSym.filename, line: i.currSym.line, column: i.currSym.column, outerSym: i.currSym.symVal) + +proc copySym*(i: In, sym: MinValue): MinValue = + return MinValue(kind: minSymbol, symVal: sym.outerSym, filename: sym.filename, line: sym.line, column: sym.column, outerSym: "") + proc raiseRuntime*(msg: string, data: MinValue) = data.objType = "error" raise MinRuntimeError(msg: msg, data: data)@@ -110,14 +117,14 @@ result.currSym = MinValue(column: 1, line: 1, kind: minSymbol, symVal: "")
proc formatError(sym: MinValue, message: string): string = var name = sym.symVal - if sym.parentSym != "": - name = sym.parentSym + #if sym.parentSym != "": + # name = sym.parentSym return "$1($2,$3) [$4]: $5" % [sym.filename, $sym.line, $sym.column, name, message] proc formatTrace(sym: MinValue): string = var name = sym.symVal - if sym.parentSym != "": - name = sym.parentSym + #if sym.parentSym != "": + # name = sym.parentSym if sym.filename == "": return "<native> in symbol: $1" % [name] else:@@ -233,7 +240,10 @@ proc push*(i: In, val: MinValue) {.gcsafe, extern:"min_exported_symbol_$1".}=
if val.kind == minSymbol: i.debug(val) if not i.evaluating: - i.currSym = val + if val.outerSym != "": + i.currSym = i.copySym(val) + else: + i.currSym = val i.trace.add val let symbol = val.symVal if symbol == "return":@@ -409,10 +419,8 @@ return i.eval(s, name, true)
proc read*(i: In, s: string): MinValue = return i.load(s, true) - + # Inherit file/line/column from current symbol proc pushSym*(i: In, s: string) = - i.push MinValue(kind: minSymbol, symVal: s, filename: i.currSym.filename, line: i.currSym.line, column: i.currSym.column, parentSym: i.currSym.symVal) - -proc newSym*(i: In, s: string): MinValue = - return MinValue(kind: minSymbol, symVal: s, filename: i.currSym.filename, line: i.currSym.line, column: i.currSym.column, parentSym: i.currSym.symVal) + i.push MinValue(kind: minSymbol, symVal: s, filename: i.currSym.filename, line: i.currSym.line, column: i.currSym.column, outerSym: i.currSym.symVal) +
M
core/parser.nim
→
core/parser.nim
@@ -71,7 +71,7 @@ MinValueObject* {.acyclic, final.} = object
line*: int column*: int filename*: string - parentSym*: string + outerSym*: string case kind*: MinKind of minNull: discard of minInt: intVal*: BiggestInt
M
lib/min_crypto.nim
→
lib/min_crypto.nim
@@ -1,43 +1,26 @@
import - base64 + base64, + strutils, + times, + ../vendor/aes/aes import ../core/parser, ../core/value, ../core/interpreter, ../core/utils +{.compile: "../vendor/aes/libaes.c".} when defined(ssl): - import - strutils, - openssl, - times, - ../vendor/aes/aes - - {.compile: "../vendor/aes/libaes.c".} + import + openssl - when defined(windows): - {.passL: "-static -Lvendor/openssl/windows -lssl -lcrypto -lws2_32".} - elif defined(linux): - {.passL: "-static -Lvendor/openssl/linux -lssl -lcrypto".} - elif defined(macosx): - {.passL: "-Bstatic -Lvendor/openssl/macosx -lssl -lcrypto -Bdynamic".} - proc EVP_MD_CTX_new*(): EVP_MD_CTX {.cdecl, importc: "EVP_MD_CTX_new".} proc EVP_MD_CTX_free*(ctx: EVP_MD_CTX) {.cdecl, importc: "EVP_MD_CTX_free".} - - proc hash(s: string, kind: EVP_MD, size: int): string = - var hash_length: cuint = 0 - var hash = alloc[ptr cuchar](size) - let ctx = EVP_MD_CTX_new() - discard EVP_DigestInit_ex(ctx, kind, nil) - discard EVP_DigestUpdate(ctx, unsafeAddr s[0], s.len.cuint) - discard EVP_DigestFinal_ex(ctx, hash, cast[ptr cuint](hash_length)) - EVP_MD_CTX_free(ctx) - var hashStr = newString(size) - copyMem(addr(hashStr[0]), hash, size) - dealloc(hash) - return hashStr.toHex.toLowerAscii[0..size-1] +else: + import + std/sha1, + md5 proc crypto_module*(i: In)= let def = i.define()@@ -55,6 +38,26 @@ i.push s.getString.decode.newVal
when defined(ssl): + when defined(windows): + {.passL: "-static -Lvendor/openssl/windows -lssl -lcrypto -lws2_32".} + elif defined(linux): + {.passL: "-static -Lvendor/openssl/linux -lssl -lcrypto".} + elif defined(macosx): + {.passL: "-Bstatic -Lvendor/openssl/macosx -lssl -lcrypto -Bdynamic".} + + proc hash(s: string, kind: EVP_MD, size: int): string = + var hash_length: cuint = 0 + var hash = alloc[ptr cuchar](size) + let ctx = EVP_MD_CTX_new() + discard EVP_DigestInit_ex(ctx, kind, nil) + discard EVP_DigestUpdate(ctx, unsafeAddr s[0], s.len.cuint) + discard EVP_DigestFinal_ex(ctx, hash, cast[ptr cuint](hash_length)) + EVP_MD_CTX_free(ctx) + var hashStr = newString(size) + copyMem(addr(hashStr[0]), hash, size) + dealloc(hash) + return hashStr.toHex.toLowerAscii[0..size-1] + def.symbol("md5") do (i: In): let vals = i.expect("'sym") let s = vals[0].getString@@ -89,7 +92,7 @@ def.symbol("sha512") do (i: In):
let vals = i.expect("'sym") let s = vals[0].getString i.push hash(s, EVP_sha512(), 128).newVal - + def.symbol("aes") do (i: In): let vals = i.expect("'sym", "'sym") let k = vals[0]@@ -103,4 +106,29 @@ var input = cast[ptr uint8](text[0].addr)
AES_CTR_xcrypt_buffer(ctx, input, text.len.uint32); i.push text.newVal + else: + + def.symbol("md5") do (i: In): + let vals = i.expect("'sym") + let s = vals[0].getString + i.push newVal($toMD5(s)) + + def.symbol("sha1") do (i: In): + let vals = i.expect("'sym") + var s = vals[0].getString + i.push newVal(toLowerAscii($secureHash(s))) + + def.symbol("aes") do (i: In): + let vals = i.expect("'sym", "'sym") + let k = vals[0] + let s = vals[1] + var text = s.getString + var key = ($secureHash(k.getString)).toLowerAscii + var iv = ($secureHash((key & $getTime().toUnix))).toLowerAscii + var ctx = cast[ptr AES_ctx](alloc0(sizeof(AES_ctx))) + AES_init_ctx_iv(ctx, cast[ptr uint8](key[0].addr), cast[ptr uint8](iv[0].addr)); + var input = cast[ptr uint8](text[0].addr) + AES_CTR_xcrypt_buffer(ctx, input, text.len.uint32); + i.push text.newVal + def.finalize("crypto")
M
next-release.md
→
next-release.md
@@ -1,1 +1,3 @@
* Improved diagnostics for native symbols calling other symbols. +* Refactored **crypto** module to use Nim StdLib's md5 and sha1 module when OpenSSL support is not enabled. +* Fixed detection of musl executables when running build task.
M
site/contents/get-started.md
→
site/contents/get-started.md
@@ -38,16 +38,20 @@ 7. Run **nim c -d:release min.nim**.
### Additional build options -#### -d:ssl (enabled by default) +#### -d:ssl If the **-d:ssl** flag is specified when compiling, min will be built with SSL support, so it will be possible to: * perform HTTPS requests with the {#link-module||http#}. -* use the cryptographic symbols defined in the {#link-module||crypto#}. +* use all the cryptographic symbols defined in the {#link-module||crypto#}. -> %note% -> Note -> -> By default, this flag is enabled in the [min.nims](class:file). use **-d:nossl** to disable it. +If this flag is not specified: +* It will not be possible to perform HTTPS requests +* Only the following symbols will be exposed by the {#link-module||crypto#}: + * {#link-operator||crypto||md5#} + * {#link-operator||crypto||sha1#} + * {#link-operator||crypto||encode#} + * {#link-operator||crypto||decode#} + * {#link-operator||crypto||aes#} #### -d:lite
M
site/settings.json
→
site/settings.json
@@ -6,5 +6,5 @@ "rules": "rules.min",
"temp": "temp", "templates": "templates", "title": "min language", - "version": "0.27.2" + "version": "0.28.0" }
M
tasks/build.min
→
tasks/build.min
@@ -6,6 +6,11 @@
( :target-os :variant + :stage + "-d:release" :d-stage + (stage "dev" ==) + ("-d:dev" @d-stage) + when " " :d-variant "min" :o-variant (variant length 0 >) (@@ -15,16 +20,18 @@ ) when
"nim" required "Building $# - $# (x64)" (o-variant target-os) =% notice "" :musl - "musl-gcc" :musl-gcc + "musl-gcc" which :musl-gcc (musl-gcc length 0 >) ("--gcc.exe:musl-gcc --gcc.linkerexe:musl-gcc" @musl) when - "nim c -d:release -d:ssl $# --cpu:amd64 --os:$# $#-o:$# min" (musl target-os d-variant o-variant) =% puts ! + "nim c $# -d:ssl $# --cpu:amd64 --os:$# $#-o:$# min" (d-stage musl target-os d-variant o-variant) =% puts ! {} target-os %os config /version %version o-variant %exe - pack + (stage "dev" !=) + (pack) + when ) :cz ( :vdata@@ -60,40 +67,43 @@
; Module symbols {} ( - "lite" os cz + "" "lite" os cz ) %lite ( - "mini" os cz + "" "mini" os cz ) %mini ( - "" os cz + "dev" "" os cz +) %dev +( + "" "" os cz ) %default ( - "" "linux" cz + "" "" "linux" cz ) %linux ( - "lite" "linux" cz + "" "lite" "linux" cz ) %linux-lite ( - "mini" "linux" cz + "" "mini" "linux" cz ) %linux-mini ( - "" "macosx" cz + "" "" "macosx" cz ) %macosx ( - "lite" "macosx" cz + "" "lite" "macosx" cz ) %macosx-lite ( - "mini" "macosx" cz + "" "mini" "macosx" cz ) %macosx-mini ( - "" "windows" cz + "" "" "windows" cz ) %windows ( - "lite" "windows" cz + "" "lite" "windows" cz ) %windows-lite ( - "mini" "windows" cz + "" "mini" "windows" cz ) %windows-mini 'build-guide %guide 'build-site %site