Dynamically rename the Hacl_ C symbols.

We do this with other third party code as well, it avoids linking and dynamic linking ODR violations when extension module or embedding applications also use their own version of the library code in question. + Minor annotation on the test, use `python -m test -u cpu` + Add a link to the readme.
python · gpshead · Feb 7, 2023 · Nov 4, 2022 · Nov 4, 2022 · Nov 4, 2022
commit 29fd3c94f4de81800314f3704def039e76bfe06f
@@ -22,6 +22,7 @@
 from test.support import _4G, bigmemtest
 from test.support.import_helper import import_fresh_module
 from test.support import os_helper
+from test.support import requires_resource
 from test.support import threading_helper
 from test.support import warnings_helper
 from http.client import HTTPException
@@ -354,7 +355,8 @@ def test_large_update(self):
             self.assertEqual(m1.digest(*args), m4_copy.digest(*args))
             self.assertEqual(m4.digest(*args), m4_digest)
 
-    def test_sha256_over_4gb(self):
+    @requires_resource('cpu')
+    def test_sha256_update_over_4gb(self):
         zero_1mb = b"\0" * 1024 * 1024
         h = hashlib.sha256()
         for i in range(0, 4096):

@@ -31,6 +31,7 @@ extern "C" {
 #endif
 
 #include <string.h>
+#include "python_hacl_namespaces.h"
 #include "krml/FStar_UInt_8_16_32_64.h"
 #include "krml/lowstar_endianness.h"
 #include "krml/internal/target.h"

@@ -1,5 +1,8 @@
 # Algorithm implementations used by the `hashlib` module.
 
+This code comes from the
+[HACL\*](https://github.com/hacl-star/hacl-star/) project.
+
 HACL\* is a cryptographic library that has been formally verified for memory
 safety, functional correctness, and secret independence.
 

@@ -119,6 +119,9 @@ $sed -i -z 's/\n\n\([^\n]\+\n\)*[^\n]*\(384\|512\)[^{]*{\n\?\(  [^\n]*\n\)*}//g'
 # Same thing with function prototypes
 $sed -i -z 's/\n\n\([^\n]\+\n\)*[^\n]*\(384\|512\)[^;]*;//g' Hacl_Streaming_SHA2.h
 
+# Use globally unique names for the Hacl_ C APIs to avoid linkage conflicts.
+$sed -i -z 's!#include <string.h>\n!#include <string.h>\n#include "python_hacl_namespaces.h"\n!' Hacl_Streaming_SHA2.h
+
 # Finally, we remove a bunch of ifdefs from target.h that are, again, useful in
 # the general case, but not exercised by the subset of HACL* that we vendor.
 $sed -z -i 's!#ifndef KRML_\(HOST_PRINTF\|HOST_EXIT\|PRE_ALIGN\|POST_ALIGN\|ALIGNED_MALLOC\|ALIGNED_FREE\|HOST_TIME\)\n\(\n\|#  [^\n]*\n\|[^#][^\n]*\n\)*#endif\n\n!!g' include/krml/internal/target.h

@@ -40,6 +40,26 @@ class SHA256Type "SHAobject *" "&PyType_Type"
 /* The SHA2-224 and SHA2-256 implementations defer to the HACL* verified
  * library. */
 
+/* C's excuse for namespaces: Use unique names to avoid linkage conflicts
+ * with builds linking or dynamically loading other code potentially using
+ * HACL* libraries. */
+#define Hacl_Streaming_SHA2_state_sha2_224_s python_hashlib_Hacl_Streaming_SHA2_state_sha2_224_s
+#define Hacl_Streaming_SHA2_state_sha2_224 python_hashlib_Hacl_Streaming_SHA2_state_sha2_224
+#define Hacl_Streaming_SHA2_state_sha2_256 python_hashlib_Hacl_Streaming_SHA2_state_sha2_256
+#define Hacl_Streaming_SHA2_create_in_256 python_hashlib_Hacl_Streaming_SHA2_create_in_256
+#define Hacl_Streaming_SHA2_create_in_224 python_hashlib_Hacl_Streaming_SHA2_create_in_224
+#define Hacl_Streaming_SHA2_copy_256 python_hashlib_Hacl_Streaming_SHA2_copy_256
+#define Hacl_Streaming_SHA2_copy_224 python_hashlib_Hacl_Streaming_SHA2_copy_224
+#define Hacl_Streaming_SHA2_init_256 python_hashlib_Hacl_Streaming_SHA2_init_256
+#define Hacl_Streaming_SHA2_init_224 python_hashlib_Hacl_Streaming_SHA2_init_224
+#define Hacl_Streaming_SHA2_update_256 python_hashlib_Hacl_Streaming_SHA2_update_256
+#define Hacl_Streaming_SHA2_update_224 python_hashlib_Hacl_Streaming_SHA2_update_224
+#define Hacl_Streaming_SHA2_finish_256 python_hashlib_Hacl_Streaming_SHA2_finish_256
+#define Hacl_Streaming_SHA2_finish_224 python_hashlib_Hacl_Streaming_SHA2_finish_224
+#define Hacl_Streaming_SHA2_free_256 python_hashlib_Hacl_Streaming_SHA2_free_256
+#define Hacl_Streaming_SHA2_free_224 python_hashlib_Hacl_Streaming_SHA2_free_224
+#define Hacl_Streaming_SHA2_sha256 python_hashlib_Hacl_Streaming_SHA2_sha256
+#define Hacl_Streaming_SHA2_sha224 python_hashlib_Hacl_Streaming_SHA2_sha224
 #include "_hacl/Hacl_Streaming_SHA2.h"
 
 typedef struct {
@@ -230,10 +250,11 @@ SHA256_get_block_size(PyObject *self, void *closure)
 static PyObject *
 SHA256_get_name(SHAobject *self, void *closure)
 {
-    if (self->digestsize == 28)
+    if (self->digestsize == 28) {
         return PyUnicode_FromStringAndSize("sha224", 6);
-    else
+    } else {
         return PyUnicode_FromStringAndSize("sha256", 6);
+    }
 }
 
 static PyGetSetDef SHA_getseters[] = {