Everything is Rust (#670)

Author: alex

MANIFEST.in

@@ -11,7 +11,6 @@ recursive-include tests *.py
 exclude requirements.txt release.py mypy.ini
 
 recursive-exclude .github *
-recursive-exclude .circleci *
 
 exclude src/_bcrypt/target
 recursive-exclude src/_bcrypt/target *

mypy.ini

@@ -16,3 +16,12 @@ line-length = 79
 
 [tool.ruff.isort]
 known-first-party = ["bcrypt", "tests"]
+
+[tool.mypy]
+show_error_codes = true
+check_untyped_defs = true
+no_implicit_reexport = true
+warn_redundant_casts = true
+warn_unused_ignores = true
+warn_unused_configs = true
+strict_equality = true

pyproject.toml

@@ -1,6 +1,7 @@
 [metadata]
 name = bcrypt
-version = attr: bcrypt.__about__.__version__
+# When updating this, also update lib.rs
+version = 4.0.1
 description = Modern password hashing for your software and your servers
 long_description = file: README.rst
 long_description_content_type = text/x-rst
@@ -24,14 +25,13 @@ classifiers =
     Programming Language :: Python :: 3.12
 
 [options]
-python_requires = >=3.6
+python_requires = >=3.7
 include_package_data = True
 zip_safe = False
 package_dir =
     =src
 packages =
-	bcrypt
-ext_package = bcrypt
+    bcrypt
 
 [options.extras_require]
 tests =

setup.cfg

@@ -1,4 +1,3 @@
-#!/usr/bin/env python
 import platform
 import re
 import shutil
@@ -35,7 +34,7 @@
     setup(
         rust_extensions=[
             RustExtension(
-                "_bcrypt",
+                "bcrypt._bcrypt",
                 "src/_bcrypt/Cargo.toml",
                 py_limited_api=True,
                 # Enable abi3 mode if we're not using PyPy.

setup.py

@@ -56,7 +56,7 @@ fn gensalt<'p>(
 }
 
 #[pyo3::prelude::pyfunction]
-fn hashpass<'p>(
+fn hashpw<'p>(
     py: pyo3::Python<'p>,
     password: &[u8],
     salt: &[u8],
@@ -111,19 +111,19 @@ fn hashpass<'p>(
 }
 
 #[pyo3::prelude::pyfunction]
-fn checkpass(
+fn checkpw(
     py: pyo3::Python<'_>,
     password: &[u8],
     hashed_password: &[u8],
 ) -> pyo3::PyResult<bool> {
-    Ok(hashpass(py, password, hashed_password)?
+    Ok(hashpw(py, password, hashed_password)?
         .as_bytes()
         .ct_eq(hashed_password)
         .into())
 }
 
 #[pyo3::prelude::pyfunction]
-fn pbkdf<'p>(
+fn kdf<'p>(
     py: pyo3::Python<'p>,
     password: &[u8],
     salt: &[u8],
@@ -174,9 +174,23 @@ fn pbkdf<'p>(
 #[pyo3::prelude::pymodule]
 fn _bcrypt(_py: pyo3::Python<'_>, m: &pyo3::types::PyModule) -> pyo3::PyResult<()> {
     m.add_function(pyo3::wrap_pyfunction!(gensalt, m)?)?;
-    m.add_function(pyo3::wrap_pyfunction!(hashpass, m)?)?;
-    m.add_function(pyo3::wrap_pyfunction!(checkpass, m)?)?;
-    m.add_function(pyo3::wrap_pyfunction!(pbkdf, m)?)?;
+    m.add_function(pyo3::wrap_pyfunction!(hashpw, m)?)?;
+    m.add_function(pyo3::wrap_pyfunction!(checkpw, m)?)?;
+    m.add_function(pyo3::wrap_pyfunction!(kdf, m)?)?;
+
+    m.add("__title__", "bcrypt")?;
+    m.add("__summary__", "Modern(-ish) password hashing for your software and your servers")?;
+    m.add("__uri__", "https://github.com/pyca/bcrypt/")?;
+
+    // When updating this, also update setup.cfg
+    m.add("__version__", "4.0.1")?;
+
+    let author = "The Python Cryptographic Authority developers";
+    m.add("__author__", author)?;
+    m.add("__email__", "[email protected]")?;
+
+    m.add("__license__", "Apache License, Version 2.0")?;
+    m.add("__copyright__", format!("Copyright 2013-2023 {author}"))?;
 
     Ok(())
 }

src/_bcrypt/src/lib.rs

@@ -1,7 +1,3 @@
-# Author:: Donald Stufft (<[email protected]>)
-# Copyright:: Copyright (c) 2013 Donald Stufft
-# License:: Apache License, Version 2.0
-#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -14,8 +10,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-from . import _bcrypt
-from .__about__ import (
+from ._bcrypt import (
     __author__,
     __copyright__,
     __email__,
@@ -24,9 +19,17 @@
     __title__,
     __uri__,
     __version__,
+    checkpw,
+    gensalt,
+    hashpw,
+    kdf,
 )
 
 __all__ = [
+    "gensalt",
+    "hashpw",
+    "checkpw",
+    "kdf",
     "__title__",
     "__summary__",
     "__uri__",
@@ -35,14 +38,4 @@
     "__email__",
     "__license__",
     "__copyright__",
-    "gensalt",
-    "hashpw",
-    "kdf",
-    "checkpw",
 ]
-
-
-gensalt = _bcrypt.gensalt
-hashpw = _bcrypt.hashpass
-checkpw = _bcrypt.checkpass
-kdf = _bcrypt.pbkdf

src/bcrypt/__about__.py

@@ -1,7 +1,7 @@
 def gensalt(rounds: int = 12, prefix: bytes = b"2b") -> bytes: ...
-def hashpass(password: bytes, salt: bytes) -> bytes: ...
-def checkpass(password: bytes, hashed_password: bytes) -> bool: ...
-def pbkdf(
+def hashpw(password: bytes, salt: bytes) -> bytes: ...
+def checkpw(password: bytes, hashed_password: bytes) -> bool: ...
+def kdf(
     password: bytes,
     salt: bytes,
     rounds: int,

src/bcrypt/__init__.py

@@ -279,22 +279,22 @@ def test_checkpw_bad_salt():
 
 def test_checkpw_str_password():
     with pytest.raises(TypeError):
-        bcrypt.checkpw("password", b"$2b$04$cVWp4XaNU8a4v1uMRum2SO")
+        bcrypt.checkpw("password", b"$2b$04$cVWp4XaNU8a4v1uMRum2SO")  # type: ignore[arg-type]
 
 
 def test_checkpw_str_salt():
     with pytest.raises(TypeError):
-        bcrypt.checkpw(b"password", "$2b$04$cVWp4XaNU8a4v1uMRum2SO")
+        bcrypt.checkpw(b"password", "$2b$04$cVWp4XaNU8a4v1uMRum2SO")  # type: ignore[arg-type]
 
 
 def test_hashpw_str_password():
     with pytest.raises(TypeError):
-        bcrypt.hashpw("password", b"$2b$04$cVWp4XaNU8a4v1uMRum2SO")
+        bcrypt.hashpw("password", b"$2b$04$cVWp4XaNU8a4v1uMRum2SO")  # type: ignore[arg-type]
 
 
 def test_hashpw_str_salt():
     with pytest.raises(TypeError):
-        bcrypt.hashpw(b"password", "$2b$04$cVWp4XaNU8a4v1uMRum2SO")
+        bcrypt.hashpw(b"password", "$2b$04$cVWp4XaNU8a4v1uMRum2SO")  # type: ignore[arg-type]
 
 
 def test_checkpw_nul_byte():
@@ -434,8 +434,7 @@ def test_checkpw_extra_data():
         [
             # UTF-8 Greek characters "odysseus" / "telemachos"
             8,
-            b"\xe1\xbd\x88\xce\xb4\xcf\x85\xcf\x83\xcf\x83\xce\xb5\xcf\x8d\xcf"
-            b"\x82",
+            b"\xe1\xbd\x88\xce\xb4\xcf\x85\xcf\x83\xcf\x83\xce\xb5\xcf\x8d\xcf\x82",
             b"\xce\xa4\xce\xb7\xce\xbb\xce\xad\xce\xbc\xce\xb1\xcf\x87\xce\xbf"
             b"\xcf\x82",
             b"\x43\x66\x6c\x9b\x09\xef\x33\xed\x8c\x27\xe8\xe8\xf3\xe2\xd8\xe6",
@@ -451,12 +450,12 @@ def test_kdf(rounds, password, salt, expected):
 
 def test_kdf_str_password():
     with pytest.raises(TypeError):
-        bcrypt.kdf("password", b"$2b$04$cVWp4XaNU8a4v1uMRum2SO", 10, 10)
+        bcrypt.kdf("password", b"$2b$04$cVWp4XaNU8a4v1uMRum2SO", 10, 10)  # type: ignore[arg-type]
 
 
 def test_kdf_str_salt():
     with pytest.raises(TypeError):
-        bcrypt.kdf(b"password", "salt", 10, 10)
+        bcrypt.kdf(b"password", "salt", 10, 10)  # type: ignore[arg-type]
 
 
 def test_kdf_no_warn_rounds():

src/bcrypt/_bcrypt.pyi src/bcrypt/__init__.pyi

@@ -21,10 +21,12 @@ commands =
     ruff format --check .
 
 [testenv:mypy]
+extras =
+    tests
 deps =
     mypy
 commands =
-    mypy src/bcrypt
+    mypy tests/
 
 [testenv:packaging]
 deps =