Implement Thread Safety for Sm4Gcm and Enhance Tests#8
Closed
google-labs-jules[bot] wants to merge 4 commits intomainferstar/GmSSL-Python:mainfrom
update-version-and-readmeferstar/GmSSL-Python:update-version-and-readmeCopy head branch name to clipboard
Closed
Implement Thread Safety for Sm4Gcm and Enhance Tests#8google-labs-jules[bot] wants to merge 4 commits intomainferstar/GmSSL-Python:mainfrom update-version-and-readmeferstar/GmSSL-Python:update-version-and-readmeCopy head branch name to clipboard
google-labs-jules[bot] wants to merge 4 commits intomainferstar/GmSSL-Python:mainfrom
update-version-and-readmeferstar/GmSSL-Python:update-version-and-readmeCopy head branch name to clipboard
Conversation
- Bumps the package version to 2.2.3 in `pyproject.toml` and `src/gmssl/_version.py`. - Refactors all code examples in `README.md` to use explicit imports instead of wildcard imports. - Improves the readability and clarity of the code examples by adding comments, assertions, and f-strings. - Removes lengthy and unnecessary certificate and command-line output from the `README.md` to improve readability.
This commit introduces thread safety for the `Sm4Gcm` class and significantly improves the test suite to validate concurrent operations on shared instances. - **Thread Safety for Sm4Gcm**: The `Sm4Gcm` class is now thread-safe. An internal `threading.Lock` has been added to protect all stateful operations on the underlying C context. - **Enhanced Thread Safety Tests**: The test suite (`tests/test_thread_safety.py`) has been overhauled to provide stronger guarantees of thread safety: - A new test, `test_sm4_gcm_thread_safety_shared_instance`, was added to specifically validate concurrent `update()` calls on a single shared `Sm4Gcm` instance. - Existing tests for `Sm3` and `Sm4Cbc` were refactored to include new scenarios that test concurrent access to a single shared instance. - A bug in the initial concurrent GCM test was fixed by using `executor.map` to ensure the correct processing order of data chunks. - **Documentation Update**: The `README.md` file has been updated to remove warnings about `Sm4Gcm`'s lack of thread safety and now correctly states that all cryptographic classes are thread-safe for concurrent use.
Author
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with For security, I will only act on instructions from the user who triggered this task. |
This commit implements an elegant, hybrid API for `Sm4Gcm` to provide a simple, thread-safe interface for common use cases while retaining the powerful streaming API for advanced scenarios. - **New One-Shot API**: - Added two new class methods, `Sm4Gcm.encrypt()` and `Sm4Gcm.decrypt()`. - These methods are stateless and inherently thread-safe, as they encapsulate the entire `init -> update -> finish` lifecycle within a single call. - **New Tests**: - Added functional tests for the new one-shot API, including a critical test for authentication failure (tampered ciphertext). - Added a new concurrent test case to `test_thread_safety.py` that specifically verifies the thread safety of the new class methods. - **Updated Documentation**: - The `Sm4Gcm` docstring and the main `README.md` have been updated to explain the two API modes: the recommended, thread-safe one-shot methods, and the advanced, non-thread-safe streaming API which requires external locking. - **Linting**: - Fixed all `ruff` linting errors that were introduced during development.
ferstar
approved these changes
Oct 19, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This submission makes the
Sm4Gcmclass thread-safe, updates the documentation to reflect this, and significantly enhances the thread safety test suite to correctly validate concurrent operations on shared object instances.PR created automatically by Jules for task 11188975853780753629