From cfadddba25e1cc8bcee2ba7132e38fad93e849c3 Mon Sep 17 00:00:00 2001 From: Robert de Vries Date: Wed, 15 Jul 2026 22:57:18 +0200 Subject: [PATCH] Fix remaining ty static type checker warnings and errors. This will also allow to run ty check in the pipeline static checks step. --- .github/workflows/python-app.yml | 4 +++- tests/test_mldsa.py | 4 ++-- tests/test_mlkem.py | 4 ++-- wolfcrypt/ciphers.py | 10 +++++----- wolfcrypt/hashes.py | 6 +----- wolfcrypt/hkdf.py | 2 +- 6 files changed, 14 insertions(+), 16 deletions(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 3e0c0f3..aa0a334 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -33,7 +33,9 @@ jobs: - name: Install the project run: uv sync --dev - name: Perform static checks - run: uv run ruff check + run: | + uv run ruff check + uv run ty check - name: Run tests using the locally built wheel run: | uv pip install --reinstall dist/*.whl diff --git a/tests/test_mldsa.py b/tests/test_mldsa.py index 5c4b0db..9c7f423 100644 --- a/tests/test_mldsa.py +++ b/tests/test_mldsa.py @@ -232,7 +232,7 @@ def test_sign_with_seed_bad_type(mldsa_type, rng, seed: int | str): message = b"This is a test message for ML-DSA signature" context = b"Some context for the signature" with pytest.raises(TypeError): - mldsa_priv.sign_with_seed(message, seed, ctx=context) + mldsa_priv.sign_with_seed(message, seed, ctx=context) # ty: ignore [invalid-argument-type] def test_make_key_from_seed(mldsa_type): seed = bytes(MlDsaPrivate.ML_DSA_KEYGEN_SEED_LENGTH) @@ -249,4 +249,4 @@ def test_make_key_from_seed_bad_length(mldsa_type, seed_length): @pytest.mark.parametrize("seed", [0, "seed"]) def test_make_key_from_seed_bad_type(mldsa_type, seed: int | str): with pytest.raises(TypeError): - MlDsaPrivate.make_key_from_seed(mldsa_type, seed) + MlDsaPrivate.make_key_from_seed(mldsa_type, seed) # ty: ignore [invalid-argument-type] diff --git a/tests/test_mlkem.py b/tests/test_mlkem.py index 89ed2ba..ad74e62 100644 --- a/tests/test_mlkem.py +++ b/tests/test_mlkem.py @@ -621,7 +621,7 @@ def test_init_pattern_3(mlkem_type): @pytest.mark.parametrize("rand", [0, "rand"]) def test_make_key_with_random_bad_random_type(mlkem_type, rand: int | str): with pytest.raises(TypeError): - MlKemPrivate.make_key_with_random(mlkem_type, rand) + MlKemPrivate.make_key_with_random(mlkem_type, rand) # ty: ignore [invalid-argument-type] @pytest.mark.parametrize("mlkem_type", mlkem_types) @pytest.mark.parametrize("rand", [0, "rand"]) @@ -630,7 +630,7 @@ def test_encapsulate_with_random_bad_random_type(mlkem_type, rand: int | str): assert type(mlkem_pub) is MlKemPublic with pytest.raises(TypeError): - mlkem_pub.encapsulate_with_random(rand) + mlkem_pub.encapsulate_with_random(rand) # ty: ignore [invalid-argument-type] @pytest.mark.parametrize("mlkem_type", mlkem_types) def test_size_properties(mlkem_type): diff --git a/wolfcrypt/ciphers.py b/wolfcrypt/ciphers.py index b7b8c05..692ab5b 100644 --- a/wolfcrypt/ciphers.py +++ b/wolfcrypt/ciphers.py @@ -1372,7 +1372,7 @@ def decode_key(self, key: BytesOrStr) -> None: raise WolfCryptError(f"Key decode error ({self.max_signature_size})") @override - def decode_key_raw(self, qx: BytesOrStr, qy: BytesOrStr, d: BytesOrStr, curve_id: int = ECC_SECP256R1) -> None: + def decode_key_raw(self, qx: BytesOrStr, qy: BytesOrStr, d: BytesOrStr, curve_id: int = ECC_SECP256R1) -> None: # ty: ignore[invalid-method-override] """ Decodes an ECC private key from its raw elements: public (Qx,Qy) and private(d) @@ -1394,7 +1394,7 @@ def decode_key_raw(self, qx: BytesOrStr, qy: BytesOrStr, d: BytesOrStr, curve_id raise WolfCryptApiError("Key decode error", ret) @override - def encode_key(self) -> bytes: + def encode_key(self, with_curve: bool = True) -> bytes: """ Encodes the ECC private key in an ASN sequence. @@ -1409,7 +1409,7 @@ def encode_key(self) -> bytes: return _ffi.buffer(key, ret)[:] @override - def encode_key_raw(self) -> tuple[bytes, bytes, bytes]: + def encode_key_raw(self) -> tuple[bytes, bytes, bytes]: # ty: ignore[invalid-method-override] """ Encodes the ECC private key in its three raw elements @@ -1680,7 +1680,7 @@ def decode_key(self, key: BytesOrStr, pub: bytes | None = None) -> None: raise WolfCryptError(f"Key decode error ({self.max_signature_size})") @override - def encode_key(self) -> tuple[bytes, bytes]: + def encode_key(self) -> tuple[bytes, bytes]: # ty: ignore[invalid-method-override] """ Encodes the ED25519 private key. @@ -1889,7 +1889,7 @@ def decode_key(self, key: BytesOrStr, pub: bytes | None = None) -> None: raise WolfCryptError(f"Key decode error ({self.max_signature_size})") @override - def encode_key(self) -> tuple[bytes, bytes]: + def encode_key(self) -> tuple[bytes, bytes]: # ty: ignore[invalid-method-override] """ Encodes the ED448 private key. diff --git a/wolfcrypt/hashes.py b/wolfcrypt/hashes.py index 76180af..cadaf7b 100644 --- a/wolfcrypt/hashes.py +++ b/wolfcrypt/hashes.py @@ -457,6 +457,7 @@ class _Hmac(_Hash): digest_size = None _native_type = "Hmac *" _native_size = _ffi.sizeof("Hmac") + _type: int _delete = staticmethod(_lib.wc_HmacFree) @override @@ -498,11 +499,6 @@ def new(cls, key: BytesOrStr, string: BytesOrStr | None = None) -> _Hash: # pyl """ return cls(key, string) - - @property - @abstractmethod - def _type(self) -> int: ... - def _hmac_init(self, hmac: int, key: bytes) -> int: ret = _lib.wc_HmacInit(self._native_object, _ffi.NULL, -2) if ret < 0: diff --git a/wolfcrypt/hkdf.py b/wolfcrypt/hkdf.py index 5a63ccc..53a4b8a 100644 --- a/wolfcrypt/hkdf.py +++ b/wolfcrypt/hkdf.py @@ -32,7 +32,7 @@ if TYPE_CHECKING: if _lib.HMAC_ENABLED: - from wolfcrypt.hashes import _Hmac + from wolfcrypt.hashes import _Hmac # ty: ignore[possibly-missing-import] if _lib.HKDF_ENABLED: