mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-04 17:08:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

gh-133061: do not mention UINT32_MAX in HMAC user-facing messages (#133062)

Browse source
This commit is contained in:
Bénédikt Tran 2025-04-28 01:14:12 +02:00 committed by GitHub
parent cd76eff26e
commit 1b7470f8cb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 46 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

79
Modules/hmacmodule.c
View file

@ -50,8 +50,21 @@
// --- Reusable error messages ------------------------------------------------
#define INVALID_KEY_LENGTH "key length exceeds UINT32_MAX"
#define INVALID_MSG_LENGTH "message length exceeds UINT32_MAX"
static inline void
set_invalid_key_length_error(void)
{
(void)PyErr_Format(PyExc_OverflowError,
"key length exceeds %u",
UINT32_MAX);
}
static inline void
set_invalid_msg_length_error(void)
{
(void)PyErr_Format(PyExc_OverflowError,
"message length exceeds %u",
UINT32_MAX);
}
// --- HMAC underlying hash function static information -----------------------
@ -760,7 +773,7 @@ hmac_new_initial_state(HMACObject *self, uint8_t *key, Py_ssize_t len)
// not rely on HACL* implementation anymore. As such, we explicitly
// reject keys that do not fit on 32 bits until HACL* handles them.
if (len > UINT32_MAX_AS_SSIZE_T) {
PyErr_SetString(PyExc_OverflowError, INVALID_KEY_LENGTH);
set_invalid_key_length_error();
return -1;
}
#endif
@ -1249,36 +1262,36 @@ _hmac_compute_digest_impl(PyObject *module, PyObject *key, PyObject *msg,
* lest an OverflowError is raised. The Python implementation takes care
* of dispatching to the OpenSSL implementation in this case.
*/
#define Py_HMAC_HACL_ONESHOT(HACL_HID, KEY, MSG) \
do { \
Py_buffer keyview, msgview; \
GET_BUFFER_VIEW_OR_ERROUT((KEY), &keyview); \
if (!has_uint32_t_buffer_length(&keyview)) { \
PyBuffer_Release(&keyview); \
PyErr_SetString(PyExc_OverflowError, INVALID_KEY_LENGTH); \
return NULL; \
} \
GET_BUFFER_VIEW_OR_ERROR((MSG), &msgview, \
PyBuffer_Release(&keyview); \
return NULL); \
if (!has_uint32_t_buffer_length(&msgview)) { \
PyBuffer_Release(&msgview); \
PyBuffer_Release(&keyview); \
PyErr_SetString(PyExc_OverflowError, INVALID_MSG_LENGTH); \
return NULL; \
} \
uint8_t out[Py_hmac_## HACL_HID ##_digest_size]; \
Py_hmac_## HACL_HID ##_compute_func( \
out, \
(uint8_t *)keyview.buf, (uint32_t)keyview.len, \
(uint8_t *)msgview.buf, (uint32_t)msgview.len \
); \
PyBuffer_Release(&msgview); \
PyBuffer_Release(&keyview); \
return PyBytes_FromStringAndSize( \
(const char *)out, \
Py_hmac_## HACL_HID ##_digest_size \
); \
#define Py_HMAC_HACL_ONESHOT(HACL_HID, KEY, MSG) \
do { \
Py_buffer keyview, msgview; \
GET_BUFFER_VIEW_OR_ERROUT((KEY), &keyview); \
if (!has_uint32_t_buffer_length(&keyview)) { \
PyBuffer_Release(&keyview); \
set_invalid_key_length_error(); \
return NULL; \
} \
GET_BUFFER_VIEW_OR_ERROR((MSG), &msgview, \
PyBuffer_Release(&keyview); \
return NULL); \
if (!has_uint32_t_buffer_length(&msgview)) { \
PyBuffer_Release(&msgview); \
PyBuffer_Release(&keyview); \
set_invalid_msg_length_error(); \
return NULL; \
} \
uint8_t out[Py_hmac_## HACL_HID ##_digest_size]; \
Py_hmac_## HACL_HID ##_compute_func( \
out, \
(uint8_t *)keyview.buf, (uint32_t)keyview.len, \
(uint8_t *)msgview.buf, (uint32_t)msgview.len \
); \
PyBuffer_Release(&msgview); \
PyBuffer_Release(&keyview); \
return PyBytes_FromStringAndSize( \
(const char *)out, \
Py_hmac_## HACL_HID ##_digest_size \
); \
} while (0)
/*[clinic input]