mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-11-24 20:30:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

[3.14] gh-134696: align OpenSSL and HACL*-based hash functions constructors AC signatures (GH-134713) (#134961)

Browse source 
OpenSSL and HACL*-based hash functions constructors now support both `data` and `string` parameters.
Previously these constructor functions inconsistently supported sometimes `data` and sometimes `string`,
while the documentation expected `data` to be given in all cases.

(cherry picked from commit c6e63d9d35)
(cherry picked from commit 379d0bc956)
This commit is contained in:
Bénédikt Tran 2025-06-01 10:26:56 +02:00 committed by GitHub
parent 5d07d16d45
commit 777fd4979c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 937 additions and 502 deletions
Download patch file Download diff file Expand all files Collapse all files

170
Modules/_hashopenssl.c
View file

@ -943,9 +943,9 @@ static PyType_Spec EVPXOFtype_spec = {
#endif
static PyObject*
py_evp_fromname(PyObject *module, const char *digestname, PyObject *data_obj,
int usedforsecurity)
static PyObject *
_hashlib_HASH(PyObject *module, const char *digestname, PyObject *data_obj,
int usedforsecurity)
{
Py_buffer view = { 0 };
PY_EVP_MD *digest = NULL;
@ -1017,16 +1017,25 @@ exit:
return (PyObject *)self;
}
#define CALL_HASHLIB_NEW(MODULE, NAME, DATA, STRING, USEDFORSECURITY) \
do { \
PyObject *data_obj; \
if (_Py_hashlib_data_argument(&data_obj, DATA, STRING) < 0) { \
return NULL; \
} \
return _hashlib_HASH(MODULE, NAME, data_obj, USEDFORSECURITY); \
} while (0)
/* The module-level function: new() */
/*[clinic input]
_hashlib.new as EVP_new
_hashlib.new
name as name_obj: object
string as data_obj: object(c_default="NULL") = b''
name: str
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Return a new hash object using the named algorithm.
@ -1037,136 +1046,137 @@ The MD5 and SHA1 algorithms are always supported.
[clinic start generated code]*/
static PyObject *
EVP_new_impl(PyObject *module, PyObject *name_obj, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=ddd5053f92dffe90 input=c24554d0337be1b0]*/
_hashlib_new_impl(PyObject *module, const char *name, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=c01feb4ad6a6303d input=f5ec9bf1fa749d07]*/
{
char *name;
if (!PyArg_Parse(name_obj, "s", &name)) {
PyErr_SetString(PyExc_TypeError, "name must be a string");
return NULL;
}
return py_evp_fromname(module, name, data_obj, usedforsecurity);
CALL_HASHLIB_NEW(module, name, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_md5
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a md5 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_md5_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=87b0186440a44f8c input=990e36d5e689b16e]*/
_hashlib_openssl_md5_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=ca8cf184d90f7432 input=e7c0adbd6a867db1]*/
{
return py_evp_fromname(module, Py_hash_md5, data_obj, usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_md5, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_sha1
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha1 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha1_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=6813024cf690670d input=948f2f4b6deabc10]*/
_hashlib_openssl_sha1_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=1736fb7b310d64be input=f7e5bb1711e952d8]*/
{
return py_evp_fromname(module, Py_hash_sha1, data_obj, usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha1, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_sha224
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha224 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha224_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=a2dfe7cc4eb14ebb input=f9272821fadca505]*/
_hashlib_openssl_sha224_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=0d6ff57be5e5c140 input=3820fff7ed3a53b8]*/
{
return py_evp_fromname(module, Py_hash_sha224, data_obj, usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha224, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_sha256
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha256 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha256_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=1f874a34870f0a68 input=549fad9d2930d4c5]*/
_hashlib_openssl_sha256_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=412ea7111555b6e7 input=9a2f115cf1f7e0eb]*/
{
return py_evp_fromname(module, Py_hash_sha256, data_obj, usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha256, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_sha384
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha384 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha384_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=58529eff9ca457b2 input=48601a6e3bf14ad7]*/
_hashlib_openssl_sha384_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=2e0dc395b59ed726 input=1ea48f6f01e77cfb]*/
{
return py_evp_fromname(module, Py_hash_sha384, data_obj, usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha384, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_sha512
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha512 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=2c744c9e4a40d5f6 input=c5c46a2a817aa98f]*/
_hashlib_openssl_sha512_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=4bdd760388dbfc0f input=3cf56903e07d1f5c]*/
{
return py_evp_fromname(module, Py_hash_sha512, data_obj, usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha512, data, string, usedforsecurity);
}
@ -1175,77 +1185,81 @@ _hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj,
/*[clinic input]
_hashlib.openssl_sha3_224
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha3-224 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha3_224_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=144641c1d144b974 input=e3a01b2888916157]*/
_hashlib_openssl_sha3_224_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=6d8dc2a924f3ba35 input=7f14f16a9f6a3158]*/
{
return py_evp_fromname(module, Py_hash_sha3_224, data_obj, usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha3_224, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_sha3_256
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha3-256 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha3_256_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=c61f1ab772d06668 input=e2908126c1b6deed]*/
_hashlib_openssl_sha3_256_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=9e520f537b3a4622 input=7987150939d5e352]*/
{
return py_evp_fromname(module, Py_hash_sha3_256, data_obj , usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha3_256, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_sha3_384
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha3-384 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha3_384_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=f68e4846858cf0ee input=ec0edf5c792f8252]*/
_hashlib_openssl_sha3_384_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=d239ba0463fd6138 input=fc943401f67e3b81]*/
{
return py_evp_fromname(module, Py_hash_sha3_384, data_obj , usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha3_384, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_sha3_512
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a sha3-512 hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_sha3_512_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=2eede478c159354a input=64e2cc0c094d56f4]*/
_hashlib_openssl_sha3_512_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=17662f21038c2278 input=6601ddd2c6c1516d]*/
{
return py_evp_fromname(module, Py_hash_sha3_512, data_obj , usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_sha3_512, data, string, usedforsecurity);
}
#endif /* PY_OPENSSL_HAS_SHA3 */
@ -1253,42 +1267,46 @@ _hashlib_openssl_sha3_512_impl(PyObject *module, PyObject *data_obj,
/*[clinic input]
_hashlib.openssl_shake_128
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a shake-128 variable hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_shake_128_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=bc49cdd8ada1fa97 input=6c9d67440eb33ec8]*/
_hashlib_openssl_shake_128_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=4e6afed8d18980ad input=373c3f1c93d87b37]*/
{
return py_evp_fromname(module, Py_hash_shake_128, data_obj , usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_shake_128, data, string, usedforsecurity);
}
/*[clinic input]
_hashlib.openssl_shake_256
string as data_obj: object(py_default="b''") = NULL
data: object(c_default="NULL") = b''
*
usedforsecurity: bool = True
string: object(c_default="NULL") = None
Returns a shake-256 variable hash object; optionally initialized with a string
[clinic start generated code]*/
static PyObject *
_hashlib_openssl_shake_256_impl(PyObject *module, PyObject *data_obj,
int usedforsecurity)
/*[clinic end generated code: output=358d213be8852df7 input=479cbe9fefd4a9f8]*/
_hashlib_openssl_shake_256_impl(PyObject *module, PyObject *data,
int usedforsecurity, PyObject *string)
/*[clinic end generated code: output=62481bce4a77d16c input=101c139ea2ddfcbf]*/
{
return py_evp_fromname(module, Py_hash_shake_256, data_obj , usedforsecurity);
CALL_HASHLIB_NEW(module, Py_hash_shake_256, data, string, usedforsecurity);
}
#endif /* PY_OPENSSL_HAS_SHAKE */
#undef CALL_HASHLIB_NEW
/*[clinic input]
_hashlib.pbkdf2_hmac as pbkdf2_hmac
@ -2134,7 +2152,7 @@ _hashlib_compare_digest_impl(PyObject *module, PyObject *a, PyObject *b)
/* List of functions exported by this module */
static struct PyMethodDef EVP_functions[] = {
EVP_NEW_METHODDEF
_HASHLIB_NEW_METHODDEF
PBKDF2_HMAC_METHODDEF
_HASHLIB_SCRYPT_METHODDEF
_HASHLIB_GET_FIPS_MODE_METHODDEF