1 /* Module that wraps all OpenSSL hash algorithms */
2
3 /*
4 * Copyright (C) 2005-2010 Gregory P. Smith (greg@krypto.org)
5 * Licensed to PSF under a Contributor Agreement.
6 *
7 * Derived from a skeleton of shamodule.c containing work performed by:
8 *
9 * Andrew Kuchling (amk@amk.ca)
10 * Greg Stein (gstein@lyra.org)
11 *
12 */
13
14 /* Don't warn about deprecated functions, */
15 #ifndef OPENSSL_API_COMPAT
16 // 0x10101000L == 1.1.1, 30000 == 3.0.0
17 #define OPENSSL_API_COMPAT 0x10101000L
18 #endif
19 #define OPENSSL_NO_DEPRECATED 1
20
21 #ifndef Py_BUILD_CORE_BUILTIN
22 # define Py_BUILD_CORE_MODULE 1
23 #endif
24
25 #define PY_SSIZE_T_CLEAN
26
27 #include "Python.h"
28 #include "pycore_hashtable.h"
29 #include "hashlib.h"
30 #include "pystrhex.h"
31
32 /* EVP is the preferred interface to hashing in OpenSSL */
33 #include <openssl/evp.h>
34 #include <openssl/hmac.h>
35 #include <openssl/crypto.h>
36 /* We use the object interface to discover what hashes OpenSSL supports. */
37 #include <openssl/objects.h>
38 #include <openssl/err.h>
39
40 #include <openssl/crypto.h> // FIPS_mode()
41
42 #ifndef OPENSSL_THREADS
43 # error "OPENSSL_THREADS is not defined, Python requires thread-safe OpenSSL"
44 #endif
45
46 #define MUNCH_SIZE INT_MAX
47
48 #define PY_OPENSSL_HAS_SCRYPT 1
49 #define PY_OPENSSL_HAS_SHA3 1
50 #define PY_OPENSSL_HAS_SHAKE 1
51 #define PY_OPENSSL_HAS_BLAKE2 1
52
53 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
54 #define PY_EVP_MD EVP_MD
55 #define PY_EVP_MD_fetch(algorithm, properties) EVP_MD_fetch(NULL, algorithm, properties)
56 #define PY_EVP_MD_up_ref(md) EVP_MD_up_ref(md)
57 #define PY_EVP_MD_free(md) EVP_MD_free(md)
58 #else
59 #define PY_EVP_MD const EVP_MD
60 #define PY_EVP_MD_fetch(algorithm, properties) EVP_get_digestbyname(algorithm)
61 #define PY_EVP_MD_up_ref(md) do {} while(0)
62 #define PY_EVP_MD_free(md) do {} while(0)
63 #endif
64
65 /* hash alias map and fast lookup
66 *
67 * Map between Python's preferred names and OpenSSL internal names. Maintain
68 * cache of fetched EVP MD objects. The EVP_get_digestbyname() and
69 * EVP_MD_fetch() API calls have a performance impact.
70 *
71 * The py_hashentry_t items are stored in a _Py_hashtable_t with py_name and
72 * py_alias as keys.
73 */
74
75 enum Py_hash_type {
76 Py_ht_evp, // usedforsecurity=True / default
77 Py_ht_evp_nosecurity, // usedforsecurity=False
78 Py_ht_mac, // HMAC
79 Py_ht_pbkdf2, // PKBDF2
80 };
81
82 typedef struct {
83 const char *py_name;
84 const char *py_alias;
85 const char *ossl_name;
86 int ossl_nid;
87 int refcnt;
88 PY_EVP_MD *evp;
89 PY_EVP_MD *evp_nosecurity;
90 } py_hashentry_t;
91
92 #define Py_hash_md5 "md5"
93 #define Py_hash_sha1 "sha1"
94 #define Py_hash_sha224 "sha224"
95 #define Py_hash_sha256 "sha256"
96 #define Py_hash_sha384 "sha384"
97 #define Py_hash_sha512 "sha512"
98 #define Py_hash_sha512_224 "sha512_224"
99 #define Py_hash_sha512_256 "sha512_256"
100 #define Py_hash_sha3_224 "sha3_224"
101 #define Py_hash_sha3_256 "sha3_256"
102 #define Py_hash_sha3_384 "sha3_384"
103 #define Py_hash_sha3_512 "sha3_512"
104 #define Py_hash_shake_128 "shake_128"
105 #define Py_hash_shake_256 "shake_256"
106 #define Py_hash_blake2s "blake2s"
107 #define Py_hash_blake2b "blake2b"
108
109 #define PY_HASH_ENTRY(py_name, py_alias, ossl_name, ossl_nid) \
110 {py_name, py_alias, ossl_name, ossl_nid, 0, NULL, NULL}
111
112 static const py_hashentry_t py_hashes[] = {
113 /* md5 */
114 PY_HASH_ENTRY(Py_hash_md5, "MD5", SN_md5, NID_md5),
115 /* sha1 */
116 PY_HASH_ENTRY(Py_hash_sha1, "SHA1", SN_sha1, NID_sha1),
117 /* sha2 family */
118 PY_HASH_ENTRY(Py_hash_sha224, "SHA224", SN_sha224, NID_sha224),
119 PY_HASH_ENTRY(Py_hash_sha256, "SHA256", SN_sha256, NID_sha256),
120 PY_HASH_ENTRY(Py_hash_sha384, "SHA384", SN_sha384, NID_sha384),
121 PY_HASH_ENTRY(Py_hash_sha512, "SHA512", SN_sha512, NID_sha512),
122 /* truncated sha2 */
123 PY_HASH_ENTRY(Py_hash_sha512_224, "SHA512_224", SN_sha512_224, NID_sha512_224),
124 PY_HASH_ENTRY(Py_hash_sha512_256, "SHA512_256", SN_sha512_256, NID_sha512_256),
125 /* sha3 */
126 PY_HASH_ENTRY(Py_hash_sha3_224, NULL, SN_sha3_224, NID_sha3_224),
127 PY_HASH_ENTRY(Py_hash_sha3_256, NULL, SN_sha3_256, NID_sha3_256),
128 PY_HASH_ENTRY(Py_hash_sha3_384, NULL, SN_sha3_384, NID_sha3_384),
129 PY_HASH_ENTRY(Py_hash_sha3_512, NULL, SN_sha3_512, NID_sha3_512),
130 /* sha3 shake */
131 PY_HASH_ENTRY(Py_hash_shake_128, NULL, SN_shake128, NID_shake128),
132 PY_HASH_ENTRY(Py_hash_shake_256, NULL, SN_shake256, NID_shake256),
133 /* blake2 digest */
134 PY_HASH_ENTRY(Py_hash_blake2s, "blake2s256", SN_blake2s256, NID_blake2s256),
135 PY_HASH_ENTRY(Py_hash_blake2b, "blake2b512", SN_blake2b512, NID_blake2b512),
136 PY_HASH_ENTRY(NULL, NULL, NULL, 0),
137 };
138
139 static Py_uhash_t
py_hashentry_t_hash_name(const void * key)140 py_hashentry_t_hash_name(const void *key) {
141 return _Py_HashBytes(key, strlen((const char *)key));
142 }
143
144 static int
py_hashentry_t_compare_name(const void * key1,const void * key2)145 py_hashentry_t_compare_name(const void *key1, const void *key2) {
146 return strcmp((const char *)key1, (const char *)key2) == 0;
147 }
148
149 static void
py_hashentry_t_destroy_value(void * entry)150 py_hashentry_t_destroy_value(void *entry) {
151 py_hashentry_t *h = (py_hashentry_t *)entry;
152 if (--(h->refcnt) == 0) {
153 if (h->evp != NULL) {
154 PY_EVP_MD_free(h->evp);
155 h->evp = NULL;
156 }
157 if (h->evp_nosecurity != NULL) {
158 PY_EVP_MD_free(h->evp_nosecurity);
159 h->evp_nosecurity = NULL;
160 }
161 PyMem_Free(entry);
162 }
163 }
164
165 static _Py_hashtable_t *
py_hashentry_table_new(void)166 py_hashentry_table_new(void) {
167 _Py_hashtable_t *ht = _Py_hashtable_new_full(
168 py_hashentry_t_hash_name,
169 py_hashentry_t_compare_name,
170 NULL,
171 py_hashentry_t_destroy_value,
172 NULL
173 );
174 if (ht == NULL) {
175 return NULL;
176 }
177
178 for (const py_hashentry_t *h = py_hashes; h->py_name != NULL; h++) {
179 py_hashentry_t *entry = (py_hashentry_t *)PyMem_Malloc(sizeof(py_hashentry_t));
180 if (entry == NULL) {
181 goto error;
182 }
183 memcpy(entry, h, sizeof(py_hashentry_t));
184
185 if (_Py_hashtable_set(ht, (const void*)entry->py_name, (void*)entry) < 0) {
186 PyMem_Free(entry);
187 goto error;
188 }
189 entry->refcnt = 1;
190
191 if (h->py_alias != NULL) {
192 if (_Py_hashtable_set(ht, (const void*)entry->py_alias, (void*)entry) < 0) {
193 PyMem_Free(entry);
194 goto error;
195 }
196 entry->refcnt++;
197 }
198 }
199
200 return ht;
201 error:
202 _Py_hashtable_destroy(ht);
203 return NULL;
204 }
205
206 /* Module state */
207 static PyModuleDef _hashlibmodule;
208
209 typedef struct {
210 PyTypeObject *EVPtype;
211 PyTypeObject *HMACtype;
212 #ifdef PY_OPENSSL_HAS_SHAKE
213 PyTypeObject *EVPXOFtype;
214 #endif
215 PyObject *constructs;
216 PyObject *unsupported_digestmod_error;
217 _Py_hashtable_t *hashtable;
218 } _hashlibstate;
219
220 static inline _hashlibstate*
get_hashlib_state(PyObject * module)221 get_hashlib_state(PyObject *module)
222 {
223 void *state = PyModule_GetState(module);
224 assert(state != NULL);
225 return (_hashlibstate *)state;
226 }
227
228 typedef struct {
229 PyObject_HEAD
230 EVP_MD_CTX *ctx; /* OpenSSL message digest context */
231 PyThread_type_lock lock; /* OpenSSL context lock */
232 } EVPobject;
233
234 typedef struct {
235 PyObject_HEAD
236 HMAC_CTX *ctx; /* OpenSSL hmac context */
237 PyThread_type_lock lock; /* HMAC context lock */
238 } HMACobject;
239
240 #include "clinic/_hashopenssl.c.h"
241 /*[clinic input]
242 module _hashlib
243 class _hashlib.HASH "EVPobject *" "((_hashlibstate *)PyModule_GetState(module))->EVPtype"
244 class _hashlib.HASHXOF "EVPobject *" "((_hashlibstate *)PyModule_GetState(module))->EVPXOFtype"
245 class _hashlib.HMAC "HMACobject *" "((_hashlibstate *)PyModule_GetState(module))->HMACtype"
246 [clinic start generated code]*/
247 /*[clinic end generated code: output=da39a3ee5e6b4b0d input=7df1bcf6f75cb8ef]*/
248
249
250 /* LCOV_EXCL_START */
251 static PyObject *
_setException(PyObject * exc,const char * altmsg,...)252 _setException(PyObject *exc, const char* altmsg, ...)
253 {
254 unsigned long errcode = ERR_peek_last_error();
255 const char *lib, *func, *reason;
256 va_list vargs;
257
258 #ifdef HAVE_STDARG_PROTOTYPES
259 va_start(vargs, altmsg);
260 #else
261 va_start(vargs);
262 #endif
263 if (!errcode) {
264 if (altmsg == NULL) {
265 PyErr_SetString(exc, "no reason supplied");
266 } else {
267 PyErr_FormatV(exc, altmsg, vargs);
268 }
269 va_end(vargs);
270 return NULL;
271 }
272 va_end(vargs);
273 ERR_clear_error();
274
275 lib = ERR_lib_error_string(errcode);
276 func = ERR_func_error_string(errcode);
277 reason = ERR_reason_error_string(errcode);
278
279 if (lib && func) {
280 PyErr_Format(exc, "[%s: %s] %s", lib, func, reason);
281 }
282 else if (lib) {
283 PyErr_Format(exc, "[%s] %s", lib, reason);
284 }
285 else {
286 PyErr_SetString(exc, reason);
287 }
288 return NULL;
289 }
290 /* LCOV_EXCL_STOP */
291
292 static PyObject*
py_digest_name(const EVP_MD * md)293 py_digest_name(const EVP_MD *md)
294 {
295 int nid = EVP_MD_nid(md);
296 const char *name = NULL;
297 const py_hashentry_t *h;
298
299 for (h = py_hashes; h->py_name != NULL; h++) {
300 if (h->ossl_nid == nid) {
301 name = h->py_name;
302 break;
303 }
304 }
305 if (name == NULL) {
306 /* Ignore aliased names and only use long, lowercase name. The aliases
307 * pollute the list and OpenSSL appears to have its own definition of
308 * alias as the resulting list still contains duplicate and alternate
309 * names for several algorithms.
310 */
311 name = OBJ_nid2ln(nid);
312 if (name == NULL)
313 name = OBJ_nid2sn(nid);
314 }
315
316 return PyUnicode_FromString(name);
317 }
318
319 /* Get EVP_MD by HID and purpose */
320 static PY_EVP_MD*
py_digest_by_name(PyObject * module,const char * name,enum Py_hash_type py_ht)321 py_digest_by_name(PyObject *module, const char *name, enum Py_hash_type py_ht)
322 {
323 PY_EVP_MD *digest = NULL;
324 _hashlibstate *state = get_hashlib_state(module);
325 py_hashentry_t *entry = (py_hashentry_t *)_Py_hashtable_get(
326 state->hashtable, (const void*)name
327 );
328
329 if (entry != NULL) {
330 switch (py_ht) {
331 case Py_ht_evp:
332 case Py_ht_mac:
333 case Py_ht_pbkdf2:
334 if (entry->evp == NULL) {
335 entry->evp = PY_EVP_MD_fetch(entry->ossl_name, NULL);
336 }
337 digest = entry->evp;
338 break;
339 case Py_ht_evp_nosecurity:
340 if (entry->evp_nosecurity == NULL) {
341 entry->evp_nosecurity = PY_EVP_MD_fetch(entry->ossl_name, "-fips");
342 }
343 digest = entry->evp_nosecurity;
344 break;
345 }
346 if (digest != NULL) {
347 PY_EVP_MD_up_ref(digest);
348 }
349 } else {
350 // Fall back for looking up an unindexed OpenSSL specific name.
351 switch (py_ht) {
352 case Py_ht_evp:
353 case Py_ht_mac:
354 case Py_ht_pbkdf2:
355 digest = PY_EVP_MD_fetch(name, NULL);
356 break;
357 case Py_ht_evp_nosecurity:
358 digest = PY_EVP_MD_fetch(name, "-fips");
359 break;
360 }
361 }
362 if (digest == NULL) {
363 _setException(PyExc_ValueError, "unsupported hash type %s", name);
364 return NULL;
365 }
366 return digest;
367 }
368
369 /* Get digest EVP from object
370 *
371 * * string
372 * * _hashopenssl builtin function
373 *
374 * on error returns NULL with exception set.
375 */
376 static PY_EVP_MD*
py_digest_by_digestmod(PyObject * module,PyObject * digestmod,enum Py_hash_type py_ht)377 py_digest_by_digestmod(PyObject *module, PyObject *digestmod, enum Py_hash_type py_ht) {
378 PY_EVP_MD* evp;
379 PyObject *name_obj = NULL;
380 const char *name;
381
382 if (PyUnicode_Check(digestmod)) {
383 name_obj = digestmod;
384 } else {
385 _hashlibstate *state = get_hashlib_state(module);
386 // borrowed ref
387 name_obj = PyDict_GetItem(state->constructs, digestmod);
388 }
389 if (name_obj == NULL) {
390 _hashlibstate *state = get_hashlib_state(module);
391 PyErr_Clear();
392 PyErr_Format(
393 state->unsupported_digestmod_error,
394 "Unsupported digestmod %R", digestmod);
395 return NULL;
396 }
397
398 name = PyUnicode_AsUTF8(name_obj);
399 if (name == NULL) {
400 return NULL;
401 }
402
403 evp = py_digest_by_name(module, name, py_ht);
404 if (evp == NULL) {
405 return NULL;
406 }
407
408 return evp;
409 }
410
411 static EVPobject *
newEVPobject(PyTypeObject * type)412 newEVPobject(PyTypeObject *type)
413 {
414 EVPobject *retval = (EVPobject *)PyObject_New(EVPobject, type);
415 if (retval == NULL) {
416 return NULL;
417 }
418
419 retval->lock = NULL;
420
421 retval->ctx = EVP_MD_CTX_new();
422 if (retval->ctx == NULL) {
423 Py_DECREF(retval);
424 PyErr_NoMemory();
425 return NULL;
426 }
427
428 return retval;
429 }
430
431 static int
EVP_hash(EVPobject * self,const void * vp,Py_ssize_t len)432 EVP_hash(EVPobject *self, const void *vp, Py_ssize_t len)
433 {
434 unsigned int process;
435 const unsigned char *cp = (const unsigned char *)vp;
436 while (0 < len) {
437 if (len > (Py_ssize_t)MUNCH_SIZE)
438 process = MUNCH_SIZE;
439 else
440 process = Py_SAFE_DOWNCAST(len, Py_ssize_t, unsigned int);
441 if (!EVP_DigestUpdate(self->ctx, (const void*)cp, process)) {
442 _setException(PyExc_ValueError, NULL);
443 return -1;
444 }
445 len -= process;
446 cp += process;
447 }
448 return 0;
449 }
450
451 /* Internal methods for a hash object */
452
453 static void
EVP_dealloc(EVPobject * self)454 EVP_dealloc(EVPobject *self)
455 {
456 PyTypeObject *tp = Py_TYPE(self);
457 if (self->lock != NULL)
458 PyThread_free_lock(self->lock);
459 EVP_MD_CTX_free(self->ctx);
460 PyObject_Free(self);
461 Py_DECREF(tp);
462 }
463
464 static int
locked_EVP_MD_CTX_copy(EVP_MD_CTX * new_ctx_p,EVPobject * self)465 locked_EVP_MD_CTX_copy(EVP_MD_CTX *new_ctx_p, EVPobject *self)
466 {
467 int result;
468 ENTER_HASHLIB(self);
469 result = EVP_MD_CTX_copy(new_ctx_p, self->ctx);
470 LEAVE_HASHLIB(self);
471 return result;
472 }
473
474 /* External methods for a hash object */
475
476 /*[clinic input]
477 _hashlib.HASH.copy as EVP_copy
478
479 Return a copy of the hash object.
480 [clinic start generated code]*/
481
482 static PyObject *
EVP_copy_impl(EVPobject * self)483 EVP_copy_impl(EVPobject *self)
484 /*[clinic end generated code: output=b370c21cdb8ca0b4 input=31455b6a3e638069]*/
485 {
486 EVPobject *newobj;
487
488 if ((newobj = newEVPobject(Py_TYPE(self))) == NULL)
489 return NULL;
490
491 if (!locked_EVP_MD_CTX_copy(newobj->ctx, self)) {
492 Py_DECREF(newobj);
493 return _setException(PyExc_ValueError, NULL);
494 }
495 return (PyObject *)newobj;
496 }
497
498 /*[clinic input]
499 _hashlib.HASH.digest as EVP_digest
500
501 Return the digest value as a bytes object.
502 [clinic start generated code]*/
503
504 static PyObject *
EVP_digest_impl(EVPobject * self)505 EVP_digest_impl(EVPobject *self)
506 /*[clinic end generated code: output=0f6a3a0da46dc12d input=03561809a419bf00]*/
507 {
508 unsigned char digest[EVP_MAX_MD_SIZE];
509 EVP_MD_CTX *temp_ctx;
510 PyObject *retval;
511 unsigned int digest_size;
512
513 temp_ctx = EVP_MD_CTX_new();
514 if (temp_ctx == NULL) {
515 PyErr_NoMemory();
516 return NULL;
517 }
518
519 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
520 return _setException(PyExc_ValueError, NULL);
521 }
522 digest_size = EVP_MD_CTX_size(temp_ctx);
523 if (!EVP_DigestFinal(temp_ctx, digest, NULL)) {
524 _setException(PyExc_ValueError, NULL);
525 return NULL;
526 }
527
528 retval = PyBytes_FromStringAndSize((const char *)digest, digest_size);
529 EVP_MD_CTX_free(temp_ctx);
530 return retval;
531 }
532
533 /*[clinic input]
534 _hashlib.HASH.hexdigest as EVP_hexdigest
535
536 Return the digest value as a string of hexadecimal digits.
537 [clinic start generated code]*/
538
539 static PyObject *
EVP_hexdigest_impl(EVPobject * self)540 EVP_hexdigest_impl(EVPobject *self)
541 /*[clinic end generated code: output=18e6decbaf197296 input=aff9cf0e4c741a9a]*/
542 {
543 unsigned char digest[EVP_MAX_MD_SIZE];
544 EVP_MD_CTX *temp_ctx;
545 unsigned int digest_size;
546
547 temp_ctx = EVP_MD_CTX_new();
548 if (temp_ctx == NULL) {
549 PyErr_NoMemory();
550 return NULL;
551 }
552
553 /* Get the raw (binary) digest value */
554 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
555 return _setException(PyExc_ValueError, NULL);
556 }
557 digest_size = EVP_MD_CTX_size(temp_ctx);
558 if (!EVP_DigestFinal(temp_ctx, digest, NULL)) {
559 _setException(PyExc_ValueError, NULL);
560 return NULL;
561 }
562
563 EVP_MD_CTX_free(temp_ctx);
564
565 return _Py_strhex((const char *)digest, (Py_ssize_t)digest_size);
566 }
567
568 /*[clinic input]
569 _hashlib.HASH.update as EVP_update
570
571 obj: object
572 /
573
574 Update this hash object's state with the provided string.
575 [clinic start generated code]*/
576
577 static PyObject *
EVP_update(EVPobject * self,PyObject * obj)578 EVP_update(EVPobject *self, PyObject *obj)
579 /*[clinic end generated code: output=ec1d55ed2432e966 input=9b30ec848f015501]*/
580 {
581 int result;
582 Py_buffer view;
583
584 GET_BUFFER_VIEW_OR_ERROUT(obj, &view);
585
586 if (self->lock == NULL && view.len >= HASHLIB_GIL_MINSIZE) {
587 self->lock = PyThread_allocate_lock();
588 /* fail? lock = NULL and we fail over to non-threaded code. */
589 }
590
591 if (self->lock != NULL) {
592 Py_BEGIN_ALLOW_THREADS
593 PyThread_acquire_lock(self->lock, 1);
594 result = EVP_hash(self, view.buf, view.len);
595 PyThread_release_lock(self->lock);
596 Py_END_ALLOW_THREADS
597 } else {
598 result = EVP_hash(self, view.buf, view.len);
599 }
600
601 PyBuffer_Release(&view);
602
603 if (result == -1)
604 return NULL;
605 Py_RETURN_NONE;
606 }
607
608 static PyMethodDef EVP_methods[] = {
609 EVP_UPDATE_METHODDEF
610 EVP_DIGEST_METHODDEF
611 EVP_HEXDIGEST_METHODDEF
612 EVP_COPY_METHODDEF
613 {NULL, NULL} /* sentinel */
614 };
615
616 static PyObject *
EVP_get_block_size(EVPobject * self,void * closure)617 EVP_get_block_size(EVPobject *self, void *closure)
618 {
619 long block_size;
620 block_size = EVP_MD_CTX_block_size(self->ctx);
621 return PyLong_FromLong(block_size);
622 }
623
624 static PyObject *
EVP_get_digest_size(EVPobject * self,void * closure)625 EVP_get_digest_size(EVPobject *self, void *closure)
626 {
627 long size;
628 size = EVP_MD_CTX_size(self->ctx);
629 return PyLong_FromLong(size);
630 }
631
632 static PyObject *
EVP_get_name(EVPobject * self,void * closure)633 EVP_get_name(EVPobject *self, void *closure)
634 {
635 return py_digest_name(EVP_MD_CTX_md(self->ctx));
636 }
637
638 static PyGetSetDef EVP_getseters[] = {
639 {"digest_size",
640 (getter)EVP_get_digest_size, NULL,
641 NULL,
642 NULL},
643 {"block_size",
644 (getter)EVP_get_block_size, NULL,
645 NULL,
646 NULL},
647 {"name",
648 (getter)EVP_get_name, NULL,
649 NULL,
650 PyDoc_STR("algorithm name.")},
651 {NULL} /* Sentinel */
652 };
653
654
655 static PyObject *
EVP_repr(EVPobject * self)656 EVP_repr(EVPobject *self)
657 {
658 PyObject *name_obj, *repr;
659 name_obj = py_digest_name(EVP_MD_CTX_md(self->ctx));
660 if (!name_obj) {
661 return NULL;
662 }
663 repr = PyUnicode_FromFormat("<%U %s object @ %p>",
664 name_obj, Py_TYPE(self)->tp_name, self);
665 Py_DECREF(name_obj);
666 return repr;
667 }
668
669 PyDoc_STRVAR(hashtype_doc,
670 "HASH(name, string=b\'\')\n"
671 "--\n"
672 "\n"
673 "A hash is an object used to calculate a checksum of a string of information.\n"
674 "\n"
675 "Methods:\n"
676 "\n"
677 "update() -- updates the current digest with an additional string\n"
678 "digest() -- return the current digest value\n"
679 "hexdigest() -- return the current digest as a string of hexadecimal digits\n"
680 "copy() -- return a copy of the current hash object\n"
681 "\n"
682 "Attributes:\n"
683 "\n"
684 "name -- the hash algorithm being used by this object\n"
685 "digest_size -- number of bytes in this hashes output");
686
687 static PyType_Slot EVPtype_slots[] = {
688 {Py_tp_dealloc, EVP_dealloc},
689 {Py_tp_repr, EVP_repr},
690 {Py_tp_doc, (char *)hashtype_doc},
691 {Py_tp_methods, EVP_methods},
692 {Py_tp_getset, EVP_getseters},
693 {0, 0},
694 };
695
696 static PyType_Spec EVPtype_spec = {
697 "_hashlib.HASH", /*tp_name*/
698 sizeof(EVPobject), /*tp_basicsize*/
699 0, /*tp_itemsize*/
700 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
701 EVPtype_slots
702 };
703
704 #ifdef PY_OPENSSL_HAS_SHAKE
705
706 /*[clinic input]
707 _hashlib.HASHXOF.digest as EVPXOF_digest
708
709 length: Py_ssize_t
710
711 Return the digest value as a bytes object.
712 [clinic start generated code]*/
713
714 static PyObject *
EVPXOF_digest_impl(EVPobject * self,Py_ssize_t length)715 EVPXOF_digest_impl(EVPobject *self, Py_ssize_t length)
716 /*[clinic end generated code: output=ef9320c23280efad input=816a6537cea3d1db]*/
717 {
718 EVP_MD_CTX *temp_ctx;
719 PyObject *retval = PyBytes_FromStringAndSize(NULL, length);
720
721 if (retval == NULL) {
722 return NULL;
723 }
724
725 temp_ctx = EVP_MD_CTX_new();
726 if (temp_ctx == NULL) {
727 Py_DECREF(retval);
728 PyErr_NoMemory();
729 return NULL;
730 }
731
732 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
733 Py_DECREF(retval);
734 EVP_MD_CTX_free(temp_ctx);
735 return _setException(PyExc_ValueError, NULL);
736 }
737 if (!EVP_DigestFinalXOF(temp_ctx,
738 (unsigned char*)PyBytes_AS_STRING(retval),
739 length)) {
740 Py_DECREF(retval);
741 EVP_MD_CTX_free(temp_ctx);
742 _setException(PyExc_ValueError, NULL);
743 return NULL;
744 }
745
746 EVP_MD_CTX_free(temp_ctx);
747 return retval;
748 }
749
750 /*[clinic input]
751 _hashlib.HASHXOF.hexdigest as EVPXOF_hexdigest
752
753 length: Py_ssize_t
754
755 Return the digest value as a string of hexadecimal digits.
756 [clinic start generated code]*/
757
758 static PyObject *
EVPXOF_hexdigest_impl(EVPobject * self,Py_ssize_t length)759 EVPXOF_hexdigest_impl(EVPobject *self, Py_ssize_t length)
760 /*[clinic end generated code: output=eb3e6ee7788bf5b2 input=5f9d6a8f269e34df]*/
761 {
762 unsigned char *digest;
763 EVP_MD_CTX *temp_ctx;
764 PyObject *retval;
765
766 digest = (unsigned char*)PyMem_Malloc(length);
767 if (digest == NULL) {
768 PyErr_NoMemory();
769 return NULL;
770 }
771
772 temp_ctx = EVP_MD_CTX_new();
773 if (temp_ctx == NULL) {
774 PyMem_Free(digest);
775 PyErr_NoMemory();
776 return NULL;
777 }
778
779 /* Get the raw (binary) digest value */
780 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
781 PyMem_Free(digest);
782 EVP_MD_CTX_free(temp_ctx);
783 return _setException(PyExc_ValueError, NULL);
784 }
785 if (!EVP_DigestFinalXOF(temp_ctx, digest, length)) {
786 PyMem_Free(digest);
787 EVP_MD_CTX_free(temp_ctx);
788 _setException(PyExc_ValueError, NULL);
789 return NULL;
790 }
791
792 EVP_MD_CTX_free(temp_ctx);
793
794 retval = _Py_strhex((const char *)digest, length);
795 PyMem_Free(digest);
796 return retval;
797 }
798
799 static PyMethodDef EVPXOF_methods[] = {
800 EVPXOF_DIGEST_METHODDEF
801 EVPXOF_HEXDIGEST_METHODDEF
802 {NULL, NULL} /* sentinel */
803 };
804
805
806 static PyObject *
EVPXOF_get_digest_size(EVPobject * self,void * closure)807 EVPXOF_get_digest_size(EVPobject *self, void *closure)
808 {
809 return PyLong_FromLong(0);
810 }
811
812 static PyGetSetDef EVPXOF_getseters[] = {
813 {"digest_size",
814 (getter)EVPXOF_get_digest_size, NULL,
815 NULL,
816 NULL},
817 {NULL} /* Sentinel */
818 };
819
820 PyDoc_STRVAR(hashxoftype_doc,
821 "HASHXOF(name, string=b\'\')\n"
822 "--\n"
823 "\n"
824 "A hash is an object used to calculate a checksum of a string of information.\n"
825 "\n"
826 "Methods:\n"
827 "\n"
828 "update() -- updates the current digest with an additional string\n"
829 "digest(length) -- return the current digest value\n"
830 "hexdigest(length) -- return the current digest as a string of hexadecimal digits\n"
831 "copy() -- return a copy of the current hash object\n"
832 "\n"
833 "Attributes:\n"
834 "\n"
835 "name -- the hash algorithm being used by this object\n"
836 "digest_size -- number of bytes in this hashes output");
837
838 static PyType_Slot EVPXOFtype_slots[] = {
839 {Py_tp_doc, (char *)hashxoftype_doc},
840 {Py_tp_methods, EVPXOF_methods},
841 {Py_tp_getset, EVPXOF_getseters},
842 {0, 0},
843 };
844
845 static PyType_Spec EVPXOFtype_spec = {
846 "_hashlib.HASHXOF", /*tp_name*/
847 sizeof(EVPobject), /*tp_basicsize*/
848 0, /*tp_itemsize*/
849 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
850 EVPXOFtype_slots
851 };
852
853
854 #endif
855
856 static PyObject*
py_evp_fromname(PyObject * module,const char * digestname,PyObject * data_obj,int usedforsecurity)857 py_evp_fromname(PyObject *module, const char *digestname, PyObject *data_obj,
858 int usedforsecurity)
859 {
860 Py_buffer view = { 0 };
861 PY_EVP_MD *digest = NULL;
862 PyTypeObject *type;
863 EVPobject *self = NULL;
864
865 if (data_obj != NULL) {
866 GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view);
867 }
868
869 digest = py_digest_by_name(
870 module, digestname, usedforsecurity ? Py_ht_evp : Py_ht_evp_nosecurity
871 );
872 if (digest == NULL) {
873 goto exit;
874 }
875
876 if ((EVP_MD_flags(digest) & EVP_MD_FLAG_XOF) == EVP_MD_FLAG_XOF) {
877 type = get_hashlib_state(module)->EVPXOFtype;
878 } else {
879 type = get_hashlib_state(module)->EVPtype;
880 }
881
882 self = newEVPobject(type);
883 if (self == NULL) {
884 goto exit;
885 }
886
887 #if defined(EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) && OPENSSL_VERSION_NUMBER < 0x30000000L
888 // In OpenSSL 1.1.1 the non FIPS allowed flag is context specific while
889 // in 3.0.0 it is a different EVP_MD provider.
890 if (!usedforsecurity) {
891 EVP_MD_CTX_set_flags(self->ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
892 }
893 #endif
894
895 int result = EVP_DigestInit_ex(self->ctx, digest, NULL);
896 if (!result) {
897 _setException(PyExc_ValueError, NULL);
898 Py_CLEAR(self);
899 goto exit;
900 }
901
902 if (view.buf && view.len) {
903 if (view.len >= HASHLIB_GIL_MINSIZE) {
904 Py_BEGIN_ALLOW_THREADS
905 result = EVP_hash(self, view.buf, view.len);
906 Py_END_ALLOW_THREADS
907 } else {
908 result = EVP_hash(self, view.buf, view.len);
909 }
910 if (result == -1) {
911 Py_CLEAR(self);
912 goto exit;
913 }
914 }
915
916 exit:
917 if (data_obj != NULL) {
918 PyBuffer_Release(&view);
919 }
920 if (digest != NULL) {
921 PY_EVP_MD_free(digest);
922 }
923
924 return (PyObject *)self;
925 }
926
927
928 /* The module-level function: new() */
929
930 /*[clinic input]
931 _hashlib.new as EVP_new
932
933 name as name_obj: object
934 string as data_obj: object(c_default="NULL") = b''
935 *
936 usedforsecurity: bool = True
937
938 Return a new hash object using the named algorithm.
939
940 An optional string argument may be provided and will be
941 automatically hashed.
942
943 The MD5 and SHA1 algorithms are always supported.
944 [clinic start generated code]*/
945
946 static PyObject *
EVP_new_impl(PyObject * module,PyObject * name_obj,PyObject * data_obj,int usedforsecurity)947 EVP_new_impl(PyObject *module, PyObject *name_obj, PyObject *data_obj,
948 int usedforsecurity)
949 /*[clinic end generated code: output=ddd5053f92dffe90 input=c24554d0337be1b0]*/
950 {
951 char *name;
952 if (!PyArg_Parse(name_obj, "s", &name)) {
953 PyErr_SetString(PyExc_TypeError, "name must be a string");
954 return NULL;
955 }
956 return py_evp_fromname(module, name, data_obj, usedforsecurity);
957 }
958
959
960 /*[clinic input]
961 _hashlib.openssl_md5
962
963 string as data_obj: object(py_default="b''") = NULL
964 *
965 usedforsecurity: bool = True
966
967 Returns a md5 hash object; optionally initialized with a string
968
969 [clinic start generated code]*/
970
971 static PyObject *
_hashlib_openssl_md5_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)972 _hashlib_openssl_md5_impl(PyObject *module, PyObject *data_obj,
973 int usedforsecurity)
974 /*[clinic end generated code: output=87b0186440a44f8c input=990e36d5e689b16e]*/
975 {
976 return py_evp_fromname(module, Py_hash_md5, data_obj, usedforsecurity);
977 }
978
979
980 /*[clinic input]
981 _hashlib.openssl_sha1
982
983 string as data_obj: object(py_default="b''") = NULL
984 *
985 usedforsecurity: bool = True
986
987 Returns a sha1 hash object; optionally initialized with a string
988
989 [clinic start generated code]*/
990
991 static PyObject *
_hashlib_openssl_sha1_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)992 _hashlib_openssl_sha1_impl(PyObject *module, PyObject *data_obj,
993 int usedforsecurity)
994 /*[clinic end generated code: output=6813024cf690670d input=948f2f4b6deabc10]*/
995 {
996 return py_evp_fromname(module, Py_hash_sha1, data_obj, usedforsecurity);
997 }
998
999
1000 /*[clinic input]
1001 _hashlib.openssl_sha224
1002
1003 string as data_obj: object(py_default="b''") = NULL
1004 *
1005 usedforsecurity: bool = True
1006
1007 Returns a sha224 hash object; optionally initialized with a string
1008
1009 [clinic start generated code]*/
1010
1011 static PyObject *
_hashlib_openssl_sha224_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1012 _hashlib_openssl_sha224_impl(PyObject *module, PyObject *data_obj,
1013 int usedforsecurity)
1014 /*[clinic end generated code: output=a2dfe7cc4eb14ebb input=f9272821fadca505]*/
1015 {
1016 return py_evp_fromname(module, Py_hash_sha224, data_obj, usedforsecurity);
1017 }
1018
1019
1020 /*[clinic input]
1021 _hashlib.openssl_sha256
1022
1023 string as data_obj: object(py_default="b''") = NULL
1024 *
1025 usedforsecurity: bool = True
1026
1027 Returns a sha256 hash object; optionally initialized with a string
1028
1029 [clinic start generated code]*/
1030
1031 static PyObject *
_hashlib_openssl_sha256_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1032 _hashlib_openssl_sha256_impl(PyObject *module, PyObject *data_obj,
1033 int usedforsecurity)
1034 /*[clinic end generated code: output=1f874a34870f0a68 input=549fad9d2930d4c5]*/
1035 {
1036 return py_evp_fromname(module, Py_hash_sha256, data_obj, usedforsecurity);
1037 }
1038
1039
1040 /*[clinic input]
1041 _hashlib.openssl_sha384
1042
1043 string as data_obj: object(py_default="b''") = NULL
1044 *
1045 usedforsecurity: bool = True
1046
1047 Returns a sha384 hash object; optionally initialized with a string
1048
1049 [clinic start generated code]*/
1050
1051 static PyObject *
_hashlib_openssl_sha384_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1052 _hashlib_openssl_sha384_impl(PyObject *module, PyObject *data_obj,
1053 int usedforsecurity)
1054 /*[clinic end generated code: output=58529eff9ca457b2 input=48601a6e3bf14ad7]*/
1055 {
1056 return py_evp_fromname(module, Py_hash_sha384, data_obj, usedforsecurity);
1057 }
1058
1059
1060 /*[clinic input]
1061 _hashlib.openssl_sha512
1062
1063 string as data_obj: object(py_default="b''") = NULL
1064 *
1065 usedforsecurity: bool = True
1066
1067 Returns a sha512 hash object; optionally initialized with a string
1068
1069 [clinic start generated code]*/
1070
1071 static PyObject *
_hashlib_openssl_sha512_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1072 _hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj,
1073 int usedforsecurity)
1074 /*[clinic end generated code: output=2c744c9e4a40d5f6 input=c5c46a2a817aa98f]*/
1075 {
1076 return py_evp_fromname(module, Py_hash_sha512, data_obj, usedforsecurity);
1077 }
1078
1079
1080 #ifdef PY_OPENSSL_HAS_SHA3
1081
1082 /*[clinic input]
1083 _hashlib.openssl_sha3_224
1084
1085 string as data_obj: object(py_default="b''") = NULL
1086 *
1087 usedforsecurity: bool = True
1088
1089 Returns a sha3-224 hash object; optionally initialized with a string
1090
1091 [clinic start generated code]*/
1092
1093 static PyObject *
_hashlib_openssl_sha3_224_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1094 _hashlib_openssl_sha3_224_impl(PyObject *module, PyObject *data_obj,
1095 int usedforsecurity)
1096 /*[clinic end generated code: output=144641c1d144b974 input=e3a01b2888916157]*/
1097 {
1098 return py_evp_fromname(module, Py_hash_sha3_224, data_obj, usedforsecurity);
1099 }
1100
1101 /*[clinic input]
1102 _hashlib.openssl_sha3_256
1103
1104 string as data_obj: object(py_default="b''") = NULL
1105 *
1106 usedforsecurity: bool = True
1107
1108 Returns a sha3-256 hash object; optionally initialized with a string
1109
1110 [clinic start generated code]*/
1111
1112 static PyObject *
_hashlib_openssl_sha3_256_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1113 _hashlib_openssl_sha3_256_impl(PyObject *module, PyObject *data_obj,
1114 int usedforsecurity)
1115 /*[clinic end generated code: output=c61f1ab772d06668 input=e2908126c1b6deed]*/
1116 {
1117 return py_evp_fromname(module, Py_hash_sha3_256, data_obj , usedforsecurity);
1118 }
1119
1120 /*[clinic input]
1121 _hashlib.openssl_sha3_384
1122
1123 string as data_obj: object(py_default="b''") = NULL
1124 *
1125 usedforsecurity: bool = True
1126
1127 Returns a sha3-384 hash object; optionally initialized with a string
1128
1129 [clinic start generated code]*/
1130
1131 static PyObject *
_hashlib_openssl_sha3_384_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1132 _hashlib_openssl_sha3_384_impl(PyObject *module, PyObject *data_obj,
1133 int usedforsecurity)
1134 /*[clinic end generated code: output=f68e4846858cf0ee input=ec0edf5c792f8252]*/
1135 {
1136 return py_evp_fromname(module, Py_hash_sha3_384, data_obj , usedforsecurity);
1137 }
1138
1139 /*[clinic input]
1140 _hashlib.openssl_sha3_512
1141
1142 string as data_obj: object(py_default="b''") = NULL
1143 *
1144 usedforsecurity: bool = True
1145
1146 Returns a sha3-512 hash object; optionally initialized with a string
1147
1148 [clinic start generated code]*/
1149
1150 static PyObject *
_hashlib_openssl_sha3_512_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1151 _hashlib_openssl_sha3_512_impl(PyObject *module, PyObject *data_obj,
1152 int usedforsecurity)
1153 /*[clinic end generated code: output=2eede478c159354a input=64e2cc0c094d56f4]*/
1154 {
1155 return py_evp_fromname(module, Py_hash_sha3_512, data_obj , usedforsecurity);
1156 }
1157 #endif /* PY_OPENSSL_HAS_SHA3 */
1158
1159 #ifdef PY_OPENSSL_HAS_SHAKE
1160 /*[clinic input]
1161 _hashlib.openssl_shake_128
1162
1163 string as data_obj: object(py_default="b''") = NULL
1164 *
1165 usedforsecurity: bool = True
1166
1167 Returns a shake-128 variable hash object; optionally initialized with a string
1168
1169 [clinic start generated code]*/
1170
1171 static PyObject *
_hashlib_openssl_shake_128_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1172 _hashlib_openssl_shake_128_impl(PyObject *module, PyObject *data_obj,
1173 int usedforsecurity)
1174 /*[clinic end generated code: output=bc49cdd8ada1fa97 input=6c9d67440eb33ec8]*/
1175 {
1176 return py_evp_fromname(module, Py_hash_shake_128, data_obj , usedforsecurity);
1177 }
1178
1179 /*[clinic input]
1180 _hashlib.openssl_shake_256
1181
1182 string as data_obj: object(py_default="b''") = NULL
1183 *
1184 usedforsecurity: bool = True
1185
1186 Returns a shake-256 variable hash object; optionally initialized with a string
1187
1188 [clinic start generated code]*/
1189
1190 static PyObject *
_hashlib_openssl_shake_256_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1191 _hashlib_openssl_shake_256_impl(PyObject *module, PyObject *data_obj,
1192 int usedforsecurity)
1193 /*[clinic end generated code: output=358d213be8852df7 input=479cbe9fefd4a9f8]*/
1194 {
1195 return py_evp_fromname(module, Py_hash_shake_256, data_obj , usedforsecurity);
1196 }
1197 #endif /* PY_OPENSSL_HAS_SHAKE */
1198
1199 /*[clinic input]
1200 _hashlib.pbkdf2_hmac as pbkdf2_hmac
1201
1202 hash_name: str
1203 password: Py_buffer
1204 salt: Py_buffer
1205 iterations: long
1206 dklen as dklen_obj: object = None
1207
1208 Password based key derivation function 2 (PKCS #5 v2.0) with HMAC as pseudorandom function.
1209 [clinic start generated code]*/
1210
1211 static PyObject *
pbkdf2_hmac_impl(PyObject * module,const char * hash_name,Py_buffer * password,Py_buffer * salt,long iterations,PyObject * dklen_obj)1212 pbkdf2_hmac_impl(PyObject *module, const char *hash_name,
1213 Py_buffer *password, Py_buffer *salt, long iterations,
1214 PyObject *dklen_obj)
1215 /*[clinic end generated code: output=144b76005416599b input=ed3ab0d2d28b5d5c]*/
1216 {
1217 PyObject *key_obj = NULL;
1218 char *key;
1219 long dklen;
1220 int retval;
1221
1222 PY_EVP_MD *digest = py_digest_by_name(module, hash_name, Py_ht_pbkdf2);
1223 if (digest == NULL) {
1224 goto end;
1225 }
1226
1227 if (password->len > INT_MAX) {
1228 PyErr_SetString(PyExc_OverflowError,
1229 "password is too long.");
1230 goto end;
1231 }
1232
1233 if (salt->len > INT_MAX) {
1234 PyErr_SetString(PyExc_OverflowError,
1235 "salt is too long.");
1236 goto end;
1237 }
1238
1239 if (iterations < 1) {
1240 PyErr_SetString(PyExc_ValueError,
1241 "iteration value must be greater than 0.");
1242 goto end;
1243 }
1244 if (iterations > INT_MAX) {
1245 PyErr_SetString(PyExc_OverflowError,
1246 "iteration value is too great.");
1247 goto end;
1248 }
1249
1250 if (dklen_obj == Py_None) {
1251 dklen = EVP_MD_size(digest);
1252 } else {
1253 dklen = PyLong_AsLong(dklen_obj);
1254 if ((dklen == -1) && PyErr_Occurred()) {
1255 goto end;
1256 }
1257 }
1258 if (dklen < 1) {
1259 PyErr_SetString(PyExc_ValueError,
1260 "key length must be greater than 0.");
1261 goto end;
1262 }
1263 if (dklen > INT_MAX) {
1264 /* INT_MAX is always smaller than dkLen max (2^32 - 1) * hLen */
1265 PyErr_SetString(PyExc_OverflowError,
1266 "key length is too great.");
1267 goto end;
1268 }
1269
1270 key_obj = PyBytes_FromStringAndSize(NULL, dklen);
1271 if (key_obj == NULL) {
1272 goto end;
1273 }
1274 key = PyBytes_AS_STRING(key_obj);
1275
1276 Py_BEGIN_ALLOW_THREADS
1277 retval = PKCS5_PBKDF2_HMAC((char*)password->buf, (int)password->len,
1278 (unsigned char *)salt->buf, (int)salt->len,
1279 iterations, digest, dklen,
1280 (unsigned char *)key);
1281 Py_END_ALLOW_THREADS
1282
1283 if (!retval) {
1284 Py_CLEAR(key_obj);
1285 _setException(PyExc_ValueError, NULL);
1286 goto end;
1287 }
1288
1289 end:
1290 if (digest != NULL) {
1291 PY_EVP_MD_free(digest);
1292 }
1293 return key_obj;
1294 }
1295
1296 #ifdef PY_OPENSSL_HAS_SCRYPT
1297
1298 /* XXX: Parameters salt, n, r and p should be required keyword-only parameters.
1299 They are optional in the Argument Clinic declaration only due to a
1300 limitation of PyArg_ParseTupleAndKeywords. */
1301
1302 /*[clinic input]
1303 _hashlib.scrypt
1304
1305 password: Py_buffer
1306 *
1307 salt: Py_buffer = None
1308 n as n_obj: object(subclass_of='&PyLong_Type') = None
1309 r as r_obj: object(subclass_of='&PyLong_Type') = None
1310 p as p_obj: object(subclass_of='&PyLong_Type') = None
1311 maxmem: long = 0
1312 dklen: long = 64
1313
1314
1315 scrypt password-based key derivation function.
1316 [clinic start generated code]*/
1317
1318 static PyObject *
_hashlib_scrypt_impl(PyObject * module,Py_buffer * password,Py_buffer * salt,PyObject * n_obj,PyObject * r_obj,PyObject * p_obj,long maxmem,long dklen)1319 _hashlib_scrypt_impl(PyObject *module, Py_buffer *password, Py_buffer *salt,
1320 PyObject *n_obj, PyObject *r_obj, PyObject *p_obj,
1321 long maxmem, long dklen)
1322 /*[clinic end generated code: output=14849e2aa2b7b46c input=48a7d63bf3f75c42]*/
1323 {
1324 PyObject *key_obj = NULL;
1325 char *key;
1326 int retval;
1327 unsigned long n, r, p;
1328
1329 if (password->len > INT_MAX) {
1330 PyErr_SetString(PyExc_OverflowError,
1331 "password is too long.");
1332 return NULL;
1333 }
1334
1335 if (salt->buf == NULL) {
1336 PyErr_SetString(PyExc_TypeError,
1337 "salt is required");
1338 return NULL;
1339 }
1340 if (salt->len > INT_MAX) {
1341 PyErr_SetString(PyExc_OverflowError,
1342 "salt is too long.");
1343 return NULL;
1344 }
1345
1346 n = PyLong_AsUnsignedLong(n_obj);
1347 if (n == (unsigned long) -1 && PyErr_Occurred()) {
1348 PyErr_SetString(PyExc_TypeError,
1349 "n is required and must be an unsigned int");
1350 return NULL;
1351 }
1352 if (n < 2 || n & (n - 1)) {
1353 PyErr_SetString(PyExc_ValueError,
1354 "n must be a power of 2.");
1355 return NULL;
1356 }
1357
1358 r = PyLong_AsUnsignedLong(r_obj);
1359 if (r == (unsigned long) -1 && PyErr_Occurred()) {
1360 PyErr_SetString(PyExc_TypeError,
1361 "r is required and must be an unsigned int");
1362 return NULL;
1363 }
1364
1365 p = PyLong_AsUnsignedLong(p_obj);
1366 if (p == (unsigned long) -1 && PyErr_Occurred()) {
1367 PyErr_SetString(PyExc_TypeError,
1368 "p is required and must be an unsigned int");
1369 return NULL;
1370 }
1371
1372 if (maxmem < 0 || maxmem > INT_MAX) {
1373 /* OpenSSL 1.1.0 restricts maxmem to 32 MiB. It may change in the
1374 future. The maxmem constant is private to OpenSSL. */
1375 PyErr_Format(PyExc_ValueError,
1376 "maxmem must be positive and smaller than %d",
1377 INT_MAX);
1378 return NULL;
1379 }
1380
1381 if (dklen < 1 || dklen > INT_MAX) {
1382 PyErr_Format(PyExc_ValueError,
1383 "dklen must be greater than 0 and smaller than %d",
1384 INT_MAX);
1385 return NULL;
1386 }
1387
1388 /* let OpenSSL validate the rest */
1389 retval = EVP_PBE_scrypt(NULL, 0, NULL, 0, n, r, p, maxmem, NULL, 0);
1390 if (!retval) {
1391 _setException(PyExc_ValueError, "Invalid parameter combination for n, r, p, maxmem.");
1392 return NULL;
1393 }
1394
1395 key_obj = PyBytes_FromStringAndSize(NULL, dklen);
1396 if (key_obj == NULL) {
1397 return NULL;
1398 }
1399 key = PyBytes_AS_STRING(key_obj);
1400
1401 Py_BEGIN_ALLOW_THREADS
1402 retval = EVP_PBE_scrypt(
1403 (const char*)password->buf, (size_t)password->len,
1404 (const unsigned char *)salt->buf, (size_t)salt->len,
1405 n, r, p, maxmem,
1406 (unsigned char *)key, (size_t)dklen
1407 );
1408 Py_END_ALLOW_THREADS
1409
1410 if (!retval) {
1411 Py_CLEAR(key_obj);
1412 _setException(PyExc_ValueError, NULL);
1413 return NULL;
1414 }
1415 return key_obj;
1416 }
1417 #endif /* PY_OPENSSL_HAS_SCRYPT */
1418
1419 /* Fast HMAC for hmac.digest()
1420 */
1421
1422 /*[clinic input]
1423 _hashlib.hmac_digest as _hashlib_hmac_singleshot
1424
1425 key: Py_buffer
1426 msg: Py_buffer
1427 digest: object
1428
1429 Single-shot HMAC.
1430 [clinic start generated code]*/
1431
1432 static PyObject *
_hashlib_hmac_singleshot_impl(PyObject * module,Py_buffer * key,Py_buffer * msg,PyObject * digest)1433 _hashlib_hmac_singleshot_impl(PyObject *module, Py_buffer *key,
1434 Py_buffer *msg, PyObject *digest)
1435 /*[clinic end generated code: output=82f19965d12706ac input=0a0790cc3db45c2e]*/
1436 {
1437 unsigned char md[EVP_MAX_MD_SIZE] = {0};
1438 unsigned int md_len = 0;
1439 unsigned char *result;
1440 PY_EVP_MD *evp;
1441
1442 if (key->len > INT_MAX) {
1443 PyErr_SetString(PyExc_OverflowError,
1444 "key is too long.");
1445 return NULL;
1446 }
1447 if (msg->len > INT_MAX) {
1448 PyErr_SetString(PyExc_OverflowError,
1449 "msg is too long.");
1450 return NULL;
1451 }
1452
1453 evp = py_digest_by_digestmod(module, digest, Py_ht_mac);
1454 if (evp == NULL) {
1455 return NULL;
1456 }
1457
1458 Py_BEGIN_ALLOW_THREADS
1459 result = HMAC(
1460 evp,
1461 (const void*)key->buf, (int)key->len,
1462 (const unsigned char*)msg->buf, (int)msg->len,
1463 md, &md_len
1464 );
1465 Py_END_ALLOW_THREADS
1466 PY_EVP_MD_free(evp);
1467
1468 if (result == NULL) {
1469 _setException(PyExc_ValueError, NULL);
1470 return NULL;
1471 }
1472 return PyBytes_FromStringAndSize((const char*)md, md_len);
1473 }
1474
1475 /* OpenSSL-based HMAC implementation
1476 */
1477
1478 static int _hmac_update(HMACobject*, PyObject*);
1479
1480 /*[clinic input]
1481 _hashlib.hmac_new
1482
1483 key: Py_buffer
1484 msg as msg_obj: object(c_default="NULL") = b''
1485 digestmod: object(c_default="NULL") = None
1486
1487 Return a new hmac object.
1488 [clinic start generated code]*/
1489
1490 static PyObject *
_hashlib_hmac_new_impl(PyObject * module,Py_buffer * key,PyObject * msg_obj,PyObject * digestmod)1491 _hashlib_hmac_new_impl(PyObject *module, Py_buffer *key, PyObject *msg_obj,
1492 PyObject *digestmod)
1493 /*[clinic end generated code: output=c20d9e4d9ed6d219 input=5f4071dcc7f34362]*/
1494 {
1495 PyTypeObject *type = get_hashlib_state(module)->HMACtype;
1496 PY_EVP_MD *digest;
1497 HMAC_CTX *ctx = NULL;
1498 HMACobject *self = NULL;
1499 int r;
1500
1501 if (key->len > INT_MAX) {
1502 PyErr_SetString(PyExc_OverflowError,
1503 "key is too long.");
1504 return NULL;
1505 }
1506
1507 if (digestmod == NULL) {
1508 PyErr_SetString(
1509 PyExc_TypeError, "Missing required parameter 'digestmod'.");
1510 return NULL;
1511 }
1512
1513 digest = py_digest_by_digestmod(module, digestmod, Py_ht_mac);
1514 if (digest == NULL) {
1515 return NULL;
1516 }
1517
1518 ctx = HMAC_CTX_new();
1519 if (ctx == NULL) {
1520 _setException(PyExc_ValueError, NULL);
1521 goto error;
1522 }
1523
1524 r = HMAC_Init_ex(
1525 ctx,
1526 (const char*)key->buf,
1527 (int)key->len,
1528 digest,
1529 NULL /*impl*/);
1530 PY_EVP_MD_free(digest);
1531 if (r == 0) {
1532 _setException(PyExc_ValueError, NULL);
1533 goto error;
1534 }
1535
1536 self = (HMACobject *)PyObject_New(HMACobject, type);
1537 if (self == NULL) {
1538 goto error;
1539 }
1540
1541 self->ctx = ctx;
1542 self->lock = NULL;
1543
1544 if ((msg_obj != NULL) && (msg_obj != Py_None)) {
1545 if (!_hmac_update(self, msg_obj))
1546 goto error;
1547 }
1548
1549 return (PyObject*)self;
1550
1551 error:
1552 if (ctx) HMAC_CTX_free(ctx);
1553 if (self) PyObject_Free(self);
1554 return NULL;
1555 }
1556
1557 /* helper functions */
1558 static int
locked_HMAC_CTX_copy(HMAC_CTX * new_ctx_p,HMACobject * self)1559 locked_HMAC_CTX_copy(HMAC_CTX *new_ctx_p, HMACobject *self)
1560 {
1561 int result;
1562 ENTER_HASHLIB(self);
1563 result = HMAC_CTX_copy(new_ctx_p, self->ctx);
1564 LEAVE_HASHLIB(self);
1565 return result;
1566 }
1567
1568 static unsigned int
_hmac_digest_size(HMACobject * self)1569 _hmac_digest_size(HMACobject *self)
1570 {
1571 unsigned int digest_size = EVP_MD_size(HMAC_CTX_get_md(self->ctx));
1572 assert(digest_size <= EVP_MAX_MD_SIZE);
1573 return digest_size;
1574 }
1575
1576 static int
_hmac_update(HMACobject * self,PyObject * obj)1577 _hmac_update(HMACobject *self, PyObject *obj)
1578 {
1579 int r;
1580 Py_buffer view = {0};
1581
1582 GET_BUFFER_VIEW_OR_ERROR(obj, &view, return 0);
1583
1584 if (self->lock == NULL && view.len >= HASHLIB_GIL_MINSIZE) {
1585 self->lock = PyThread_allocate_lock();
1586 /* fail? lock = NULL and we fail over to non-threaded code. */
1587 }
1588
1589 if (self->lock != NULL) {
1590 Py_BEGIN_ALLOW_THREADS
1591 PyThread_acquire_lock(self->lock, 1);
1592 r = HMAC_Update(self->ctx, (const unsigned char*)view.buf, view.len);
1593 PyThread_release_lock(self->lock);
1594 Py_END_ALLOW_THREADS
1595 } else {
1596 r = HMAC_Update(self->ctx, (const unsigned char*)view.buf, view.len);
1597 }
1598
1599 PyBuffer_Release(&view);
1600
1601 if (r == 0) {
1602 _setException(PyExc_ValueError, NULL);
1603 return 0;
1604 }
1605 return 1;
1606 }
1607
1608 /*[clinic input]
1609 _hashlib.HMAC.copy
1610
1611 Return a copy ("clone") of the HMAC object.
1612 [clinic start generated code]*/
1613
1614 static PyObject *
_hashlib_HMAC_copy_impl(HMACobject * self)1615 _hashlib_HMAC_copy_impl(HMACobject *self)
1616 /*[clinic end generated code: output=29aa28b452833127 input=e2fa6a05db61a4d6]*/
1617 {
1618 HMACobject *retval;
1619
1620 HMAC_CTX *ctx = HMAC_CTX_new();
1621 if (ctx == NULL) {
1622 return _setException(PyExc_ValueError, NULL);
1623 }
1624 if (!locked_HMAC_CTX_copy(ctx, self)) {
1625 HMAC_CTX_free(ctx);
1626 return _setException(PyExc_ValueError, NULL);
1627 }
1628
1629 retval = (HMACobject *)PyObject_New(HMACobject, Py_TYPE(self));
1630 if (retval == NULL) {
1631 HMAC_CTX_free(ctx);
1632 return NULL;
1633 }
1634 retval->ctx = ctx;
1635 retval->lock = NULL;
1636
1637 return (PyObject *)retval;
1638 }
1639
1640 static void
_hmac_dealloc(HMACobject * self)1641 _hmac_dealloc(HMACobject *self)
1642 {
1643 PyTypeObject *tp = Py_TYPE(self);
1644 if (self->lock != NULL) {
1645 PyThread_free_lock(self->lock);
1646 }
1647 HMAC_CTX_free(self->ctx);
1648 PyObject_Free(self);
1649 Py_DECREF(tp);
1650 }
1651
1652 static PyObject *
_hmac_repr(HMACobject * self)1653 _hmac_repr(HMACobject *self)
1654 {
1655 PyObject *digest_name = py_digest_name(HMAC_CTX_get_md(self->ctx));
1656 if (digest_name == NULL) {
1657 return NULL;
1658 }
1659 PyObject *repr = PyUnicode_FromFormat(
1660 "<%U HMAC object @ %p>", digest_name, self
1661 );
1662 Py_DECREF(digest_name);
1663 return repr;
1664 }
1665
1666 /*[clinic input]
1667 _hashlib.HMAC.update
1668 msg: object
1669
1670 Update the HMAC object with msg.
1671 [clinic start generated code]*/
1672
1673 static PyObject *
_hashlib_HMAC_update_impl(HMACobject * self,PyObject * msg)1674 _hashlib_HMAC_update_impl(HMACobject *self, PyObject *msg)
1675 /*[clinic end generated code: output=f31f0ace8c625b00 input=1829173bb3cfd4e6]*/
1676 {
1677 if (!_hmac_update(self, msg)) {
1678 return NULL;
1679 }
1680 Py_RETURN_NONE;
1681 }
1682
1683 static int
_hmac_digest(HMACobject * self,unsigned char * buf,unsigned int len)1684 _hmac_digest(HMACobject *self, unsigned char *buf, unsigned int len)
1685 {
1686 HMAC_CTX *temp_ctx = HMAC_CTX_new();
1687 if (temp_ctx == NULL) {
1688 PyErr_NoMemory();
1689 return 0;
1690 }
1691 if (!locked_HMAC_CTX_copy(temp_ctx, self)) {
1692 _setException(PyExc_ValueError, NULL);
1693 return 0;
1694 }
1695 int r = HMAC_Final(temp_ctx, buf, &len);
1696 HMAC_CTX_free(temp_ctx);
1697 if (r == 0) {
1698 _setException(PyExc_ValueError, NULL);
1699 return 0;
1700 }
1701 return 1;
1702 }
1703
1704 /*[clinic input]
1705 _hashlib.HMAC.digest
1706 Return the digest of the bytes passed to the update() method so far.
1707 [clinic start generated code]*/
1708
1709 static PyObject *
_hashlib_HMAC_digest_impl(HMACobject * self)1710 _hashlib_HMAC_digest_impl(HMACobject *self)
1711 /*[clinic end generated code: output=1b1424355af7a41e input=bff07f74da318fb4]*/
1712 {
1713 unsigned char digest[EVP_MAX_MD_SIZE];
1714 unsigned int digest_size = _hmac_digest_size(self);
1715 if (digest_size == 0) {
1716 return _setException(PyExc_ValueError, NULL);
1717 }
1718 int r = _hmac_digest(self, digest, digest_size);
1719 if (r == 0) {
1720 return NULL;
1721 }
1722 return PyBytes_FromStringAndSize((const char *)digest, digest_size);
1723 }
1724
1725 /*[clinic input]
1726 _hashlib.HMAC.hexdigest
1727
1728 Return hexadecimal digest of the bytes passed to the update() method so far.
1729
1730 This may be used to exchange the value safely in email or other non-binary
1731 environments.
1732 [clinic start generated code]*/
1733
1734 static PyObject *
_hashlib_HMAC_hexdigest_impl(HMACobject * self)1735 _hashlib_HMAC_hexdigest_impl(HMACobject *self)
1736 /*[clinic end generated code: output=80d825be1eaae6a7 input=5abc42702874ddcf]*/
1737 {
1738 unsigned char digest[EVP_MAX_MD_SIZE];
1739 unsigned int digest_size = _hmac_digest_size(self);
1740 if (digest_size == 0) {
1741 return _setException(PyExc_ValueError, NULL);
1742 }
1743 int r = _hmac_digest(self, digest, digest_size);
1744 if (r == 0) {
1745 return NULL;
1746 }
1747 return _Py_strhex((const char *)digest, digest_size);
1748 }
1749
1750 static PyObject *
_hashlib_hmac_get_digest_size(HMACobject * self,void * closure)1751 _hashlib_hmac_get_digest_size(HMACobject *self, void *closure)
1752 {
1753 unsigned int digest_size = _hmac_digest_size(self);
1754 if (digest_size == 0) {
1755 return _setException(PyExc_ValueError, NULL);
1756 }
1757 return PyLong_FromLong(digest_size);
1758 }
1759
1760 static PyObject *
_hashlib_hmac_get_block_size(HMACobject * self,void * closure)1761 _hashlib_hmac_get_block_size(HMACobject *self, void *closure)
1762 {
1763 const EVP_MD *md = HMAC_CTX_get_md(self->ctx);
1764 if (md == NULL) {
1765 return _setException(PyExc_ValueError, NULL);
1766 }
1767 return PyLong_FromLong(EVP_MD_block_size(md));
1768 }
1769
1770 static PyObject *
_hashlib_hmac_get_name(HMACobject * self,void * closure)1771 _hashlib_hmac_get_name(HMACobject *self, void *closure)
1772 {
1773 PyObject *digest_name = py_digest_name(HMAC_CTX_get_md(self->ctx));
1774 if (digest_name == NULL) {
1775 return NULL;
1776 }
1777 PyObject *name = PyUnicode_FromFormat("hmac-%U", digest_name);
1778 Py_DECREF(digest_name);
1779 return name;
1780 }
1781
1782 static PyMethodDef HMAC_methods[] = {
1783 _HASHLIB_HMAC_UPDATE_METHODDEF
1784 _HASHLIB_HMAC_DIGEST_METHODDEF
1785 _HASHLIB_HMAC_HEXDIGEST_METHODDEF
1786 _HASHLIB_HMAC_COPY_METHODDEF
1787 {NULL, NULL} /* sentinel */
1788 };
1789
1790 static PyGetSetDef HMAC_getset[] = {
1791 {"digest_size", (getter)_hashlib_hmac_get_digest_size, NULL, NULL, NULL},
1792 {"block_size", (getter)_hashlib_hmac_get_block_size, NULL, NULL, NULL},
1793 {"name", (getter)_hashlib_hmac_get_name, NULL, NULL, NULL},
1794 {NULL} /* Sentinel */
1795 };
1796
1797
1798 PyDoc_STRVAR(hmactype_doc,
1799 "The object used to calculate HMAC of a message.\n\
1800 \n\
1801 Methods:\n\
1802 \n\
1803 update() -- updates the current digest with an additional string\n\
1804 digest() -- return the current digest value\n\
1805 hexdigest() -- return the current digest as a string of hexadecimal digits\n\
1806 copy() -- return a copy of the current hash object\n\
1807 \n\
1808 Attributes:\n\
1809 \n\
1810 name -- the name, including the hash algorithm used by this object\n\
1811 digest_size -- number of bytes in digest() output\n");
1812
1813 static PyType_Slot HMACtype_slots[] = {
1814 {Py_tp_doc, (char *)hmactype_doc},
1815 {Py_tp_repr, (reprfunc)_hmac_repr},
1816 {Py_tp_dealloc,(destructor)_hmac_dealloc},
1817 {Py_tp_methods, HMAC_methods},
1818 {Py_tp_getset, HMAC_getset},
1819 {0, NULL}
1820 };
1821
1822 PyType_Spec HMACtype_spec = {
1823 "_hashlib.HMAC", /* name */
1824 sizeof(HMACobject), /* basicsize */
1825 .flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
1826 .slots = HMACtype_slots,
1827 };
1828
1829
1830 /* State for our callback function so that it can accumulate a result. */
1831 typedef struct _internal_name_mapper_state {
1832 PyObject *set;
1833 int error;
1834 } _InternalNameMapperState;
1835
1836
1837 /* A callback function to pass to OpenSSL's OBJ_NAME_do_all(...) */
1838 static void
_openssl_hash_name_mapper(const EVP_MD * md,const char * from,const char * to,void * arg)1839 _openssl_hash_name_mapper(const EVP_MD *md, const char *from,
1840 const char *to, void *arg)
1841 {
1842 _InternalNameMapperState *state = (_InternalNameMapperState *)arg;
1843 PyObject *py_name;
1844
1845 assert(state != NULL);
1846 if (md == NULL)
1847 return;
1848
1849 py_name = py_digest_name(md);
1850 if (py_name == NULL) {
1851 state->error = 1;
1852 } else {
1853 if (PySet_Add(state->set, py_name) != 0) {
1854 state->error = 1;
1855 }
1856 Py_DECREF(py_name);
1857 }
1858 }
1859
1860
1861 /* Ask OpenSSL for a list of supported ciphers, filling in a Python set. */
1862 static int
hashlib_md_meth_names(PyObject * module)1863 hashlib_md_meth_names(PyObject *module)
1864 {
1865 _InternalNameMapperState state = {
1866 .set = PyFrozenSet_New(NULL),
1867 .error = 0
1868 };
1869 if (state.set == NULL) {
1870 return -1;
1871 }
1872
1873 EVP_MD_do_all(&_openssl_hash_name_mapper, &state);
1874
1875 if (state.error) {
1876 Py_DECREF(state.set);
1877 return -1;
1878 }
1879
1880 if (PyModule_AddObject(module, "openssl_md_meth_names", state.set) < 0) {
1881 Py_DECREF(state.set);
1882 return -1;
1883 }
1884
1885 return 0;
1886 }
1887
1888 /*[clinic input]
1889 _hashlib.get_fips_mode -> int
1890
1891 Determine the OpenSSL FIPS mode of operation.
1892
1893 For OpenSSL 3.0.0 and newer it returns the state of the default provider
1894 in the default OSSL context. It's not quite the same as FIPS_mode() but good
1895 enough for unittests.
1896
1897 Effectively any non-zero return value indicates FIPS mode;
1898 values other than 1 may have additional significance.
1899 [clinic start generated code]*/
1900
1901 static int
_hashlib_get_fips_mode_impl(PyObject * module)1902 _hashlib_get_fips_mode_impl(PyObject *module)
1903 /*[clinic end generated code: output=87eece1bab4d3fa9 input=2db61538c41c6fef]*/
1904
1905 {
1906 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
1907 return EVP_default_properties_is_fips_enabled(NULL);
1908 #else
1909 ERR_clear_error();
1910 int result = FIPS_mode();
1911 if (result == 0) {
1912 // "If the library was built without support of the FIPS Object Module,
1913 // then the function will return 0 with an error code of
1914 // CRYPTO_R_FIPS_MODE_NOT_SUPPORTED (0x0f06d065)."
1915 // But 0 is also a valid result value.
1916 unsigned long errcode = ERR_peek_last_error();
1917 if (errcode) {
1918 _setException(PyExc_ValueError, NULL);
1919 return -1;
1920 }
1921 }
1922 return result;
1923 #endif
1924 }
1925
1926
1927 static int
_tscmp(const unsigned char * a,const unsigned char * b,Py_ssize_t len_a,Py_ssize_t len_b)1928 _tscmp(const unsigned char *a, const unsigned char *b,
1929 Py_ssize_t len_a, Py_ssize_t len_b)
1930 {
1931 /* loop count depends on length of b. Might leak very little timing
1932 * information if sizes are different.
1933 */
1934 Py_ssize_t length = len_b;
1935 const void *left = a;
1936 const void *right = b;
1937 int result = 0;
1938
1939 if (len_a != length) {
1940 left = b;
1941 result = 1;
1942 }
1943
1944 result |= CRYPTO_memcmp(left, right, length);
1945
1946 return (result == 0);
1947 }
1948
1949 /* NOTE: Keep in sync with _operator.c implementation. */
1950
1951 /*[clinic input]
1952 _hashlib.compare_digest
1953
1954 a: object
1955 b: object
1956 /
1957
1958 Return 'a == b'.
1959
1960 This function uses an approach designed to prevent
1961 timing analysis, making it appropriate for cryptography.
1962
1963 a and b must both be of the same type: either str (ASCII only),
1964 or any bytes-like object.
1965
1966 Note: If a and b are of different lengths, or if an error occurs,
1967 a timing attack could theoretically reveal information about the
1968 types and lengths of a and b--but not their values.
1969 [clinic start generated code]*/
1970
1971 static PyObject *
_hashlib_compare_digest_impl(PyObject * module,PyObject * a,PyObject * b)1972 _hashlib_compare_digest_impl(PyObject *module, PyObject *a, PyObject *b)
1973 /*[clinic end generated code: output=6f1c13927480aed9 input=9c40c6e566ca12f5]*/
1974 {
1975 int rc;
1976
1977 /* ASCII unicode string */
1978 if(PyUnicode_Check(a) && PyUnicode_Check(b)) {
1979 if (PyUnicode_READY(a) == -1 || PyUnicode_READY(b) == -1) {
1980 return NULL;
1981 }
1982 if (!PyUnicode_IS_ASCII(a) || !PyUnicode_IS_ASCII(b)) {
1983 PyErr_SetString(PyExc_TypeError,
1984 "comparing strings with non-ASCII characters is "
1985 "not supported");
1986 return NULL;
1987 }
1988
1989 rc = _tscmp(PyUnicode_DATA(a),
1990 PyUnicode_DATA(b),
1991 PyUnicode_GET_LENGTH(a),
1992 PyUnicode_GET_LENGTH(b));
1993 }
1994 /* fallback to buffer interface for bytes, bytesarray and other */
1995 else {
1996 Py_buffer view_a;
1997 Py_buffer view_b;
1998
1999 if (PyObject_CheckBuffer(a) == 0 && PyObject_CheckBuffer(b) == 0) {
2000 PyErr_Format(PyExc_TypeError,
2001 "unsupported operand types(s) or combination of types: "
2002 "'%.100s' and '%.100s'",
2003 Py_TYPE(a)->tp_name, Py_TYPE(b)->tp_name);
2004 return NULL;
2005 }
2006
2007 if (PyObject_GetBuffer(a, &view_a, PyBUF_SIMPLE) == -1) {
2008 return NULL;
2009 }
2010 if (view_a.ndim > 1) {
2011 PyErr_SetString(PyExc_BufferError,
2012 "Buffer must be single dimension");
2013 PyBuffer_Release(&view_a);
2014 return NULL;
2015 }
2016
2017 if (PyObject_GetBuffer(b, &view_b, PyBUF_SIMPLE) == -1) {
2018 PyBuffer_Release(&view_a);
2019 return NULL;
2020 }
2021 if (view_b.ndim > 1) {
2022 PyErr_SetString(PyExc_BufferError,
2023 "Buffer must be single dimension");
2024 PyBuffer_Release(&view_a);
2025 PyBuffer_Release(&view_b);
2026 return NULL;
2027 }
2028
2029 rc = _tscmp((const unsigned char*)view_a.buf,
2030 (const unsigned char*)view_b.buf,
2031 view_a.len,
2032 view_b.len);
2033
2034 PyBuffer_Release(&view_a);
2035 PyBuffer_Release(&view_b);
2036 }
2037
2038 return PyBool_FromLong(rc);
2039 }
2040
2041 /* List of functions exported by this module */
2042
2043 static struct PyMethodDef EVP_functions[] = {
2044 EVP_NEW_METHODDEF
2045 PBKDF2_HMAC_METHODDEF
2046 _HASHLIB_SCRYPT_METHODDEF
2047 _HASHLIB_GET_FIPS_MODE_METHODDEF
2048 _HASHLIB_COMPARE_DIGEST_METHODDEF
2049 _HASHLIB_HMAC_SINGLESHOT_METHODDEF
2050 _HASHLIB_HMAC_NEW_METHODDEF
2051 _HASHLIB_OPENSSL_MD5_METHODDEF
2052 _HASHLIB_OPENSSL_SHA1_METHODDEF
2053 _HASHLIB_OPENSSL_SHA224_METHODDEF
2054 _HASHLIB_OPENSSL_SHA256_METHODDEF
2055 _HASHLIB_OPENSSL_SHA384_METHODDEF
2056 _HASHLIB_OPENSSL_SHA512_METHODDEF
2057 _HASHLIB_OPENSSL_SHA3_224_METHODDEF
2058 _HASHLIB_OPENSSL_SHA3_256_METHODDEF
2059 _HASHLIB_OPENSSL_SHA3_384_METHODDEF
2060 _HASHLIB_OPENSSL_SHA3_512_METHODDEF
2061 _HASHLIB_OPENSSL_SHAKE_128_METHODDEF
2062 _HASHLIB_OPENSSL_SHAKE_256_METHODDEF
2063 {NULL, NULL} /* Sentinel */
2064 };
2065
2066
2067 /* Initialize this module. */
2068
2069 static int
hashlib_traverse(PyObject * m,visitproc visit,void * arg)2070 hashlib_traverse(PyObject *m, visitproc visit, void *arg)
2071 {
2072 _hashlibstate *state = get_hashlib_state(m);
2073 Py_VISIT(state->EVPtype);
2074 Py_VISIT(state->HMACtype);
2075 #ifdef PY_OPENSSL_HAS_SHAKE
2076 Py_VISIT(state->EVPXOFtype);
2077 #endif
2078 Py_VISIT(state->constructs);
2079 Py_VISIT(state->unsupported_digestmod_error);
2080 return 0;
2081 }
2082
2083 static int
hashlib_clear(PyObject * m)2084 hashlib_clear(PyObject *m)
2085 {
2086 _hashlibstate *state = get_hashlib_state(m);
2087 Py_CLEAR(state->EVPtype);
2088 Py_CLEAR(state->HMACtype);
2089 #ifdef PY_OPENSSL_HAS_SHAKE
2090 Py_CLEAR(state->EVPXOFtype);
2091 #endif
2092 Py_CLEAR(state->constructs);
2093 Py_CLEAR(state->unsupported_digestmod_error);
2094
2095 if (state->hashtable != NULL) {
2096 _Py_hashtable_destroy(state->hashtable);
2097 state->hashtable = NULL;
2098 }
2099
2100 return 0;
2101 }
2102
2103 static void
hashlib_free(void * m)2104 hashlib_free(void *m)
2105 {
2106 hashlib_clear((PyObject *)m);
2107 }
2108
2109 /* Py_mod_exec functions */
2110 static int
hashlib_init_hashtable(PyObject * module)2111 hashlib_init_hashtable(PyObject *module)
2112 {
2113 _hashlibstate *state = get_hashlib_state(module);
2114
2115 state->hashtable = py_hashentry_table_new();
2116 if (state->hashtable == NULL) {
2117 PyErr_NoMemory();
2118 return -1;
2119 }
2120 return 0;
2121 }
2122
2123 static int
hashlib_init_evptype(PyObject * module)2124 hashlib_init_evptype(PyObject *module)
2125 {
2126 _hashlibstate *state = get_hashlib_state(module);
2127
2128 state->EVPtype = (PyTypeObject *)PyType_FromSpec(&EVPtype_spec);
2129 if (state->EVPtype == NULL) {
2130 return -1;
2131 }
2132 if (PyModule_AddType(module, state->EVPtype) < 0) {
2133 return -1;
2134 }
2135 return 0;
2136 }
2137
2138 static int
hashlib_init_evpxoftype(PyObject * module)2139 hashlib_init_evpxoftype(PyObject *module)
2140 {
2141 #ifdef PY_OPENSSL_HAS_SHAKE
2142 _hashlibstate *state = get_hashlib_state(module);
2143
2144 if (state->EVPtype == NULL) {
2145 return -1;
2146 }
2147
2148 state->EVPXOFtype = (PyTypeObject *)PyType_FromSpecWithBases(
2149 &EVPXOFtype_spec, (PyObject *)state->EVPtype
2150 );
2151 if (state->EVPXOFtype == NULL) {
2152 return -1;
2153 }
2154 if (PyModule_AddType(module, state->EVPXOFtype) < 0) {
2155 return -1;
2156 }
2157 #endif
2158 return 0;
2159 }
2160
2161 static int
hashlib_init_hmactype(PyObject * module)2162 hashlib_init_hmactype(PyObject *module)
2163 {
2164 _hashlibstate *state = get_hashlib_state(module);
2165
2166 state->HMACtype = (PyTypeObject *)PyType_FromSpec(&HMACtype_spec);
2167 if (state->HMACtype == NULL) {
2168 return -1;
2169 }
2170 if (PyModule_AddType(module, state->HMACtype) < 0) {
2171 return -1;
2172 }
2173 return 0;
2174 }
2175
2176 static int
hashlib_init_constructors(PyObject * module)2177 hashlib_init_constructors(PyObject *module)
2178 {
2179 /* Create dict from builtin openssl_hash functions to name
2180 * {_hashlib.openssl_sha256: "sha256", ...}
2181 */
2182 PyModuleDef *mdef;
2183 PyMethodDef *fdef;
2184 PyObject *proxy;
2185 PyObject *func, *name_obj;
2186 _hashlibstate *state = get_hashlib_state(module);
2187
2188 mdef = PyModule_GetDef(module);
2189 if (mdef == NULL) {
2190 return -1;
2191 }
2192
2193 state->constructs = PyDict_New();
2194 if (state->constructs == NULL) {
2195 return -1;
2196 }
2197
2198 for (fdef = mdef->m_methods; fdef->ml_name != NULL; fdef++) {
2199 if (strncmp(fdef->ml_name, "openssl_", 8)) {
2200 continue;
2201 }
2202 name_obj = PyUnicode_FromString(fdef->ml_name + 8);
2203 if (name_obj == NULL) {
2204 return -1;
2205 }
2206 func = PyObject_GetAttrString(module, fdef->ml_name);
2207 if (func == NULL) {
2208 Py_DECREF(name_obj);
2209 return -1;
2210 }
2211 int rc = PyDict_SetItem(state->constructs, func, name_obj);
2212 Py_DECREF(func);
2213 Py_DECREF(name_obj);
2214 if (rc < 0) {
2215 return -1;
2216 }
2217 }
2218
2219 proxy = PyDictProxy_New(state->constructs);
2220 if (proxy == NULL) {
2221 return -1;
2222 }
2223
2224 int rc = PyModule_AddObjectRef(module, "_constructors", proxy);
2225 Py_DECREF(proxy);
2226 if (rc < 0) {
2227 return -1;
2228 }
2229 return 0;
2230 }
2231
2232 static int
hashlib_exception(PyObject * module)2233 hashlib_exception(PyObject *module)
2234 {
2235 _hashlibstate *state = get_hashlib_state(module);
2236 state->unsupported_digestmod_error = PyErr_NewException(
2237 "_hashlib.UnsupportedDigestmodError", PyExc_ValueError, NULL);
2238 if (state->unsupported_digestmod_error == NULL) {
2239 return -1;
2240 }
2241 if (PyModule_AddObjectRef(module, "UnsupportedDigestmodError",
2242 state->unsupported_digestmod_error) < 0) {
2243 return -1;
2244 }
2245 return 0;
2246 }
2247
2248
2249 static PyModuleDef_Slot hashlib_slots[] = {
2250 {Py_mod_exec, hashlib_init_hashtable},
2251 {Py_mod_exec, hashlib_init_evptype},
2252 {Py_mod_exec, hashlib_init_evpxoftype},
2253 {Py_mod_exec, hashlib_init_hmactype},
2254 {Py_mod_exec, hashlib_md_meth_names},
2255 {Py_mod_exec, hashlib_init_constructors},
2256 {Py_mod_exec, hashlib_exception},
2257 {0, NULL}
2258 };
2259
2260 static struct PyModuleDef _hashlibmodule = {
2261 PyModuleDef_HEAD_INIT,
2262 .m_name = "_hashlib",
2263 .m_doc = "OpenSSL interface for hashlib module",
2264 .m_size = sizeof(_hashlibstate),
2265 .m_methods = EVP_functions,
2266 .m_slots = hashlib_slots,
2267 .m_traverse = hashlib_traverse,
2268 .m_clear = hashlib_clear,
2269 .m_free = hashlib_free
2270 };
2271
2272 PyMODINIT_FUNC
PyInit__hashlib(void)2273 PyInit__hashlib(void)
2274 {
2275 return PyModuleDef_Init(&_hashlibmodule);
2276 }
2277