1 /* SHA2 module */
2
3 /* This provides an interface to NIST's SHA2 224, 256, 384, & 512 Algorithms */
4
5 /* See below for information about the original code this module was
6 based upon. Additional work performed by:
7
8 Andrew Kuchling (amk@amk.ca)
9 Greg Stein (gstein@lyra.org)
10 Trevor Perrin (trevp@trevp.net)
11 Jonathan Protzenko (jonathan@protzenko.fr)
12
13 Copyright (C) 2005-2007 Gregory P. Smith (greg@krypto.org)
14 Licensed to PSF under a Contributor Agreement.
15
16 */
17
18 /* SHA objects */
19 #ifndef Py_BUILD_CORE_BUILTIN
20 # define Py_BUILD_CORE_MODULE 1
21 #endif
22
23 #include "Python.h"
24 #include "pycore_bitutils.h" // _Py_bswap32()
25 #include "pycore_moduleobject.h" // _PyModule_GetState()
26 #include "pycore_typeobject.h" // _PyType_GetModuleState()
27 #include "pycore_strhex.h" // _Py_strhex()
28
29 #include "hashlib.h"
30
31 /*[clinic input]
32 module _sha2
33 class SHA256Type "SHA256object *" "&PyType_Type"
34 class SHA512Type "SHA512object *" "&PyType_Type"
35 [clinic start generated code]*/
36 /*[clinic end generated code: output=da39a3ee5e6b4b0d input=b5315a7b611c9afc]*/
37
38
39 /* The SHA block sizes and maximum message digest sizes, in bytes */
40
41 #define SHA256_BLOCKSIZE 64
42 #define SHA256_DIGESTSIZE 32
43 #define SHA512_BLOCKSIZE 128
44 #define SHA512_DIGESTSIZE 64
45
46 /* Our SHA2 implementations defer to the HACL* verified library. */
47
48 #include "_hacl/Hacl_Hash_SHA2.h"
49
50 // TODO: Get rid of int digestsize in favor of Hacl state info?
51
52 typedef struct {
53 PyObject_HEAD
54 int digestsize;
55 // Prevents undefined behavior via multiple threads entering the C API.
56 bool use_mutex;
57 PyMutex mutex;
58 Hacl_Hash_SHA2_state_t_256 *state;
59 } SHA256object;
60
61 typedef struct {
62 PyObject_HEAD
63 int digestsize;
64 // Prevents undefined behavior via multiple threads entering the C API.
65 bool use_mutex;
66 PyMutex mutex;
67 Hacl_Hash_SHA2_state_t_512 *state;
68 } SHA512object;
69
70 #include "clinic/sha2module.c.h"
71
72 /* We shall use run-time type information in the remainder of this module to
73 * tell apart SHA2-224 and SHA2-256 */
74 typedef struct {
75 PyTypeObject* sha224_type;
76 PyTypeObject* sha256_type;
77 PyTypeObject* sha384_type;
78 PyTypeObject* sha512_type;
79 } sha2_state;
80
81 static inline sha2_state*
sha2_get_state(PyObject * module)82 sha2_get_state(PyObject *module)
83 {
84 void *state = _PyModule_GetState(module);
85 assert(state != NULL);
86 return (sha2_state *)state;
87 }
88
SHA256copy(SHA256object * src,SHA256object * dest)89 static void SHA256copy(SHA256object *src, SHA256object *dest)
90 {
91 dest->digestsize = src->digestsize;
92 dest->state = Hacl_Hash_SHA2_copy_256(src->state);
93 }
94
SHA512copy(SHA512object * src,SHA512object * dest)95 static void SHA512copy(SHA512object *src, SHA512object *dest)
96 {
97 dest->digestsize = src->digestsize;
98 dest->state = Hacl_Hash_SHA2_copy_512(src->state);
99 }
100
101 static SHA256object *
newSHA224object(sha2_state * state)102 newSHA224object(sha2_state *state)
103 {
104 SHA256object *sha = (SHA256object *)PyObject_GC_New(
105 SHA256object, state->sha224_type);
106 if (!sha) {
107 return NULL;
108 }
109 HASHLIB_INIT_MUTEX(sha);
110
111 PyObject_GC_Track(sha);
112 return sha;
113 }
114
115 static SHA256object *
newSHA256object(sha2_state * state)116 newSHA256object(sha2_state *state)
117 {
118 SHA256object *sha = (SHA256object *)PyObject_GC_New(
119 SHA256object, state->sha256_type);
120 if (!sha) {
121 return NULL;
122 }
123 HASHLIB_INIT_MUTEX(sha);
124
125 PyObject_GC_Track(sha);
126 return sha;
127 }
128
129 static SHA512object *
newSHA384object(sha2_state * state)130 newSHA384object(sha2_state *state)
131 {
132 SHA512object *sha = (SHA512object *)PyObject_GC_New(
133 SHA512object, state->sha384_type);
134 if (!sha) {
135 return NULL;
136 }
137 HASHLIB_INIT_MUTEX(sha);
138
139 PyObject_GC_Track(sha);
140 return sha;
141 }
142
143 static SHA512object *
newSHA512object(sha2_state * state)144 newSHA512object(sha2_state *state)
145 {
146 SHA512object *sha = (SHA512object *)PyObject_GC_New(
147 SHA512object, state->sha512_type);
148 if (!sha) {
149 return NULL;
150 }
151 HASHLIB_INIT_MUTEX(sha);
152
153 PyObject_GC_Track(sha);
154 return sha;
155 }
156
157 /* Internal methods for our hash objects. */
158
159 static int
SHA2_traverse(PyObject * ptr,visitproc visit,void * arg)160 SHA2_traverse(PyObject *ptr, visitproc visit, void *arg)
161 {
162 Py_VISIT(Py_TYPE(ptr));
163 return 0;
164 }
165
166 static void
SHA256_dealloc(SHA256object * ptr)167 SHA256_dealloc(SHA256object *ptr)
168 {
169 Hacl_Hash_SHA2_free_256(ptr->state);
170 PyTypeObject *tp = Py_TYPE(ptr);
171 PyObject_GC_UnTrack(ptr);
172 PyObject_GC_Del(ptr);
173 Py_DECREF(tp);
174 }
175
176 static void
SHA512_dealloc(SHA512object * ptr)177 SHA512_dealloc(SHA512object *ptr)
178 {
179 Hacl_Hash_SHA2_free_512(ptr->state);
180 PyTypeObject *tp = Py_TYPE(ptr);
181 PyObject_GC_UnTrack(ptr);
182 PyObject_GC_Del(ptr);
183 Py_DECREF(tp);
184 }
185
186 /* HACL* takes a uint32_t for the length of its parameter, but Py_ssize_t can be
187 * 64 bits so we loop in <4gig chunks when needed. */
188
update_256(Hacl_Hash_SHA2_state_t_256 * state,uint8_t * buf,Py_ssize_t len)189 static void update_256(Hacl_Hash_SHA2_state_t_256 *state, uint8_t *buf, Py_ssize_t len) {
190 /* Note: we explicitly ignore the error code on the basis that it would take >
191 * 1 billion years to overflow the maximum admissible length for SHA2-256
192 * (namely, 2^61-1 bytes). */
193 #if PY_SSIZE_T_MAX > UINT32_MAX
194 while (len > UINT32_MAX) {
195 Hacl_Hash_SHA2_update_256(state, buf, UINT32_MAX);
196 len -= UINT32_MAX;
197 buf += UINT32_MAX;
198 }
199 #endif
200 /* Cast to uint32_t is safe: len <= UINT32_MAX at this point. */
201 Hacl_Hash_SHA2_update_256(state, buf, (uint32_t) len);
202 }
203
update_512(Hacl_Hash_SHA2_state_t_512 * state,uint8_t * buf,Py_ssize_t len)204 static void update_512(Hacl_Hash_SHA2_state_t_512 *state, uint8_t *buf, Py_ssize_t len) {
205 /* Note: we explicitly ignore the error code on the basis that it would take >
206 * 1 billion years to overflow the maximum admissible length for this API
207 * (namely, 2^64-1 bytes). */
208 #if PY_SSIZE_T_MAX > UINT32_MAX
209 while (len > UINT32_MAX) {
210 Hacl_Hash_SHA2_update_512(state, buf, UINT32_MAX);
211 len -= UINT32_MAX;
212 buf += UINT32_MAX;
213 }
214 #endif
215 /* Cast to uint32_t is safe: len <= UINT32_MAX at this point. */
216 Hacl_Hash_SHA2_update_512(state, buf, (uint32_t) len);
217 }
218
219
220 /* External methods for our hash objects */
221
222 /*[clinic input]
223 SHA256Type.copy
224
225 cls:defining_class
226
227 Return a copy of the hash object.
228 [clinic start generated code]*/
229
230 static PyObject *
SHA256Type_copy_impl(SHA256object * self,PyTypeObject * cls)231 SHA256Type_copy_impl(SHA256object *self, PyTypeObject *cls)
232 /*[clinic end generated code: output=fabd515577805cd3 input=3137146fcb88e212]*/
233 {
234 SHA256object *newobj;
235 sha2_state *state = _PyType_GetModuleState(cls);
236 if (Py_IS_TYPE(self, state->sha256_type)) {
237 if ((newobj = newSHA256object(state)) == NULL) {
238 return NULL;
239 }
240 } else {
241 if ((newobj = newSHA224object(state)) == NULL) {
242 return NULL;
243 }
244 }
245
246 ENTER_HASHLIB(self);
247 SHA256copy(self, newobj);
248 LEAVE_HASHLIB(self);
249 return (PyObject *)newobj;
250 }
251
252 /*[clinic input]
253 SHA512Type.copy
254
255 cls: defining_class
256
257 Return a copy of the hash object.
258 [clinic start generated code]*/
259
260 static PyObject *
SHA512Type_copy_impl(SHA512object * self,PyTypeObject * cls)261 SHA512Type_copy_impl(SHA512object *self, PyTypeObject *cls)
262 /*[clinic end generated code: output=66d2a8ef20de8302 input=f673a18f66527c90]*/
263 {
264 SHA512object *newobj;
265 sha2_state *state = _PyType_GetModuleState(cls);
266
267 if (Py_IS_TYPE((PyObject*)self, state->sha512_type)) {
268 if ((newobj = newSHA512object(state)) == NULL) {
269 return NULL;
270 }
271 }
272 else {
273 if ((newobj = newSHA384object(state)) == NULL) {
274 return NULL;
275 }
276 }
277
278 ENTER_HASHLIB(self);
279 SHA512copy(self, newobj);
280 LEAVE_HASHLIB(self);
281 return (PyObject *)newobj;
282 }
283
284 /*[clinic input]
285 SHA256Type.digest
286
287 Return the digest value as a bytes object.
288 [clinic start generated code]*/
289
290 static PyObject *
SHA256Type_digest_impl(SHA256object * self)291 SHA256Type_digest_impl(SHA256object *self)
292 /*[clinic end generated code: output=3a2e3997a98ee792 input=f1f4cfea5cbde35c]*/
293 {
294 uint8_t digest[SHA256_DIGESTSIZE];
295 assert(self->digestsize <= SHA256_DIGESTSIZE);
296 ENTER_HASHLIB(self);
297 // HACL* performs copies under the hood so that self->state remains valid
298 // after this call.
299 Hacl_Hash_SHA2_digest_256(self->state, digest);
300 LEAVE_HASHLIB(self);
301 return PyBytes_FromStringAndSize((const char *)digest, self->digestsize);
302 }
303
304 /*[clinic input]
305 SHA512Type.digest
306
307 Return the digest value as a bytes object.
308 [clinic start generated code]*/
309
310 static PyObject *
SHA512Type_digest_impl(SHA512object * self)311 SHA512Type_digest_impl(SHA512object *self)
312 /*[clinic end generated code: output=dd8c6320070458e0 input=f6470dd359071f4b]*/
313 {
314 uint8_t digest[SHA512_DIGESTSIZE];
315 assert(self->digestsize <= SHA512_DIGESTSIZE);
316 ENTER_HASHLIB(self);
317 // HACL* performs copies under the hood so that self->state remains valid
318 // after this call.
319 Hacl_Hash_SHA2_digest_512(self->state, digest);
320 LEAVE_HASHLIB(self);
321 return PyBytes_FromStringAndSize((const char *)digest, self->digestsize);
322 }
323
324 /*[clinic input]
325 SHA256Type.hexdigest
326
327 Return the digest value as a string of hexadecimal digits.
328 [clinic start generated code]*/
329
330 static PyObject *
SHA256Type_hexdigest_impl(SHA256object * self)331 SHA256Type_hexdigest_impl(SHA256object *self)
332 /*[clinic end generated code: output=96cb68996a780ab3 input=0cc4c714693010d1]*/
333 {
334 uint8_t digest[SHA256_DIGESTSIZE];
335 assert(self->digestsize <= SHA256_DIGESTSIZE);
336 ENTER_HASHLIB(self);
337 Hacl_Hash_SHA2_digest_256(self->state, digest);
338 LEAVE_HASHLIB(self);
339 return _Py_strhex((const char *)digest, self->digestsize);
340 }
341
342 /*[clinic input]
343 SHA512Type.hexdigest
344
345 Return the digest value as a string of hexadecimal digits.
346 [clinic start generated code]*/
347
348 static PyObject *
SHA512Type_hexdigest_impl(SHA512object * self)349 SHA512Type_hexdigest_impl(SHA512object *self)
350 /*[clinic end generated code: output=cbd6f844aba1fe7c input=498b877b25cbe0a2]*/
351 {
352 uint8_t digest[SHA512_DIGESTSIZE];
353 assert(self->digestsize <= SHA512_DIGESTSIZE);
354 ENTER_HASHLIB(self);
355 Hacl_Hash_SHA2_digest_512(self->state, digest);
356 LEAVE_HASHLIB(self);
357 return _Py_strhex((const char *)digest, self->digestsize);
358 }
359
360 /*[clinic input]
361 SHA256Type.update
362
363 obj: object
364 /
365
366 Update this hash object's state with the provided string.
367 [clinic start generated code]*/
368
369 static PyObject *
SHA256Type_update(SHA256object * self,PyObject * obj)370 SHA256Type_update(SHA256object *self, PyObject *obj)
371 /*[clinic end generated code: output=1b240f965ddbd8c6 input=b2d449d5b30f0f5a]*/
372 {
373 Py_buffer buf;
374
375 GET_BUFFER_VIEW_OR_ERROUT(obj, &buf);
376
377 if (!self->use_mutex && buf.len >= HASHLIB_GIL_MINSIZE) {
378 self->use_mutex = true;
379 }
380 if (self->use_mutex) {
381 Py_BEGIN_ALLOW_THREADS
382 PyMutex_Lock(&self->mutex);
383 update_256(self->state, buf.buf, buf.len);
384 PyMutex_Unlock(&self->mutex);
385 Py_END_ALLOW_THREADS
386 } else {
387 update_256(self->state, buf.buf, buf.len);
388 }
389
390 PyBuffer_Release(&buf);
391 Py_RETURN_NONE;
392 }
393
394 /*[clinic input]
395 SHA512Type.update
396
397 obj: object
398 /
399
400 Update this hash object's state with the provided string.
401 [clinic start generated code]*/
402
403 static PyObject *
SHA512Type_update(SHA512object * self,PyObject * obj)404 SHA512Type_update(SHA512object *self, PyObject *obj)
405 /*[clinic end generated code: output=745f51057a985884 input=ded2b46656566283]*/
406 {
407 Py_buffer buf;
408
409 GET_BUFFER_VIEW_OR_ERROUT(obj, &buf);
410
411 if (!self->use_mutex && buf.len >= HASHLIB_GIL_MINSIZE) {
412 self->use_mutex = true;
413 }
414 if (self->use_mutex) {
415 Py_BEGIN_ALLOW_THREADS
416 PyMutex_Lock(&self->mutex);
417 update_512(self->state, buf.buf, buf.len);
418 PyMutex_Unlock(&self->mutex);
419 Py_END_ALLOW_THREADS
420 } else {
421 update_512(self->state, buf.buf, buf.len);
422 }
423
424 PyBuffer_Release(&buf);
425 Py_RETURN_NONE;
426 }
427
428 static PyMethodDef SHA256_methods[] = {
429 SHA256TYPE_COPY_METHODDEF
430 SHA256TYPE_DIGEST_METHODDEF
431 SHA256TYPE_HEXDIGEST_METHODDEF
432 SHA256TYPE_UPDATE_METHODDEF
433 {NULL, NULL} /* sentinel */
434 };
435
436 static PyMethodDef SHA512_methods[] = {
437 SHA512TYPE_COPY_METHODDEF
438 SHA512TYPE_DIGEST_METHODDEF
439 SHA512TYPE_HEXDIGEST_METHODDEF
440 SHA512TYPE_UPDATE_METHODDEF
441 {NULL, NULL} /* sentinel */
442 };
443
444 static PyObject *
SHA256_get_block_size(PyObject * self,void * closure)445 SHA256_get_block_size(PyObject *self, void *closure)
446 {
447 return PyLong_FromLong(SHA256_BLOCKSIZE);
448 }
449
450 static PyObject *
SHA512_get_block_size(PyObject * self,void * closure)451 SHA512_get_block_size(PyObject *self, void *closure)
452 {
453 return PyLong_FromLong(SHA512_BLOCKSIZE);
454 }
455
456 static PyObject *
SHA256_get_digest_size(SHA256object * self,void * closure)457 SHA256_get_digest_size(SHA256object *self, void *closure)
458 {
459 return PyLong_FromLong(self->digestsize);
460 }
461
462 static PyObject *
SHA512_get_digest_size(SHA512object * self,void * closure)463 SHA512_get_digest_size(SHA512object *self, void *closure)
464 {
465 return PyLong_FromLong(self->digestsize);
466 }
467
468 static PyObject *
SHA256_get_name(SHA256object * self,void * closure)469 SHA256_get_name(SHA256object *self, void *closure)
470 {
471 if (self->digestsize == 28) {
472 return PyUnicode_FromStringAndSize("sha224", 6);
473 }
474 return PyUnicode_FromStringAndSize("sha256", 6);
475 }
476
477 static PyObject *
SHA512_get_name(SHA512object * self,void * closure)478 SHA512_get_name(SHA512object *self, void *closure)
479 {
480 if (self->digestsize == 64) {
481 return PyUnicode_FromStringAndSize("sha512", 6);
482 }
483 return PyUnicode_FromStringAndSize("sha384", 6);
484 }
485
486 static PyGetSetDef SHA256_getseters[] = {
487 {"block_size",
488 (getter)SHA256_get_block_size, NULL,
489 NULL,
490 NULL},
491 {"name",
492 (getter)SHA256_get_name, NULL,
493 NULL,
494 NULL},
495 {"digest_size",
496 (getter)SHA256_get_digest_size, NULL,
497 NULL,
498 NULL},
499 {NULL} /* Sentinel */
500 };
501
502 static PyGetSetDef SHA512_getseters[] = {
503 {"block_size",
504 (getter)SHA512_get_block_size, NULL,
505 NULL,
506 NULL},
507 {"name",
508 (getter)SHA512_get_name, NULL,
509 NULL,
510 NULL},
511 {"digest_size",
512 (getter)SHA512_get_digest_size, NULL,
513 NULL,
514 NULL},
515 {NULL} /* Sentinel */
516 };
517
518 static PyType_Slot sha256_types_slots[] = {
519 {Py_tp_dealloc, SHA256_dealloc},
520 {Py_tp_methods, SHA256_methods},
521 {Py_tp_getset, SHA256_getseters},
522 {Py_tp_traverse, SHA2_traverse},
523 {0,0}
524 };
525
526 static PyType_Slot sha512_type_slots[] = {
527 {Py_tp_dealloc, SHA512_dealloc},
528 {Py_tp_methods, SHA512_methods},
529 {Py_tp_getset, SHA512_getseters},
530 {Py_tp_traverse, SHA2_traverse},
531 {0,0}
532 };
533
534 // Using _PyType_GetModuleState() on these types is safe since they
535 // cannot be subclassed: they don't have the Py_TPFLAGS_BASETYPE flag.
536 static PyType_Spec sha224_type_spec = {
537 .name = "_sha2.SHA224Type",
538 .basicsize = sizeof(SHA256object),
539 .flags = (Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION |
540 Py_TPFLAGS_IMMUTABLETYPE | Py_TPFLAGS_HAVE_GC),
541 .slots = sha256_types_slots
542 };
543
544 static PyType_Spec sha256_type_spec = {
545 .name = "_sha2.SHA256Type",
546 .basicsize = sizeof(SHA256object),
547 .flags = (Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION |
548 Py_TPFLAGS_IMMUTABLETYPE | Py_TPFLAGS_HAVE_GC),
549 .slots = sha256_types_slots
550 };
551
552 static PyType_Spec sha384_type_spec = {
553 .name = "_sha2.SHA384Type",
554 .basicsize = sizeof(SHA512object),
555 .flags = (Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION |
556 Py_TPFLAGS_IMMUTABLETYPE | Py_TPFLAGS_HAVE_GC),
557 .slots = sha512_type_slots
558 };
559
560 static PyType_Spec sha512_type_spec = {
561 .name = "_sha2.SHA512Type",
562 .basicsize = sizeof(SHA512object),
563 .flags = (Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION |
564 Py_TPFLAGS_IMMUTABLETYPE | Py_TPFLAGS_HAVE_GC),
565 .slots = sha512_type_slots
566 };
567
568 /* The module-level constructors. */
569
570 /*[clinic input]
571 _sha2.sha256
572
573 string: object(c_default="NULL") = b''
574 *
575 usedforsecurity: bool = True
576
577 Return a new SHA-256 hash object; optionally initialized with a string.
578 [clinic start generated code]*/
579
580 static PyObject *
_sha2_sha256_impl(PyObject * module,PyObject * string,int usedforsecurity)581 _sha2_sha256_impl(PyObject *module, PyObject *string, int usedforsecurity)
582 /*[clinic end generated code: output=243c9dd289931f87 input=6249da1de607280a]*/
583 {
584 Py_buffer buf;
585
586 if (string) {
587 GET_BUFFER_VIEW_OR_ERROUT(string, &buf);
588 }
589
590 sha2_state *state = sha2_get_state(module);
591
592 SHA256object *new;
593 if ((new = newSHA256object(state)) == NULL) {
594 if (string) {
595 PyBuffer_Release(&buf);
596 }
597 return NULL;
598 }
599
600 new->state = Hacl_Hash_SHA2_malloc_256();
601 new->digestsize = 32;
602
603 if (PyErr_Occurred()) {
604 Py_DECREF(new);
605 if (string) {
606 PyBuffer_Release(&buf);
607 }
608 return NULL;
609 }
610 if (string) {
611 if (buf.len >= HASHLIB_GIL_MINSIZE) {
612 /* We do not initialize self->lock here as this is the constructor
613 * where it is not yet possible to have concurrent access. */
614 Py_BEGIN_ALLOW_THREADS
615 update_256(new->state, buf.buf, buf.len);
616 Py_END_ALLOW_THREADS
617 } else {
618 update_256(new->state, buf.buf, buf.len);
619 }
620 PyBuffer_Release(&buf);
621 }
622
623 return (PyObject *)new;
624 }
625
626 /*[clinic input]
627 _sha2.sha224
628
629 string: object(c_default="NULL") = b''
630 *
631 usedforsecurity: bool = True
632
633 Return a new SHA-224 hash object; optionally initialized with a string.
634 [clinic start generated code]*/
635
636 static PyObject *
_sha2_sha224_impl(PyObject * module,PyObject * string,int usedforsecurity)637 _sha2_sha224_impl(PyObject *module, PyObject *string, int usedforsecurity)
638 /*[clinic end generated code: output=68191f232e4a3843 input=c42bcba47fd7d2b7]*/
639 {
640 Py_buffer buf;
641 if (string) {
642 GET_BUFFER_VIEW_OR_ERROUT(string, &buf);
643 }
644
645 sha2_state *state = sha2_get_state(module);
646 SHA256object *new;
647 if ((new = newSHA224object(state)) == NULL) {
648 if (string) {
649 PyBuffer_Release(&buf);
650 }
651 return NULL;
652 }
653
654 new->state = Hacl_Hash_SHA2_malloc_224();
655 new->digestsize = 28;
656
657 if (PyErr_Occurred()) {
658 Py_DECREF(new);
659 if (string) {
660 PyBuffer_Release(&buf);
661 }
662 return NULL;
663 }
664 if (string) {
665 if (buf.len >= HASHLIB_GIL_MINSIZE) {
666 /* We do not initialize self->lock here as this is the constructor
667 * where it is not yet possible to have concurrent access. */
668 Py_BEGIN_ALLOW_THREADS
669 update_256(new->state, buf.buf, buf.len);
670 Py_END_ALLOW_THREADS
671 } else {
672 update_256(new->state, buf.buf, buf.len);
673 }
674 PyBuffer_Release(&buf);
675 }
676
677 return (PyObject *)new;
678 }
679
680 /*[clinic input]
681 _sha2.sha512
682
683 string: object(c_default="NULL") = b''
684 *
685 usedforsecurity: bool = True
686
687 Return a new SHA-512 hash object; optionally initialized with a string.
688 [clinic start generated code]*/
689
690 static PyObject *
_sha2_sha512_impl(PyObject * module,PyObject * string,int usedforsecurity)691 _sha2_sha512_impl(PyObject *module, PyObject *string, int usedforsecurity)
692 /*[clinic end generated code: output=d55c8996eca214d7 input=0576ae2a6ebfad25]*/
693 {
694 SHA512object *new;
695 Py_buffer buf;
696
697 sha2_state *state = sha2_get_state(module);
698
699 if (string)
700 GET_BUFFER_VIEW_OR_ERROUT(string, &buf);
701
702 if ((new = newSHA512object(state)) == NULL) {
703 if (string)
704 PyBuffer_Release(&buf);
705 return NULL;
706 }
707
708 new->state = Hacl_Hash_SHA2_malloc_512();
709 new->digestsize = 64;
710
711 if (PyErr_Occurred()) {
712 Py_DECREF(new);
713 if (string)
714 PyBuffer_Release(&buf);
715 return NULL;
716 }
717 if (string) {
718 if (buf.len >= HASHLIB_GIL_MINSIZE) {
719 /* We do not initialize self->lock here as this is the constructor
720 * where it is not yet possible to have concurrent access. */
721 Py_BEGIN_ALLOW_THREADS
722 update_512(new->state, buf.buf, buf.len);
723 Py_END_ALLOW_THREADS
724 } else {
725 update_512(new->state, buf.buf, buf.len);
726 }
727 PyBuffer_Release(&buf);
728 }
729
730 return (PyObject *)new;
731 }
732
733 /*[clinic input]
734 _sha2.sha384
735
736 string: object(c_default="NULL") = b''
737 *
738 usedforsecurity: bool = True
739
740 Return a new SHA-384 hash object; optionally initialized with a string.
741 [clinic start generated code]*/
742
743 static PyObject *
_sha2_sha384_impl(PyObject * module,PyObject * string,int usedforsecurity)744 _sha2_sha384_impl(PyObject *module, PyObject *string, int usedforsecurity)
745 /*[clinic end generated code: output=b29a0d81d51d1368 input=4e9199d8de0d2f9b]*/
746 {
747 SHA512object *new;
748 Py_buffer buf;
749
750 sha2_state *state = sha2_get_state(module);
751
752 if (string)
753 GET_BUFFER_VIEW_OR_ERROUT(string, &buf);
754
755 if ((new = newSHA384object(state)) == NULL) {
756 if (string)
757 PyBuffer_Release(&buf);
758 return NULL;
759 }
760
761 new->state = Hacl_Hash_SHA2_malloc_384();
762 new->digestsize = 48;
763
764 if (PyErr_Occurred()) {
765 Py_DECREF(new);
766 if (string)
767 PyBuffer_Release(&buf);
768 return NULL;
769 }
770 if (string) {
771 if (buf.len >= HASHLIB_GIL_MINSIZE) {
772 /* We do not initialize self->lock here as this is the constructor
773 * where it is not yet possible to have concurrent access. */
774 Py_BEGIN_ALLOW_THREADS
775 update_512(new->state, buf.buf, buf.len);
776 Py_END_ALLOW_THREADS
777 } else {
778 update_512(new->state, buf.buf, buf.len);
779 }
780 PyBuffer_Release(&buf);
781 }
782
783 return (PyObject *)new;
784 }
785
786 /* List of functions exported by this module */
787
788 static struct PyMethodDef SHA2_functions[] = {
789 _SHA2_SHA256_METHODDEF
790 _SHA2_SHA224_METHODDEF
791 _SHA2_SHA512_METHODDEF
792 _SHA2_SHA384_METHODDEF
793 {NULL, NULL} /* Sentinel */
794 };
795
796 static int
_sha2_traverse(PyObject * module,visitproc visit,void * arg)797 _sha2_traverse(PyObject *module, visitproc visit, void *arg)
798 {
799 sha2_state *state = sha2_get_state(module);
800 Py_VISIT(state->sha224_type);
801 Py_VISIT(state->sha256_type);
802 Py_VISIT(state->sha384_type);
803 Py_VISIT(state->sha512_type);
804 return 0;
805 }
806
807 static int
_sha2_clear(PyObject * module)808 _sha2_clear(PyObject *module)
809 {
810 sha2_state *state = sha2_get_state(module);
811 Py_CLEAR(state->sha224_type);
812 Py_CLEAR(state->sha256_type);
813 Py_CLEAR(state->sha384_type);
814 Py_CLEAR(state->sha512_type);
815 return 0;
816 }
817
818 static void
_sha2_free(void * module)819 _sha2_free(void *module)
820 {
821 _sha2_clear((PyObject *)module);
822 }
823
824 /* Initialize this module. */
sha2_exec(PyObject * module)825 static int sha2_exec(PyObject *module)
826 {
827 sha2_state *state = sha2_get_state(module);
828
829 state->sha224_type = (PyTypeObject *)PyType_FromModuleAndSpec(
830 module, &sha224_type_spec, NULL);
831 if (state->sha224_type == NULL) {
832 return -1;
833 }
834 state->sha256_type = (PyTypeObject *)PyType_FromModuleAndSpec(
835 module, &sha256_type_spec, NULL);
836 if (state->sha256_type == NULL) {
837 return -1;
838 }
839 state->sha384_type = (PyTypeObject *)PyType_FromModuleAndSpec(
840 module, &sha384_type_spec, NULL);
841 if (state->sha384_type == NULL) {
842 return -1;
843 }
844 state->sha512_type = (PyTypeObject *)PyType_FromModuleAndSpec(
845 module, &sha512_type_spec, NULL);
846 if (state->sha512_type == NULL) {
847 return -1;
848 }
849
850 if (PyModule_AddType(module, state->sha224_type) < 0) {
851 return -1;
852 }
853 if (PyModule_AddType(module, state->sha256_type) < 0) {
854 return -1;
855 }
856 if (PyModule_AddType(module, state->sha384_type) < 0) {
857 return -1;
858 }
859 if (PyModule_AddType(module, state->sha512_type) < 0) {
860 return -1;
861 }
862
863 return 0;
864 }
865
866 static PyModuleDef_Slot _sha2_slots[] = {
867 {Py_mod_exec, sha2_exec},
868 {Py_mod_multiple_interpreters, Py_MOD_PER_INTERPRETER_GIL_SUPPORTED},
869 {Py_mod_gil, Py_MOD_GIL_NOT_USED},
870 {0, NULL}
871 };
872
873 static struct PyModuleDef _sha2module = {
874 PyModuleDef_HEAD_INIT,
875 .m_name = "_sha2",
876 .m_size = sizeof(sha2_state),
877 .m_methods = SHA2_functions,
878 .m_slots = _sha2_slots,
879 .m_traverse = _sha2_traverse,
880 .m_clear = _sha2_clear,
881 .m_free = _sha2_free
882 };
883
884 PyMODINIT_FUNC
PyInit__sha2(void)885 PyInit__sha2(void)
886 {
887 return PyModuleDef_Init(&_sha2module);
888 }
889