1 /* Module that wraps all OpenSSL hash algorithms */
2
3 /*
4 * Copyright (C) 2005-2010 Gregory P. Smith ([email protected])
5 * Licensed to PSF under a Contributor Agreement.
6 *
7 * Derived from a skeleton of shamodule.c containing work performed by:
8 *
9 * Andrew Kuchling ([email protected])
10 * Greg Stein ([email protected])
11 *
12 */
13
14 /* Don't warn about deprecated functions, */
15 #ifndef OPENSSL_API_COMPAT
16 // 0x10101000L == 1.1.1, 30000 == 3.0.0
17 #define OPENSSL_API_COMPAT 0x10101000L
18 #endif
19 #define OPENSSL_NO_DEPRECATED 1
20
21 #ifndef Py_BUILD_CORE_BUILTIN
22 # define Py_BUILD_CORE_MODULE 1
23 #endif
24
25 #define PY_SSIZE_T_CLEAN
26
27 #include "Python.h"
28 #include "pycore_hashtable.h"
29 #include "hashlib.h"
30 #include "pycore_strhex.h" // _Py_strhex()
31
32 /* EVP is the preferred interface to hashing in OpenSSL */
33 #include <openssl/evp.h>
34 #include <openssl/hmac.h>
35 #include <openssl/crypto.h>
36 /* We use the object interface to discover what hashes OpenSSL supports. */
37 #include <openssl/objects.h>
38 #include <openssl/err.h>
39
40 #include <openssl/crypto.h> // FIPS_mode()
41
42 #ifndef OPENSSL_THREADS
43 # error "OPENSSL_THREADS is not defined, Python requires thread-safe OpenSSL"
44 #endif
45
46 #define MUNCH_SIZE INT_MAX
47
48 #define PY_OPENSSL_HAS_SCRYPT 1
49 #define PY_OPENSSL_HAS_SHA3 1
50 #define PY_OPENSSL_HAS_SHAKE 1
51 #define PY_OPENSSL_HAS_BLAKE2 1
52
53 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
54 #define PY_EVP_MD EVP_MD
55 #define PY_EVP_MD_fetch(algorithm, properties) EVP_MD_fetch(NULL, algorithm, properties)
56 #define PY_EVP_MD_up_ref(md) EVP_MD_up_ref(md)
57 #define PY_EVP_MD_free(md) EVP_MD_free(md)
58 #else
59 #define PY_EVP_MD const EVP_MD
60 #define PY_EVP_MD_fetch(algorithm, properties) EVP_get_digestbyname(algorithm)
61 #define PY_EVP_MD_up_ref(md) do {} while(0)
62 #define PY_EVP_MD_free(md) do {} while(0)
63 #endif
64
65 /* hash alias map and fast lookup
66 *
67 * Map between Python's preferred names and OpenSSL internal names. Maintain
68 * cache of fetched EVP MD objects. The EVP_get_digestbyname() and
69 * EVP_MD_fetch() API calls have a performance impact.
70 *
71 * The py_hashentry_t items are stored in a _Py_hashtable_t with py_name and
72 * py_alias as keys.
73 */
74
75 enum Py_hash_type {
76 Py_ht_evp, // usedforsecurity=True / default
77 Py_ht_evp_nosecurity, // usedforsecurity=False
78 Py_ht_mac, // HMAC
79 Py_ht_pbkdf2, // PKBDF2
80 };
81
82 typedef struct {
83 const char *py_name;
84 const char *py_alias;
85 const char *ossl_name;
86 int ossl_nid;
87 int refcnt;
88 PY_EVP_MD *evp;
89 PY_EVP_MD *evp_nosecurity;
90 } py_hashentry_t;
91
92 #define Py_hash_md5 "md5"
93 #define Py_hash_sha1 "sha1"
94 #define Py_hash_sha224 "sha224"
95 #define Py_hash_sha256 "sha256"
96 #define Py_hash_sha384 "sha384"
97 #define Py_hash_sha512 "sha512"
98 #define Py_hash_sha512_224 "sha512_224"
99 #define Py_hash_sha512_256 "sha512_256"
100 #define Py_hash_sha3_224 "sha3_224"
101 #define Py_hash_sha3_256 "sha3_256"
102 #define Py_hash_sha3_384 "sha3_384"
103 #define Py_hash_sha3_512 "sha3_512"
104 #define Py_hash_shake_128 "shake_128"
105 #define Py_hash_shake_256 "shake_256"
106 #define Py_hash_blake2s "blake2s"
107 #define Py_hash_blake2b "blake2b"
108
109 #define PY_HASH_ENTRY(py_name, py_alias, ossl_name, ossl_nid) \
110 {py_name, py_alias, ossl_name, ossl_nid, 0, NULL, NULL}
111
112 static const py_hashentry_t py_hashes[] = {
113 /* md5 */
114 PY_HASH_ENTRY(Py_hash_md5, "MD5", SN_md5, NID_md5),
115 /* sha1 */
116 PY_HASH_ENTRY(Py_hash_sha1, "SHA1", SN_sha1, NID_sha1),
117 /* sha2 family */
118 PY_HASH_ENTRY(Py_hash_sha224, "SHA224", SN_sha224, NID_sha224),
119 PY_HASH_ENTRY(Py_hash_sha256, "SHA256", SN_sha256, NID_sha256),
120 PY_HASH_ENTRY(Py_hash_sha384, "SHA384", SN_sha384, NID_sha384),
121 PY_HASH_ENTRY(Py_hash_sha512, "SHA512", SN_sha512, NID_sha512),
122 /* truncated sha2 */
123 PY_HASH_ENTRY(Py_hash_sha512_224, "SHA512_224", SN_sha512_224, NID_sha512_224),
124 PY_HASH_ENTRY(Py_hash_sha512_256, "SHA512_256", SN_sha512_256, NID_sha512_256),
125 /* sha3 */
126 PY_HASH_ENTRY(Py_hash_sha3_224, NULL, SN_sha3_224, NID_sha3_224),
127 PY_HASH_ENTRY(Py_hash_sha3_256, NULL, SN_sha3_256, NID_sha3_256),
128 PY_HASH_ENTRY(Py_hash_sha3_384, NULL, SN_sha3_384, NID_sha3_384),
129 PY_HASH_ENTRY(Py_hash_sha3_512, NULL, SN_sha3_512, NID_sha3_512),
130 /* sha3 shake */
131 PY_HASH_ENTRY(Py_hash_shake_128, NULL, SN_shake128, NID_shake128),
132 PY_HASH_ENTRY(Py_hash_shake_256, NULL, SN_shake256, NID_shake256),
133 /* blake2 digest */
134 PY_HASH_ENTRY(Py_hash_blake2s, "blake2s256", SN_blake2s256, NID_blake2s256),
135 PY_HASH_ENTRY(Py_hash_blake2b, "blake2b512", SN_blake2b512, NID_blake2b512),
136 PY_HASH_ENTRY(NULL, NULL, NULL, 0),
137 };
138
139 static Py_uhash_t
py_hashentry_t_hash_name(const void * key)140 py_hashentry_t_hash_name(const void *key) {
141 return _Py_HashBytes(key, strlen((const char *)key));
142 }
143
144 static int
py_hashentry_t_compare_name(const void * key1,const void * key2)145 py_hashentry_t_compare_name(const void *key1, const void *key2) {
146 return strcmp((const char *)key1, (const char *)key2) == 0;
147 }
148
149 static void
py_hashentry_t_destroy_value(void * entry)150 py_hashentry_t_destroy_value(void *entry) {
151 py_hashentry_t *h = (py_hashentry_t *)entry;
152 if (--(h->refcnt) == 0) {
153 if (h->evp != NULL) {
154 PY_EVP_MD_free(h->evp);
155 h->evp = NULL;
156 }
157 if (h->evp_nosecurity != NULL) {
158 PY_EVP_MD_free(h->evp_nosecurity);
159 h->evp_nosecurity = NULL;
160 }
161 PyMem_Free(entry);
162 }
163 }
164
165 static _Py_hashtable_t *
py_hashentry_table_new(void)166 py_hashentry_table_new(void) {
167 _Py_hashtable_t *ht = _Py_hashtable_new_full(
168 py_hashentry_t_hash_name,
169 py_hashentry_t_compare_name,
170 NULL,
171 py_hashentry_t_destroy_value,
172 NULL
173 );
174 if (ht == NULL) {
175 return NULL;
176 }
177
178 for (const py_hashentry_t *h = py_hashes; h->py_name != NULL; h++) {
179 py_hashentry_t *entry = (py_hashentry_t *)PyMem_Malloc(sizeof(py_hashentry_t));
180 if (entry == NULL) {
181 goto error;
182 }
183 memcpy(entry, h, sizeof(py_hashentry_t));
184
185 if (_Py_hashtable_set(ht, (const void*)entry->py_name, (void*)entry) < 0) {
186 PyMem_Free(entry);
187 goto error;
188 }
189 entry->refcnt = 1;
190
191 if (h->py_alias != NULL) {
192 if (_Py_hashtable_set(ht, (const void*)entry->py_alias, (void*)entry) < 0) {
193 PyMem_Free(entry);
194 goto error;
195 }
196 entry->refcnt++;
197 }
198 }
199
200 return ht;
201 error:
202 _Py_hashtable_destroy(ht);
203 return NULL;
204 }
205
206 /* Module state */
207 static PyModuleDef _hashlibmodule;
208
209 typedef struct {
210 PyTypeObject *EVPtype;
211 PyTypeObject *HMACtype;
212 #ifdef PY_OPENSSL_HAS_SHAKE
213 PyTypeObject *EVPXOFtype;
214 #endif
215 PyObject *constructs;
216 PyObject *unsupported_digestmod_error;
217 _Py_hashtable_t *hashtable;
218 } _hashlibstate;
219
220 static inline _hashlibstate*
get_hashlib_state(PyObject * module)221 get_hashlib_state(PyObject *module)
222 {
223 void *state = PyModule_GetState(module);
224 assert(state != NULL);
225 return (_hashlibstate *)state;
226 }
227
228 typedef struct {
229 PyObject_HEAD
230 EVP_MD_CTX *ctx; /* OpenSSL message digest context */
231 PyThread_type_lock lock; /* OpenSSL context lock */
232 } EVPobject;
233
234 typedef struct {
235 PyObject_HEAD
236 HMAC_CTX *ctx; /* OpenSSL hmac context */
237 PyThread_type_lock lock; /* HMAC context lock */
238 } HMACobject;
239
240 #include "clinic/_hashopenssl.c.h"
241 /*[clinic input]
242 module _hashlib
243 class _hashlib.HASH "EVPobject *" "((_hashlibstate *)PyModule_GetState(module))->EVPtype"
244 class _hashlib.HASHXOF "EVPobject *" "((_hashlibstate *)PyModule_GetState(module))->EVPXOFtype"
245 class _hashlib.HMAC "HMACobject *" "((_hashlibstate *)PyModule_GetState(module))->HMACtype"
246 [clinic start generated code]*/
247 /*[clinic end generated code: output=da39a3ee5e6b4b0d input=7df1bcf6f75cb8ef]*/
248
249
250 /* LCOV_EXCL_START */
251 static PyObject *
_setException(PyObject * exc,const char * altmsg,...)252 _setException(PyObject *exc, const char* altmsg, ...)
253 {
254 unsigned long errcode = ERR_peek_last_error();
255 const char *lib, *func, *reason;
256 va_list vargs;
257
258 #ifdef HAVE_STDARG_PROTOTYPES
259 va_start(vargs, altmsg);
260 #else
261 va_start(vargs);
262 #endif
263 if (!errcode) {
264 if (altmsg == NULL) {
265 PyErr_SetString(exc, "no reason supplied");
266 } else {
267 PyErr_FormatV(exc, altmsg, vargs);
268 }
269 va_end(vargs);
270 return NULL;
271 }
272 va_end(vargs);
273 ERR_clear_error();
274
275 lib = ERR_lib_error_string(errcode);
276 func = ERR_func_error_string(errcode);
277 reason = ERR_reason_error_string(errcode);
278
279 if (lib && func) {
280 PyErr_Format(exc, "[%s: %s] %s", lib, func, reason);
281 }
282 else if (lib) {
283 PyErr_Format(exc, "[%s] %s", lib, reason);
284 }
285 else {
286 PyErr_SetString(exc, reason);
287 }
288 return NULL;
289 }
290 /* LCOV_EXCL_STOP */
291
292 static PyObject*
py_digest_name(const EVP_MD * md)293 py_digest_name(const EVP_MD *md)
294 {
295 int nid = EVP_MD_nid(md);
296 const char *name = NULL;
297 const py_hashentry_t *h;
298
299 for (h = py_hashes; h->py_name != NULL; h++) {
300 if (h->ossl_nid == nid) {
301 name = h->py_name;
302 break;
303 }
304 }
305 if (name == NULL) {
306 /* Ignore aliased names and only use long, lowercase name. The aliases
307 * pollute the list and OpenSSL appears to have its own definition of
308 * alias as the resulting list still contains duplicate and alternate
309 * names for several algorithms.
310 */
311 name = OBJ_nid2ln(nid);
312 if (name == NULL)
313 name = OBJ_nid2sn(nid);
314 }
315
316 return PyUnicode_FromString(name);
317 }
318
319 /* Get EVP_MD by HID and purpose */
320 static PY_EVP_MD*
py_digest_by_name(PyObject * module,const char * name,enum Py_hash_type py_ht)321 py_digest_by_name(PyObject *module, const char *name, enum Py_hash_type py_ht)
322 {
323 PY_EVP_MD *digest = NULL;
324 _hashlibstate *state = get_hashlib_state(module);
325 py_hashentry_t *entry = (py_hashentry_t *)_Py_hashtable_get(
326 state->hashtable, (const void*)name
327 );
328
329 if (entry != NULL) {
330 switch (py_ht) {
331 case Py_ht_evp:
332 case Py_ht_mac:
333 case Py_ht_pbkdf2:
334 if (entry->evp == NULL) {
335 entry->evp = PY_EVP_MD_fetch(entry->ossl_name, NULL);
336 }
337 digest = entry->evp;
338 break;
339 case Py_ht_evp_nosecurity:
340 if (entry->evp_nosecurity == NULL) {
341 entry->evp_nosecurity = PY_EVP_MD_fetch(entry->ossl_name, "-fips");
342 }
343 digest = entry->evp_nosecurity;
344 break;
345 }
346 if (digest != NULL) {
347 PY_EVP_MD_up_ref(digest);
348 }
349 } else {
350 // Fall back for looking up an unindexed OpenSSL specific name.
351 switch (py_ht) {
352 case Py_ht_evp:
353 case Py_ht_mac:
354 case Py_ht_pbkdf2:
355 digest = PY_EVP_MD_fetch(name, NULL);
356 break;
357 case Py_ht_evp_nosecurity:
358 digest = PY_EVP_MD_fetch(name, "-fips");
359 break;
360 }
361 }
362 if (digest == NULL) {
363 _setException(state->unsupported_digestmod_error, "unsupported hash type %s", name);
364 return NULL;
365 }
366 return digest;
367 }
368
369 /* Get digest EVP from object
370 *
371 * * string
372 * * _hashopenssl builtin function
373 *
374 * on error returns NULL with exception set.
375 */
376 static PY_EVP_MD*
py_digest_by_digestmod(PyObject * module,PyObject * digestmod,enum Py_hash_type py_ht)377 py_digest_by_digestmod(PyObject *module, PyObject *digestmod, enum Py_hash_type py_ht) {
378 PY_EVP_MD* evp;
379 PyObject *name_obj = NULL;
380 const char *name;
381
382 if (PyUnicode_Check(digestmod)) {
383 name_obj = digestmod;
384 } else {
385 _hashlibstate *state = get_hashlib_state(module);
386 // borrowed ref
387 name_obj = PyDict_GetItem(state->constructs, digestmod);
388 }
389 if (name_obj == NULL) {
390 _hashlibstate *state = get_hashlib_state(module);
391 PyErr_Clear();
392 PyErr_Format(
393 state->unsupported_digestmod_error,
394 "Unsupported digestmod %R", digestmod);
395 return NULL;
396 }
397
398 name = PyUnicode_AsUTF8(name_obj);
399 if (name == NULL) {
400 return NULL;
401 }
402
403 evp = py_digest_by_name(module, name, py_ht);
404 if (evp == NULL) {
405 return NULL;
406 }
407
408 return evp;
409 }
410
411 static EVPobject *
newEVPobject(PyTypeObject * type)412 newEVPobject(PyTypeObject *type)
413 {
414 EVPobject *retval = (EVPobject *)PyObject_New(EVPobject, type);
415 if (retval == NULL) {
416 return NULL;
417 }
418
419 retval->lock = NULL;
420
421 retval->ctx = EVP_MD_CTX_new();
422 if (retval->ctx == NULL) {
423 Py_DECREF(retval);
424 PyErr_NoMemory();
425 return NULL;
426 }
427
428 return retval;
429 }
430
431 static int
EVP_hash(EVPobject * self,const void * vp,Py_ssize_t len)432 EVP_hash(EVPobject *self, const void *vp, Py_ssize_t len)
433 {
434 unsigned int process;
435 const unsigned char *cp = (const unsigned char *)vp;
436 while (0 < len) {
437 if (len > (Py_ssize_t)MUNCH_SIZE)
438 process = MUNCH_SIZE;
439 else
440 process = Py_SAFE_DOWNCAST(len, Py_ssize_t, unsigned int);
441 if (!EVP_DigestUpdate(self->ctx, (const void*)cp, process)) {
442 _setException(PyExc_ValueError, NULL);
443 return -1;
444 }
445 len -= process;
446 cp += process;
447 }
448 return 0;
449 }
450
451 /* Internal methods for a hash object */
452
453 static void
EVP_dealloc(EVPobject * self)454 EVP_dealloc(EVPobject *self)
455 {
456 PyTypeObject *tp = Py_TYPE(self);
457 if (self->lock != NULL)
458 PyThread_free_lock(self->lock);
459 EVP_MD_CTX_free(self->ctx);
460 PyObject_Free(self);
461 Py_DECREF(tp);
462 }
463
464 static int
locked_EVP_MD_CTX_copy(EVP_MD_CTX * new_ctx_p,EVPobject * self)465 locked_EVP_MD_CTX_copy(EVP_MD_CTX *new_ctx_p, EVPobject *self)
466 {
467 int result;
468 ENTER_HASHLIB(self);
469 result = EVP_MD_CTX_copy(new_ctx_p, self->ctx);
470 LEAVE_HASHLIB(self);
471 return result;
472 }
473
474 /* External methods for a hash object */
475
476 /*[clinic input]
477 _hashlib.HASH.copy as EVP_copy
478
479 Return a copy of the hash object.
480 [clinic start generated code]*/
481
482 static PyObject *
EVP_copy_impl(EVPobject * self)483 EVP_copy_impl(EVPobject *self)
484 /*[clinic end generated code: output=b370c21cdb8ca0b4 input=31455b6a3e638069]*/
485 {
486 EVPobject *newobj;
487
488 if ((newobj = newEVPobject(Py_TYPE(self))) == NULL)
489 return NULL;
490
491 if (!locked_EVP_MD_CTX_copy(newobj->ctx, self)) {
492 Py_DECREF(newobj);
493 return _setException(PyExc_ValueError, NULL);
494 }
495 return (PyObject *)newobj;
496 }
497
498 /*[clinic input]
499 _hashlib.HASH.digest as EVP_digest
500
501 Return the digest value as a bytes object.
502 [clinic start generated code]*/
503
504 static PyObject *
EVP_digest_impl(EVPobject * self)505 EVP_digest_impl(EVPobject *self)
506 /*[clinic end generated code: output=0f6a3a0da46dc12d input=03561809a419bf00]*/
507 {
508 unsigned char digest[EVP_MAX_MD_SIZE];
509 EVP_MD_CTX *temp_ctx;
510 PyObject *retval;
511 unsigned int digest_size;
512
513 temp_ctx = EVP_MD_CTX_new();
514 if (temp_ctx == NULL) {
515 PyErr_NoMemory();
516 return NULL;
517 }
518
519 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
520 return _setException(PyExc_ValueError, NULL);
521 }
522 digest_size = EVP_MD_CTX_size(temp_ctx);
523 if (!EVP_DigestFinal(temp_ctx, digest, NULL)) {
524 _setException(PyExc_ValueError, NULL);
525 return NULL;
526 }
527
528 retval = PyBytes_FromStringAndSize((const char *)digest, digest_size);
529 EVP_MD_CTX_free(temp_ctx);
530 return retval;
531 }
532
533 /*[clinic input]
534 _hashlib.HASH.hexdigest as EVP_hexdigest
535
536 Return the digest value as a string of hexadecimal digits.
537 [clinic start generated code]*/
538
539 static PyObject *
EVP_hexdigest_impl(EVPobject * self)540 EVP_hexdigest_impl(EVPobject *self)
541 /*[clinic end generated code: output=18e6decbaf197296 input=aff9cf0e4c741a9a]*/
542 {
543 unsigned char digest[EVP_MAX_MD_SIZE];
544 EVP_MD_CTX *temp_ctx;
545 unsigned int digest_size;
546
547 temp_ctx = EVP_MD_CTX_new();
548 if (temp_ctx == NULL) {
549 PyErr_NoMemory();
550 return NULL;
551 }
552
553 /* Get the raw (binary) digest value */
554 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
555 return _setException(PyExc_ValueError, NULL);
556 }
557 digest_size = EVP_MD_CTX_size(temp_ctx);
558 if (!EVP_DigestFinal(temp_ctx, digest, NULL)) {
559 _setException(PyExc_ValueError, NULL);
560 return NULL;
561 }
562
563 EVP_MD_CTX_free(temp_ctx);
564
565 return _Py_strhex((const char *)digest, (Py_ssize_t)digest_size);
566 }
567
568 /*[clinic input]
569 _hashlib.HASH.update as EVP_update
570
571 obj: object
572 /
573
574 Update this hash object's state with the provided string.
575 [clinic start generated code]*/
576
577 static PyObject *
EVP_update(EVPobject * self,PyObject * obj)578 EVP_update(EVPobject *self, PyObject *obj)
579 /*[clinic end generated code: output=ec1d55ed2432e966 input=9b30ec848f015501]*/
580 {
581 int result;
582 Py_buffer view;
583
584 GET_BUFFER_VIEW_OR_ERROUT(obj, &view);
585
586 if (self->lock == NULL && view.len >= HASHLIB_GIL_MINSIZE) {
587 self->lock = PyThread_allocate_lock();
588 /* fail? lock = NULL and we fail over to non-threaded code. */
589 }
590
591 if (self->lock != NULL) {
592 Py_BEGIN_ALLOW_THREADS
593 PyThread_acquire_lock(self->lock, 1);
594 result = EVP_hash(self, view.buf, view.len);
595 PyThread_release_lock(self->lock);
596 Py_END_ALLOW_THREADS
597 } else {
598 result = EVP_hash(self, view.buf, view.len);
599 }
600
601 PyBuffer_Release(&view);
602
603 if (result == -1)
604 return NULL;
605 Py_RETURN_NONE;
606 }
607
608 static PyMethodDef EVP_methods[] = {
609 EVP_UPDATE_METHODDEF
610 EVP_DIGEST_METHODDEF
611 EVP_HEXDIGEST_METHODDEF
612 EVP_COPY_METHODDEF
613 {NULL, NULL} /* sentinel */
614 };
615
616 static PyObject *
EVP_get_block_size(EVPobject * self,void * closure)617 EVP_get_block_size(EVPobject *self, void *closure)
618 {
619 long block_size;
620 block_size = EVP_MD_CTX_block_size(self->ctx);
621 return PyLong_FromLong(block_size);
622 }
623
624 static PyObject *
EVP_get_digest_size(EVPobject * self,void * closure)625 EVP_get_digest_size(EVPobject *self, void *closure)
626 {
627 long size;
628 size = EVP_MD_CTX_size(self->ctx);
629 return PyLong_FromLong(size);
630 }
631
632 static PyObject *
EVP_get_name(EVPobject * self,void * closure)633 EVP_get_name(EVPobject *self, void *closure)
634 {
635 return py_digest_name(EVP_MD_CTX_md(self->ctx));
636 }
637
638 static PyGetSetDef EVP_getseters[] = {
639 {"digest_size",
640 (getter)EVP_get_digest_size, NULL,
641 NULL,
642 NULL},
643 {"block_size",
644 (getter)EVP_get_block_size, NULL,
645 NULL,
646 NULL},
647 {"name",
648 (getter)EVP_get_name, NULL,
649 NULL,
650 PyDoc_STR("algorithm name.")},
651 {NULL} /* Sentinel */
652 };
653
654
655 static PyObject *
EVP_repr(EVPobject * self)656 EVP_repr(EVPobject *self)
657 {
658 PyObject *name_obj, *repr;
659 name_obj = py_digest_name(EVP_MD_CTX_md(self->ctx));
660 if (!name_obj) {
661 return NULL;
662 }
663 repr = PyUnicode_FromFormat("<%U %s object @ %p>",
664 name_obj, Py_TYPE(self)->tp_name, self);
665 Py_DECREF(name_obj);
666 return repr;
667 }
668
669 PyDoc_STRVAR(hashtype_doc,
670 "HASH(name, string=b\'\')\n"
671 "--\n"
672 "\n"
673 "A hash is an object used to calculate a checksum of a string of information.\n"
674 "\n"
675 "Methods:\n"
676 "\n"
677 "update() -- updates the current digest with an additional string\n"
678 "digest() -- return the current digest value\n"
679 "hexdigest() -- return the current digest as a string of hexadecimal digits\n"
680 "copy() -- return a copy of the current hash object\n"
681 "\n"
682 "Attributes:\n"
683 "\n"
684 "name -- the hash algorithm being used by this object\n"
685 "digest_size -- number of bytes in this hashes output");
686
687 static PyType_Slot EVPtype_slots[] = {
688 {Py_tp_dealloc, EVP_dealloc},
689 {Py_tp_repr, EVP_repr},
690 {Py_tp_doc, (char *)hashtype_doc},
691 {Py_tp_methods, EVP_methods},
692 {Py_tp_getset, EVP_getseters},
693 {0, 0},
694 };
695
696 static PyType_Spec EVPtype_spec = {
697 "_hashlib.HASH", /*tp_name*/
698 sizeof(EVPobject), /*tp_basicsize*/
699 0, /*tp_itemsize*/
700 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
701 EVPtype_slots
702 };
703
704 #ifdef PY_OPENSSL_HAS_SHAKE
705
706 /*[clinic input]
707 _hashlib.HASHXOF.digest as EVPXOF_digest
708
709 length: Py_ssize_t
710
711 Return the digest value as a bytes object.
712 [clinic start generated code]*/
713
714 static PyObject *
EVPXOF_digest_impl(EVPobject * self,Py_ssize_t length)715 EVPXOF_digest_impl(EVPobject *self, Py_ssize_t length)
716 /*[clinic end generated code: output=ef9320c23280efad input=816a6537cea3d1db]*/
717 {
718 EVP_MD_CTX *temp_ctx;
719 PyObject *retval = PyBytes_FromStringAndSize(NULL, length);
720
721 if (retval == NULL) {
722 return NULL;
723 }
724
725 temp_ctx = EVP_MD_CTX_new();
726 if (temp_ctx == NULL) {
727 Py_DECREF(retval);
728 PyErr_NoMemory();
729 return NULL;
730 }
731
732 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
733 Py_DECREF(retval);
734 EVP_MD_CTX_free(temp_ctx);
735 return _setException(PyExc_ValueError, NULL);
736 }
737 if (!EVP_DigestFinalXOF(temp_ctx,
738 (unsigned char*)PyBytes_AS_STRING(retval),
739 length)) {
740 Py_DECREF(retval);
741 EVP_MD_CTX_free(temp_ctx);
742 _setException(PyExc_ValueError, NULL);
743 return NULL;
744 }
745
746 EVP_MD_CTX_free(temp_ctx);
747 return retval;
748 }
749
750 /*[clinic input]
751 _hashlib.HASHXOF.hexdigest as EVPXOF_hexdigest
752
753 length: Py_ssize_t
754
755 Return the digest value as a string of hexadecimal digits.
756 [clinic start generated code]*/
757
758 static PyObject *
EVPXOF_hexdigest_impl(EVPobject * self,Py_ssize_t length)759 EVPXOF_hexdigest_impl(EVPobject *self, Py_ssize_t length)
760 /*[clinic end generated code: output=eb3e6ee7788bf5b2 input=5f9d6a8f269e34df]*/
761 {
762 unsigned char *digest;
763 EVP_MD_CTX *temp_ctx;
764 PyObject *retval;
765
766 digest = (unsigned char*)PyMem_Malloc(length);
767 if (digest == NULL) {
768 PyErr_NoMemory();
769 return NULL;
770 }
771
772 temp_ctx = EVP_MD_CTX_new();
773 if (temp_ctx == NULL) {
774 PyMem_Free(digest);
775 PyErr_NoMemory();
776 return NULL;
777 }
778
779 /* Get the raw (binary) digest value */
780 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
781 PyMem_Free(digest);
782 EVP_MD_CTX_free(temp_ctx);
783 return _setException(PyExc_ValueError, NULL);
784 }
785 if (!EVP_DigestFinalXOF(temp_ctx, digest, length)) {
786 PyMem_Free(digest);
787 EVP_MD_CTX_free(temp_ctx);
788 _setException(PyExc_ValueError, NULL);
789 return NULL;
790 }
791
792 EVP_MD_CTX_free(temp_ctx);
793
794 retval = _Py_strhex((const char *)digest, length);
795 PyMem_Free(digest);
796 return retval;
797 }
798
799 static PyMethodDef EVPXOF_methods[] = {
800 EVPXOF_DIGEST_METHODDEF
801 EVPXOF_HEXDIGEST_METHODDEF
802 {NULL, NULL} /* sentinel */
803 };
804
805
806 static PyObject *
EVPXOF_get_digest_size(EVPobject * self,void * closure)807 EVPXOF_get_digest_size(EVPobject *self, void *closure)
808 {
809 return PyLong_FromLong(0);
810 }
811
812 static PyGetSetDef EVPXOF_getseters[] = {
813 {"digest_size",
814 (getter)EVPXOF_get_digest_size, NULL,
815 NULL,
816 NULL},
817 {NULL} /* Sentinel */
818 };
819
820 PyDoc_STRVAR(hashxoftype_doc,
821 "HASHXOF(name, string=b\'\')\n"
822 "--\n"
823 "\n"
824 "A hash is an object used to calculate a checksum of a string of information.\n"
825 "\n"
826 "Methods:\n"
827 "\n"
828 "update() -- updates the current digest with an additional string\n"
829 "digest(length) -- return the current digest value\n"
830 "hexdigest(length) -- return the current digest as a string of hexadecimal digits\n"
831 "copy() -- return a copy of the current hash object\n"
832 "\n"
833 "Attributes:\n"
834 "\n"
835 "name -- the hash algorithm being used by this object\n"
836 "digest_size -- number of bytes in this hashes output");
837
838 static PyType_Slot EVPXOFtype_slots[] = {
839 {Py_tp_doc, (char *)hashxoftype_doc},
840 {Py_tp_methods, EVPXOF_methods},
841 {Py_tp_getset, EVPXOF_getseters},
842 {0, 0},
843 };
844
845 static PyType_Spec EVPXOFtype_spec = {
846 "_hashlib.HASHXOF", /*tp_name*/
847 sizeof(EVPobject), /*tp_basicsize*/
848 0, /*tp_itemsize*/
849 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
850 EVPXOFtype_slots
851 };
852
853
854 #endif
855
856 static PyObject*
py_evp_fromname(PyObject * module,const char * digestname,PyObject * data_obj,int usedforsecurity)857 py_evp_fromname(PyObject *module, const char *digestname, PyObject *data_obj,
858 int usedforsecurity)
859 {
860 Py_buffer view = { 0 };
861 PY_EVP_MD *digest = NULL;
862 PyTypeObject *type;
863 EVPobject *self = NULL;
864
865 if (data_obj != NULL) {
866 GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view);
867 }
868
869 digest = py_digest_by_name(
870 module, digestname, usedforsecurity ? Py_ht_evp : Py_ht_evp_nosecurity
871 );
872 if (digest == NULL) {
873 goto exit;
874 }
875
876 if ((EVP_MD_flags(digest) & EVP_MD_FLAG_XOF) == EVP_MD_FLAG_XOF) {
877 type = get_hashlib_state(module)->EVPXOFtype;
878 } else {
879 type = get_hashlib_state(module)->EVPtype;
880 }
881
882 self = newEVPobject(type);
883 if (self == NULL) {
884 goto exit;
885 }
886
887 #if defined(EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) && OPENSSL_VERSION_NUMBER < 0x30000000L
888 // In OpenSSL 1.1.1 the non FIPS allowed flag is context specific while
889 // in 3.0.0 it is a different EVP_MD provider.
890 if (!usedforsecurity) {
891 EVP_MD_CTX_set_flags(self->ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
892 }
893 #endif
894
895 int result = EVP_DigestInit_ex(self->ctx, digest, NULL);
896 if (!result) {
897 _setException(PyExc_ValueError, NULL);
898 Py_CLEAR(self);
899 goto exit;
900 }
901
902 if (view.buf && view.len) {
903 if (view.len >= HASHLIB_GIL_MINSIZE) {
904 Py_BEGIN_ALLOW_THREADS
905 result = EVP_hash(self, view.buf, view.len);
906 Py_END_ALLOW_THREADS
907 } else {
908 result = EVP_hash(self, view.buf, view.len);
909 }
910 if (result == -1) {
911 Py_CLEAR(self);
912 goto exit;
913 }
914 }
915
916 exit:
917 if (data_obj != NULL) {
918 PyBuffer_Release(&view);
919 }
920 if (digest != NULL) {
921 PY_EVP_MD_free(digest);
922 }
923
924 return (PyObject *)self;
925 }
926
927
928 /* The module-level function: new() */
929
930 /*[clinic input]
931 _hashlib.new as EVP_new
932
933 name as name_obj: object
934 string as data_obj: object(c_default="NULL") = b''
935 *
936 usedforsecurity: bool = True
937
938 Return a new hash object using the named algorithm.
939
940 An optional string argument may be provided and will be
941 automatically hashed.
942
943 The MD5 and SHA1 algorithms are always supported.
944 [clinic start generated code]*/
945
946 static PyObject *
EVP_new_impl(PyObject * module,PyObject * name_obj,PyObject * data_obj,int usedforsecurity)947 EVP_new_impl(PyObject *module, PyObject *name_obj, PyObject *data_obj,
948 int usedforsecurity)
949 /*[clinic end generated code: output=ddd5053f92dffe90 input=c24554d0337be1b0]*/
950 {
951 char *name;
952 if (!PyArg_Parse(name_obj, "s", &name)) {
953 PyErr_SetString(PyExc_TypeError, "name must be a string");
954 return NULL;
955 }
956 return py_evp_fromname(module, name, data_obj, usedforsecurity);
957 }
958
959
960 /*[clinic input]
961 _hashlib.openssl_md5
962
963 string as data_obj: object(py_default="b''") = NULL
964 *
965 usedforsecurity: bool = True
966
967 Returns a md5 hash object; optionally initialized with a string
968
969 [clinic start generated code]*/
970
971 static PyObject *
_hashlib_openssl_md5_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)972 _hashlib_openssl_md5_impl(PyObject *module, PyObject *data_obj,
973 int usedforsecurity)
974 /*[clinic end generated code: output=87b0186440a44f8c input=990e36d5e689b16e]*/
975 {
976 return py_evp_fromname(module, Py_hash_md5, data_obj, usedforsecurity);
977 }
978
979
980 /*[clinic input]
981 _hashlib.openssl_sha1
982
983 string as data_obj: object(py_default="b''") = NULL
984 *
985 usedforsecurity: bool = True
986
987 Returns a sha1 hash object; optionally initialized with a string
988
989 [clinic start generated code]*/
990
991 static PyObject *
_hashlib_openssl_sha1_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)992 _hashlib_openssl_sha1_impl(PyObject *module, PyObject *data_obj,
993 int usedforsecurity)
994 /*[clinic end generated code: output=6813024cf690670d input=948f2f4b6deabc10]*/
995 {
996 return py_evp_fromname(module, Py_hash_sha1, data_obj, usedforsecurity);
997 }
998
999
1000 /*[clinic input]
1001 _hashlib.openssl_sha224
1002
1003 string as data_obj: object(py_default="b''") = NULL
1004 *
1005 usedforsecurity: bool = True
1006
1007 Returns a sha224 hash object; optionally initialized with a string
1008
1009 [clinic start generated code]*/
1010
1011 static PyObject *
_hashlib_openssl_sha224_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1012 _hashlib_openssl_sha224_impl(PyObject *module, PyObject *data_obj,
1013 int usedforsecurity)
1014 /*[clinic end generated code: output=a2dfe7cc4eb14ebb input=f9272821fadca505]*/
1015 {
1016 return py_evp_fromname(module, Py_hash_sha224, data_obj, usedforsecurity);
1017 }
1018
1019
1020 /*[clinic input]
1021 _hashlib.openssl_sha256
1022
1023 string as data_obj: object(py_default="b''") = NULL
1024 *
1025 usedforsecurity: bool = True
1026
1027 Returns a sha256 hash object; optionally initialized with a string
1028
1029 [clinic start generated code]*/
1030
1031 static PyObject *
_hashlib_openssl_sha256_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1032 _hashlib_openssl_sha256_impl(PyObject *module, PyObject *data_obj,
1033 int usedforsecurity)
1034 /*[clinic end generated code: output=1f874a34870f0a68 input=549fad9d2930d4c5]*/
1035 {
1036 return py_evp_fromname(module, Py_hash_sha256, data_obj, usedforsecurity);
1037 }
1038
1039
1040 /*[clinic input]
1041 _hashlib.openssl_sha384
1042
1043 string as data_obj: object(py_default="b''") = NULL
1044 *
1045 usedforsecurity: bool = True
1046
1047 Returns a sha384 hash object; optionally initialized with a string
1048
1049 [clinic start generated code]*/
1050
1051 static PyObject *
_hashlib_openssl_sha384_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1052 _hashlib_openssl_sha384_impl(PyObject *module, PyObject *data_obj,
1053 int usedforsecurity)
1054 /*[clinic end generated code: output=58529eff9ca457b2 input=48601a6e3bf14ad7]*/
1055 {
1056 return py_evp_fromname(module, Py_hash_sha384, data_obj, usedforsecurity);
1057 }
1058
1059
1060 /*[clinic input]
1061 _hashlib.openssl_sha512
1062
1063 string as data_obj: object(py_default="b''") = NULL
1064 *
1065 usedforsecurity: bool = True
1066
1067 Returns a sha512 hash object; optionally initialized with a string
1068
1069 [clinic start generated code]*/
1070
1071 static PyObject *
_hashlib_openssl_sha512_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1072 _hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj,
1073 int usedforsecurity)
1074 /*[clinic end generated code: output=2c744c9e4a40d5f6 input=c5c46a2a817aa98f]*/
1075 {
1076 return py_evp_fromname(module, Py_hash_sha512, data_obj, usedforsecurity);
1077 }
1078
1079
1080 #ifdef PY_OPENSSL_HAS_SHA3
1081
1082 /*[clinic input]
1083 _hashlib.openssl_sha3_224
1084
1085 string as data_obj: object(py_default="b''") = NULL
1086 *
1087 usedforsecurity: bool = True
1088
1089 Returns a sha3-224 hash object; optionally initialized with a string
1090
1091 [clinic start generated code]*/
1092
1093 static PyObject *
_hashlib_openssl_sha3_224_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1094 _hashlib_openssl_sha3_224_impl(PyObject *module, PyObject *data_obj,
1095 int usedforsecurity)
1096 /*[clinic end generated code: output=144641c1d144b974 input=e3a01b2888916157]*/
1097 {
1098 return py_evp_fromname(module, Py_hash_sha3_224, data_obj, usedforsecurity);
1099 }
1100
1101 /*[clinic input]
1102 _hashlib.openssl_sha3_256
1103
1104 string as data_obj: object(py_default="b''") = NULL
1105 *
1106 usedforsecurity: bool = True
1107
1108 Returns a sha3-256 hash object; optionally initialized with a string
1109
1110 [clinic start generated code]*/
1111
1112 static PyObject *
_hashlib_openssl_sha3_256_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1113 _hashlib_openssl_sha3_256_impl(PyObject *module, PyObject *data_obj,
1114 int usedforsecurity)
1115 /*[clinic end generated code: output=c61f1ab772d06668 input=e2908126c1b6deed]*/
1116 {
1117 return py_evp_fromname(module, Py_hash_sha3_256, data_obj , usedforsecurity);
1118 }
1119
1120 /*[clinic input]
1121 _hashlib.openssl_sha3_384
1122
1123 string as data_obj: object(py_default="b''") = NULL
1124 *
1125 usedforsecurity: bool = True
1126
1127 Returns a sha3-384 hash object; optionally initialized with a string
1128
1129 [clinic start generated code]*/
1130
1131 static PyObject *
_hashlib_openssl_sha3_384_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1132 _hashlib_openssl_sha3_384_impl(PyObject *module, PyObject *data_obj,
1133 int usedforsecurity)
1134 /*[clinic end generated code: output=f68e4846858cf0ee input=ec0edf5c792f8252]*/
1135 {
1136 return py_evp_fromname(module, Py_hash_sha3_384, data_obj , usedforsecurity);
1137 }
1138
1139 /*[clinic input]
1140 _hashlib.openssl_sha3_512
1141
1142 string as data_obj: object(py_default="b''") = NULL
1143 *
1144 usedforsecurity: bool = True
1145
1146 Returns a sha3-512 hash object; optionally initialized with a string
1147
1148 [clinic start generated code]*/
1149
1150 static PyObject *
_hashlib_openssl_sha3_512_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1151 _hashlib_openssl_sha3_512_impl(PyObject *module, PyObject *data_obj,
1152 int usedforsecurity)
1153 /*[clinic end generated code: output=2eede478c159354a input=64e2cc0c094d56f4]*/
1154 {
1155 return py_evp_fromname(module, Py_hash_sha3_512, data_obj , usedforsecurity);
1156 }
1157 #endif /* PY_OPENSSL_HAS_SHA3 */
1158
1159 #ifdef PY_OPENSSL_HAS_SHAKE
1160 /*[clinic input]
1161 _hashlib.openssl_shake_128
1162
1163 string as data_obj: object(py_default="b''") = NULL
1164 *
1165 usedforsecurity: bool = True
1166
1167 Returns a shake-128 variable hash object; optionally initialized with a string
1168
1169 [clinic start generated code]*/
1170
1171 static PyObject *
_hashlib_openssl_shake_128_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1172 _hashlib_openssl_shake_128_impl(PyObject *module, PyObject *data_obj,
1173 int usedforsecurity)
1174 /*[clinic end generated code: output=bc49cdd8ada1fa97 input=6c9d67440eb33ec8]*/
1175 {
1176 return py_evp_fromname(module, Py_hash_shake_128, data_obj , usedforsecurity);
1177 }
1178
1179 /*[clinic input]
1180 _hashlib.openssl_shake_256
1181
1182 string as data_obj: object(py_default="b''") = NULL
1183 *
1184 usedforsecurity: bool = True
1185
1186 Returns a shake-256 variable hash object; optionally initialized with a string
1187
1188 [clinic start generated code]*/
1189
1190 static PyObject *
_hashlib_openssl_shake_256_impl(PyObject * module,PyObject * data_obj,int usedforsecurity)1191 _hashlib_openssl_shake_256_impl(PyObject *module, PyObject *data_obj,
1192 int usedforsecurity)
1193 /*[clinic end generated code: output=358d213be8852df7 input=479cbe9fefd4a9f8]*/
1194 {
1195 return py_evp_fromname(module, Py_hash_shake_256, data_obj , usedforsecurity);
1196 }
1197 #endif /* PY_OPENSSL_HAS_SHAKE */
1198
1199 /*[clinic input]
1200 _hashlib.pbkdf2_hmac as pbkdf2_hmac
1201
1202 hash_name: str
1203 password: Py_buffer
1204 salt: Py_buffer
1205 iterations: long
1206 dklen as dklen_obj: object = None
1207
1208 Password based key derivation function 2 (PKCS #5 v2.0) with HMAC as pseudorandom function.
1209 [clinic start generated code]*/
1210
1211 static PyObject *
pbkdf2_hmac_impl(PyObject * module,const char * hash_name,Py_buffer * password,Py_buffer * salt,long iterations,PyObject * dklen_obj)1212 pbkdf2_hmac_impl(PyObject *module, const char *hash_name,
1213 Py_buffer *password, Py_buffer *salt, long iterations,
1214 PyObject *dklen_obj)
1215 /*[clinic end generated code: output=144b76005416599b input=ed3ab0d2d28b5d5c]*/
1216 {
1217 PyObject *key_obj = NULL;
1218 char *key;
1219 long dklen;
1220 int retval;
1221
1222 PY_EVP_MD *digest = py_digest_by_name(module, hash_name, Py_ht_pbkdf2);
1223 if (digest == NULL) {
1224 goto end;
1225 }
1226
1227 if (password->len > INT_MAX) {
1228 PyErr_SetString(PyExc_OverflowError,
1229 "password is too long.");
1230 goto end;
1231 }
1232
1233 if (salt->len > INT_MAX) {
1234 PyErr_SetString(PyExc_OverflowError,
1235 "salt is too long.");
1236 goto end;
1237 }
1238
1239 if (iterations < 1) {
1240 PyErr_SetString(PyExc_ValueError,
1241 "iteration value must be greater than 0.");
1242 goto end;
1243 }
1244 if (iterations > INT_MAX) {
1245 PyErr_SetString(PyExc_OverflowError,
1246 "iteration value is too great.");
1247 goto end;
1248 }
1249
1250 if (dklen_obj == Py_None) {
1251 dklen = EVP_MD_size(digest);
1252 } else {
1253 dklen = PyLong_AsLong(dklen_obj);
1254 if ((dklen == -1) && PyErr_Occurred()) {
1255 goto end;
1256 }
1257 }
1258 if (dklen < 1) {
1259 PyErr_SetString(PyExc_ValueError,
1260 "key length must be greater than 0.");
1261 goto end;
1262 }
1263 if (dklen > INT_MAX) {
1264 /* INT_MAX is always smaller than dkLen max (2^32 - 1) * hLen */
1265 PyErr_SetString(PyExc_OverflowError,
1266 "key length is too great.");
1267 goto end;
1268 }
1269
1270 key_obj = PyBytes_FromStringAndSize(NULL, dklen);
1271 if (key_obj == NULL) {
1272 goto end;
1273 }
1274 key = PyBytes_AS_STRING(key_obj);
1275
1276 Py_BEGIN_ALLOW_THREADS
1277 retval = PKCS5_PBKDF2_HMAC((char*)password->buf, (int)password->len,
1278 (unsigned char *)salt->buf, (int)salt->len,
1279 iterations, digest, dklen,
1280 (unsigned char *)key);
1281 Py_END_ALLOW_THREADS
1282
1283 if (!retval) {
1284 Py_CLEAR(key_obj);
1285 _setException(PyExc_ValueError, NULL);
1286 goto end;
1287 }
1288
1289 end:
1290 if (digest != NULL) {
1291 PY_EVP_MD_free(digest);
1292 }
1293 return key_obj;
1294 }
1295
1296 #ifdef PY_OPENSSL_HAS_SCRYPT
1297
1298 /* XXX: Parameters salt, n, r and p should be required keyword-only parameters.
1299 They are optional in the Argument Clinic declaration only due to a
1300 limitation of PyArg_ParseTupleAndKeywords. */
1301
1302 /*[clinic input]
1303 _hashlib.scrypt
1304
1305 password: Py_buffer
1306 *
1307 salt: Py_buffer = None
1308 n as n_obj: object(subclass_of='&PyLong_Type') = None
1309 r as r_obj: object(subclass_of='&PyLong_Type') = None
1310 p as p_obj: object(subclass_of='&PyLong_Type') = None
1311 maxmem: long = 0
1312 dklen: long = 64
1313
1314
1315 scrypt password-based key derivation function.
1316 [clinic start generated code]*/
1317
1318 static PyObject *
_hashlib_scrypt_impl(PyObject * module,Py_buffer * password,Py_buffer * salt,PyObject * n_obj,PyObject * r_obj,PyObject * p_obj,long maxmem,long dklen)1319 _hashlib_scrypt_impl(PyObject *module, Py_buffer *password, Py_buffer *salt,
1320 PyObject *n_obj, PyObject *r_obj, PyObject *p_obj,
1321 long maxmem, long dklen)
1322 /*[clinic end generated code: output=14849e2aa2b7b46c input=48a7d63bf3f75c42]*/
1323 {
1324 PyObject *key_obj = NULL;
1325 char *key;
1326 int retval;
1327 unsigned long n, r, p;
1328
1329 if (password->len > INT_MAX) {
1330 PyErr_SetString(PyExc_OverflowError,
1331 "password is too long.");
1332 return NULL;
1333 }
1334
1335 if (salt->buf == NULL) {
1336 PyErr_SetString(PyExc_TypeError,
1337 "salt is required");
1338 return NULL;
1339 }
1340 if (salt->len > INT_MAX) {
1341 PyErr_SetString(PyExc_OverflowError,
1342 "salt is too long.");
1343 return NULL;
1344 }
1345
1346 n = PyLong_AsUnsignedLong(n_obj);
1347 if (n == (unsigned long) -1 && PyErr_Occurred()) {
1348 PyErr_SetString(PyExc_TypeError,
1349 "n is required and must be an unsigned int");
1350 return NULL;
1351 }
1352 if (n < 2 || n & (n - 1)) {
1353 PyErr_SetString(PyExc_ValueError,
1354 "n must be a power of 2.");
1355 return NULL;
1356 }
1357
1358 r = PyLong_AsUnsignedLong(r_obj);
1359 if (r == (unsigned long) -1 && PyErr_Occurred()) {
1360 PyErr_SetString(PyExc_TypeError,
1361 "r is required and must be an unsigned int");
1362 return NULL;
1363 }
1364
1365 p = PyLong_AsUnsignedLong(p_obj);
1366 if (p == (unsigned long) -1 && PyErr_Occurred()) {
1367 PyErr_SetString(PyExc_TypeError,
1368 "p is required and must be an unsigned int");
1369 return NULL;
1370 }
1371
1372 if (maxmem < 0 || maxmem > INT_MAX) {
1373 /* OpenSSL 1.1.0 restricts maxmem to 32 MiB. It may change in the
1374 future. The maxmem constant is private to OpenSSL. */
1375 PyErr_Format(PyExc_ValueError,
1376 "maxmem must be positive and smaller than %d",
1377 INT_MAX);
1378 return NULL;
1379 }
1380
1381 if (dklen < 1 || dklen > INT_MAX) {
1382 PyErr_Format(PyExc_ValueError,
1383 "dklen must be greater than 0 and smaller than %d",
1384 INT_MAX);
1385 return NULL;
1386 }
1387
1388 /* let OpenSSL validate the rest */
1389 retval = EVP_PBE_scrypt(NULL, 0, NULL, 0, n, r, p, maxmem, NULL, 0);
1390 if (!retval) {
1391 _setException(PyExc_ValueError, "Invalid parameter combination for n, r, p, maxmem.");
1392 return NULL;
1393 }
1394
1395 key_obj = PyBytes_FromStringAndSize(NULL, dklen);
1396 if (key_obj == NULL) {
1397 return NULL;
1398 }
1399 key = PyBytes_AS_STRING(key_obj);
1400
1401 Py_BEGIN_ALLOW_THREADS
1402 retval = EVP_PBE_scrypt(
1403 (const char*)password->buf, (size_t)password->len,
1404 (const unsigned char *)salt->buf, (size_t)salt->len,
1405 n, r, p, maxmem,
1406 (unsigned char *)key, (size_t)dklen
1407 );
1408 Py_END_ALLOW_THREADS
1409
1410 if (!retval) {
1411 Py_CLEAR(key_obj);
1412 _setException(PyExc_ValueError, NULL);
1413 return NULL;
1414 }
1415 return key_obj;
1416 }
1417 #endif /* PY_OPENSSL_HAS_SCRYPT */
1418
1419 /* Fast HMAC for hmac.digest()
1420 */
1421
1422 /*[clinic input]
1423 _hashlib.hmac_digest as _hashlib_hmac_singleshot
1424
1425 key: Py_buffer
1426 msg: Py_buffer
1427 digest: object
1428
1429 Single-shot HMAC.
1430 [clinic start generated code]*/
1431
1432 static PyObject *
_hashlib_hmac_singleshot_impl(PyObject * module,Py_buffer * key,Py_buffer * msg,PyObject * digest)1433 _hashlib_hmac_singleshot_impl(PyObject *module, Py_buffer *key,
1434 Py_buffer *msg, PyObject *digest)
1435 /*[clinic end generated code: output=82f19965d12706ac input=0a0790cc3db45c2e]*/
1436 {
1437 unsigned char md[EVP_MAX_MD_SIZE] = {0};
1438 unsigned int md_len = 0;
1439 unsigned char *result;
1440 PY_EVP_MD *evp;
1441
1442 if (key->len > INT_MAX) {
1443 PyErr_SetString(PyExc_OverflowError,
1444 "key is too long.");
1445 return NULL;
1446 }
1447 if (msg->len > INT_MAX) {
1448 PyErr_SetString(PyExc_OverflowError,
1449 "msg is too long.");
1450 return NULL;
1451 }
1452
1453 evp = py_digest_by_digestmod(module, digest, Py_ht_mac);
1454 if (evp == NULL) {
1455 return NULL;
1456 }
1457
1458 Py_BEGIN_ALLOW_THREADS
1459 result = HMAC(
1460 evp,
1461 (const void*)key->buf, (int)key->len,
1462 (const unsigned char*)msg->buf, (int)msg->len,
1463 md, &md_len
1464 );
1465 Py_END_ALLOW_THREADS
1466 PY_EVP_MD_free(evp);
1467
1468 if (result == NULL) {
1469 _setException(PyExc_ValueError, NULL);
1470 return NULL;
1471 }
1472 return PyBytes_FromStringAndSize((const char*)md, md_len);
1473 }
1474
1475 /* OpenSSL-based HMAC implementation
1476 */
1477
1478 static int _hmac_update(HMACobject*, PyObject*);
1479
1480 /*[clinic input]
1481 _hashlib.hmac_new
1482
1483 key: Py_buffer
1484 msg as msg_obj: object(c_default="NULL") = b''
1485 digestmod: object(c_default="NULL") = None
1486
1487 Return a new hmac object.
1488 [clinic start generated code]*/
1489
1490 static PyObject *
_hashlib_hmac_new_impl(PyObject * module,Py_buffer * key,PyObject * msg_obj,PyObject * digestmod)1491 _hashlib_hmac_new_impl(PyObject *module, Py_buffer *key, PyObject *msg_obj,
1492 PyObject *digestmod)
1493 /*[clinic end generated code: output=c20d9e4d9ed6d219 input=5f4071dcc7f34362]*/
1494 {
1495 PyTypeObject *type = get_hashlib_state(module)->HMACtype;
1496 PY_EVP_MD *digest;
1497 HMAC_CTX *ctx = NULL;
1498 HMACobject *self = NULL;
1499 int r;
1500
1501 if (key->len > INT_MAX) {
1502 PyErr_SetString(PyExc_OverflowError,
1503 "key is too long.");
1504 return NULL;
1505 }
1506
1507 if (digestmod == NULL) {
1508 PyErr_SetString(
1509 PyExc_TypeError, "Missing required parameter 'digestmod'.");
1510 return NULL;
1511 }
1512
1513 digest = py_digest_by_digestmod(module, digestmod, Py_ht_mac);
1514 if (digest == NULL) {
1515 return NULL;
1516 }
1517
1518 ctx = HMAC_CTX_new();
1519 if (ctx == NULL) {
1520 _setException(PyExc_ValueError, NULL);
1521 goto error;
1522 }
1523
1524 r = HMAC_Init_ex(
1525 ctx,
1526 (const char*)key->buf,
1527 (int)key->len,
1528 digest,
1529 NULL /*impl*/);
1530 PY_EVP_MD_free(digest);
1531 if (r == 0) {
1532 _setException(PyExc_ValueError, NULL);
1533 goto error;
1534 }
1535
1536 self = (HMACobject *)PyObject_New(HMACobject, type);
1537 if (self == NULL) {
1538 goto error;
1539 }
1540
1541 self->ctx = ctx;
1542 self->lock = NULL;
1543
1544 if ((msg_obj != NULL) && (msg_obj != Py_None)) {
1545 if (!_hmac_update(self, msg_obj))
1546 goto error;
1547 }
1548
1549 return (PyObject*)self;
1550
1551 error:
1552 if (ctx) HMAC_CTX_free(ctx);
1553 if (self) PyObject_Free(self);
1554 return NULL;
1555 }
1556
1557 /* helper functions */
1558 static int
locked_HMAC_CTX_copy(HMAC_CTX * new_ctx_p,HMACobject * self)1559 locked_HMAC_CTX_copy(HMAC_CTX *new_ctx_p, HMACobject *self)
1560 {
1561 int result;
1562 ENTER_HASHLIB(self);
1563 result = HMAC_CTX_copy(new_ctx_p, self->ctx);
1564 LEAVE_HASHLIB(self);
1565 return result;
1566 }
1567
1568 static unsigned int
_hmac_digest_size(HMACobject * self)1569 _hmac_digest_size(HMACobject *self)
1570 {
1571 unsigned int digest_size = EVP_MD_size(HMAC_CTX_get_md(self->ctx));
1572 assert(digest_size <= EVP_MAX_MD_SIZE);
1573 return digest_size;
1574 }
1575
1576 static int
_hmac_update(HMACobject * self,PyObject * obj)1577 _hmac_update(HMACobject *self, PyObject *obj)
1578 {
1579 int r;
1580 Py_buffer view = {0};
1581
1582 GET_BUFFER_VIEW_OR_ERROR(obj, &view, return 0);
1583
1584 if (self->lock == NULL && view.len >= HASHLIB_GIL_MINSIZE) {
1585 self->lock = PyThread_allocate_lock();
1586 /* fail? lock = NULL and we fail over to non-threaded code. */
1587 }
1588
1589 if (self->lock != NULL) {
1590 Py_BEGIN_ALLOW_THREADS
1591 PyThread_acquire_lock(self->lock, 1);
1592 r = HMAC_Update(self->ctx, (const unsigned char*)view.buf, view.len);
1593 PyThread_release_lock(self->lock);
1594 Py_END_ALLOW_THREADS
1595 } else {
1596 r = HMAC_Update(self->ctx, (const unsigned char*)view.buf, view.len);
1597 }
1598
1599 PyBuffer_Release(&view);
1600
1601 if (r == 0) {
1602 _setException(PyExc_ValueError, NULL);
1603 return 0;
1604 }
1605 return 1;
1606 }
1607
1608 /*[clinic input]
1609 _hashlib.HMAC.copy
1610
1611 Return a copy ("clone") of the HMAC object.
1612 [clinic start generated code]*/
1613
1614 static PyObject *
_hashlib_HMAC_copy_impl(HMACobject * self)1615 _hashlib_HMAC_copy_impl(HMACobject *self)
1616 /*[clinic end generated code: output=29aa28b452833127 input=e2fa6a05db61a4d6]*/
1617 {
1618 HMACobject *retval;
1619
1620 HMAC_CTX *ctx = HMAC_CTX_new();
1621 if (ctx == NULL) {
1622 return _setException(PyExc_ValueError, NULL);
1623 }
1624 if (!locked_HMAC_CTX_copy(ctx, self)) {
1625 HMAC_CTX_free(ctx);
1626 return _setException(PyExc_ValueError, NULL);
1627 }
1628
1629 retval = (HMACobject *)PyObject_New(HMACobject, Py_TYPE(self));
1630 if (retval == NULL) {
1631 HMAC_CTX_free(ctx);
1632 return NULL;
1633 }
1634 retval->ctx = ctx;
1635 retval->lock = NULL;
1636
1637 return (PyObject *)retval;
1638 }
1639
1640 static void
_hmac_dealloc(HMACobject * self)1641 _hmac_dealloc(HMACobject *self)
1642 {
1643 PyTypeObject *tp = Py_TYPE(self);
1644 if (self->lock != NULL) {
1645 PyThread_free_lock(self->lock);
1646 }
1647 HMAC_CTX_free(self->ctx);
1648 PyObject_Free(self);
1649 Py_DECREF(tp);
1650 }
1651
1652 static PyObject *
_hmac_repr(HMACobject * self)1653 _hmac_repr(HMACobject *self)
1654 {
1655 PyObject *digest_name = py_digest_name(HMAC_CTX_get_md(self->ctx));
1656 if (digest_name == NULL) {
1657 return NULL;
1658 }
1659 PyObject *repr = PyUnicode_FromFormat(
1660 "<%U HMAC object @ %p>", digest_name, self
1661 );
1662 Py_DECREF(digest_name);
1663 return repr;
1664 }
1665
1666 /*[clinic input]
1667 _hashlib.HMAC.update
1668 msg: object
1669
1670 Update the HMAC object with msg.
1671 [clinic start generated code]*/
1672
1673 static PyObject *
_hashlib_HMAC_update_impl(HMACobject * self,PyObject * msg)1674 _hashlib_HMAC_update_impl(HMACobject *self, PyObject *msg)
1675 /*[clinic end generated code: output=f31f0ace8c625b00 input=1829173bb3cfd4e6]*/
1676 {
1677 if (!_hmac_update(self, msg)) {
1678 return NULL;
1679 }
1680 Py_RETURN_NONE;
1681 }
1682
1683 static int
_hmac_digest(HMACobject * self,unsigned char * buf,unsigned int len)1684 _hmac_digest(HMACobject *self, unsigned char *buf, unsigned int len)
1685 {
1686 HMAC_CTX *temp_ctx = HMAC_CTX_new();
1687 if (temp_ctx == NULL) {
1688 PyErr_NoMemory();
1689 return 0;
1690 }
1691 if (!locked_HMAC_CTX_copy(temp_ctx, self)) {
1692 _setException(PyExc_ValueError, NULL);
1693 return 0;
1694 }
1695 int r = HMAC_Final(temp_ctx, buf, &len);
1696 HMAC_CTX_free(temp_ctx);
1697 if (r == 0) {
1698 _setException(PyExc_ValueError, NULL);
1699 return 0;
1700 }
1701 return 1;
1702 }
1703
1704 /*[clinic input]
1705 _hashlib.HMAC.digest
1706 Return the digest of the bytes passed to the update() method so far.
1707 [clinic start generated code]*/
1708
1709 static PyObject *
_hashlib_HMAC_digest_impl(HMACobject * self)1710 _hashlib_HMAC_digest_impl(HMACobject *self)
1711 /*[clinic end generated code: output=1b1424355af7a41e input=bff07f74da318fb4]*/
1712 {
1713 unsigned char digest[EVP_MAX_MD_SIZE];
1714 unsigned int digest_size = _hmac_digest_size(self);
1715 if (digest_size == 0) {
1716 return _setException(PyExc_ValueError, NULL);
1717 }
1718 int r = _hmac_digest(self, digest, digest_size);
1719 if (r == 0) {
1720 return NULL;
1721 }
1722 return PyBytes_FromStringAndSize((const char *)digest, digest_size);
1723 }
1724
1725 /*[clinic input]
1726 _hashlib.HMAC.hexdigest
1727
1728 Return hexadecimal digest of the bytes passed to the update() method so far.
1729
1730 This may be used to exchange the value safely in email or other non-binary
1731 environments.
1732 [clinic start generated code]*/
1733
1734 static PyObject *
_hashlib_HMAC_hexdigest_impl(HMACobject * self)1735 _hashlib_HMAC_hexdigest_impl(HMACobject *self)
1736 /*[clinic end generated code: output=80d825be1eaae6a7 input=5abc42702874ddcf]*/
1737 {
1738 unsigned char digest[EVP_MAX_MD_SIZE];
1739 unsigned int digest_size = _hmac_digest_size(self);
1740 if (digest_size == 0) {
1741 return _setException(PyExc_ValueError, NULL);
1742 }
1743 int r = _hmac_digest(self, digest, digest_size);
1744 if (r == 0) {
1745 return NULL;
1746 }
1747 return _Py_strhex((const char *)digest, digest_size);
1748 }
1749
1750 static PyObject *
_hashlib_hmac_get_digest_size(HMACobject * self,void * closure)1751 _hashlib_hmac_get_digest_size(HMACobject *self, void *closure)
1752 {
1753 unsigned int digest_size = _hmac_digest_size(self);
1754 if (digest_size == 0) {
1755 return _setException(PyExc_ValueError, NULL);
1756 }
1757 return PyLong_FromLong(digest_size);
1758 }
1759
1760 static PyObject *
_hashlib_hmac_get_block_size(HMACobject * self,void * closure)1761 _hashlib_hmac_get_block_size(HMACobject *self, void *closure)
1762 {
1763 const EVP_MD *md = HMAC_CTX_get_md(self->ctx);
1764 if (md == NULL) {
1765 return _setException(PyExc_ValueError, NULL);
1766 }
1767 return PyLong_FromLong(EVP_MD_block_size(md));
1768 }
1769
1770 static PyObject *
_hashlib_hmac_get_name(HMACobject * self,void * closure)1771 _hashlib_hmac_get_name(HMACobject *self, void *closure)
1772 {
1773 PyObject *digest_name = py_digest_name(HMAC_CTX_get_md(self->ctx));
1774 if (digest_name == NULL) {
1775 return NULL;
1776 }
1777 PyObject *name = PyUnicode_FromFormat("hmac-%U", digest_name);
1778 Py_DECREF(digest_name);
1779 return name;
1780 }
1781
1782 static PyMethodDef HMAC_methods[] = {
1783 _HASHLIB_HMAC_UPDATE_METHODDEF
1784 _HASHLIB_HMAC_DIGEST_METHODDEF
1785 _HASHLIB_HMAC_HEXDIGEST_METHODDEF
1786 _HASHLIB_HMAC_COPY_METHODDEF
1787 {NULL, NULL} /* sentinel */
1788 };
1789
1790 static PyGetSetDef HMAC_getset[] = {
1791 {"digest_size", (getter)_hashlib_hmac_get_digest_size, NULL, NULL, NULL},
1792 {"block_size", (getter)_hashlib_hmac_get_block_size, NULL, NULL, NULL},
1793 {"name", (getter)_hashlib_hmac_get_name, NULL, NULL, NULL},
1794 {NULL} /* Sentinel */
1795 };
1796
1797
1798 PyDoc_STRVAR(hmactype_doc,
1799 "The object used to calculate HMAC of a message.\n\
1800 \n\
1801 Methods:\n\
1802 \n\
1803 update() -- updates the current digest with an additional string\n\
1804 digest() -- return the current digest value\n\
1805 hexdigest() -- return the current digest as a string of hexadecimal digits\n\
1806 copy() -- return a copy of the current hash object\n\
1807 \n\
1808 Attributes:\n\
1809 \n\
1810 name -- the name, including the hash algorithm used by this object\n\
1811 digest_size -- number of bytes in digest() output\n");
1812
1813 static PyType_Slot HMACtype_slots[] = {
1814 {Py_tp_doc, (char *)hmactype_doc},
1815 {Py_tp_repr, (reprfunc)_hmac_repr},
1816 {Py_tp_dealloc,(destructor)_hmac_dealloc},
1817 {Py_tp_methods, HMAC_methods},
1818 {Py_tp_getset, HMAC_getset},
1819 {0, NULL}
1820 };
1821
1822 PyType_Spec HMACtype_spec = {
1823 "_hashlib.HMAC", /* name */
1824 sizeof(HMACobject), /* basicsize */
1825 .flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
1826 .slots = HMACtype_slots,
1827 };
1828
1829
1830 /* State for our callback function so that it can accumulate a result. */
1831 typedef struct _internal_name_mapper_state {
1832 PyObject *set;
1833 int error;
1834 } _InternalNameMapperState;
1835
1836
1837 /* A callback function to pass to OpenSSL's OBJ_NAME_do_all(...) */
1838 static void
1839 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
_openssl_hash_name_mapper(EVP_MD * md,void * arg)1840 _openssl_hash_name_mapper(EVP_MD *md, void *arg)
1841 #else
1842 _openssl_hash_name_mapper(const EVP_MD *md, const char *from,
1843 const char *to, void *arg)
1844 #endif
1845 {
1846 _InternalNameMapperState *state = (_InternalNameMapperState *)arg;
1847 PyObject *py_name;
1848
1849 assert(state != NULL);
1850 // ignore all undefined providers
1851 if ((md == NULL) || (EVP_MD_nid(md) == NID_undef)) {
1852 return;
1853 }
1854
1855 py_name = py_digest_name(md);
1856 if (py_name == NULL) {
1857 state->error = 1;
1858 } else {
1859 if (PySet_Add(state->set, py_name) != 0) {
1860 state->error = 1;
1861 }
1862 Py_DECREF(py_name);
1863 }
1864 }
1865
1866
1867 /* Ask OpenSSL for a list of supported ciphers, filling in a Python set. */
1868 static int
hashlib_md_meth_names(PyObject * module)1869 hashlib_md_meth_names(PyObject *module)
1870 {
1871 _InternalNameMapperState state = {
1872 .set = PyFrozenSet_New(NULL),
1873 .error = 0
1874 };
1875 if (state.set == NULL) {
1876 return -1;
1877 }
1878
1879 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
1880 // get algorithms from all activated providers in default context
1881 EVP_MD_do_all_provided(NULL, &_openssl_hash_name_mapper, &state);
1882 #else
1883 EVP_MD_do_all(&_openssl_hash_name_mapper, &state);
1884 #endif
1885
1886 if (state.error) {
1887 Py_DECREF(state.set);
1888 return -1;
1889 }
1890
1891 if (PyModule_AddObject(module, "openssl_md_meth_names", state.set) < 0) {
1892 Py_DECREF(state.set);
1893 return -1;
1894 }
1895
1896 return 0;
1897 }
1898
1899 /*[clinic input]
1900 _hashlib.get_fips_mode -> int
1901
1902 Determine the OpenSSL FIPS mode of operation.
1903
1904 For OpenSSL 3.0.0 and newer it returns the state of the default provider
1905 in the default OSSL context. It's not quite the same as FIPS_mode() but good
1906 enough for unittests.
1907
1908 Effectively any non-zero return value indicates FIPS mode;
1909 values other than 1 may have additional significance.
1910 [clinic start generated code]*/
1911
1912 static int
_hashlib_get_fips_mode_impl(PyObject * module)1913 _hashlib_get_fips_mode_impl(PyObject *module)
1914 /*[clinic end generated code: output=87eece1bab4d3fa9 input=2db61538c41c6fef]*/
1915
1916 {
1917 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
1918 return EVP_default_properties_is_fips_enabled(NULL);
1919 #else
1920 ERR_clear_error();
1921 int result = FIPS_mode();
1922 if (result == 0) {
1923 // "If the library was built without support of the FIPS Object Module,
1924 // then the function will return 0 with an error code of
1925 // CRYPTO_R_FIPS_MODE_NOT_SUPPORTED (0x0f06d065)."
1926 // But 0 is also a valid result value.
1927 unsigned long errcode = ERR_peek_last_error();
1928 if (errcode) {
1929 _setException(PyExc_ValueError, NULL);
1930 return -1;
1931 }
1932 }
1933 return result;
1934 #endif
1935 }
1936
1937
1938 static int
_tscmp(const unsigned char * a,const unsigned char * b,Py_ssize_t len_a,Py_ssize_t len_b)1939 _tscmp(const unsigned char *a, const unsigned char *b,
1940 Py_ssize_t len_a, Py_ssize_t len_b)
1941 {
1942 /* loop count depends on length of b. Might leak very little timing
1943 * information if sizes are different.
1944 */
1945 Py_ssize_t length = len_b;
1946 const void *left = a;
1947 const void *right = b;
1948 int result = 0;
1949
1950 if (len_a != length) {
1951 left = b;
1952 result = 1;
1953 }
1954
1955 result |= CRYPTO_memcmp(left, right, length);
1956
1957 return (result == 0);
1958 }
1959
1960 /* NOTE: Keep in sync with _operator.c implementation. */
1961
1962 /*[clinic input]
1963 _hashlib.compare_digest
1964
1965 a: object
1966 b: object
1967 /
1968
1969 Return 'a == b'.
1970
1971 This function uses an approach designed to prevent
1972 timing analysis, making it appropriate for cryptography.
1973
1974 a and b must both be of the same type: either str (ASCII only),
1975 or any bytes-like object.
1976
1977 Note: If a and b are of different lengths, or if an error occurs,
1978 a timing attack could theoretically reveal information about the
1979 types and lengths of a and b--but not their values.
1980 [clinic start generated code]*/
1981
1982 static PyObject *
_hashlib_compare_digest_impl(PyObject * module,PyObject * a,PyObject * b)1983 _hashlib_compare_digest_impl(PyObject *module, PyObject *a, PyObject *b)
1984 /*[clinic end generated code: output=6f1c13927480aed9 input=9c40c6e566ca12f5]*/
1985 {
1986 int rc;
1987
1988 /* ASCII unicode string */
1989 if(PyUnicode_Check(a) && PyUnicode_Check(b)) {
1990 if (PyUnicode_READY(a) == -1 || PyUnicode_READY(b) == -1) {
1991 return NULL;
1992 }
1993 if (!PyUnicode_IS_ASCII(a) || !PyUnicode_IS_ASCII(b)) {
1994 PyErr_SetString(PyExc_TypeError,
1995 "comparing strings with non-ASCII characters is "
1996 "not supported");
1997 return NULL;
1998 }
1999
2000 rc = _tscmp(PyUnicode_DATA(a),
2001 PyUnicode_DATA(b),
2002 PyUnicode_GET_LENGTH(a),
2003 PyUnicode_GET_LENGTH(b));
2004 }
2005 /* fallback to buffer interface for bytes, bytearray and other */
2006 else {
2007 Py_buffer view_a;
2008 Py_buffer view_b;
2009
2010 if (PyObject_CheckBuffer(a) == 0 && PyObject_CheckBuffer(b) == 0) {
2011 PyErr_Format(PyExc_TypeError,
2012 "unsupported operand types(s) or combination of types: "
2013 "'%.100s' and '%.100s'",
2014 Py_TYPE(a)->tp_name, Py_TYPE(b)->tp_name);
2015 return NULL;
2016 }
2017
2018 if (PyObject_GetBuffer(a, &view_a, PyBUF_SIMPLE) == -1) {
2019 return NULL;
2020 }
2021 if (view_a.ndim > 1) {
2022 PyErr_SetString(PyExc_BufferError,
2023 "Buffer must be single dimension");
2024 PyBuffer_Release(&view_a);
2025 return NULL;
2026 }
2027
2028 if (PyObject_GetBuffer(b, &view_b, PyBUF_SIMPLE) == -1) {
2029 PyBuffer_Release(&view_a);
2030 return NULL;
2031 }
2032 if (view_b.ndim > 1) {
2033 PyErr_SetString(PyExc_BufferError,
2034 "Buffer must be single dimension");
2035 PyBuffer_Release(&view_a);
2036 PyBuffer_Release(&view_b);
2037 return NULL;
2038 }
2039
2040 rc = _tscmp((const unsigned char*)view_a.buf,
2041 (const unsigned char*)view_b.buf,
2042 view_a.len,
2043 view_b.len);
2044
2045 PyBuffer_Release(&view_a);
2046 PyBuffer_Release(&view_b);
2047 }
2048
2049 return PyBool_FromLong(rc);
2050 }
2051
2052 /* List of functions exported by this module */
2053
2054 static struct PyMethodDef EVP_functions[] = {
2055 EVP_NEW_METHODDEF
2056 PBKDF2_HMAC_METHODDEF
2057 _HASHLIB_SCRYPT_METHODDEF
2058 _HASHLIB_GET_FIPS_MODE_METHODDEF
2059 _HASHLIB_COMPARE_DIGEST_METHODDEF
2060 _HASHLIB_HMAC_SINGLESHOT_METHODDEF
2061 _HASHLIB_HMAC_NEW_METHODDEF
2062 _HASHLIB_OPENSSL_MD5_METHODDEF
2063 _HASHLIB_OPENSSL_SHA1_METHODDEF
2064 _HASHLIB_OPENSSL_SHA224_METHODDEF
2065 _HASHLIB_OPENSSL_SHA256_METHODDEF
2066 _HASHLIB_OPENSSL_SHA384_METHODDEF
2067 _HASHLIB_OPENSSL_SHA512_METHODDEF
2068 _HASHLIB_OPENSSL_SHA3_224_METHODDEF
2069 _HASHLIB_OPENSSL_SHA3_256_METHODDEF
2070 _HASHLIB_OPENSSL_SHA3_384_METHODDEF
2071 _HASHLIB_OPENSSL_SHA3_512_METHODDEF
2072 _HASHLIB_OPENSSL_SHAKE_128_METHODDEF
2073 _HASHLIB_OPENSSL_SHAKE_256_METHODDEF
2074 {NULL, NULL} /* Sentinel */
2075 };
2076
2077
2078 /* Initialize this module. */
2079
2080 static int
hashlib_traverse(PyObject * m,visitproc visit,void * arg)2081 hashlib_traverse(PyObject *m, visitproc visit, void *arg)
2082 {
2083 _hashlibstate *state = get_hashlib_state(m);
2084 Py_VISIT(state->EVPtype);
2085 Py_VISIT(state->HMACtype);
2086 #ifdef PY_OPENSSL_HAS_SHAKE
2087 Py_VISIT(state->EVPXOFtype);
2088 #endif
2089 Py_VISIT(state->constructs);
2090 Py_VISIT(state->unsupported_digestmod_error);
2091 return 0;
2092 }
2093
2094 static int
hashlib_clear(PyObject * m)2095 hashlib_clear(PyObject *m)
2096 {
2097 _hashlibstate *state = get_hashlib_state(m);
2098 Py_CLEAR(state->EVPtype);
2099 Py_CLEAR(state->HMACtype);
2100 #ifdef PY_OPENSSL_HAS_SHAKE
2101 Py_CLEAR(state->EVPXOFtype);
2102 #endif
2103 Py_CLEAR(state->constructs);
2104 Py_CLEAR(state->unsupported_digestmod_error);
2105
2106 if (state->hashtable != NULL) {
2107 _Py_hashtable_destroy(state->hashtable);
2108 state->hashtable = NULL;
2109 }
2110
2111 return 0;
2112 }
2113
2114 static void
hashlib_free(void * m)2115 hashlib_free(void *m)
2116 {
2117 hashlib_clear((PyObject *)m);
2118 }
2119
2120 /* Py_mod_exec functions */
2121 static int
hashlib_init_hashtable(PyObject * module)2122 hashlib_init_hashtable(PyObject *module)
2123 {
2124 _hashlibstate *state = get_hashlib_state(module);
2125
2126 state->hashtable = py_hashentry_table_new();
2127 if (state->hashtable == NULL) {
2128 PyErr_NoMemory();
2129 return -1;
2130 }
2131 return 0;
2132 }
2133
2134 static int
hashlib_init_evptype(PyObject * module)2135 hashlib_init_evptype(PyObject *module)
2136 {
2137 _hashlibstate *state = get_hashlib_state(module);
2138
2139 state->EVPtype = (PyTypeObject *)PyType_FromSpec(&EVPtype_spec);
2140 if (state->EVPtype == NULL) {
2141 return -1;
2142 }
2143 if (PyModule_AddType(module, state->EVPtype) < 0) {
2144 return -1;
2145 }
2146 return 0;
2147 }
2148
2149 static int
hashlib_init_evpxoftype(PyObject * module)2150 hashlib_init_evpxoftype(PyObject *module)
2151 {
2152 #ifdef PY_OPENSSL_HAS_SHAKE
2153 _hashlibstate *state = get_hashlib_state(module);
2154
2155 if (state->EVPtype == NULL) {
2156 return -1;
2157 }
2158
2159 state->EVPXOFtype = (PyTypeObject *)PyType_FromSpecWithBases(
2160 &EVPXOFtype_spec, (PyObject *)state->EVPtype
2161 );
2162 if (state->EVPXOFtype == NULL) {
2163 return -1;
2164 }
2165 if (PyModule_AddType(module, state->EVPXOFtype) < 0) {
2166 return -1;
2167 }
2168 #endif
2169 return 0;
2170 }
2171
2172 static int
hashlib_init_hmactype(PyObject * module)2173 hashlib_init_hmactype(PyObject *module)
2174 {
2175 _hashlibstate *state = get_hashlib_state(module);
2176
2177 state->HMACtype = (PyTypeObject *)PyType_FromSpec(&HMACtype_spec);
2178 if (state->HMACtype == NULL) {
2179 return -1;
2180 }
2181 if (PyModule_AddType(module, state->HMACtype) < 0) {
2182 return -1;
2183 }
2184 return 0;
2185 }
2186
2187 static int
hashlib_init_constructors(PyObject * module)2188 hashlib_init_constructors(PyObject *module)
2189 {
2190 /* Create dict from builtin openssl_hash functions to name
2191 * {_hashlib.openssl_sha256: "sha256", ...}
2192 */
2193 PyModuleDef *mdef;
2194 PyMethodDef *fdef;
2195 PyObject *proxy;
2196 PyObject *func, *name_obj;
2197 _hashlibstate *state = get_hashlib_state(module);
2198
2199 mdef = PyModule_GetDef(module);
2200 if (mdef == NULL) {
2201 return -1;
2202 }
2203
2204 state->constructs = PyDict_New();
2205 if (state->constructs == NULL) {
2206 return -1;
2207 }
2208
2209 for (fdef = mdef->m_methods; fdef->ml_name != NULL; fdef++) {
2210 if (strncmp(fdef->ml_name, "openssl_", 8)) {
2211 continue;
2212 }
2213 name_obj = PyUnicode_FromString(fdef->ml_name + 8);
2214 if (name_obj == NULL) {
2215 return -1;
2216 }
2217 func = PyObject_GetAttrString(module, fdef->ml_name);
2218 if (func == NULL) {
2219 Py_DECREF(name_obj);
2220 return -1;
2221 }
2222 int rc = PyDict_SetItem(state->constructs, func, name_obj);
2223 Py_DECREF(func);
2224 Py_DECREF(name_obj);
2225 if (rc < 0) {
2226 return -1;
2227 }
2228 }
2229
2230 proxy = PyDictProxy_New(state->constructs);
2231 if (proxy == NULL) {
2232 return -1;
2233 }
2234
2235 int rc = PyModule_AddObjectRef(module, "_constructors", proxy);
2236 Py_DECREF(proxy);
2237 if (rc < 0) {
2238 return -1;
2239 }
2240 return 0;
2241 }
2242
2243 static int
hashlib_exception(PyObject * module)2244 hashlib_exception(PyObject *module)
2245 {
2246 _hashlibstate *state = get_hashlib_state(module);
2247 state->unsupported_digestmod_error = PyErr_NewException(
2248 "_hashlib.UnsupportedDigestmodError", PyExc_ValueError, NULL);
2249 if (state->unsupported_digestmod_error == NULL) {
2250 return -1;
2251 }
2252 if (PyModule_AddObjectRef(module, "UnsupportedDigestmodError",
2253 state->unsupported_digestmod_error) < 0) {
2254 return -1;
2255 }
2256 return 0;
2257 }
2258
2259
2260 static PyModuleDef_Slot hashlib_slots[] = {
2261 {Py_mod_exec, hashlib_init_hashtable},
2262 {Py_mod_exec, hashlib_init_evptype},
2263 {Py_mod_exec, hashlib_init_evpxoftype},
2264 {Py_mod_exec, hashlib_init_hmactype},
2265 {Py_mod_exec, hashlib_md_meth_names},
2266 {Py_mod_exec, hashlib_init_constructors},
2267 {Py_mod_exec, hashlib_exception},
2268 {0, NULL}
2269 };
2270
2271 static struct PyModuleDef _hashlibmodule = {
2272 PyModuleDef_HEAD_INIT,
2273 .m_name = "_hashlib",
2274 .m_doc = "OpenSSL interface for hashlib module",
2275 .m_size = sizeof(_hashlibstate),
2276 .m_methods = EVP_functions,
2277 .m_slots = hashlib_slots,
2278 .m_traverse = hashlib_traverse,
2279 .m_clear = hashlib_clear,
2280 .m_free = hashlib_free
2281 };
2282
2283 PyMODINIT_FUNC
PyInit__hashlib(void)2284 PyInit__hashlib(void)
2285 {
2286 return PyModuleDef_Init(&_hashlibmodule);
2287 }
2288