Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / refs/heads/rel/p/fp2/20.10.1-beta / . / Modules / _hashopenssl.c
blob: daa4f3db2e8bfc351dafef575dc4b223f8436f4b [file] [log] [blame]
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1/* Module that wraps all OpenSSL hash algorithms */
2
3/*
Benjamin Peterson46a99002010-01-09 18:45:30 +0000[diff] [blame]4 * Copyright (C) 2005-2010 Gregory P. Smith (greg@krypto.org)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]5 * Licensed to PSF under a Contributor Agreement.
6 *
7 * Derived from a skeleton of shamodule.c containing work performed by:
8 *
9 * Andrew Kuchling (amk@amk.ca)
10 * Greg Stein (gstein@lyra.org)
11 *
12 */
13
Thomas Wouters9bc844e2006-03-01 21:50:07 +0000[diff] [blame]14#define PY_SSIZE_T_CLEAN
15
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]16#include "Python.h"
17#include "structmember.h"
Gregory P. Smith365a1862009-02-12 07:35:29 +0000[diff] [blame]18#include "hashlib.h"
Gregory P. Smith4dff6f62015-04-25 23:42:38 +0000[diff] [blame]19#include "pystrhex.h"
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]20
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]21
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]22/* EVP is the preferred interface to hashing in OpenSSL */
23#include <openssl/evp.h>
Gregory P. Smith13b55292010-09-06 08:30:23 +0000[diff] [blame]24/* We use the object interface to discover what hashes OpenSSL supports. */
25#include <openssl/objects.h>
Christian Heimese92ef132013-10-13 00:52:43 +0200[diff] [blame]26#include "openssl/err.h"
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]27
Christian Heimes39093e92016-09-06 20:22:28 +0200[diff] [blame]28#include "clinic/_hashopenssl.c.h"
29/*[clinic input]
30module _hashlib
31[clinic start generated code]*/
32/*[clinic end generated code: output=da39a3ee5e6b4b0d input=c2b4ff081bac4be1]*/
33
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]34#define MUNCH_SIZE INT_MAX
35
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]36#ifndef HASH_OBJ_CONSTRUCTOR
37#define HASH_OBJ_CONSTRUCTOR 0
38#endif
39
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]40#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
41/* OpenSSL < 1.1.0 */
42#define EVP_MD_CTX_new EVP_MD_CTX_create
43#define EVP_MD_CTX_free EVP_MD_CTX_destroy
44#define HAS_FAST_PKCS5_PBKDF2_HMAC 0
45#include <openssl/hmac.h>
46#else
47/* OpenSSL >= 1.1.0 */
48#define HAS_FAST_PKCS5_PBKDF2_HMAC 1
49#endif
50
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]51
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]52typedef struct {
53 PyObject_HEAD
54 PyObject *name; /* name of this hash algorithm */
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]55 EVP_MD_CTX *ctx; /* OpenSSL message digest context */
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]56#ifdef WITH_THREAD
57 PyThread_type_lock lock; /* OpenSSL context lock */
58#endif
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]59} EVPobject;
60
61
62static PyTypeObject EVPtype;
63
64
65#define DEFINE_CONSTS_FOR_NEW(Name) \
Gregory P. Smithaded2e52013-02-01 17:05:29 -0800[diff] [blame]66 static PyObject *CONST_ ## Name ## _name_obj = NULL; \
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]67 static EVP_MD_CTX *CONST_new_ ## Name ## _ctx_p = NULL;
68
Neal Norwitzf0459142006-01-07 21:20:24 +0000[diff] [blame]69DEFINE_CONSTS_FOR_NEW(md5)
70DEFINE_CONSTS_FOR_NEW(sha1)
71DEFINE_CONSTS_FOR_NEW(sha224)
72DEFINE_CONSTS_FOR_NEW(sha256)
73DEFINE_CONSTS_FOR_NEW(sha384)
74DEFINE_CONSTS_FOR_NEW(sha512)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]75
76
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]77/* LCOV_EXCL_START */
78static PyObject *
79_setException(PyObject *exc)
80{
81 unsigned long errcode;
82 const char *lib, *func, *reason;
83
84 errcode = ERR_peek_last_error();
85 if (!errcode) {
86 PyErr_SetString(exc, "unknown reasons");
87 return NULL;
88 }
89 ERR_clear_error();
90
91 lib = ERR_lib_error_string(errcode);
92 func = ERR_func_error_string(errcode);
93 reason = ERR_reason_error_string(errcode);
94
95 if (lib && func) {
96 PyErr_Format(exc, "[%s: %s] %s", lib, func, reason);
97 }
98 else if (lib) {
99 PyErr_Format(exc, "[%s] %s", lib, reason);
100 }
101 else {
102 PyErr_SetString(exc, reason);
103 }
104 return NULL;
105}
106/* LCOV_EXCL_STOP */
107
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]108static EVPobject *
109newEVPobject(PyObject *name)
110{
111 EVPobject *retval = (EVPobject *)PyObject_New(EVPobject, &EVPtype);
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]112 if (retval == NULL) {
113 return NULL;
114 }
115
116 retval->ctx = EVP_MD_CTX_new();
117 if (retval->ctx == NULL) {
118 PyErr_NoMemory();
119 return NULL;
120 }
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]121
122 /* save the name for .name to return */
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]123 Py_INCREF(name);
124 retval->name = name;
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]125#ifdef WITH_THREAD
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]126 retval->lock = NULL;
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]127#endif
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]128
129 return retval;
130}
131
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]132static void
133EVP_hash(EVPobject *self, const void *vp, Py_ssize_t len)
134{
135 unsigned int process;
136 const unsigned char *cp = (const unsigned char *)vp;
137 while (0 < len) {
138 if (len > (Py_ssize_t)MUNCH_SIZE)
139 process = MUNCH_SIZE;
140 else
141 process = Py_SAFE_DOWNCAST(len, Py_ssize_t, unsigned int);
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]142 EVP_DigestUpdate(self->ctx, (const void*)cp, process);
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]143 len -= process;
144 cp += process;
145 }
146}
147
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]148/* Internal methods for a hash object */
149
150static void
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]151EVP_dealloc(EVPobject *self)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]152{
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]153#ifdef WITH_THREAD
154 if (self->lock != NULL)
155 PyThread_free_lock(self->lock);
156#endif
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]157 EVP_MD_CTX_free(self->ctx);
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]158 Py_XDECREF(self->name);
159 PyObject_Del(self);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]160}
161
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]162static int
163locked_EVP_MD_CTX_copy(EVP_MD_CTX *new_ctx_p, EVPobject *self)
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]164{
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]165 int result;
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]166 ENTER_HASHLIB(self);
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]167 result = EVP_MD_CTX_copy(new_ctx_p, self->ctx);
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]168 LEAVE_HASHLIB(self);
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]169 return result;
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]170}
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]171
172/* External methods for a hash object */
173
174PyDoc_STRVAR(EVP_copy__doc__, "Return a copy of the hash object.");
175
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]176
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]177static PyObject *
Thomas Wouters4d70c3d2006-06-08 14:42:34 +0000[diff] [blame]178EVP_copy(EVPobject *self, PyObject *unused)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]179{
180 EVPobject *newobj;
181
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]182 if ( (newobj = newEVPobject(self->name))==NULL)
183 return NULL;
184
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]185 if (!locked_EVP_MD_CTX_copy(newobj->ctx, self)) {
186 return _setException(PyExc_ValueError);
187 }
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]188 return (PyObject *)newobj;
189}
190
191PyDoc_STRVAR(EVP_digest__doc__,
192"Return the digest value as a string of binary data.");
193
194static PyObject *
Thomas Wouters4d70c3d2006-06-08 14:42:34 +0000[diff] [blame]195EVP_digest(EVPobject *self, PyObject *unused)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]196{
197 unsigned char digest[EVP_MAX_MD_SIZE];
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]198 EVP_MD_CTX *temp_ctx;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]199 PyObject *retval;
200 unsigned int digest_size;
201
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]202 temp_ctx = EVP_MD_CTX_new();
203 if (temp_ctx == NULL) {
204 PyErr_NoMemory();
205 return NULL;
206 }
207
208 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
209 return _setException(PyExc_ValueError);
210 }
211 digest_size = EVP_MD_CTX_size(temp_ctx);
212 EVP_DigestFinal(temp_ctx, digest, NULL);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]213
Christian Heimes72b710a2008-05-26 13:28:38 +0000[diff] [blame]214 retval = PyBytes_FromStringAndSize((const char *)digest, digest_size);
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]215 EVP_MD_CTX_free(temp_ctx);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]216 return retval;
217}
218
219PyDoc_STRVAR(EVP_hexdigest__doc__,
220"Return the digest value as a string of hexadecimal digits.");
221
222static PyObject *
Thomas Wouters4d70c3d2006-06-08 14:42:34 +0000[diff] [blame]223EVP_hexdigest(EVPobject *self, PyObject *unused)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]224{
225 unsigned char digest[EVP_MAX_MD_SIZE];
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]226 EVP_MD_CTX *temp_ctx;
Gregory P. Smith4dff6f62015-04-25 23:42:38 +0000[diff] [blame]227 unsigned int digest_size;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]228
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]229 temp_ctx = EVP_MD_CTX_new();
230 if (temp_ctx == NULL) {
231 PyErr_NoMemory();
232 return NULL;
233 }
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]234
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]235 /* Get the raw (binary) digest value */
236 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
237 return _setException(PyExc_ValueError);
238 }
239 digest_size = EVP_MD_CTX_size(temp_ctx);
240 EVP_DigestFinal(temp_ctx, digest, NULL);
241
242 EVP_MD_CTX_free(temp_ctx);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]243
Gregory P. Smith4dff6f62015-04-25 23:42:38 +0000[diff] [blame]244 return _Py_strhex((const char *)digest, digest_size);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]245}
246
247PyDoc_STRVAR(EVP_update__doc__,
248"Update this hash object's state with the provided string.");
249
250static PyObject *
251EVP_update(EVPobject *self, PyObject *args)
252{
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]253 PyObject *obj;
Travis E. Oliphant8ae62b62007-09-23 02:00:13 +0000[diff] [blame]254 Py_buffer view;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]255
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]256 if (!PyArg_ParseTuple(args, "O:update", &obj))
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]257 return NULL;
258
Gregory P. Smith365a1862009-02-12 07:35:29 +0000[diff] [blame]259 GET_BUFFER_VIEW_OR_ERROUT(obj, &view);
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]260
261#ifdef WITH_THREAD
262 if (self->lock == NULL && view.len >= HASHLIB_GIL_MINSIZE) {
263 self->lock = PyThread_allocate_lock();
Gregory P. Smith3f61d612009-05-04 00:45:33 +0000[diff] [blame]264 /* fail? lock = NULL and we fail over to non-threaded code. */
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]265 }
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]266
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]267 if (self->lock != NULL) {
268 Py_BEGIN_ALLOW_THREADS
269 PyThread_acquire_lock(self->lock, 1);
270 EVP_hash(self, view.buf, view.len);
271 PyThread_release_lock(self->lock);
272 Py_END_ALLOW_THREADS
273 } else {
274 EVP_hash(self, view.buf, view.len);
275 }
276#else
277 EVP_hash(self, view.buf, view.len);
278#endif
279
280 PyBuffer_Release(&view);
281 Py_RETURN_NONE;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]282}
283
284static PyMethodDef EVP_methods[] = {
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]285 {"update", (PyCFunction)EVP_update, METH_VARARGS, EVP_update__doc__},
286 {"digest", (PyCFunction)EVP_digest, METH_NOARGS, EVP_digest__doc__},
Thomas Wouters4d70c3d2006-06-08 14:42:34 +0000[diff] [blame]287 {"hexdigest", (PyCFunction)EVP_hexdigest, METH_NOARGS, EVP_hexdigest__doc__},
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]288 {"copy", (PyCFunction)EVP_copy, METH_NOARGS, EVP_copy__doc__},
289 {NULL, NULL} /* sentinel */
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]290};
291
292static PyObject *
293EVP_get_block_size(EVPobject *self, void *closure)
294{
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]295 long block_size;
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]296 block_size = EVP_MD_CTX_block_size(self->ctx);
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]297 return PyLong_FromLong(block_size);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]298}
299
300static PyObject *
301EVP_get_digest_size(EVPobject *self, void *closure)
302{
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]303 long size;
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]304 size = EVP_MD_CTX_size(self->ctx);
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]305 return PyLong_FromLong(size);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]306}
307
308static PyMemberDef EVP_members[] = {
309 {"name", T_OBJECT, offsetof(EVPobject, name), READONLY, PyDoc_STR("algorithm name.")},
310 {NULL} /* Sentinel */
311};
312
313static PyGetSetDef EVP_getseters[] = {
314 {"digest_size",
315 (getter)EVP_get_digest_size, NULL,
316 NULL,
317 NULL},
318 {"block_size",
319 (getter)EVP_get_block_size, NULL,
320 NULL,
321 NULL},
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]322 {NULL} /* Sentinel */
323};
324
325
326static PyObject *
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]327EVP_repr(EVPobject *self)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]328{
Victor Stinner3f1af5c2010-03-12 17:00:41 +0000[diff] [blame]329 return PyUnicode_FromFormat("<%U HASH object @ %p>", self->name, self);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]330}
331
332#if HASH_OBJ_CONSTRUCTOR
333static int
334EVP_tp_init(EVPobject *self, PyObject *args, PyObject *kwds)
335{
Martin v. Löwis15e62742006-02-27 16:46:16 +0000[diff] [blame]336 static char *kwlist[] = {"name", "string", NULL};
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]337 PyObject *name_obj = NULL;
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]338 PyObject *data_obj = NULL;
Travis E. Oliphant8ae62b62007-09-23 02:00:13 +0000[diff] [blame]339 Py_buffer view;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]340 char *nameStr;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]341 const EVP_MD *digest;
342
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]343 if (!PyArg_ParseTupleAndKeywords(args, kwds, "O|O:HASH", kwlist,
344 &name_obj, &data_obj)) {
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]345 return -1;
346 }
347
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]348 if (data_obj)
Gregory P. Smith365a1862009-02-12 07:35:29 +0000[diff] [blame]349 GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view);
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]350
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]351 if (!PyArg_Parse(name_obj, "s", &nameStr)) {
352 PyErr_SetString(PyExc_TypeError, "name must be a string");
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]353 if (data_obj)
Martin v. Löwis423be952008-08-13 15:53:07 +0000[diff] [blame]354 PyBuffer_Release(&view);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]355 return -1;
356 }
357
358 digest = EVP_get_digestbyname(nameStr);
359 if (!digest) {
360 PyErr_SetString(PyExc_ValueError, "unknown hash function");
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]361 if (data_obj)
Martin v. Löwis423be952008-08-13 15:53:07 +0000[diff] [blame]362 PyBuffer_Release(&view);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]363 return -1;
364 }
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]365 EVP_DigestInit(self->ctx, digest);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]366
367 self->name = name_obj;
368 Py_INCREF(self->name);
369
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]370 if (data_obj) {
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]371 if (view.len >= HASHLIB_GIL_MINSIZE) {
372 Py_BEGIN_ALLOW_THREADS
373 EVP_hash(self, view.buf, view.len);
374 Py_END_ALLOW_THREADS
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]375 } else {
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]376 EVP_hash(self, view.buf, view.len);
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]377 }
Martin v. Löwis423be952008-08-13 15:53:07 +0000[diff] [blame]378 PyBuffer_Release(&view);
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]379 }
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]380
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]381 return 0;
382}
383#endif
384
385
386PyDoc_STRVAR(hashtype_doc,
387"A hash represents the object used to calculate a checksum of a\n\
388string of information.\n\
389\n\
390Methods:\n\
391\n\
392update() -- updates the current digest with an additional string\n\
393digest() -- return the current digest value\n\
394hexdigest() -- return the current digest as a string of hexadecimal digits\n\
395copy() -- return a copy of the current hash object\n\
396\n\
397Attributes:\n\
398\n\
399name -- the hash algorithm being used by this object\n\
400digest_size -- number of bytes in this hashes output\n");
401
402static PyTypeObject EVPtype = {
Martin v. Löwis9f2e3462007-07-21 17:22:18 +0000[diff] [blame]403 PyVarObject_HEAD_INIT(NULL, 0)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]404 "_hashlib.HASH", /*tp_name*/
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]405 sizeof(EVPobject), /*tp_basicsize*/
406 0, /*tp_itemsize*/
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]407 /* methods */
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]408 (destructor)EVP_dealloc, /*tp_dealloc*/
409 0, /*tp_print*/
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]410 0, /*tp_getattr*/
411 0, /*tp_setattr*/
Mark Dickinsone94c6792009-02-02 20:36:42 +0000[diff] [blame]412 0, /*tp_reserved*/
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]413 (reprfunc)EVP_repr, /*tp_repr*/
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]414 0, /*tp_as_number*/
415 0, /*tp_as_sequence*/
416 0, /*tp_as_mapping*/
417 0, /*tp_hash*/
418 0, /*tp_call*/
419 0, /*tp_str*/
420 0, /*tp_getattro*/
421 0, /*tp_setattro*/
422 0, /*tp_as_buffer*/
423 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, /*tp_flags*/
424 hashtype_doc, /*tp_doc*/
425 0, /*tp_traverse*/
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]426 0, /*tp_clear*/
427 0, /*tp_richcompare*/
428 0, /*tp_weaklistoffset*/
429 0, /*tp_iter*/
430 0, /*tp_iternext*/
431 EVP_methods, /* tp_methods */
432 EVP_members, /* tp_members */
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]433 EVP_getseters, /* tp_getset */
434#if 1
435 0, /* tp_base */
436 0, /* tp_dict */
437 0, /* tp_descr_get */
438 0, /* tp_descr_set */
439 0, /* tp_dictoffset */
440#endif
441#if HASH_OBJ_CONSTRUCTOR
442 (initproc)EVP_tp_init, /* tp_init */
443#endif
444};
445
446static PyObject *
447EVPnew(PyObject *name_obj,
448 const EVP_MD *digest, const EVP_MD_CTX *initial_ctx,
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]449 const unsigned char *cp, Py_ssize_t len)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]450{
451 EVPobject *self;
452
453 if (!digest && !initial_ctx) {
454 PyErr_SetString(PyExc_ValueError, "unsupported hash type");
455 return NULL;
456 }
457
458 if ((self = newEVPobject(name_obj)) == NULL)
459 return NULL;
460
461 if (initial_ctx) {
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]462 EVP_MD_CTX_copy(self->ctx, initial_ctx);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]463 } else {
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]464 EVP_DigestInit(self->ctx, digest);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]465 }
466
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]467 if (cp && len) {
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]468 if (len >= HASHLIB_GIL_MINSIZE) {
469 Py_BEGIN_ALLOW_THREADS
470 EVP_hash(self, cp, len);
471 Py_END_ALLOW_THREADS
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]472 } else {
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]473 EVP_hash(self, cp, len);
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]474 }
475 }
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]476
477 return (PyObject *)self;
478}
479
480
481/* The module-level function: new() */
482
483PyDoc_STRVAR(EVP_new__doc__,
484"Return a new hash object using the named algorithm.\n\
485An optional string argument may be provided and will be\n\
486automatically hashed.\n\
487\n\
488The MD5 and SHA1 algorithms are always supported.\n");
489
490static PyObject *
491EVP_new(PyObject *self, PyObject *args, PyObject *kwdict)
492{
Martin v. Löwis15e62742006-02-27 16:46:16 +0000[diff] [blame]493 static char *kwlist[] = {"name", "string", NULL};
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]494 PyObject *name_obj = NULL;
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]495 PyObject *data_obj = NULL;
Travis E. Oliphant8ae62b62007-09-23 02:00:13 +0000[diff] [blame]496 Py_buffer view = { 0 };
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]497 PyObject *ret_obj;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]498 char *name;
499 const EVP_MD *digest;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]500
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]501 if (!PyArg_ParseTupleAndKeywords(args, kwdict, "O|O:new", kwlist,
502 &name_obj, &data_obj)) {
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]503 return NULL;
504 }
505
506 if (!PyArg_Parse(name_obj, "s", &name)) {
507 PyErr_SetString(PyExc_TypeError, "name must be a string");
508 return NULL;
509 }
510
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]511 if (data_obj)
Gregory P. Smith365a1862009-02-12 07:35:29 +0000[diff] [blame]512 GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view);
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]513
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]514 digest = EVP_get_digestbyname(name);
515
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]516 ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf, view.len);
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]517
518 if (data_obj)
Martin v. Löwis423be952008-08-13 15:53:07 +0000[diff] [blame]519 PyBuffer_Release(&view);
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]520 return ret_obj;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]521}
522
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]523
524
Christian Heimes351f5392013-10-19 17:59:48 +0200[diff] [blame]525#if (OPENSSL_VERSION_NUMBER >= 0x10000000 && !defined(OPENSSL_NO_HMAC) \
526 && !defined(OPENSSL_NO_SHA))
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]527
Christian Heimese92ef132013-10-13 00:52:43 +0200[diff] [blame]528#define PY_PBKDF2_HMAC 1
529
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]530#if !HAS_FAST_PKCS5_PBKDF2_HMAC
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]531/* Improved implementation of PKCS5_PBKDF2_HMAC()
532 *
533 * PKCS5_PBKDF2_HMAC_fast() hashes the password exactly one time instead of
534 * `iter` times. Today (2013) the iteration count is typically 100,000 or
535 * more. The improved algorithm is not subject to a Denial-of-Service
536 * vulnerability with overly large passwords.
537 *
538 * Also OpenSSL < 1.0 don't provide PKCS5_PBKDF2_HMAC(), only
539 * PKCS5_PBKDF2_SHA1.
540 */
Christian Heimesc6564b92013-10-20 13:23:03 +0200[diff] [blame]541static int
542PKCS5_PBKDF2_HMAC_fast(const char *pass, int passlen,
543 const unsigned char *salt, int saltlen,
544 int iter, const EVP_MD *digest,
545 int keylen, unsigned char *out)
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]546{
547 unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
548 int cplen, j, k, tkeylen, mdlen;
549 unsigned long i = 1;
550 HMAC_CTX hctx_tpl, hctx;
551
552 mdlen = EVP_MD_size(digest);
553 if (mdlen < 0)
554 return 0;
555
556 HMAC_CTX_init(&hctx_tpl);
557 HMAC_CTX_init(&hctx);
558 p = out;
559 tkeylen = keylen;
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]560 if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
561 HMAC_CTX_cleanup(&hctx_tpl);
562 return 0;
563 }
Benjamin Peterson3c0769d2015-09-27 02:13:40 -0700[diff] [blame]564 while (tkeylen) {
565 if (tkeylen > mdlen)
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]566 cplen = mdlen;
567 else
568 cplen = tkeylen;
569 /* We are unlikely to ever use more than 256 blocks (5120 bits!)
570 * but just in case...
571 */
572 itmp[0] = (unsigned char)((i >> 24) & 0xff);
573 itmp[1] = (unsigned char)((i >> 16) & 0xff);
574 itmp[2] = (unsigned char)((i >> 8) & 0xff);
575 itmp[3] = (unsigned char)(i & 0xff);
576 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
577 HMAC_CTX_cleanup(&hctx_tpl);
578 return 0;
579 }
580 if (!HMAC_Update(&hctx, salt, saltlen)
581 || !HMAC_Update(&hctx, itmp, 4)
582 || !HMAC_Final(&hctx, digtmp, NULL)) {
583 HMAC_CTX_cleanup(&hctx_tpl);
584 HMAC_CTX_cleanup(&hctx);
585 return 0;
586 }
Christian Heimes68531082013-11-06 17:25:17 +0100[diff] [blame]587 HMAC_CTX_cleanup(&hctx);
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]588 memcpy(p, digtmp, cplen);
589 for (j = 1; j < iter; j++) {
590 if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
591 HMAC_CTX_cleanup(&hctx_tpl);
592 return 0;
593 }
594 if (!HMAC_Update(&hctx, digtmp, mdlen)
595 || !HMAC_Final(&hctx, digtmp, NULL)) {
596 HMAC_CTX_cleanup(&hctx_tpl);
597 HMAC_CTX_cleanup(&hctx);
598 return 0;
599 }
600 HMAC_CTX_cleanup(&hctx);
601 for (k = 0; k < cplen; k++) {
602 p[k] ^= digtmp[k];
603 }
604 }
605 tkeylen-= cplen;
606 i++;
607 p+= cplen;
608 }
609 HMAC_CTX_cleanup(&hctx_tpl);
610 return 1;
611}
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]612#endif
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]613
614
Christian Heimese92ef132013-10-13 00:52:43 +0200[diff] [blame]615PyDoc_STRVAR(pbkdf2_hmac__doc__,
616"pbkdf2_hmac(hash_name, password, salt, iterations, dklen=None) -> key\n\
617\n\
618Password based key derivation function 2 (PKCS #5 v2.0) with HMAC as\n\
619pseudorandom function.");
620
621static PyObject *
622pbkdf2_hmac(PyObject *self, PyObject *args, PyObject *kwdict)
623{
624 static char *kwlist[] = {"hash_name", "password", "salt", "iterations",
625 "dklen", NULL};
626 PyObject *key_obj = NULL, *dklen_obj = Py_None;
627 char *name, *key;
628 Py_buffer password, salt;
629 long iterations, dklen;
630 int retval;
631 const EVP_MD *digest;
632
633 if (!PyArg_ParseTupleAndKeywords(args, kwdict, "sy*y*l|O:pbkdf2_hmac",
634 kwlist, &name, &password, &salt,
635 &iterations, &dklen_obj)) {
636 return NULL;
637 }
638
639 digest = EVP_get_digestbyname(name);
640 if (digest == NULL) {
641 PyErr_SetString(PyExc_ValueError, "unsupported hash type");
642 goto end;
643 }
644
645 if (password.len > INT_MAX) {
646 PyErr_SetString(PyExc_OverflowError,
647 "password is too long.");
648 goto end;
649 }
650
651 if (salt.len > INT_MAX) {
652 PyErr_SetString(PyExc_OverflowError,
653 "salt is too long.");
654 goto end;
655 }
656
657 if (iterations < 1) {
658 PyErr_SetString(PyExc_ValueError,
659 "iteration value must be greater than 0.");
660 goto end;
661 }
662 if (iterations > INT_MAX) {
663 PyErr_SetString(PyExc_OverflowError,
664 "iteration value is too great.");
665 goto end;
666 }
667
668 if (dklen_obj == Py_None) {
669 dklen = EVP_MD_size(digest);
670 } else {
671 dklen = PyLong_AsLong(dklen_obj);
672 if ((dklen == -1) && PyErr_Occurred()) {
673 goto end;
674 }
675 }
676 if (dklen < 1) {
677 PyErr_SetString(PyExc_ValueError,
678 "key length must be greater than 0.");
679 goto end;
680 }
681 if (dklen > INT_MAX) {
682 /* INT_MAX is always smaller than dkLen max (2^32 - 1) * hLen */
683 PyErr_SetString(PyExc_OverflowError,
684 "key length is too great.");
685 goto end;
686 }
687
688 key_obj = PyBytes_FromStringAndSize(NULL, dklen);
689 if (key_obj == NULL) {
690 goto end;
691 }
692 key = PyBytes_AS_STRING(key_obj);
693
694 Py_BEGIN_ALLOW_THREADS
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]695#if HAS_FAST_PKCS5_PBKDF2_HMAC
696 retval = PKCS5_PBKDF2_HMAC((char*)password.buf, (int)password.len,
697 (unsigned char *)salt.buf, (int)salt.len,
698 iterations, digest, dklen,
699 (unsigned char *)key);
700#else
Victor Stinnerc1a57d32013-11-16 00:27:16 +0100[diff] [blame]701 retval = PKCS5_PBKDF2_HMAC_fast((char*)password.buf, (int)password.len,
Christian Heimescc6cdce2013-11-18 09:59:44 +0100[diff] [blame]702 (unsigned char *)salt.buf, (int)salt.len,
Christian Heimese7236222013-10-19 14:24:44 +0200[diff] [blame]703 iterations, digest, dklen,
704 (unsigned char *)key);
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]705#endif
Christian Heimese92ef132013-10-13 00:52:43 +0200[diff] [blame]706 Py_END_ALLOW_THREADS
707
708 if (!retval) {
709 Py_CLEAR(key_obj);
710 _setException(PyExc_ValueError);
711 goto end;
712 }
713
714 end:
715 PyBuffer_Release(&password);
716 PyBuffer_Release(&salt);
717 return key_obj;
718}
719
720#endif
Gregory P. Smith13b55292010-09-06 08:30:23 +0000[diff] [blame]721
Christian Heimes39093e92016-09-06 20:22:28 +0200[diff] [blame]722#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_SCRYPT) && !defined(LIBRESSL_VERSION_NUMBER)
723#define PY_SCRYPT 1
724
725/*[clinic input]
726_hashlib.scrypt
727
728 password: Py_buffer
729 *
730 salt: Py_buffer = None
731 n as n_obj: object(subclass_of='&PyLong_Type') = None
732 r as r_obj: object(subclass_of='&PyLong_Type') = None
733 p as p_obj: object(subclass_of='&PyLong_Type') = None
734 maxmem: long = 0
735 dklen: long = 64
736
737
738scrypt password-based key derivation function.
739[clinic start generated code]*/
740
741static PyObject *
742_hashlib_scrypt_impl(PyObject *module, Py_buffer *password, Py_buffer *salt,
743 PyObject *n_obj, PyObject *r_obj, PyObject *p_obj,
744 long maxmem, long dklen)
745/*[clinic end generated code: output=14849e2aa2b7b46c input=48a7d63bf3f75c42]*/
746{
747 PyObject *key_obj = NULL;
748 char *key;
749 int retval;
750 unsigned long n, r, p;
751
752 if (password->len > INT_MAX) {
753 PyErr_SetString(PyExc_OverflowError,
754 "password is too long.");
755 return NULL;
756 }
757
758 if (salt->buf == NULL) {
759 PyErr_SetString(PyExc_TypeError,
760 "salt is required");
761 return NULL;
762 }
763 if (salt->len > INT_MAX) {
764 PyErr_SetString(PyExc_OverflowError,
765 "salt is too long.");
766 return NULL;
767 }
768
769 n = PyLong_AsUnsignedLong(n_obj);
770 if (n == (unsigned long) -1 && PyErr_Occurred()) {
771 PyErr_SetString(PyExc_TypeError,
772 "n is required and must be an unsigned int");
773 return NULL;
774 }
775 if (n < 2 || n & (n - 1)) {
776 PyErr_SetString(PyExc_ValueError,
777 "n must be a power of 2.");
778 return NULL;
779 }
780
781 r = PyLong_AsUnsignedLong(r_obj);
782 if (r == (unsigned long) -1 && PyErr_Occurred()) {
783 PyErr_SetString(PyExc_TypeError,
784 "r is required and must be an unsigned int");
785 return NULL;
786 }
787
788 p = PyLong_AsUnsignedLong(p_obj);
789 if (p == (unsigned long) -1 && PyErr_Occurred()) {
790 PyErr_SetString(PyExc_TypeError,
791 "p is required and must be an unsigned int");
792 return NULL;
793 }
794
795 if (maxmem < 0 || maxmem > INT_MAX) {
796 /* OpenSSL 1.1.0 restricts maxmem to 32MB. It may change in the
797 future. The maxmem constant is private to OpenSSL. */
798 PyErr_Format(PyExc_ValueError,
799 "maxmem must be positive and smaller than %d",
800 INT_MAX);
801 return NULL;
802 }
803
804 if (dklen < 1 || dklen > INT_MAX) {
805 PyErr_Format(PyExc_ValueError,
806 "dklen must be greater than 0 and smaller than %d",
807 INT_MAX);
808 return NULL;
809 }
810
811 /* let OpenSSL validate the rest */
812 retval = EVP_PBE_scrypt(NULL, 0, NULL, 0, n, r, p, maxmem, NULL, 0);
813 if (!retval) {
814 /* sorry, can't do much better */
815 PyErr_SetString(PyExc_ValueError,
816 "Invalid paramemter combination for n, r, p, maxmem.");
817 return NULL;
818 }
819
820 key_obj = PyBytes_FromStringAndSize(NULL, dklen);
821 if (key_obj == NULL) {
822 return NULL;
823 }
824 key = PyBytes_AS_STRING(key_obj);
825
826 Py_BEGIN_ALLOW_THREADS
827 retval = EVP_PBE_scrypt(
828 (const char*)password->buf, (size_t)password->len,
829 (const unsigned char *)salt->buf, (size_t)salt->len,
830 n, r, p, maxmem,
831 (unsigned char *)key, (size_t)dklen
832 );
833 Py_END_ALLOW_THREADS
834
835 if (!retval) {
836 Py_CLEAR(key_obj);
837 _setException(PyExc_ValueError);
838 return NULL;
839 }
840 return key_obj;
841}
842#endif
843
Gregory P. Smith13b55292010-09-06 08:30:23 +0000[diff] [blame]844/* State for our callback function so that it can accumulate a result. */
845typedef struct _internal_name_mapper_state {
846 PyObject *set;
847 int error;
848} _InternalNameMapperState;
849
850
851/* A callback function to pass to OpenSSL's OBJ_NAME_do_all(...) */
852static void
853_openssl_hash_name_mapper(const OBJ_NAME *openssl_obj_name, void *arg)
854{
855 _InternalNameMapperState *state = (_InternalNameMapperState *)arg;
856 PyObject *py_name;
857
858 assert(state != NULL);
859 if (openssl_obj_name == NULL)
860 return;
861 /* Ignore aliased names, they pollute the list and OpenSSL appears to
Martin Panter7462b6492015-11-02 03:37:02 +0000[diff] [blame]862 * have its own definition of alias as the resulting list still
Gregory P. Smith13b55292010-09-06 08:30:23 +0000[diff] [blame]863 * contains duplicate and alternate names for several algorithms. */
864 if (openssl_obj_name->alias)
865 return;
866
867 py_name = PyUnicode_FromString(openssl_obj_name->name);
868 if (py_name == NULL) {
869 state->error = 1;
870 } else {
871 if (PySet_Add(state->set, py_name) != 0) {
Gregory P. Smith13b55292010-09-06 08:30:23 +0000[diff] [blame]872 state->error = 1;
873 }
Christian Heimesdb816d62013-10-29 12:14:55 +0100[diff] [blame]874 Py_DECREF(py_name);
Gregory P. Smith13b55292010-09-06 08:30:23 +0000[diff] [blame]875 }
876}
877
878
879/* Ask OpenSSL for a list of supported ciphers, filling in a Python set. */
880static PyObject*
881generate_hash_name_list(void)
882{
883 _InternalNameMapperState state;
884 state.set = PyFrozenSet_New(NULL);
885 if (state.set == NULL)
886 return NULL;
887 state.error = 0;
888
889 OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, &_openssl_hash_name_mapper, &state);
890
891 if (state.error) {
892 Py_DECREF(state.set);
893 return NULL;
894 }
895 return state.set;
896}
897
898
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]899/*
900 * This macro generates constructor function definitions for specific
901 * hash algorithms. These constructors are much faster than calling
Raymond Hettinger15f44ab2016-08-30 10:47:49 -0700[diff] [blame]902 * the generic one passing it a python string and are noticeably
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]903 * faster than calling a python new() wrapper. Thats important for
904 * code that wants to make hashes of a bunch of small strings.
905 */
906#define GEN_CONSTRUCTOR(NAME) \
907 static PyObject * \
908 EVP_new_ ## NAME (PyObject *self, PyObject *args) \
909 { \
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]910 PyObject *data_obj = NULL; \
Travis E. Oliphant8ae62b62007-09-23 02:00:13 +0000[diff] [blame]911 Py_buffer view = { 0 }; \
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]912 PyObject *ret_obj; \
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]913 \
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]914 if (!PyArg_ParseTuple(args, "|O:" #NAME , &data_obj)) { \
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]915 return NULL; \
916 } \
917 \
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]918 if (data_obj) \
Gregory P. Smith365a1862009-02-12 07:35:29 +0000[diff] [blame]919 GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view); \
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]920 \
921 ret_obj = EVPnew( \
922 CONST_ ## NAME ## _name_obj, \
923 NULL, \
924 CONST_new_ ## NAME ## _ctx_p, \
925 (unsigned char*)view.buf, \
Benjamin Peterson78cb4912008-09-24 22:53:33 +0000[diff] [blame]926 view.len); \
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]927 \
928 if (data_obj) \
Martin v. Löwis423be952008-08-13 15:53:07 +0000[diff] [blame]929 PyBuffer_Release(&view); \
Gregory P. Smith9406f5c2007-08-26 02:58:36 +0000[diff] [blame]930 return ret_obj; \
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]931 }
932
933/* a PyMethodDef structure for the constructor */
934#define CONSTRUCTOR_METH_DEF(NAME) \
935 {"openssl_" #NAME, (PyCFunction)EVP_new_ ## NAME, METH_VARARGS, \
936 PyDoc_STR("Returns a " #NAME \
937 " hash object; optionally initialized with a string") \
938 }
939
Gregory P. Smithaded2e52013-02-01 17:05:29 -0800[diff] [blame]940/* used in the init function to setup a constructor: initialize OpenSSL
941 constructor constants if they haven't been initialized already. */
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]942#define INIT_CONSTRUCTOR_CONSTANTS(NAME) do { \
Gregory P. Smithaded2e52013-02-01 17:05:29 -0800[diff] [blame]943 if (CONST_ ## NAME ## _name_obj == NULL) { \
944 CONST_ ## NAME ## _name_obj = PyUnicode_FromString(#NAME); \
945 if (EVP_get_digestbyname(#NAME)) { \
Christian Heimes598894f2016-09-05 23:19:05 +0200[diff] [blame]946 CONST_new_ ## NAME ## _ctx_p = EVP_MD_CTX_new(); \
Gregory P. Smithaded2e52013-02-01 17:05:29 -0800[diff] [blame]947 EVP_DigestInit(CONST_new_ ## NAME ## _ctx_p, EVP_get_digestbyname(#NAME)); \
948 } \
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]949 } \
950} while (0);
951
952GEN_CONSTRUCTOR(md5)
953GEN_CONSTRUCTOR(sha1)
954GEN_CONSTRUCTOR(sha224)
955GEN_CONSTRUCTOR(sha256)
956GEN_CONSTRUCTOR(sha384)
957GEN_CONSTRUCTOR(sha512)
958
959/* List of functions exported by this module */
960
961static struct PyMethodDef EVP_functions[] = {
962 {"new", (PyCFunction)EVP_new, METH_VARARGS|METH_KEYWORDS, EVP_new__doc__},
Christian Heimese92ef132013-10-13 00:52:43 +0200[diff] [blame]963#ifdef PY_PBKDF2_HMAC
964 {"pbkdf2_hmac", (PyCFunction)pbkdf2_hmac, METH_VARARGS|METH_KEYWORDS,
965 pbkdf2_hmac__doc__},
966#endif
Christian Heimes39093e92016-09-06 20:22:28 +0200[diff] [blame]967 _HASHLIB_SCRYPT_METHODDEF
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]968 CONSTRUCTOR_METH_DEF(md5),
969 CONSTRUCTOR_METH_DEF(sha1),
970 CONSTRUCTOR_METH_DEF(sha224),
971 CONSTRUCTOR_METH_DEF(sha256),
972 CONSTRUCTOR_METH_DEF(sha384),
973 CONSTRUCTOR_METH_DEF(sha512),
Alexander Belopolskyf0f45142010-08-11 17:31:17 +0000[diff] [blame]974 {NULL, NULL} /* Sentinel */
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]975};
976
977
978/* Initialize this module. */
979
Martin v. Löwis1a214512008-06-11 05:26:20 +0000[diff] [blame]980
981static struct PyModuleDef _hashlibmodule = {
Antoine Pitroubcd5cbe2009-01-08 21:17:16 +0000[diff] [blame]982 PyModuleDef_HEAD_INIT,
983 "_hashlib",
984 NULL,
985 -1,
986 EVP_functions,
987 NULL,
988 NULL,
989 NULL,
990 NULL
Martin v. Löwis1a214512008-06-11 05:26:20 +0000[diff] [blame]991};
992
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]993PyMODINIT_FUNC
Martin v. Löwis1a214512008-06-11 05:26:20 +0000[diff] [blame]994PyInit__hashlib(void)
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]995{
Gregory P. Smith13b55292010-09-06 08:30:23 +0000[diff] [blame]996 PyObject *m, *openssl_md_meth_names;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]997
998 OpenSSL_add_all_digests();
Christian Heimesb7ddbc82013-10-21 19:48:22 +0200[diff] [blame]999 ERR_load_crypto_strings();
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1000
1001 /* TODO build EVP_functions openssl_* entries dynamically based
1002 * on what hashes are supported rather than listing many
1003 * but having some be unsupported. Only init appropriate
1004 * constants. */
1005
Christian Heimes90aa7642007-12-19 02:45:37 +0000[diff] [blame]1006 Py_TYPE(&EVPtype) = &PyType_Type;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1007 if (PyType_Ready(&EVPtype) < 0)
Martin v. Löwis1a214512008-06-11 05:26:20 +0000[diff] [blame]1008 return NULL;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1009
Martin v. Löwis1a214512008-06-11 05:26:20 +0000[diff] [blame]1010 m = PyModule_Create(&_hashlibmodule);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1011 if (m == NULL)
Martin v. Löwis1a214512008-06-11 05:26:20 +0000[diff] [blame]1012 return NULL;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1013
Gregory P. Smith13b55292010-09-06 08:30:23 +0000[diff] [blame]1014 openssl_md_meth_names = generate_hash_name_list();
1015 if (openssl_md_meth_names == NULL) {
1016 Py_DECREF(m);
1017 return NULL;
1018 }
1019 if (PyModule_AddObject(m, "openssl_md_meth_names", openssl_md_meth_names)) {
1020 Py_DECREF(m);
1021 return NULL;
1022 }
1023
Christian Heimes327dd732013-10-22 15:05:23 +0200[diff] [blame]1024 Py_INCREF((PyObject *)&EVPtype);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1025 PyModule_AddObject(m, "HASH", (PyObject *)&EVPtype);
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1026
1027 /* these constants are used by the convenience constructors */
1028 INIT_CONSTRUCTOR_CONSTANTS(md5);
1029 INIT_CONSTRUCTOR_CONSTANTS(sha1);
1030 INIT_CONSTRUCTOR_CONSTANTS(sha224);
1031 INIT_CONSTRUCTOR_CONSTANTS(sha256);
1032 INIT_CONSTRUCTOR_CONSTANTS(sha384);
1033 INIT_CONSTRUCTOR_CONSTANTS(sha512);
Martin v. Löwis1a214512008-06-11 05:26:20 +0000[diff] [blame]1034 return m;
Gregory P. Smithf21a5f72005-08-21 18:45:59 +0000[diff] [blame]1035}