1 /* Module that wraps all OpenSSL hash algorithms */
2
3 /*
4 * Copyright (C) 2005-2010 Gregory P. Smith (greg@krypto.org)
5 * Licensed to PSF under a Contributor Agreement.
6 *
7 * Derived from a skeleton of shamodule.c containing work performed by:
8 *
9 * Andrew Kuchling (amk@amk.ca)
10 * Greg Stein (gstein@lyra.org)
11 *
12 */
13
14 #define PY_SSIZE_T_CLEAN
15
16 #include "Python.h"
17 #include "structmember.h"
18 #include "hashlib.h"
19 #include "pystrhex.h"
20
21
22 /* EVP is the preferred interface to hashing in OpenSSL */
23 #include <openssl/evp.h>
24 #include <openssl/hmac.h>
25 /* We use the object interface to discover what hashes OpenSSL supports. */
26 #include <openssl/objects.h>
27 #include "openssl/err.h"
28
29 #ifndef OPENSSL_THREADS
30 # error "OPENSSL_THREADS is not defined, Python requires thread-safe OpenSSL"
31 #endif
32
33 #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
34 /* OpenSSL < 1.1.0 */
35 #define EVP_MD_CTX_new EVP_MD_CTX_create
36 #define EVP_MD_CTX_free EVP_MD_CTX_destroy
37 #endif
38
39 #define MUNCH_SIZE INT_MAX
40
41 #ifdef NID_sha3_224
42 #define PY_OPENSSL_HAS_SHA3 1
43 #endif
44
45 #if defined(EVP_MD_FLAG_XOF) && defined(NID_shake128)
46 #define PY_OPENSSL_HAS_SHAKE 1
47 #endif
48
49 #if defined(NID_blake2b512) && !defined(OPENSSL_NO_BLAKE2)
50 #define PY_OPENSSL_HAS_BLAKE2 1
51 #endif
52
53 typedef struct {
54 PyObject_HEAD
55 EVP_MD_CTX *ctx; /* OpenSSL message digest context */
56 PyThread_type_lock lock; /* OpenSSL context lock */
57 } EVPobject;
58
59
60 static PyTypeObject EVPtype;
61
62 #include "clinic/_hashopenssl.c.h"
63 /*[clinic input]
64 module _hashlib
65 class _hashlib.HASH "EVPobject *" "&EVPtype"
66 [clinic start generated code]*/
67 /*[clinic end generated code: output=da39a3ee5e6b4b0d input=a881a5092eecad28]*/
68
69
70 /* LCOV_EXCL_START */
71 static PyObject *
_setException(PyObject * exc)72 _setException(PyObject *exc)
73 {
74 unsigned long errcode;
75 const char *lib, *func, *reason;
76
77 errcode = ERR_peek_last_error();
78 if (!errcode) {
79 PyErr_SetString(exc, "unknown reasons");
80 return NULL;
81 }
82 ERR_clear_error();
83
84 lib = ERR_lib_error_string(errcode);
85 func = ERR_func_error_string(errcode);
86 reason = ERR_reason_error_string(errcode);
87
88 if (lib && func) {
89 PyErr_Format(exc, "[%s: %s] %s", lib, func, reason);
90 }
91 else if (lib) {
92 PyErr_Format(exc, "[%s] %s", lib, reason);
93 }
94 else {
95 PyErr_SetString(exc, reason);
96 }
97 return NULL;
98 }
99 /* LCOV_EXCL_STOP */
100
101 static PyObject*
py_digest_name(const EVP_MD * md)102 py_digest_name(const EVP_MD *md)
103 {
104 int nid = EVP_MD_nid(md);
105 const char *name = NULL;
106
107 /* Hard-coded names for well-known hashing algorithms.
108 * OpenSSL uses slightly different names algorithms like SHA3.
109 */
110 switch (nid) {
111 case NID_md5:
112 name = "md5";
113 break;
114 case NID_sha1:
115 name = "sha1";
116 break;
117 case NID_sha224:
118 name ="sha224";
119 break;
120 case NID_sha256:
121 name ="sha256";
122 break;
123 case NID_sha384:
124 name ="sha384";
125 break;
126 case NID_sha512:
127 name ="sha512";
128 break;
129 #ifdef NID_sha512_224
130 case NID_sha512_224:
131 name ="sha512_224";
132 break;
133 case NID_sha512_256:
134 name ="sha512_256";
135 break;
136 #endif
137 #ifdef PY_OPENSSL_HAS_SHA3
138 case NID_sha3_224:
139 name ="sha3_224";
140 break;
141 case NID_sha3_256:
142 name ="sha3_256";
143 break;
144 case NID_sha3_384:
145 name ="sha3_384";
146 break;
147 case NID_sha3_512:
148 name ="sha3_512";
149 break;
150 #endif
151 #ifdef PY_OPENSSL_HAS_SHAKE
152 case NID_shake128:
153 name ="shake_128";
154 break;
155 case NID_shake256:
156 name ="shake_256";
157 break;
158 #endif
159 #ifdef PY_OPENSSL_HAS_BLAKE2
160 case NID_blake2s256:
161 name ="blake2s";
162 break;
163 case NID_blake2b512:
164 name ="blake2b";
165 break;
166 #endif
167 default:
168 /* Ignore aliased names and only use long, lowercase name. The aliases
169 * pollute the list and OpenSSL appears to have its own definition of
170 * alias as the resulting list still contains duplicate and alternate
171 * names for several algorithms.
172 */
173 name = OBJ_nid2ln(nid);
174 if (name == NULL)
175 name = OBJ_nid2sn(nid);
176 break;
177 }
178
179 return PyUnicode_FromString(name);
180 }
181
182 static const EVP_MD*
py_digest_by_name(const char * name)183 py_digest_by_name(const char *name)
184 {
185 const EVP_MD *digest = EVP_get_digestbyname(name);
186
187 /* OpenSSL uses dash instead of underscore in names of some algorithms
188 * like SHA3 and SHAKE. Detect different spellings. */
189 if (digest == NULL) {
190 if (0) {}
191 #ifdef NID_sha512_224
192 else if (!strcmp(name, "sha512_224") || !strcmp(name, "SHA512_224")) {
193 digest = EVP_sha512_224();
194 }
195 else if (!strcmp(name, "sha512_256") || !strcmp(name, "SHA512_256")) {
196 digest = EVP_sha512_256();
197 }
198 #endif
199 #ifdef PY_OPENSSL_HAS_SHA3
200 /* could be sha3_ or shake_, Python never defined upper case */
201 else if (!strcmp(name, "sha3_224")) {
202 digest = EVP_sha3_224();
203 }
204 else if (!strcmp(name, "sha3_256")) {
205 digest = EVP_sha3_256();
206 }
207 else if (!strcmp(name, "sha3_384")) {
208 digest = EVP_sha3_384();
209 }
210 else if (!strcmp(name, "sha3_512")) {
211 digest = EVP_sha3_512();
212 }
213 #endif
214 #ifdef PY_OPENSSL_HAS_SHAKE
215 else if (!strcmp(name, "shake_128")) {
216 digest = EVP_shake128();
217 }
218 else if (!strcmp(name, "shake_256")) {
219 digest = EVP_shake256();
220 }
221 #endif
222 #ifdef PY_OPENSSL_HAS_BLAKE2
223 else if (!strcmp(name, "blake2s256")) {
224 digest = EVP_blake2s256();
225 }
226 else if (!strcmp(name, "blake2b512")) {
227 digest = EVP_blake2b512();
228 }
229 #endif
230 }
231
232 return digest;
233 }
234
235 static EVPobject *
newEVPobject(void)236 newEVPobject(void)
237 {
238 EVPobject *retval = (EVPobject *)PyObject_New(EVPobject, &EVPtype);
239 if (retval == NULL) {
240 return NULL;
241 }
242
243 retval->lock = NULL;
244
245 retval->ctx = EVP_MD_CTX_new();
246 if (retval->ctx == NULL) {
247 Py_DECREF(retval);
248 PyErr_NoMemory();
249 return NULL;
250 }
251
252 return retval;
253 }
254
255 static int
EVP_hash(EVPobject * self,const void * vp,Py_ssize_t len)256 EVP_hash(EVPobject *self, const void *vp, Py_ssize_t len)
257 {
258 unsigned int process;
259 const unsigned char *cp = (const unsigned char *)vp;
260 while (0 < len) {
261 if (len > (Py_ssize_t)MUNCH_SIZE)
262 process = MUNCH_SIZE;
263 else
264 process = Py_SAFE_DOWNCAST(len, Py_ssize_t, unsigned int);
265 if (!EVP_DigestUpdate(self->ctx, (const void*)cp, process)) {
266 _setException(PyExc_ValueError);
267 return -1;
268 }
269 len -= process;
270 cp += process;
271 }
272 return 0;
273 }
274
275 /* Internal methods for a hash object */
276
277 static void
EVP_dealloc(EVPobject * self)278 EVP_dealloc(EVPobject *self)
279 {
280 if (self->lock != NULL)
281 PyThread_free_lock(self->lock);
282 EVP_MD_CTX_free(self->ctx);
283 PyObject_Del(self);
284 }
285
286 static int
locked_EVP_MD_CTX_copy(EVP_MD_CTX * new_ctx_p,EVPobject * self)287 locked_EVP_MD_CTX_copy(EVP_MD_CTX *new_ctx_p, EVPobject *self)
288 {
289 int result;
290 ENTER_HASHLIB(self);
291 result = EVP_MD_CTX_copy(new_ctx_p, self->ctx);
292 LEAVE_HASHLIB(self);
293 return result;
294 }
295
296 /* External methods for a hash object */
297
298 /*[clinic input]
299 _hashlib.HASH.copy as EVP_copy
300
301 Return a copy of the hash object.
302 [clinic start generated code]*/
303
304 static PyObject *
EVP_copy_impl(EVPobject * self)305 EVP_copy_impl(EVPobject *self)
306 /*[clinic end generated code: output=b370c21cdb8ca0b4 input=31455b6a3e638069]*/
307 {
308 EVPobject *newobj;
309
310 if ( (newobj = newEVPobject())==NULL)
311 return NULL;
312
313 if (!locked_EVP_MD_CTX_copy(newobj->ctx, self)) {
314 Py_DECREF(newobj);
315 return _setException(PyExc_ValueError);
316 }
317 return (PyObject *)newobj;
318 }
319
320 /*[clinic input]
321 _hashlib.HASH.digest as EVP_digest
322
323 Return the digest value as a bytes object.
324 [clinic start generated code]*/
325
326 static PyObject *
EVP_digest_impl(EVPobject * self)327 EVP_digest_impl(EVPobject *self)
328 /*[clinic end generated code: output=0f6a3a0da46dc12d input=03561809a419bf00]*/
329 {
330 unsigned char digest[EVP_MAX_MD_SIZE];
331 EVP_MD_CTX *temp_ctx;
332 PyObject *retval;
333 unsigned int digest_size;
334
335 temp_ctx = EVP_MD_CTX_new();
336 if (temp_ctx == NULL) {
337 PyErr_NoMemory();
338 return NULL;
339 }
340
341 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
342 return _setException(PyExc_ValueError);
343 }
344 digest_size = EVP_MD_CTX_size(temp_ctx);
345 if (!EVP_DigestFinal(temp_ctx, digest, NULL)) {
346 _setException(PyExc_ValueError);
347 return NULL;
348 }
349
350 retval = PyBytes_FromStringAndSize((const char *)digest, digest_size);
351 EVP_MD_CTX_free(temp_ctx);
352 return retval;
353 }
354
355 /*[clinic input]
356 _hashlib.HASH.hexdigest as EVP_hexdigest
357
358 Return the digest value as a string of hexadecimal digits.
359 [clinic start generated code]*/
360
361 static PyObject *
EVP_hexdigest_impl(EVPobject * self)362 EVP_hexdigest_impl(EVPobject *self)
363 /*[clinic end generated code: output=18e6decbaf197296 input=aff9cf0e4c741a9a]*/
364 {
365 unsigned char digest[EVP_MAX_MD_SIZE];
366 EVP_MD_CTX *temp_ctx;
367 unsigned int digest_size;
368
369 temp_ctx = EVP_MD_CTX_new();
370 if (temp_ctx == NULL) {
371 PyErr_NoMemory();
372 return NULL;
373 }
374
375 /* Get the raw (binary) digest value */
376 if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {
377 return _setException(PyExc_ValueError);
378 }
379 digest_size = EVP_MD_CTX_size(temp_ctx);
380 if (!EVP_DigestFinal(temp_ctx, digest, NULL)) {
381 _setException(PyExc_ValueError);
382 return NULL;
383 }
384
385 EVP_MD_CTX_free(temp_ctx);
386
387 return _Py_strhex((const char *)digest, (Py_ssize_t)digest_size);
388 }
389
390 /*[clinic input]
391 _hashlib.HASH.update as EVP_update
392
393 obj: object
394 /
395
396 Update this hash object's state with the provided string.
397 [clinic start generated code]*/
398
399 static PyObject *
EVP_update(EVPobject * self,PyObject * obj)400 EVP_update(EVPobject *self, PyObject *obj)
401 /*[clinic end generated code: output=ec1d55ed2432e966 input=9b30ec848f015501]*/
402 {
403 int result;
404 Py_buffer view;
405
406 GET_BUFFER_VIEW_OR_ERROUT(obj, &view);
407
408 if (self->lock == NULL && view.len >= HASHLIB_GIL_MINSIZE) {
409 self->lock = PyThread_allocate_lock();
410 /* fail? lock = NULL and we fail over to non-threaded code. */
411 }
412
413 if (self->lock != NULL) {
414 Py_BEGIN_ALLOW_THREADS
415 PyThread_acquire_lock(self->lock, 1);
416 result = EVP_hash(self, view.buf, view.len);
417 PyThread_release_lock(self->lock);
418 Py_END_ALLOW_THREADS
419 } else {
420 result = EVP_hash(self, view.buf, view.len);
421 }
422
423 PyBuffer_Release(&view);
424
425 if (result == -1)
426 return NULL;
427 Py_RETURN_NONE;
428 }
429
430 static PyMethodDef EVP_methods[] = {
431 EVP_UPDATE_METHODDEF
432 EVP_DIGEST_METHODDEF
433 EVP_HEXDIGEST_METHODDEF
434 EVP_COPY_METHODDEF
435 {NULL, NULL} /* sentinel */
436 };
437
438 static PyObject *
EVP_get_block_size(EVPobject * self,void * closure)439 EVP_get_block_size(EVPobject *self, void *closure)
440 {
441 long block_size;
442 block_size = EVP_MD_CTX_block_size(self->ctx);
443 return PyLong_FromLong(block_size);
444 }
445
446 static PyObject *
EVP_get_digest_size(EVPobject * self,void * closure)447 EVP_get_digest_size(EVPobject *self, void *closure)
448 {
449 long size;
450 size = EVP_MD_CTX_size(self->ctx);
451 return PyLong_FromLong(size);
452 }
453
454 static PyObject *
EVP_get_name(EVPobject * self,void * closure)455 EVP_get_name(EVPobject *self, void *closure)
456 {
457 return py_digest_name(EVP_MD_CTX_md(self->ctx));
458 }
459
460 static PyGetSetDef EVP_getseters[] = {
461 {"digest_size",
462 (getter)EVP_get_digest_size, NULL,
463 NULL,
464 NULL},
465 {"block_size",
466 (getter)EVP_get_block_size, NULL,
467 NULL,
468 NULL},
469 {"name",
470 (getter)EVP_get_name, NULL,
471 NULL,
472 PyDoc_STR("algorithm name.")},
473 {NULL} /* Sentinel */
474 };
475
476
477 static PyObject *
EVP_repr(EVPobject * self)478 EVP_repr(EVPobject *self)
479 {
480 PyObject *name_obj, *repr;
481 name_obj = py_digest_name(EVP_MD_CTX_md(self->ctx));
482 if (!name_obj) {
483 return NULL;
484 }
485 repr = PyUnicode_FromFormat("<%U HASH object @ %p>", name_obj, self);
486 Py_DECREF(name_obj);
487 return repr;
488 }
489
490 PyDoc_STRVAR(hashtype_doc,
491 "HASH(name, string=b\'\')\n"
492 "--\n"
493 "\n"
494 "A hash is an object used to calculate a checksum of a string of information.\n"
495 "\n"
496 "Methods:\n"
497 "\n"
498 "update() -- updates the current digest with an additional string\n"
499 "digest() -- return the current digest value\n"
500 "hexdigest() -- return the current digest as a string of hexadecimal digits\n"
501 "copy() -- return a copy of the current hash object\n"
502 "\n"
503 "Attributes:\n"
504 "\n"
505 "name -- the hash algorithm being used by this object\n"
506 "digest_size -- number of bytes in this hashes output");
507
508 static PyTypeObject EVPtype = {
509 PyVarObject_HEAD_INIT(NULL, 0)
510 "_hashlib.HASH", /*tp_name*/
511 sizeof(EVPobject), /*tp_basicsize*/
512 0, /*tp_itemsize*/
513 /* methods */
514 (destructor)EVP_dealloc, /*tp_dealloc*/
515 0, /*tp_vectorcall_offset*/
516 0, /*tp_getattr*/
517 0, /*tp_setattr*/
518 0, /*tp_as_async*/
519 (reprfunc)EVP_repr, /*tp_repr*/
520 0, /*tp_as_number*/
521 0, /*tp_as_sequence*/
522 0, /*tp_as_mapping*/
523 0, /*tp_hash*/
524 0, /*tp_call*/
525 0, /*tp_str*/
526 0, /*tp_getattro*/
527 0, /*tp_setattro*/
528 0, /*tp_as_buffer*/
529 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, /*tp_flags*/
530 hashtype_doc, /*tp_doc*/
531 0, /*tp_traverse*/
532 0, /*tp_clear*/
533 0, /*tp_richcompare*/
534 0, /*tp_weaklistoffset*/
535 0, /*tp_iter*/
536 0, /*tp_iternext*/
537 EVP_methods, /* tp_methods */
538 NULL, /* tp_members */
539 EVP_getseters, /* tp_getset */
540 0, /* tp_base */
541 0, /* tp_dict */
542 0, /* tp_descr_get */
543 0, /* tp_descr_set */
544 0, /* tp_dictoffset */
545 };
546
547 \
548 static PyObject *
EVPnew(const EVP_MD * digest,const unsigned char * cp,Py_ssize_t len)549 EVPnew(const EVP_MD *digest,
550 const unsigned char *cp, Py_ssize_t len)
551 {
552 int result = 0;
553 EVPobject *self;
554
555 if (!digest) {
556 PyErr_SetString(PyExc_ValueError, "unsupported hash type");
557 return NULL;
558 }
559
560 if ((self = newEVPobject()) == NULL)
561 return NULL;
562
563 if (!EVP_DigestInit_ex(self->ctx, digest, NULL)) {
564 _setException(PyExc_ValueError);
565 Py_DECREF(self);
566 return NULL;
567 }
568
569 if (cp && len) {
570 if (len >= HASHLIB_GIL_MINSIZE) {
571 Py_BEGIN_ALLOW_THREADS
572 result = EVP_hash(self, cp, len);
573 Py_END_ALLOW_THREADS
574 } else {
575 result = EVP_hash(self, cp, len);
576 }
577 if (result == -1) {
578 Py_DECREF(self);
579 return NULL;
580 }
581 }
582
583 return (PyObject *)self;
584 }
585
586
587 /* The module-level function: new() */
588
589 /*[clinic input]
590 _hashlib.new as EVP_new
591
592 name as name_obj: object
593 string as data_obj: object(c_default="NULL") = b''
594
595 Return a new hash object using the named algorithm.
596
597 An optional string argument may be provided and will be
598 automatically hashed.
599
600 The MD5 and SHA1 algorithms are always supported.
601 [clinic start generated code]*/
602
603 static PyObject *
EVP_new_impl(PyObject * module,PyObject * name_obj,PyObject * data_obj)604 EVP_new_impl(PyObject *module, PyObject *name_obj, PyObject *data_obj)
605 /*[clinic end generated code: output=9e7cf664e04b0226 input=7eb79bf30058bd02]*/
606 {
607 Py_buffer view = { 0 };
608 PyObject *ret_obj;
609 char *name;
610 const EVP_MD *digest;
611
612 if (!PyArg_Parse(name_obj, "s", &name)) {
613 PyErr_SetString(PyExc_TypeError, "name must be a string");
614 return NULL;
615 }
616
617 if (data_obj)
618 GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view);
619
620 digest = py_digest_by_name(name);
621
622 ret_obj = EVPnew(digest, (unsigned char*)view.buf, view.len);
623
624 if (data_obj)
625 PyBuffer_Release(&view);
626 return ret_obj;
627 }
628
629 static PyObject*
EVP_fast_new(PyObject * module,PyObject * data_obj,const EVP_MD * digest)630 EVP_fast_new(PyObject *module, PyObject *data_obj, const EVP_MD *digest)
631 {
632 Py_buffer view = { 0 };
633 PyObject *ret_obj;
634
635 if (data_obj)
636 GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view);
637
638 ret_obj = EVPnew(digest, (unsigned char*)view.buf, view.len);
639
640 if (data_obj)
641 PyBuffer_Release(&view);
642
643 return ret_obj;
644 }
645
646 /*[clinic input]
647 _hashlib.openssl_md5
648
649 string as data_obj: object(py_default="b''") = NULL
650
651 Returns a md5 hash object; optionally initialized with a string
652
653 [clinic start generated code]*/
654
655 static PyObject *
_hashlib_openssl_md5_impl(PyObject * module,PyObject * data_obj)656 _hashlib_openssl_md5_impl(PyObject *module, PyObject *data_obj)
657 /*[clinic end generated code: output=6caae75b73e22c3f input=52010d3869e1b1a7]*/
658 {
659 return EVP_fast_new(module, data_obj, EVP_md5());
660 }
661
662
663 /*[clinic input]
664 _hashlib.openssl_sha1
665
666 string as data_obj: object(py_default="b''") = NULL
667
668 Returns a sha1 hash object; optionally initialized with a string
669
670 [clinic start generated code]*/
671
672 static PyObject *
_hashlib_openssl_sha1_impl(PyObject * module,PyObject * data_obj)673 _hashlib_openssl_sha1_impl(PyObject *module, PyObject *data_obj)
674 /*[clinic end generated code: output=07606d8f75153e61 input=16807d30e4aa8ae9]*/
675 {
676 return EVP_fast_new(module, data_obj, EVP_sha1());
677 }
678
679
680 /*[clinic input]
681 _hashlib.openssl_sha224
682
683 string as data_obj: object(py_default="b''") = NULL
684
685 Returns a sha224 hash object; optionally initialized with a string
686
687 [clinic start generated code]*/
688
689 static PyObject *
_hashlib_openssl_sha224_impl(PyObject * module,PyObject * data_obj)690 _hashlib_openssl_sha224_impl(PyObject *module, PyObject *data_obj)
691 /*[clinic end generated code: output=55e848761bcef0c9 input=5dbc2f1d84eb459b]*/
692 {
693 return EVP_fast_new(module, data_obj, EVP_sha224());
694 }
695
696
697 /*[clinic input]
698 _hashlib.openssl_sha256
699
700 string as data_obj: object(py_default="b''") = NULL
701
702 Returns a sha256 hash object; optionally initialized with a string
703
704 [clinic start generated code]*/
705
706 static PyObject *
_hashlib_openssl_sha256_impl(PyObject * module,PyObject * data_obj)707 _hashlib_openssl_sha256_impl(PyObject *module, PyObject *data_obj)
708 /*[clinic end generated code: output=05851d7cce34ac65 input=a68a5d21cda5a80f]*/
709 {
710 return EVP_fast_new(module, data_obj, EVP_sha256());
711 }
712
713
714 /*[clinic input]
715 _hashlib.openssl_sha384
716
717 string as data_obj: object(py_default="b''") = NULL
718
719 Returns a sha384 hash object; optionally initialized with a string
720
721 [clinic start generated code]*/
722
723 static PyObject *
_hashlib_openssl_sha384_impl(PyObject * module,PyObject * data_obj)724 _hashlib_openssl_sha384_impl(PyObject *module, PyObject *data_obj)
725 /*[clinic end generated code: output=5101a4704a932c2f input=6bdfa006622b64ea]*/
726 {
727 return EVP_fast_new(module, data_obj, EVP_sha384());
728 }
729
730
731 /*[clinic input]
732 _hashlib.openssl_sha512
733
734 string as data_obj: object(py_default="b''") = NULL
735
736 Returns a sha512 hash object; optionally initialized with a string
737
738 [clinic start generated code]*/
739
740 static PyObject *
_hashlib_openssl_sha512_impl(PyObject * module,PyObject * data_obj)741 _hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj)
742 /*[clinic end generated code: output=20c8e63ee560a5cb input=ece50182ad4b76a6]*/
743 {
744 return EVP_fast_new(module, data_obj, EVP_sha512());
745 }
746
747
748 /*[clinic input]
749 _hashlib.pbkdf2_hmac as pbkdf2_hmac
750
751 hash_name: str
752 password: Py_buffer
753 salt: Py_buffer
754 iterations: long
755 dklen as dklen_obj: object = None
756
757 Password based key derivation function 2 (PKCS #5 v2.0) with HMAC as pseudorandom function.
758 [clinic start generated code]*/
759
760 static PyObject *
pbkdf2_hmac_impl(PyObject * module,const char * hash_name,Py_buffer * password,Py_buffer * salt,long iterations,PyObject * dklen_obj)761 pbkdf2_hmac_impl(PyObject *module, const char *hash_name,
762 Py_buffer *password, Py_buffer *salt, long iterations,
763 PyObject *dklen_obj)
764 /*[clinic end generated code: output=144b76005416599b input=ed3ab0d2d28b5d5c]*/
765 {
766 PyObject *key_obj = NULL;
767 char *key;
768 long dklen;
769 int retval;
770 const EVP_MD *digest;
771
772 digest = EVP_get_digestbyname(hash_name);
773 if (digest == NULL) {
774 PyErr_SetString(PyExc_ValueError, "unsupported hash type");
775 goto end;
776 }
777
778 if (password->len > INT_MAX) {
779 PyErr_SetString(PyExc_OverflowError,
780 "password is too long.");
781 goto end;
782 }
783
784 if (salt->len > INT_MAX) {
785 PyErr_SetString(PyExc_OverflowError,
786 "salt is too long.");
787 goto end;
788 }
789
790 if (iterations < 1) {
791 PyErr_SetString(PyExc_ValueError,
792 "iteration value must be greater than 0.");
793 goto end;
794 }
795 if (iterations > INT_MAX) {
796 PyErr_SetString(PyExc_OverflowError,
797 "iteration value is too great.");
798 goto end;
799 }
800
801 if (dklen_obj == Py_None) {
802 dklen = EVP_MD_size(digest);
803 } else {
804 dklen = PyLong_AsLong(dklen_obj);
805 if ((dklen == -1) && PyErr_Occurred()) {
806 goto end;
807 }
808 }
809 if (dklen < 1) {
810 PyErr_SetString(PyExc_ValueError,
811 "key length must be greater than 0.");
812 goto end;
813 }
814 if (dklen > INT_MAX) {
815 /* INT_MAX is always smaller than dkLen max (2^32 - 1) * hLen */
816 PyErr_SetString(PyExc_OverflowError,
817 "key length is too great.");
818 goto end;
819 }
820
821 key_obj = PyBytes_FromStringAndSize(NULL, dklen);
822 if (key_obj == NULL) {
823 goto end;
824 }
825 key = PyBytes_AS_STRING(key_obj);
826
827 Py_BEGIN_ALLOW_THREADS
828 retval = PKCS5_PBKDF2_HMAC((char*)password->buf, (int)password->len,
829 (unsigned char *)salt->buf, (int)salt->len,
830 iterations, digest, dklen,
831 (unsigned char *)key);
832 Py_END_ALLOW_THREADS
833
834 if (!retval) {
835 Py_CLEAR(key_obj);
836 _setException(PyExc_ValueError);
837 goto end;
838 }
839
840 end:
841 return key_obj;
842 }
843
844 #if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_SCRYPT) && !defined(LIBRESSL_VERSION_NUMBER)
845 #define PY_SCRYPT 1
846
847 /* XXX: Parameters salt, n, r and p should be required keyword-only parameters.
848 They are optional in the Argument Clinic declaration only due to a
849 limitation of PyArg_ParseTupleAndKeywords. */
850
851 /*[clinic input]
852 _hashlib.scrypt
853
854 password: Py_buffer
855 *
856 salt: Py_buffer = None
857 n as n_obj: object(subclass_of='&PyLong_Type') = None
858 r as r_obj: object(subclass_of='&PyLong_Type') = None
859 p as p_obj: object(subclass_of='&PyLong_Type') = None
860 maxmem: long = 0
861 dklen: long = 64
862
863
864 scrypt password-based key derivation function.
865 [clinic start generated code]*/
866
867 static PyObject *
_hashlib_scrypt_impl(PyObject * module,Py_buffer * password,Py_buffer * salt,PyObject * n_obj,PyObject * r_obj,PyObject * p_obj,long maxmem,long dklen)868 _hashlib_scrypt_impl(PyObject *module, Py_buffer *password, Py_buffer *salt,
869 PyObject *n_obj, PyObject *r_obj, PyObject *p_obj,
870 long maxmem, long dklen)
871 /*[clinic end generated code: output=14849e2aa2b7b46c input=48a7d63bf3f75c42]*/
872 {
873 PyObject *key_obj = NULL;
874 char *key;
875 int retval;
876 unsigned long n, r, p;
877
878 if (password->len > INT_MAX) {
879 PyErr_SetString(PyExc_OverflowError,
880 "password is too long.");
881 return NULL;
882 }
883
884 if (salt->buf == NULL) {
885 PyErr_SetString(PyExc_TypeError,
886 "salt is required");
887 return NULL;
888 }
889 if (salt->len > INT_MAX) {
890 PyErr_SetString(PyExc_OverflowError,
891 "salt is too long.");
892 return NULL;
893 }
894
895 n = PyLong_AsUnsignedLong(n_obj);
896 if (n == (unsigned long) -1 && PyErr_Occurred()) {
897 PyErr_SetString(PyExc_TypeError,
898 "n is required and must be an unsigned int");
899 return NULL;
900 }
901 if (n < 2 || n & (n - 1)) {
902 PyErr_SetString(PyExc_ValueError,
903 "n must be a power of 2.");
904 return NULL;
905 }
906
907 r = PyLong_AsUnsignedLong(r_obj);
908 if (r == (unsigned long) -1 && PyErr_Occurred()) {
909 PyErr_SetString(PyExc_TypeError,
910 "r is required and must be an unsigned int");
911 return NULL;
912 }
913
914 p = PyLong_AsUnsignedLong(p_obj);
915 if (p == (unsigned long) -1 && PyErr_Occurred()) {
916 PyErr_SetString(PyExc_TypeError,
917 "p is required and must be an unsigned int");
918 return NULL;
919 }
920
921 if (maxmem < 0 || maxmem > INT_MAX) {
922 /* OpenSSL 1.1.0 restricts maxmem to 32 MiB. It may change in the
923 future. The maxmem constant is private to OpenSSL. */
924 PyErr_Format(PyExc_ValueError,
925 "maxmem must be positive and smaller than %d",
926 INT_MAX);
927 return NULL;
928 }
929
930 if (dklen < 1 || dklen > INT_MAX) {
931 PyErr_Format(PyExc_ValueError,
932 "dklen must be greater than 0 and smaller than %d",
933 INT_MAX);
934 return NULL;
935 }
936
937 /* let OpenSSL validate the rest */
938 retval = EVP_PBE_scrypt(NULL, 0, NULL, 0, n, r, p, maxmem, NULL, 0);
939 if (!retval) {
940 /* sorry, can't do much better */
941 PyErr_SetString(PyExc_ValueError,
942 "Invalid parameter combination for n, r, p, maxmem.");
943 return NULL;
944 }
945
946 key_obj = PyBytes_FromStringAndSize(NULL, dklen);
947 if (key_obj == NULL) {
948 return NULL;
949 }
950 key = PyBytes_AS_STRING(key_obj);
951
952 Py_BEGIN_ALLOW_THREADS
953 retval = EVP_PBE_scrypt(
954 (const char*)password->buf, (size_t)password->len,
955 (const unsigned char *)salt->buf, (size_t)salt->len,
956 n, r, p, maxmem,
957 (unsigned char *)key, (size_t)dklen
958 );
959 Py_END_ALLOW_THREADS
960
961 if (!retval) {
962 Py_CLEAR(key_obj);
963 _setException(PyExc_ValueError);
964 return NULL;
965 }
966 return key_obj;
967 }
968 #endif
969
970 /* Fast HMAC for hmac.digest()
971 */
972
973 /*[clinic input]
974 _hashlib.hmac_digest
975
976 key: Py_buffer
977 msg: Py_buffer
978 digest: str
979
980 Single-shot HMAC.
981 [clinic start generated code]*/
982
983 static PyObject *
_hashlib_hmac_digest_impl(PyObject * module,Py_buffer * key,Py_buffer * msg,const char * digest)984 _hashlib_hmac_digest_impl(PyObject *module, Py_buffer *key, Py_buffer *msg,
985 const char *digest)
986 /*[clinic end generated code: output=75630e684cdd8762 input=562d2f4249511bd3]*/
987 {
988 unsigned char md[EVP_MAX_MD_SIZE] = {0};
989 unsigned int md_len = 0;
990 unsigned char *result;
991 const EVP_MD *evp;
992
993 evp = EVP_get_digestbyname(digest);
994 if (evp == NULL) {
995 PyErr_SetString(PyExc_ValueError, "unsupported hash type");
996 return NULL;
997 }
998 if (key->len > INT_MAX) {
999 PyErr_SetString(PyExc_OverflowError,
1000 "key is too long.");
1001 return NULL;
1002 }
1003 if (msg->len > INT_MAX) {
1004 PyErr_SetString(PyExc_OverflowError,
1005 "msg is too long.");
1006 return NULL;
1007 }
1008
1009 Py_BEGIN_ALLOW_THREADS
1010 result = HMAC(
1011 evp,
1012 (const void*)key->buf, (int)key->len,
1013 (const unsigned char*)msg->buf, (int)msg->len,
1014 md, &md_len
1015 );
1016 Py_END_ALLOW_THREADS
1017
1018 if (result == NULL) {
1019 _setException(PyExc_ValueError);
1020 return NULL;
1021 }
1022 return PyBytes_FromStringAndSize((const char*)md, md_len);
1023 }
1024
1025 /* State for our callback function so that it can accumulate a result. */
1026 typedef struct _internal_name_mapper_state {
1027 PyObject *set;
1028 int error;
1029 } _InternalNameMapperState;
1030
1031
1032 /* A callback function to pass to OpenSSL's OBJ_NAME_do_all(...) */
1033 static void
_openssl_hash_name_mapper(const EVP_MD * md,const char * from,const char * to,void * arg)1034 _openssl_hash_name_mapper(const EVP_MD *md, const char *from,
1035 const char *to, void *arg)
1036 {
1037 _InternalNameMapperState *state = (_InternalNameMapperState *)arg;
1038 PyObject *py_name;
1039
1040 assert(state != NULL);
1041 if (md == NULL)
1042 return;
1043
1044 py_name = py_digest_name(md);
1045 if (py_name == NULL) {
1046 state->error = 1;
1047 } else {
1048 if (PySet_Add(state->set, py_name) != 0) {
1049 state->error = 1;
1050 }
1051 Py_DECREF(py_name);
1052 }
1053 }
1054
1055
1056 /* Ask OpenSSL for a list of supported ciphers, filling in a Python set. */
1057 static PyObject*
generate_hash_name_list(void)1058 generate_hash_name_list(void)
1059 {
1060 _InternalNameMapperState state;
1061 state.set = PyFrozenSet_New(NULL);
1062 if (state.set == NULL)
1063 return NULL;
1064 state.error = 0;
1065
1066 EVP_MD_do_all(&_openssl_hash_name_mapper, &state);
1067
1068 if (state.error) {
1069 Py_DECREF(state.set);
1070 return NULL;
1071 }
1072 return state.set;
1073 }
1074
1075 /* List of functions exported by this module */
1076
1077 static struct PyMethodDef EVP_functions[] = {
1078 EVP_NEW_METHODDEF
1079 PBKDF2_HMAC_METHODDEF
1080 _HASHLIB_SCRYPT_METHODDEF
1081 _HASHLIB_HMAC_DIGEST_METHODDEF
1082 _HASHLIB_OPENSSL_MD5_METHODDEF
1083 _HASHLIB_OPENSSL_SHA1_METHODDEF
1084 _HASHLIB_OPENSSL_SHA224_METHODDEF
1085 _HASHLIB_OPENSSL_SHA256_METHODDEF
1086 _HASHLIB_OPENSSL_SHA384_METHODDEF
1087 _HASHLIB_OPENSSL_SHA512_METHODDEF
1088 {NULL, NULL} /* Sentinel */
1089 };
1090
1091
1092 /* Initialize this module. */
1093
1094
1095 static struct PyModuleDef _hashlibmodule = {
1096 PyModuleDef_HEAD_INIT,
1097 "_hashlib",
1098 NULL,
1099 -1,
1100 EVP_functions,
1101 NULL,
1102 NULL,
1103 NULL,
1104 NULL
1105 };
1106
1107 PyMODINIT_FUNC
PyInit__hashlib(void)1108 PyInit__hashlib(void)
1109 {
1110 PyObject *m, *openssl_md_meth_names;
1111
1112 #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
1113 /* Load all digest algorithms and initialize cpuid */
1114 OPENSSL_add_all_algorithms_noconf();
1115 ERR_load_crypto_strings();
1116 #endif
1117
1118 /* TODO build EVP_functions openssl_* entries dynamically based
1119 * on what hashes are supported rather than listing many
1120 * but having some be unsupported. Only init appropriate
1121 * constants. */
1122
1123 Py_TYPE(&EVPtype) = &PyType_Type;
1124 if (PyType_Ready(&EVPtype) < 0)
1125 return NULL;
1126
1127 m = PyModule_Create(&_hashlibmodule);
1128 if (m == NULL)
1129 return NULL;
1130
1131 openssl_md_meth_names = generate_hash_name_list();
1132 if (openssl_md_meth_names == NULL) {
1133 Py_DECREF(m);
1134 return NULL;
1135 }
1136 if (PyModule_AddObject(m, "openssl_md_meth_names", openssl_md_meth_names)) {
1137 Py_DECREF(m);
1138 return NULL;
1139 }
1140
1141 Py_INCREF((PyObject *)&EVPtype);
1142 PyModule_AddObject(m, "HASH", (PyObject *)&EVPtype);
1143
1144 return m;
1145 }
1146