The OpenSSL and HACL* implementations of HMAC single-shot
digest computation reject keys whose length exceeds `INT_MAX`
and `UINT32_MAX` respectively. The OpenSSL implementation
also rejects messages whose length exceed `INT_MAX`.
Using such keys in `hmac.digest` previously raised an `OverflowError`
which was propagated to the caller. This commit mitigates this case by
making `hmac.digest` fall back to HMAC's pure Python implementation
which accepts arbitrary large keys or messages.
This change only affects the top-level entrypoint `hmac.digest`, leaving
`_hashopenssl.hmac_digest` and `_hmac.compute_digest` untouched.
- Correctly test missing `digestmod` and `digest` parameters.
- Test when chunks of length > 2048 are passed to `update()`.
- Test one-shot HMAC-BLAKE2.
A new extension module, `_hmac`, now exposes the HACL* HMAC (formally verified) implementation.
The HACL* implementation is used as a fallback implementation when the OpenSSL implementation of HMAC
is not available or disabled. For now, only named hash algorithms are recognized and SIMD support provided
by HACL* for the BLAKE2 hash functions is not yet used.
New features:
* refactor `hashlib_helper.requires_hashdigest` in prevision of a future
`hashlib_helper.requires_builtin_hashdigest` for built-in hashes only
* add `hashlib_helper.requires_openssl_hashdigest` to request OpenSSL
hashes, assuming that `_hashlib` exists.
Refactoring:
* split hmac.copy() test by implementation
* update how algorithms are discovered for RFC test cases
* simplify how OpenSSL hash digests are requested
* refactor hexdigest tests for RFC test vectors
* typo fix: `assert_hmac_hexdigest_by_new` -> `assert_hmac_hexdigest_by_name`
Improvements:
* strengthen contract on `hmac_new_by_name` and `hmac_digest_by_name`
* rename mixin classes to better match their responsibility
Since we plan to introduce a built-in implementation for HMAC based on HACL*,
it becomes important for the HMAC tests to be flexible enough to avoid code
duplication.
In addition to the new layout based on mixin classes, we extend test coverage by
also testing the `__repr__` of HMAC objects and the HMAC one-shot functions.
We also fix the import to `_sha256` which, since gh-101924, resulted in some tests being
skipped as the module is no more available (its content was moved to the `_sha2` module).
hashlib.compare_digest uses OpenSSL's CRYPTO_memcmp() function
when OpenSSL is available.
Note: The _operator module is a builtin module. I don't want to add
libcrypto dependency to libpython. Therefore I duplicated the wrapper
function and added a copy to _hashopenssl.c.
The internal module ``_hashlib`` wraps and exposes OpenSSL's HMAC API. The
new code will be used in Python 3.10 after the internal implementation
details of the pure Python HMAC module are no longer part of the public API.
The code is based on a patch by Petr Viktorin for RHEL and Python 3.6.
Co-Authored-By: Petr Viktorin <encukou@gmail.com>
Since c64a1a61e6 two assertions were indented and thus ignored when running test_hmac.
This PR fixes it. As the change is quite trivial I didn't add a NEWS entry.
https://bugs.python.org/issue38270
Also updates the documentation to clarify the situation surrounding
the digestmod parameter that is required despite its position in the
argument list as of 3.8.0 as well as removing old python2 era
references to "binary strings".
We indavertently had this raise ValueError in 3.8.0 for the missing
arg. This is not considered an API change as no reasonable code would
be catching this missing argument error in order to handle it.
test_hmac and test_hashlib test built-in hashing implementations and
OpenSSL-based hashing implementations. Add more checks to skip OpenSSL
implementations when a strict crypto policy is active.
Use EVP_DigestInit_ex() instead of EVP_DigestInit() to initialize the
EVP context. The EVP_DigestInit() function clears alls flags and breaks
usedforsecurity flag again.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue38270
Make it easier to run and test Python on systems with restrict crypto policies:
* add requires_hashdigest to test.support to check if a hash digest algorithm is available and working
* avoid MD5 in test_hmac
* replace MD5 with SHA256 in test_tarfile
* mark network tests that require MD5 for MD5-based digest auth or CRAM-MD5
https://bugs.python.org/issue38270
The hmac module now has hmac.digest(), which provides an optimized HMAC
digest for short messages. hmac.digest() is up to three times faster
than hmac.HMAC().digest().
Signed-off-by: Christian Heimes <christian@python.org>
I have compared output between pre- and post-patch runs of these tests
to make sure there's nothing missing and nothing broken, on both
Windows and Linux. The only differences I found were actually tests
that were previously *not* run.
Merged revisions 79534,79537,79539,79558,79606 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r79534 | florent.xicluna | 2010-03-31 23:21:54 +0200 (mer, 31 mar 2010) | 2 lines
Fix test for xml.etree when using a non-ascii path. And use check_warnings instead of catch_warnings.
........
r79537 | florent.xicluna | 2010-03-31 23:40:32 +0200 (mer, 31 mar 2010) | 2 lines
Fix typo
........
r79539 | florent.xicluna | 2010-04-01 00:01:03 +0200 (jeu, 01 avr 2010) | 2 lines
Replace catch_warnings with check_warnings when it makes sense. Use assertRaises context manager to simplify some tests.
........
r79558 | florent.xicluna | 2010-04-01 20:17:09 +0200 (jeu, 01 avr 2010) | 2 lines
#7092: Fix some -3 warnings, and fix Lib/platform.py when the path contains a double-quote.
........
r79606 | florent.xicluna | 2010-04-02 19:26:42 +0200 (ven, 02 avr 2010) | 2 lines
Backport some robotparser test and skip the test if the external resource is not available.
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r66321 | brett.cannon | 2008-09-08 17:49:16 -0700 (Mon, 08 Sep 2008) | 7 lines
warnings.catch_warnings() now returns a list or None instead of the custom
WarningsRecorder object. This makes the API simpler to use as no special object
must be learned.
Closes issue 3781.
Review by Benjamin Peterson.
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r61644 | trent.nelson | 2008-03-19 22:51:16 +0100 (Mi, 19 Mär 2008) | 1 line
Force a clean of the tcltk/tcltk64 directories now that we've completely changed the tcl/tk build environment.
........
r61646 | gregory.p.smith | 2008-03-19 23:23:51 +0100 (Mi, 19 Mär 2008) | 2 lines
Improve the error message when the CRCs don't match.
........
r61647 | trent.nelson | 2008-03-19 23:41:10 +0100 (Mi, 19 Mär 2008) | 1 line
Comment out tcltk/tcltk64 removal.
........
r61649 | raymond.hettinger | 2008-03-19 23:47:48 +0100 (Mi, 19 Mär 2008) | 1 line
Remove unnecessary traceback save/restore pair.
........
r61650 | trent.nelson | 2008-03-19 23:51:42 +0100 (Mi, 19 Mär 2008) | 1 line
Bump the SIGALM delay from 3 seconds to 20 seconds, mainly in an effort to see if it fixes the alarm failures in this test experienced by some of the buildbots.
........
r61651 | brett.cannon | 2008-03-20 00:01:17 +0100 (Do, 20 Mär 2008) | 5 lines
Make sure that the warnings filter is not reset or changed beyond the current
running test file.
Closes issue2407. Thanks Jerry Seutter.
........
r61652 | gregory.p.smith | 2008-03-20 00:03:25 +0100 (Do, 20 Mär 2008) | 10 lines
Prevent ioctl op codes from being sign extended from int to unsigned long
when used on platforms that actually define ioctl as taking an unsigned long.
(the BSDs and OS X / Darwin)
Adds a unittest for fcntl.ioctl that tests what happens with both positive and
negative numbers.
This was done because of issue1471 but I'm not able to reproduce -that- problem
in the first place on Linux 32bit or 64bit or OS X 10.4 & 10.5 32bit or 64 bit.
........
r61656 | sean.reifschneider | 2008-03-20 01:46:50 +0100 (Do, 20 Mär 2008) | 2 lines
Issue #2143: Fix embedded readline() hang on SSL socket EOF.
........
r61657 | sean.reifschneider | 2008-03-20 01:50:07 +0100 (Do, 20 Mär 2008) | 2 lines
Forgot to add NEWS item about smtplib SSL readline hang fix.
........
r61658 | trent.nelson | 2008-03-20 01:58:44 +0100 (Do, 20 Mär 2008) | 1 line
Revert r61650; the intent of this commit was to try and address alarm failures on some of the build slaves. As Neal points out, it's called after test_main(), so it's not going to factor into the test when run via regrtest.py (and removes the original functionality that Jeffrey wanted that would kill the test if it took longer than 3 seconds to run when executing it directly during development).
........
r61663 | sean.reifschneider | 2008-03-20 04:20:48 +0100 (Do, 20 Mär 2008) | 2 lines
Issue 2188: Documentation hint about disabling proxy detection.
........
r61665 | gregory.p.smith | 2008-03-20 06:41:53 +0100 (Do, 20 Mär 2008) | 7 lines
Attempt to fix the Solaris Sparc 10 buildbot. It was failing with an invalid
argument error on ioctl. This was caused by the added test_fcntl ioctl test
that hard coded 0 as the fd to use. Without a terminal, this fails on solaris.
(it passed from the command line on sol 10, both 32 and 64 bit)
Also, test_ioctl exists so I moved the test into there where it belongs.
........
r61667 | georg.brandl | 2008-03-20 08:25:55 +0100 (Do, 20 Mär 2008) | 2 lines
#2383: remove obsolete XXX comment in stat.py.
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r58868 | gregory.p.smith | 2007-11-05 16:19:03 -0800 (Mon, 05 Nov 2007) | 3 lines
Fixes Issue 1385: The hmac module now computes the correct hmac when using
hashes with a block size other than 64 bytes (such as sha384 and sha512).
........
