diff options
| author |   Matti Picus <matti.picus@gmail.com> | 2022-05-15 23:48:40 +0300 |
|---|---|---|
| committer |   Michał Górny <mgorny@gentoo.org> | 2022-05-16 11:10:57 +0200 |
| commit | fafb1795861c5803177feaaa9a08bf30e865ba71 (patch) | |
| tree | b9ecb67315bda778690b48eba7d4a71ecc544f69 | |
| parent | _sysconfigdata: strip default CFLAGS and OPT (diff) | |
| download | pypy-fafb1795861c5803177feaaa9a08bf30e865ba71.tar.gz pypy-fafb1795861c5803177feaaa9a08bf30e865ba71.tar.bz2 pypy-fafb1795861c5803177feaaa9a08bf30e865ba71.zip | |
merge py3.8
commit 0c4d55b06a270401843e1ef4aab08a30be93deba
Author: Matti Picus <matti.picus@gmail.com>
Date: 2022-05-15 22:44:46 +0200
check results from EVP_DigestInit_ex and EVP_DigestUpdate, and fix some failing tests (issue 3741)
| -rw-r--r-- | lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py | 3 | ||||
| -rw-r--r-- | lib_pypy/_hashlib/__init__.py | 42 |
2 files changed, 35 insertions, 10 deletions
diff --git a/lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py b/lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py index 3cd5022e70..4552505f18 100644 --- a/lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py +++ b/lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py @@ -62,6 +62,9 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *, unsigned char *, unsigned int *); int EVP_DigestFinalXOF(EVP_MD_CTX *, unsigned char *, size_t); const EVP_MD *EVP_get_digestbyname(const char *); int EVP_MD_size(const EVP_MD *); +void EVP_MD_do_all(void (*) (const EVP_MD *, const char *, const char *, void *), void *); +int EVP_MD_nid(const EVP_MD *); + EVP_PKEY *EVP_PKEY_new(void); void EVP_PKEY_free(EVP_PKEY *); diff --git a/lib_pypy/_hashlib/__init__.py b/lib_pypy/_hashlib/__init__.py index 3f2c03b503..a099cc05bb 100644 --- a/lib_pypy/_hashlib/__init__.py +++ b/lib_pypy/_hashlib/__init__.py @@ -7,6 +7,23 @@ from _cffi_ssl._stdssl.utility import (_str_to_ffi_buffer, _bytes_with_len, try: from __pypy__ import builtinify except ImportError: builtinify = lambda f: f +def get_errstr(): + # From CPython's _setException + errcode = lib.ERR_peek_last_error(); + if not errcode: + return "unknown reasons" + + errlib = lib.ERR_lib_error_string(errcode) + func = lib.ERR_func_error_string(errcode) + reason = lib.ERR_reason_error_string(errcode) + + if errlib and func: + return "[%s: %s] %s" % (_str_from_buf(errlib), _str_from_buf(func), _str_from_buf(reason)) + elif errlib: + return "[%s] %s" % (_str_from_buf(errlib), _str_from_buf(reason)) + else: + return _str_from_buf(reason) + def new(name, string=b'', usedforsecurity=True): h = HASH(name, usedforsecurity=usedforsecurity) @@ -42,8 +59,8 @@ class HASH(object): if not lib.EVP_MD_CTX_copy_ex(ctx, copy_from): raise ValueError else: - # cpython uses EVP_DigestInit - lib.EVP_DigestInit_ex(ctx, digest_type, ffi.NULL) + if lib.EVP_DigestInit_ex(ctx, digest_type, ffi.NULL) == 0: + raise ValueError(get_errstr()) self.ctx = ctx except: # no need to gc ctx! @@ -72,7 +89,8 @@ class HASH(object): buf = ffi.from_buffer(string) with self.lock: # XXX try to not release the GIL for small requests - lib.EVP_DigestUpdate(self.ctx, buf, len(buf)) + if lib.EVP_DigestUpdate(self.ctx, buf, len(buf)) == 0: + raise ValueError(get_errstr()) def copy(self): """Return a copy of the hash object.""" @@ -126,24 +144,28 @@ class NameFetcher: def _fetch_names(): name_fetcher = NameFetcher() handle = ffi.new_handle(name_fetcher) - lib.OBJ_NAME_do_all(lib.OBJ_NAME_TYPE_MD_METH, hash_name_mapper_callback, handle) + lib.EVP_MD_do_all(hash_name_mapper_callback, handle) if name_fetcher.error: raise name_fetcher.error meth_names = name_fetcher.meth_names name_fetcher.meth_names = None return frozenset(meth_names) -@ffi.callback("void(OBJ_NAME*, void*)") -def hash_name_mapper_callback(obj_name, userdata): - if not obj_name: +name_mapping = { + 'blake2s256': 'blake2s', + 'blake2b512': 'blake2b' + } + +@ffi.callback("void(EVP_MD*, const char *, const char *, void*)") +def hash_name_mapper_callback(evp_md, from_name, to_name, userdata): + if not evp_md: return # Ignore aliased names, they pollute the list and OpenSSL appears # to have a its own definition of alias as the resulting list # still contains duplicate and alternate names for several # algorithms. - if obj_name.alias != 0: - return - name = _str_from_buf(obj_name.name) + lowered = _str_from_buf(from_name).lower().replace('-', '_') + name = name_mapping.get(lowered, lowered) if name in ('blake2b512', 'sha3-512'): return name_fetcher = ffi.from_handle(userdata) |