diff options
| author | Christian Heimes <christian@python.org> | 2020-05-16 20:27:06 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-16 20:27:06 (GMT) |
| commit | d5b3f6b7f9fc74438009af63f1de01bd77be9385 (patch) | |
| tree | 32fed153b988a3dbb9c691ba924d989de5d17578 /Lib | |
| parent | b17e49e0def23238b9e7f48c8a02e2d7bbf1f653 (diff) | |
| download | cpython-d5b3f6b7f9fc74438009af63f1de01bd77be9385.zip cpython-d5b3f6b7f9fc74438009af63f1de01bd77be9385.tar.gz cpython-d5b3f6b7f9fc74438009af63f1de01bd77be9385.tar.bz2 | |
bpo-37630: Use SHA3 and SHAKE XOF from OpenSSL (GH-16049)
OpenSSL 1.1.1 comes with SHA3 and SHAKE builtin.
Signed-off-by: Christian Heimes <christian@python.org>
Automerge-Triggered-By: @tiran
Diffstat (limited to 'Lib')
| -rw-r--r-- | Lib/hashlib.py | 4 | ||||
| -rw-r--r-- | Lib/test/test_hashlib.py | 18 |
2 files changed, 19 insertions, 3 deletions
diff --git a/Lib/hashlib.py b/Lib/hashlib.py index 56873b7..0f81de0 100644 --- a/Lib/hashlib.py +++ b/Lib/hashlib.py @@ -71,8 +71,6 @@ __all__ = __always_supported + ('new', 'algorithms_guaranteed', __builtin_constructor_cache = {} __block_openssl_constructor = { - 'sha3_224', 'sha3_256', 'sha3_384', 'sha3_512', - 'shake_128', 'shake_256', 'blake2b', 'blake2s', } @@ -125,6 +123,8 @@ def __get_openssl_constructor(name): # Prefer our blake2 and sha3 implementation. return __get_builtin_constructor(name) try: + # MD5, SHA1, and SHA2 are in all supported OpenSSL versions + # SHA3/shake are available in OpenSSL 1.1.1+ f = getattr(_hashlib, 'openssl_' + name) # Allow the C module to raise ValueError. The function will be # defined but the hash not actually available thanks to OpenSSL. diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py index f9fe7e3..b901468 100644 --- a/Lib/test/test_hashlib.py +++ b/Lib/test/test_hashlib.py @@ -27,9 +27,10 @@ c_hashlib = import_fresh_module('hashlib', fresh=['_hashlib']) py_hashlib = import_fresh_module('hashlib', blocked=['_hashlib']) try: - from _hashlib import HASH + from _hashlib import HASH, HASHXOF except ImportError: HASH = None + HASHXOF = None try: import _blake2 @@ -254,6 +255,9 @@ class HashLibTestCase(unittest.TestCase): h = cons() if h.name not in self.shakes: continue + if HASH is not None and isinstance(h, HASH): + # _hashopenssl's take a size_t + continue for digest in h.digest, h.hexdigest: self.assertRaises(ValueError, digest, -10) for length in large_sizes: @@ -860,6 +864,18 @@ class HashLibTestCase(unittest.TestCase): def test_get_fips_mode(self): self.assertIsInstance(c_hashlib.get_fips_mode(), int) + @unittest.skipUnless(HASH is not None, 'need _hashlib') + def test_internal_types(self): + # internal types like _hashlib.HASH are not constructable + with self.assertRaisesRegex( + TypeError, "cannot create 'HASH' instance" + ): + HASH() + with self.assertRaisesRegex( + TypeError, "cannot create 'HASHXOF' instance" + ): + HASHXOF() + class KDFTests(unittest.TestCase): |