diff options
| author | Christian Heimes <christian@python.org> | 2019-09-13 00:30:00 (GMT) |
|---|---|---|
| committer | Gregory P. Smith <greg@krypto.org> | 2019-09-13 00:30:00 (GMT) |
| commit | 7cad53e6b084435a220e6604010f1fa5778bd0b1 (patch) | |
| tree | a54b4906b9e9fc18bd5319fe87ad8a7fc071b3a7 /Modules/clinic | |
| parent | 3a4f66707e824ef3a8384827590ebaa6ca463dc0 (diff) | |
| download | cpython-7cad53e6b084435a220e6604010f1fa5778bd0b1.zip cpython-7cad53e6b084435a220e6604010f1fa5778bd0b1.tar.gz cpython-7cad53e6b084435a220e6604010f1fa5778bd0b1.tar.bz2 | |
bpo-9216: Add usedforsecurity to hashlib constructors (GH-16044)
The usedforsecurity keyword only argument added to the hash constructors is useful for FIPS builds and similar restrictive environment with non-technical requirements that legacy algorithms be forbidden by their implementations without being explicitly annotated as not being used for any security related purposes. Linux distros with FIPS support benefit from this being standard rather than making up their own way(s) to do it.
Contributed and Signed-off-by: Christian Heimes christian@python.org
Diffstat (limited to 'Modules/clinic')
| -rw-r--r-- | Modules/clinic/_hashopenssl.c.h | 191 | ||||
| -rw-r--r-- | Modules/clinic/md5module.c.h | 28 | ||||
| -rw-r--r-- | Modules/clinic/sha1module.c.h | 28 | ||||
| -rw-r--r-- | Modules/clinic/sha256module.c.h | 54 | ||||
| -rw-r--r-- | Modules/clinic/sha512module.c.h | 54 |
5 files changed, 272 insertions, 83 deletions
diff --git a/Modules/clinic/_hashopenssl.c.h b/Modules/clinic/_hashopenssl.c.h index 9aaea47..de53e7e 100644 --- a/Modules/clinic/_hashopenssl.c.h +++ b/Modules/clinic/_hashopenssl.c.h @@ -66,7 +66,7 @@ PyDoc_STRVAR(EVP_update__doc__, {"update", (PyCFunction)EVP_update, METH_O, EVP_update__doc__}, PyDoc_STRVAR(EVP_new__doc__, -"new($module, /, name, string=b\'\')\n" +"new($module, /, name, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Return a new hash object using the named algorithm.\n" @@ -80,18 +80,20 @@ PyDoc_STRVAR(EVP_new__doc__, {"new", (PyCFunction)(void(*)(void))EVP_new, METH_FASTCALL|METH_KEYWORDS, EVP_new__doc__}, static PyObject * -EVP_new_impl(PyObject *module, PyObject *name_obj, PyObject *data_obj); +EVP_new_impl(PyObject *module, PyObject *name_obj, PyObject *data_obj, + int usedforsecurity); static PyObject * EVP_new(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"name", "string", NULL}; + static const char * const _keywords[] = {"name", "string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "new", 0}; - PyObject *argsbuf[2]; + PyObject *argsbuf[3]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 1; PyObject *name_obj; PyObject *data_obj = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 1, 2, 0, argsbuf); if (!args) { @@ -101,16 +103,29 @@ EVP_new(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwn if (!noptargs) { goto skip_optional_pos; } - data_obj = args[1]; + if (args[1]) { + data_obj = args[1]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = EVP_new_impl(module, name_obj, data_obj); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[2]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = EVP_new_impl(module, name_obj, data_obj, usedforsecurity); exit: return return_value; } PyDoc_STRVAR(_hashlib_openssl_md5__doc__, -"openssl_md5($module, /, string=b\'\')\n" +"openssl_md5($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Returns a md5 hash object; optionally initialized with a string"); @@ -119,17 +134,19 @@ PyDoc_STRVAR(_hashlib_openssl_md5__doc__, {"openssl_md5", (PyCFunction)(void(*)(void))_hashlib_openssl_md5, METH_FASTCALL|METH_KEYWORDS, _hashlib_openssl_md5__doc__}, static PyObject * -_hashlib_openssl_md5_impl(PyObject *module, PyObject *data_obj); +_hashlib_openssl_md5_impl(PyObject *module, PyObject *data_obj, + int usedforsecurity); static PyObject * _hashlib_openssl_md5(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "openssl_md5", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *data_obj = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -138,16 +155,29 @@ _hashlib_openssl_md5(PyObject *module, PyObject *const *args, Py_ssize_t nargs, if (!noptargs) { goto skip_optional_pos; } - data_obj = args[0]; + if (args[0]) { + data_obj = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _hashlib_openssl_md5_impl(module, data_obj); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _hashlib_openssl_md5_impl(module, data_obj, usedforsecurity); exit: return return_value; } PyDoc_STRVAR(_hashlib_openssl_sha1__doc__, -"openssl_sha1($module, /, string=b\'\')\n" +"openssl_sha1($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Returns a sha1 hash object; optionally initialized with a string"); @@ -156,17 +186,19 @@ PyDoc_STRVAR(_hashlib_openssl_sha1__doc__, {"openssl_sha1", (PyCFunction)(void(*)(void))_hashlib_openssl_sha1, METH_FASTCALL|METH_KEYWORDS, _hashlib_openssl_sha1__doc__}, static PyObject * -_hashlib_openssl_sha1_impl(PyObject *module, PyObject *data_obj); +_hashlib_openssl_sha1_impl(PyObject *module, PyObject *data_obj, + int usedforsecurity); static PyObject * _hashlib_openssl_sha1(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "openssl_sha1", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *data_obj = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -175,16 +207,29 @@ _hashlib_openssl_sha1(PyObject *module, PyObject *const *args, Py_ssize_t nargs, if (!noptargs) { goto skip_optional_pos; } - data_obj = args[0]; + if (args[0]) { + data_obj = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _hashlib_openssl_sha1_impl(module, data_obj); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _hashlib_openssl_sha1_impl(module, data_obj, usedforsecurity); exit: return return_value; } PyDoc_STRVAR(_hashlib_openssl_sha224__doc__, -"openssl_sha224($module, /, string=b\'\')\n" +"openssl_sha224($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Returns a sha224 hash object; optionally initialized with a string"); @@ -193,17 +238,19 @@ PyDoc_STRVAR(_hashlib_openssl_sha224__doc__, {"openssl_sha224", (PyCFunction)(void(*)(void))_hashlib_openssl_sha224, METH_FASTCALL|METH_KEYWORDS, _hashlib_openssl_sha224__doc__}, static PyObject * -_hashlib_openssl_sha224_impl(PyObject *module, PyObject *data_obj); +_hashlib_openssl_sha224_impl(PyObject *module, PyObject *data_obj, + int usedforsecurity); static PyObject * _hashlib_openssl_sha224(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "openssl_sha224", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *data_obj = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -212,16 +259,29 @@ _hashlib_openssl_sha224(PyObject *module, PyObject *const *args, Py_ssize_t narg if (!noptargs) { goto skip_optional_pos; } - data_obj = args[0]; + if (args[0]) { + data_obj = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _hashlib_openssl_sha224_impl(module, data_obj); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _hashlib_openssl_sha224_impl(module, data_obj, usedforsecurity); exit: return return_value; } PyDoc_STRVAR(_hashlib_openssl_sha256__doc__, -"openssl_sha256($module, /, string=b\'\')\n" +"openssl_sha256($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Returns a sha256 hash object; optionally initialized with a string"); @@ -230,17 +290,19 @@ PyDoc_STRVAR(_hashlib_openssl_sha256__doc__, {"openssl_sha256", (PyCFunction)(void(*)(void))_hashlib_openssl_sha256, METH_FASTCALL|METH_KEYWORDS, _hashlib_openssl_sha256__doc__}, static PyObject * -_hashlib_openssl_sha256_impl(PyObject *module, PyObject *data_obj); +_hashlib_openssl_sha256_impl(PyObject *module, PyObject *data_obj, + int usedforsecurity); static PyObject * _hashlib_openssl_sha256(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "openssl_sha256", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *data_obj = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -249,16 +311,29 @@ _hashlib_openssl_sha256(PyObject *module, PyObject *const *args, Py_ssize_t narg if (!noptargs) { goto skip_optional_pos; } - data_obj = args[0]; + if (args[0]) { + data_obj = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _hashlib_openssl_sha256_impl(module, data_obj); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _hashlib_openssl_sha256_impl(module, data_obj, usedforsecurity); exit: return return_value; } PyDoc_STRVAR(_hashlib_openssl_sha384__doc__, -"openssl_sha384($module, /, string=b\'\')\n" +"openssl_sha384($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Returns a sha384 hash object; optionally initialized with a string"); @@ -267,17 +342,19 @@ PyDoc_STRVAR(_hashlib_openssl_sha384__doc__, {"openssl_sha384", (PyCFunction)(void(*)(void))_hashlib_openssl_sha384, METH_FASTCALL|METH_KEYWORDS, _hashlib_openssl_sha384__doc__}, static PyObject * -_hashlib_openssl_sha384_impl(PyObject *module, PyObject *data_obj); +_hashlib_openssl_sha384_impl(PyObject *module, PyObject *data_obj, + int usedforsecurity); static PyObject * _hashlib_openssl_sha384(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "openssl_sha384", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *data_obj = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -286,16 +363,29 @@ _hashlib_openssl_sha384(PyObject *module, PyObject *const *args, Py_ssize_t narg if (!noptargs) { goto skip_optional_pos; } - data_obj = args[0]; + if (args[0]) { + data_obj = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _hashlib_openssl_sha384_impl(module, data_obj); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _hashlib_openssl_sha384_impl(module, data_obj, usedforsecurity); exit: return return_value; } PyDoc_STRVAR(_hashlib_openssl_sha512__doc__, -"openssl_sha512($module, /, string=b\'\')\n" +"openssl_sha512($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Returns a sha512 hash object; optionally initialized with a string"); @@ -304,17 +394,19 @@ PyDoc_STRVAR(_hashlib_openssl_sha512__doc__, {"openssl_sha512", (PyCFunction)(void(*)(void))_hashlib_openssl_sha512, METH_FASTCALL|METH_KEYWORDS, _hashlib_openssl_sha512__doc__}, static PyObject * -_hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj); +_hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj, + int usedforsecurity); static PyObject * _hashlib_openssl_sha512(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "openssl_sha512", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *data_obj = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -323,9 +415,22 @@ _hashlib_openssl_sha512(PyObject *module, PyObject *const *args, Py_ssize_t narg if (!noptargs) { goto skip_optional_pos; } - data_obj = args[0]; + if (args[0]) { + data_obj = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _hashlib_openssl_sha512_impl(module, data_obj); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _hashlib_openssl_sha512_impl(module, data_obj, usedforsecurity); exit: return return_value; @@ -623,4 +728,4 @@ exit: #ifndef _HASHLIB_SCRYPT_METHODDEF #define _HASHLIB_SCRYPT_METHODDEF #endif /* !defined(_HASHLIB_SCRYPT_METHODDEF) */ -/*[clinic end generated code: output=38c2637f67e9bb79 input=a9049054013a1b77]*/ +/*[clinic end generated code: output=acb22ccddb7043c7 input=a9049054013a1b77]*/ diff --git a/Modules/clinic/md5module.c.h b/Modules/clinic/md5module.c.h index 12484cc..c109f9e 100644 --- a/Modules/clinic/md5module.c.h +++ b/Modules/clinic/md5module.c.h @@ -66,7 +66,7 @@ PyDoc_STRVAR(MD5Type_update__doc__, {"update", (PyCFunction)MD5Type_update, METH_O, MD5Type_update__doc__}, PyDoc_STRVAR(_md5_md5__doc__, -"md5($module, /, string=b\'\')\n" +"md5($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Return a new MD5 hash object; optionally initialized with a string."); @@ -75,17 +75,18 @@ PyDoc_STRVAR(_md5_md5__doc__, {"md5", (PyCFunction)(void(*)(void))_md5_md5, METH_FASTCALL|METH_KEYWORDS, _md5_md5__doc__}, static PyObject * -_md5_md5_impl(PyObject *module, PyObject *string); +_md5_md5_impl(PyObject *module, PyObject *string, int usedforsecurity); static PyObject * _md5_md5(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "md5", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *string = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -94,11 +95,24 @@ _md5_md5(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kw if (!noptargs) { goto skip_optional_pos; } - string = args[0]; + if (args[0]) { + string = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _md5_md5_impl(module, string); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _md5_md5_impl(module, string, usedforsecurity); exit: return return_value; } -/*[clinic end generated code: output=53133f08cf9095fc input=a9049054013a1b77]*/ +/*[clinic end generated code: output=dbe3abc60086f3ef input=a9049054013a1b77]*/ diff --git a/Modules/clinic/sha1module.c.h b/Modules/clinic/sha1module.c.h index 001c6af..fc37b1a 100644 --- a/Modules/clinic/sha1module.c.h +++ b/Modules/clinic/sha1module.c.h @@ -66,7 +66,7 @@ PyDoc_STRVAR(SHA1Type_update__doc__, {"update", (PyCFunction)SHA1Type_update, METH_O, SHA1Type_update__doc__}, PyDoc_STRVAR(_sha1_sha1__doc__, -"sha1($module, /, string=b\'\')\n" +"sha1($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Return a new SHA1 hash object; optionally initialized with a string."); @@ -75,17 +75,18 @@ PyDoc_STRVAR(_sha1_sha1__doc__, {"sha1", (PyCFunction)(void(*)(void))_sha1_sha1, METH_FASTCALL|METH_KEYWORDS, _sha1_sha1__doc__}, static PyObject * -_sha1_sha1_impl(PyObject *module, PyObject *string); +_sha1_sha1_impl(PyObject *module, PyObject *string, int usedforsecurity); static PyObject * _sha1_sha1(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "sha1", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *string = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -94,11 +95,24 @@ _sha1_sha1(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject * if (!noptargs) { goto skip_optional_pos; } - string = args[0]; + if (args[0]) { + string = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _sha1_sha1_impl(module, string); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _sha1_sha1_impl(module, string, usedforsecurity); exit: return return_value; } -/*[clinic end generated code: output=1ae7e73ec84a27d5 input=a9049054013a1b77]*/ +/*[clinic end generated code: output=3ddd637ae17e14b3 input=a9049054013a1b77]*/ diff --git a/Modules/clinic/sha256module.c.h b/Modules/clinic/sha256module.c.h index 658abb1..2a788ea 100644 --- a/Modules/clinic/sha256module.c.h +++ b/Modules/clinic/sha256module.c.h @@ -66,7 +66,7 @@ PyDoc_STRVAR(SHA256Type_update__doc__, {"update", (PyCFunction)SHA256Type_update, METH_O, SHA256Type_update__doc__}, PyDoc_STRVAR(_sha256_sha256__doc__, -"sha256($module, /, string=b\'\')\n" +"sha256($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Return a new SHA-256 hash object; optionally initialized with a string."); @@ -75,17 +75,18 @@ PyDoc_STRVAR(_sha256_sha256__doc__, {"sha256", (PyCFunction)(void(*)(void))_sha256_sha256, METH_FASTCALL|METH_KEYWORDS, _sha256_sha256__doc__}, static PyObject * -_sha256_sha256_impl(PyObject *module, PyObject *string); +_sha256_sha256_impl(PyObject *module, PyObject *string, int usedforsecurity); static PyObject * _sha256_sha256(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "sha256", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *string = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -94,16 +95,29 @@ _sha256_sha256(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObje if (!noptargs) { goto skip_optional_pos; } - string = args[0]; + if (args[0]) { + string = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _sha256_sha256_impl(module, string); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _sha256_sha256_impl(module, string, usedforsecurity); exit: return return_value; } PyDoc_STRVAR(_sha256_sha224__doc__, -"sha224($module, /, string=b\'\')\n" +"sha224($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Return a new SHA-224 hash object; optionally initialized with a string."); @@ -112,17 +126,18 @@ PyDoc_STRVAR(_sha256_sha224__doc__, {"sha224", (PyCFunction)(void(*)(void))_sha256_sha224, METH_FASTCALL|METH_KEYWORDS, _sha256_sha224__doc__}, static PyObject * -_sha256_sha224_impl(PyObject *module, PyObject *string); +_sha256_sha224_impl(PyObject *module, PyObject *string, int usedforsecurity); static PyObject * _sha256_sha224(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "sha224", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *string = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -131,11 +146,24 @@ _sha256_sha224(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObje if (!noptargs) { goto skip_optional_pos; } - string = args[0]; + if (args[0]) { + string = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _sha256_sha224_impl(module, string); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _sha256_sha224_impl(module, string, usedforsecurity); exit: return return_value; } -/*[clinic end generated code: output=c54d0956ec88409d input=a9049054013a1b77]*/ +/*[clinic end generated code: output=c8cca8adbe72ec9a input=a9049054013a1b77]*/ diff --git a/Modules/clinic/sha512module.c.h b/Modules/clinic/sha512module.c.h index 459a934..b8185b6 100644 --- a/Modules/clinic/sha512module.c.h +++ b/Modules/clinic/sha512module.c.h @@ -66,7 +66,7 @@ PyDoc_STRVAR(SHA512Type_update__doc__, {"update", (PyCFunction)SHA512Type_update, METH_O, SHA512Type_update__doc__}, PyDoc_STRVAR(_sha512_sha512__doc__, -"sha512($module, /, string=b\'\')\n" +"sha512($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Return a new SHA-512 hash object; optionally initialized with a string."); @@ -75,17 +75,18 @@ PyDoc_STRVAR(_sha512_sha512__doc__, {"sha512", (PyCFunction)(void(*)(void))_sha512_sha512, METH_FASTCALL|METH_KEYWORDS, _sha512_sha512__doc__}, static PyObject * -_sha512_sha512_impl(PyObject *module, PyObject *string); +_sha512_sha512_impl(PyObject *module, PyObject *string, int usedforsecurity); static PyObject * _sha512_sha512(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "sha512", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *string = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -94,16 +95,29 @@ _sha512_sha512(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObje if (!noptargs) { goto skip_optional_pos; } - string = args[0]; + if (args[0]) { + string = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _sha512_sha512_impl(module, string); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _sha512_sha512_impl(module, string, usedforsecurity); exit: return return_value; } PyDoc_STRVAR(_sha512_sha384__doc__, -"sha384($module, /, string=b\'\')\n" +"sha384($module, /, string=b\'\', *, usedforsecurity=True)\n" "--\n" "\n" "Return a new SHA-384 hash object; optionally initialized with a string."); @@ -112,17 +126,18 @@ PyDoc_STRVAR(_sha512_sha384__doc__, {"sha384", (PyCFunction)(void(*)(void))_sha512_sha384, METH_FASTCALL|METH_KEYWORDS, _sha512_sha384__doc__}, static PyObject * -_sha512_sha384_impl(PyObject *module, PyObject *string); +_sha512_sha384_impl(PyObject *module, PyObject *string, int usedforsecurity); static PyObject * _sha512_sha384(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames) { PyObject *return_value = NULL; - static const char * const _keywords[] = {"string", NULL}; + static const char * const _keywords[] = {"string", "usedforsecurity", NULL}; static _PyArg_Parser _parser = {NULL, _keywords, "sha384", 0}; - PyObject *argsbuf[1]; + PyObject *argsbuf[2]; Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0; PyObject *string = NULL; + int usedforsecurity = 1; args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 0, 1, 0, argsbuf); if (!args) { @@ -131,11 +146,24 @@ _sha512_sha384(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObje if (!noptargs) { goto skip_optional_pos; } - string = args[0]; + if (args[0]) { + string = args[0]; + if (!--noptargs) { + goto skip_optional_pos; + } + } skip_optional_pos: - return_value = _sha512_sha384_impl(module, string); + if (!noptargs) { + goto skip_optional_kwonly; + } + usedforsecurity = PyObject_IsTrue(args[1]); + if (usedforsecurity < 0) { + goto exit; + } +skip_optional_kwonly: + return_value = _sha512_sha384_impl(module, string, usedforsecurity); exit: return return_value; } -/*[clinic end generated code: output=580df4b667084a7e input=a9049054013a1b77]*/ +/*[clinic end generated code: output=bbfa72d8703c82b5 input=a9049054013a1b77]*/ |