Skip to content

Commit 4a151ca

Browse files
picnixzpicnixz
authored
gh-134531: prefer using _hashlib module state instead of module object (#136865)
Some internal helper functions taking the module object to retrieve its state under some conditions now directly take the module's state instead as those conditions hold most of the time.
1 parent c504f62 commit 4a151ca

File tree

1 file changed

+20
-28
lines changed

1 file changed

+20
-28
lines changed

Modules/_hashopenssl.c

Lines changed: 20 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -495,8 +495,8 @@ raise_unsupported_algorithm_impl(PyObject *exc_type,
495495
{
496496
// Since OpenSSL 3.0, if the algorithm is not supported or fetching fails,
497497
// the reason lacks the algorithm name.
498-
int errcode = ERR_peek_last_error(), reason_id;
499-
switch (reason_id = ERR_GET_REASON(errcode)) {
498+
int errcode = ERR_peek_last_error();
499+
switch (ERR_GET_REASON(errcode)) {
500500
case ERR_R_UNSUPPORTED: {
501501
PyObject *text = PyUnicode_FromFormat(fallback_format, format_arg);
502502
if (text != NULL) {
@@ -651,14 +651,11 @@ disable_fips_property(Py_hash_type py_ht)
651651
* If 'name' is an OpenSSL indexed name, the return value is cached.
652652
*/
653653
static PY_EVP_MD *
654-
get_openssl_evp_md_by_utf8name(PyObject *module, const char *name,
654+
get_openssl_evp_md_by_utf8name(_hashlibstate *state, const char *name,
655655
Py_hash_type py_ht)
656656
{
657657
PY_EVP_MD *digest = NULL, *other_digest = NULL;
658-
_hashlibstate *state = get_hashlib_state(module);
659-
py_hashentry_t *entry = (py_hashentry_t *)_Py_hashtable_get(
660-
state->hashtable, (const void*)name
661-
);
658+
py_hashentry_t *entry = _Py_hashtable_get(state->hashtable, name);
662659

663660
if (entry != NULL) {
664661
if (!disable_fips_property(py_ht)) {
@@ -715,26 +712,25 @@ get_openssl_evp_md_by_utf8name(PyObject *module, const char *name,
715712
* py_ht The message digest purpose.
716713
*/
717714
static PY_EVP_MD *
718-
get_openssl_evp_md(PyObject *module, PyObject *digestmod, Py_hash_type py_ht)
715+
get_openssl_evp_md(_hashlibstate *state, PyObject *digestmod, Py_hash_type py_ht)
719716
{
720717
const char *name;
721718
if (PyUnicode_Check(digestmod)) {
722719
name = PyUnicode_AsUTF8(digestmod);
723720
}
724721
else {
725-
PyObject *dict = get_hashlib_state(module)->constructs;
722+
PyObject *dict = state->constructs;
726723
assert(dict != NULL);
727724
PyObject *borrowed_ref = PyDict_GetItemWithError(dict, digestmod);
728725
name = borrowed_ref == NULL ? NULL : PyUnicode_AsUTF8(borrowed_ref);
729726
}
730727
if (name == NULL) {
731728
if (!PyErr_Occurred()) {
732-
_hashlibstate *state = get_hashlib_state(module);
733729
raise_unsupported_algorithm_error(state, digestmod);
734730
}
735731
return NULL;
736732
}
737-
return get_openssl_evp_md_by_utf8name(module, name, py_ht);
733+
return get_openssl_evp_md_by_utf8name(state, name, py_ht);
738734
}
739735

740736
// --- OpenSSL HASH wrappers --------------------------------------------------
@@ -1191,7 +1187,7 @@ static PyType_Spec HASHXOFobject_type_spec = {
11911187
#endif
11921188

11931189
static PyObject *
1194-
_hashlib_HASH(PyObject *module, const char *digestname, PyObject *data_obj,
1190+
_hashlib_HASH(_hashlibstate *state, const char *digestname, PyObject *data_obj,
11951191
int usedforsecurity)
11961192
{
11971193
Py_buffer view = { 0 };
@@ -1203,19 +1199,13 @@ _hashlib_HASH(PyObject *module, const char *digestname, PyObject *data_obj,
12031199
GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view);
12041200
}
12051201

1206-
digest = get_openssl_evp_md_by_utf8name(
1207-
module, digestname, usedforsecurity ? Py_ht_evp : Py_ht_evp_nosecurity
1208-
);
1202+
Py_hash_type purpose = usedforsecurity ? Py_ht_evp : Py_ht_evp_nosecurity;
1203+
digest = get_openssl_evp_md_by_utf8name(state, digestname, purpose);
12091204
if (digest == NULL) {
12101205
goto exit;
12111206
}
12121207

1213-
if ((EVP_MD_flags(digest) & EVP_MD_FLAG_XOF) == EVP_MD_FLAG_XOF) {
1214-
type = get_hashlib_state(module)->HASHXOF_type;
1215-
} else {
1216-
type = get_hashlib_state(module)->HASH_type;
1217-
}
1218-
1208+
type = PY_EVP_MD_xof(digest) ? state->HASHXOF_type : state->HASH_type;
12191209
self = new_hash_object(type);
12201210
if (self == NULL) {
12211211
goto exit;
@@ -1267,7 +1257,8 @@ _hashlib_HASH(PyObject *module, const char *digestname, PyObject *data_obj,
12671257
if (_Py_hashlib_data_argument(&data_obj, DATA, STRING) < 0) { \
12681258
return NULL; \
12691259
} \
1270-
return _hashlib_HASH(MODULE, NAME, data_obj, USEDFORSECURITY); \
1260+
_hashlibstate *state = get_hashlib_state(MODULE); \
1261+
return _hashlib_HASH(state, NAME, data_obj, USEDFORSECURITY); \
12711262
} while (0)
12721263

12731264
/* The module-level function: new() */
@@ -1569,12 +1560,14 @@ pbkdf2_hmac_impl(PyObject *module, const char *hash_name,
15691560
PyObject *dklen_obj)
15701561
/*[clinic end generated code: output=144b76005416599b input=ed3ab0d2d28b5d5c]*/
15711562
{
1563+
_hashlibstate *state = get_hashlib_state(module);
15721564
PyObject *key_obj = NULL;
15731565
char *key;
15741566
long dklen;
15751567
int retval;
15761568

1577-
PY_EVP_MD *digest = get_openssl_evp_md_by_utf8name(module, hash_name, Py_ht_pbkdf2);
1569+
PY_EVP_MD *digest = get_openssl_evp_md_by_utf8name(state, hash_name,
1570+
Py_ht_pbkdf2);
15781571
if (digest == NULL) {
15791572
goto end;
15801573
}
@@ -1773,6 +1766,7 @@ _hashlib_hmac_singleshot_impl(PyObject *module, Py_buffer *key,
17731766
Py_buffer *msg, PyObject *digest)
17741767
/*[clinic end generated code: output=82f19965d12706ac input=0a0790cc3db45c2e]*/
17751768
{
1769+
_hashlibstate *state = get_hashlib_state(module);
17761770
unsigned char md[EVP_MAX_MD_SIZE] = {0};
17771771
unsigned int md_len = 0;
17781772
unsigned char *result;
@@ -1790,7 +1784,7 @@ _hashlib_hmac_singleshot_impl(PyObject *module, Py_buffer *key,
17901784
return NULL;
17911785
}
17921786

1793-
evp = get_openssl_evp_md(module, digest, Py_ht_mac);
1787+
evp = get_openssl_evp_md(state, digest, Py_ht_mac);
17941788
if (evp == NULL) {
17951789
return NULL;
17961790
}
@@ -1808,7 +1802,6 @@ _hashlib_hmac_singleshot_impl(PyObject *module, Py_buffer *key,
18081802

18091803
if (result == NULL) {
18101804
if (is_xof) {
1811-
_hashlibstate *state = get_hashlib_state(module);
18121805
/* use a better default error message if an XOF is used */
18131806
raise_unsupported_algorithm_error(state, digest);
18141807
}
@@ -1862,6 +1855,7 @@ _hashlib_hmac_new_impl(PyObject *module, Py_buffer *key, PyObject *msg_obj,
18621855
PyObject *digestmod)
18631856
/*[clinic end generated code: output=c20d9e4d9ed6d219 input=5f4071dcc7f34362]*/
18641857
{
1858+
_hashlibstate *state = get_hashlib_state(module);
18651859
PY_EVP_MD *digest;
18661860
HMAC_CTX *ctx = NULL;
18671861
HMACobject *self = NULL;
@@ -1879,7 +1873,7 @@ _hashlib_hmac_new_impl(PyObject *module, Py_buffer *key, PyObject *msg_obj,
18791873
return NULL;
18801874
}
18811875

1882-
digest = get_openssl_evp_md(module, digestmod, Py_ht_mac);
1876+
digest = get_openssl_evp_md(state, digestmod, Py_ht_mac);
18831877
if (digest == NULL) {
18841878
return NULL;
18851879
}
@@ -1895,7 +1889,6 @@ _hashlib_hmac_new_impl(PyObject *module, Py_buffer *key, PyObject *msg_obj,
18951889
PY_EVP_MD_free(digest);
18961890
if (r == 0) {
18971891
if (is_xof) {
1898-
_hashlibstate *state = get_hashlib_state(module);
18991892
/* use a better default error message if an XOF is used */
19001893
raise_unsupported_algorithm_error(state, digestmod);
19011894
}
@@ -1905,7 +1898,6 @@ _hashlib_hmac_new_impl(PyObject *module, Py_buffer *key, PyObject *msg_obj,
19051898
goto error;
19061899
}
19071900

1908-
_hashlibstate *state = get_hashlib_state(module);
19091901
self = PyObject_New(HMACobject, state->HMAC_type);
19101902
if (self == NULL) {
19111903
goto error;

0 commit comments

Comments
 (0)