gh-136968: fortify macro usage in cryptographic modules #136973
Conversation
picnixz
added
skip news
needs backport to 3.14
picnixz
force-pushed
the
refactor/cryptography/fortify-macros-136968
branch
from
ad5b0d0 to
aa41a74
Compare
picnixz
added
the
🔨 test-with-refleak-buildbots
|
🤖 New build scheduled with the buildbot fleet by @picnixz for commit aa41a74 🤖 Results will be shown at: https://buildbot.python.org/all/#/grid?branch=refs%2Fpull%2F136973%2Fmerge If you want to schedule another build, you need to add the 🔨 test-with-refleak-buildbots label again. |
bedevere-bot
removed
the
🔨 test-with-refleak-buildbots
picnixz
force-pushed
the
refactor/cryptography/fortify-macros-136968
branch
2 times, most recently
from
8884b4a to
aa41a74
Compare
Modules/hmacmodule.c
Outdated
| (const char *)out, \ | ||
| Py_hmac_## HACL_HID ##_digest_size \ | ||
| ); \ | ||
| #define Py_HMAC_HACL_ONESHOT(HACL_HID, KEY, MSG) \ |
There was a problem hiding this comment.
I could have rewritten this macro as well, but I don't really want to trade safety for speed here. By using a function I would need:
- Over-allocate the digest buffer or still use a macro to pre-allocate the buffer with its exact size or pass it to that function. None of them is satisfying to me because of it would make the function non-reusable due to its signature or the fact that it expects the buffer to be pre-allocated.
- Use pointer to functions for the dedicated computation functions. This is not optimal. Alternatively, I could use a dispatch mechanism to recover both the function and the digest size dynamically but it's again an overkill when I can directly access them.
At least, the part that made me suffer has been turned into a regular function (namely hmac_get_buffer_views) so I'm happy for now.
|
Thanks @picnixz for the PR 🌮🎉.. I'm working now to backport this PR to: 3.14. |
|
Sorry, @picnixz, I could not cleanly backport this to |
|
Why should I expect no conflicts when doing refactorization... |
…ythonGH-136973) Macros used in cryptographic extension modules are partially rewritten to use `static inline` functions when possible to help code completion. (cherry picked from commit eefd70f) Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
|
GH-137160 is a backport of this pull request to the 3.14 branch. |
This comment was marked as off-topic.
This comment was marked as off-topic.
…#136973) Macros used in cryptographic extension modules are partially rewritten to use `static inline` functions when possible to help code completion.
Uh oh!
There was an error while loading. Please reload this page.