gh-134531: [PoC] allow to use EVP_MAC API #135235
Conversation
|
!buildbot FIPS |
|
🤖 New build scheduled with the buildbot fleet by @picnixz for commit c444180 🤖 Results will be shown at: https://buildbot.python.org/all/#/grid?branch=refs%2Fpull%2F135235%2Fmerge The command will test the builders whose names match following regular expression: The builders matched are:
|
There was a problem hiding this comment.
Overall, there is also something I wanted to investigate, namely "is it faster to use SN_* names or LN_* names for OpenSSL" and whether it's better to cache the NID (as it's only used in __repr__ or .name) or directly cache a const char *.
I'll need more experiments for this one but this also applies to the existing code where we work with EVP_MD objects instead of caching their properties.
| static void | ||
| raise_smart_ssl_error(PyObject *exc_type, const char *fallback_format, ...) | ||
| { | ||
|
|
| #define EVP_MAC_INCREF(MAC) (void)EVP_MAC_up_ref(MAC) | ||
| #define EVP_MAC_DECREF(MAC) EVP_MAC_free(MAC) |
There was a problem hiding this comment.
I don't need this anymore.
| #define EVP_MAC_INCREF(MAC) do {} while (0) | ||
| #define EVP_MAC_DECREF(MAC) do {} while (0) |
| va_end(vargs); | ||
| } | ||
| } | ||
|
|
||
| /* | ||
| * Set an exception with a generic default message after an error occurred. | ||
| * Same as raise_ssl_error() but raise a MemoryError |
There was a problem hiding this comment.
I'll need to update the comment as we're now using the "smart" exception type helper.
| @@ -464,51 +592,89 @@ get_openssl_evp_md_by_utf8name(PyObject *module, const char *name, | |||
| } | |||
| } | |||
| if (digest == NULL) { | |||
| // NOTE(picnixz): report hash type value instead of name | |||
There was a problem hiding this comment.
This will be tracked by #135234.
| Py_buffer view = {0}; | ||
| GET_BUFFER_VIEW_OR_ERROR(data, &view, return -1); | ||
| if (!self->use_mutex && view.len >= HASHLIB_GIL_MINSIZE) { | ||
| // TODO(picnixz): disable mutex afterwards |
There was a problem hiding this comment.
This will be tracked in #135239.
Just a draft PR for the CI. I'll split the PR tomorrow. Some parts are part of #135234.