always fallback to the pure Python implementation

picnixz · picnixz · commit 2bb7fb6a0920 · 2025-07-22T16:49:04.000+02:00
diff --git a/Lib/hmac.py b/Lib/hmac.py
@@ -242,22 +242,24 @@ def digest(key, msg, digest):
         try:
             return _hashopenssl.hmac_digest(key, msg, digest)
         except OverflowError:
-            try:
-                return _hashopenssl.hmac_new(key, msg, digest).digest()
-            except _hashopenssl.UnsupportedDigestmodError:
-                pass
+            # OpenSSL's HMAC limits the size of the key to INT_MAX.
+            # Instead of falling back to HACL* implementation which
+            # may still not be supported due to a too large key, we
+            # directly switch to the pure Python fallback instead
+            # even if we could have used streaming HMAC for small keys
+            # but large messages.
+            return _compute_digest_fallback(key, msg, digest)
         except _hashopenssl.UnsupportedDigestmodError:
             pass
 
     if _hmac and isinstance(digest, str):
         try:
             return _hmac.compute_digest(key, msg, digest)
-        except OverflowError:
-            try:
-                return _hmac.new(key, msg, digest).digest()
-            except _hmac.UnknownHashError:
-                pass
-        except _hmac.UnknownHashError:
+        except (OverflowError, _hmac.UnknownHashError):
+            # HACL* HMAC limits the size of the key to UINT32_MAX
+            # so we fallback to the pure Python implementation even
+            # if streaming HMAC may have been used for small keys
+            # and large messages.
             pass
 
     return _compute_digest_fallback(key, msg, digest)
diff --git a/Lib/test/test_hmac.py b/Lib/test/test_hmac.py
@@ -1506,37 +1506,28 @@ def test_with_fallback(self):
     @hashlib_helper.requires_openssl_hashdigest("md5")
     @bigmemtest(size=_4G, memuse=2, dry_run=False)
     def test_hmac_digest_overflow_error_openssl_only(self, size):
-        self.do_test_hmac_digest_overflow_error_fast(size, openssl=True)
+        hmac = import_fresh_module("hmac", blocked=["_hmac"])
+        self.do_test_hmac_digest_overflow_error_switch_to_slow(hmac, size)
 
     @hashlib_helper.requires_builtin_hashdigest("_md5", "md5")
     @bigmemtest(size=_4G , memuse=2, dry_run=False)
     def test_hmac_digest_overflow_error_builtin_only(self, size):
-        self.do_test_hmac_digest_overflow_error_fast(size, openssl=False)
-
-    def do_test_hmac_digest_overflow_error_fast(self, size, *, openssl):
-        """Check that C hmac.digest() works for large inputs."""
-
-        if openssl:
-            hmac = import_fresh_module("hmac", blocked=["_hashlib"])
-            c_module_name, c_method_name = "_hmac", "new"
-        else:
-            hmac = import_fresh_module("hmac", blocked=["_hmac"])
-            c_module_name, c_method_name = "_hashlib", "hmac_new"
+        hmac = import_fresh_module("hmac", blocked=["_hashlib"])
+        self.do_test_hmac_digest_overflow_error_switch_to_slow(hmac, size)
 
-        cext = import_helper.import_module(c_module_name)
-        cnew = getattr(cext, c_method_name)
+    def do_test_hmac_digest_overflow_error_switch_to_slow(self, hmac, size):
+        """Check that hmac.digest() falls back to pure Python."""
 
         bigkey = b'K' * size
         bigmsg = b'M' * size
 
         with patch.object(hmac, "_compute_digest_fallback") as slow:
-            with patch.object(cext, c_method_name, wraps=cnew) as new:
-                self.assertIsInstance(hmac.digest(bigkey, b'm', "md5"), bytes)
-            new.assert_called_once()
-            with patch.object(cext, c_method_name, wraps=cnew) as new:
-                self.assertIsInstance(hmac.digest(b'k', bigmsg, "md5"), bytes)
-            new.assert_called_once()
-        slow.assert_not_called()
+            self.assertIsInstance(hmac.digest(bigkey, b'm', "md5"), bytes)
+        slow.assert_called_once()
+
+        with patch.object(hmac, "_compute_digest_fallback") as slow:
+            self.assertIsInstance(hmac.digest(b'k', bigmsg, "md5"), bytes)
+        slow.assert_called_once()
 
     @hashlib_helper.requires_hashdigest("md5", openssl=True)
     @bigmemtest(size=_4G, memuse=2, dry_run=False)
diff --git a/Misc/NEWS.d/next/Library/2025-07-21-11-56-47.gh-issue-136912.zWosAL.rst b/Misc/NEWS.d/next/Library/2025-07-21-11-56-47.gh-issue-136912.zWosAL.rst
@@ -1,2 +1,2 @@
-One-shot :func:`hmac.digest` now properly handles large keys and messages
-by delegating to :func:`hmac.new` when possible. Patch by Bénédikt Tran.
+One-shot :func:`hmac.digest` now properly handles large keys and messages.
+Patch by Bénédikt Tran.
