Skip to content

gh-136968: fortify macro usage in cryptographic modules #136973

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jul 28, 2025
Merged

gh-136968: fortify macro usage in cryptographic modules #136973

merged 5 commits into from
Jul 28, 2025
+116 −78

Conversation

picnixz
Copy link
Member

@picnixz picnixz commented Jul 22, 2025
edited by bedevere-app bot
Loading

@picnixz picnixz added skip news needs backport to 3.14 bugs and security fixes type-refactor Code refactoring (with no changes in behavior) labels Jul 22, 2025
@bedevere-app bedevere-app bot mentioned this pull request Jul 22, 2025
Closed
@picnixz picnixz marked this pull request as ready for review July 22, 2025 09:40
@picnixz picnixz requested review from gpshead and tiran as code owners July 22, 2025 09:40
@picnixz picnixz force-pushed the refactor/cryptography/fortify-macros-136968 branch from ad5b0d0 to aa41a74 Compare July 22, 2025 09:41
@picnixz picnixz added the 🔨 test-with-refleak-buildbots Test PR w/ refleak buildbots; report in status section label Jul 22, 2025
@bedevere-bot
Copy link

🤖 New build scheduled with the buildbot fleet by @picnixz for commit aa41a74 🤖

Results will be shown at:

https://buildbot.python.org/all/#/grid?branch=refs%2Fpull%2F136973%2Fmerge

If you want to schedule another build, you need to add the 🔨 test-with-refleak-buildbots label again.

@bedevere-bot bedevere-bot removed the 🔨 test-with-refleak-buildbots Test PR w/ refleak buildbots; report in status section label Jul 22, 2025
@picnixz picnixz marked this pull request as draft July 25, 2025 14:44
@picnixz picnixz force-pushed the refactor/cryptography/fortify-macros-136968 branch 2 times, most recently from 8884b4a to aa41a74 Compare July 25, 2025 14:45
@picnixz picnixz marked this pull request as ready for review July 26, 2025 07:03
@picnixz picnixz marked this pull request as draft July 26, 2025 07:04
picnixz
picnixz commented Jul 26, 2025
View reviewed changes
Modules/hmacmodule.c Outdated
(const char *)out, \
Py_hmac_## HACL_HID ##_digest_size \
); \
#define Py_HMAC_HACL_ONESHOT(HACL_HID, KEY, MSG) \
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I could have rewritten this macro as well, but I don't really want to trade safety for speed here. By using a function I would need:

  • Over-allocate the digest buffer or still use a macro to pre-allocate the buffer with its exact size or pass it to that function. None of them is satisfying to me because of it would make the function non-reusable due to its signature or the fact that it expects the buffer to be pre-allocated.
  • Use pointer to functions for the dedicated computation functions. This is not optimal. Alternatively, I could use a dispatch mechanism to recover both the function and the digest size dynamically but it's again an overkill when I can directly access them.

At least, the part that made me suffer has been turned into a regular function (namely hmac_get_buffer_views) so I'm happy for now.

picnixz
picnixz commented Jul 26, 2025
View reviewed changes
@picnixz picnixz marked this pull request as ready for review July 26, 2025 07:38
@picnixz picnixz enabled auto-merge (squash) July 28, 2025 07:11
@picnixz picnixz merged commit eefd70f into python:main Jul 28, 2025
40 checks passed
@miss-islington-app
Copy link

Thanks @picnixz for the PR 🌮🎉.. I'm working now to backport this PR to: 3.14.
🐍🍒⛏🤖

@miss-islington-app
Copy link

Sorry, @picnixz, I could not cleanly backport this to 3.14 due to a conflict.
Please backport using cherry_picker on command line.

cherry_picker eefd70f0ed51e46fa9ff3d465dcf977bd4af28de 3.14

@picnixz
Copy link
Member Author

picnixz commented Jul 28, 2025

Why should I expect no conflicts when doing refactorization...

@picnixz picnixz deleted the refactor/cryptography/fortify-macros-136968 branch July 28, 2025 07:52
picnixz added a commit to picnixz/cpython that referenced this pull request Jul 28, 2025
@picnixz
[3.14] pythongh-136968: fortify macro usage in cryptographic modules (p…
a46976a 
…ythonGH-136973)

Macros used in cryptographic extension modules are partially rewritten
to use `static inline` functions when possible to help code completion.
(cherry picked from commit eefd70f)

Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
@bedevere-app
Copy link

bedevere-app bot commented Jul 28, 2025

GH-137160 is a backport of this pull request to the 3.14 branch.

@bedevere-app bedevere-app bot removed the needs backport to 3.14 bugs and security fixes label Jul 28, 2025
@bedevere-bot

This comment was marked as off-topic.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gpshead gpshead gpshead approved these changes

@tiran tiran Awaiting requested review from tiran tiran is a code owner

Assignees
No one assigned
Labels
skip news type-refactor Code refactoring (with no changes in behavior)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@picnixz @bedevere-bot @gpshead
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy