https://github.com/python/cpython/commit/1b7470f8cbff4bb9e58edd940a997a3647e285e4
commit: 1b7470f8cbff4bb9e58edd940a997a3647e285e4
branch: main
author: Bénédikt Tran <10796600+picn...@users.noreply.github.com>
committer: picnixz <10796600+picn...@users.noreply.github.com>
date: 2025-04-28T01:14:12+02:00
summary:
gh-133061: do not mention `UINT32_MAX` in HMAC user-facing messages (#133062)
files:
M Modules/hmacmodule.c
diff --git a/Modules/hmacmodule.c b/Modules/hmacmodule.c
index 76079a7679426b..c7b49d4dee3d0a 100644
--- a/Modules/hmacmodule.c
+++ b/Modules/hmacmodule.c
@@ -50,8 +50,21 @@
// --- Reusable error messages ------------------------------------------------
-#define INVALID_KEY_LENGTH "key length exceeds UINT32_MAX"
-#define INVALID_MSG_LENGTH "message length exceeds UINT32_MAX"
+static inline void
+set_invalid_key_length_error(void)
+{
+ (void)PyErr_Format(PyExc_OverflowError,
+ "key length exceeds %u",
+ UINT32_MAX);
+}
+
+static inline void
+set_invalid_msg_length_error(void)
+{
+ (void)PyErr_Format(PyExc_OverflowError,
+ "message length exceeds %u",
+ UINT32_MAX);
+}
// --- HMAC underlying hash function static information -----------------------
@@ -760,7 +773,7 @@ hmac_new_initial_state(HMACObject *self, uint8_t *key,
Py_ssize_t len)
// not rely on HACL* implementation anymore. As such, we explicitly
// reject keys that do not fit on 32 bits until HACL* handles them.
if (len > UINT32_MAX_AS_SSIZE_T) {
- PyErr_SetString(PyExc_OverflowError, INVALID_KEY_LENGTH);
+ set_invalid_key_length_error();
return -1;
}
#endif
@@ -1249,36 +1262,36 @@ _hmac_compute_digest_impl(PyObject *module, PyObject
*key, PyObject *msg,
* lest an OverflowError is raised. The Python implementation takes care
* of dispatching to the OpenSSL implementation in this case.
*/
-#define Py_HMAC_HACL_ONESHOT(HACL_HID, KEY, MSG) \
- do { \
- Py_buffer keyview, msgview; \
- GET_BUFFER_VIEW_OR_ERROUT((KEY), &keyview); \
- if (!has_uint32_t_buffer_length(&keyview)) { \
- PyBuffer_Release(&keyview); \
- PyErr_SetString(PyExc_OverflowError, INVALID_KEY_LENGTH); \
- return NULL; \
- } \
- GET_BUFFER_VIEW_OR_ERROR((MSG), &msgview, \
- PyBuffer_Release(&keyview); \
- return NULL); \
- if (!has_uint32_t_buffer_length(&msgview)) { \
- PyBuffer_Release(&msgview); \
- PyBuffer_Release(&keyview); \
- PyErr_SetString(PyExc_OverflowError, INVALID_MSG_LENGTH); \
- return NULL; \
- } \
- uint8_t out[Py_hmac_## HACL_HID ##_digest_size]; \
- Py_hmac_## HACL_HID ##_compute_func( \
- out, \
- (uint8_t *)keyview.buf, (uint32_t)keyview.len, \
- (uint8_t *)msgview.buf, (uint32_t)msgview.len \
- ); \
- PyBuffer_Release(&msgview); \
- PyBuffer_Release(&keyview); \
- return PyBytes_FromStringAndSize( \
- (const char *)out, \
- Py_hmac_## HACL_HID ##_digest_size \
- ); \
+#define Py_HMAC_HACL_ONESHOT(HACL_HID, KEY, MSG) \
+ do { \
+ Py_buffer keyview, msgview; \
+ GET_BUFFER_VIEW_OR_ERROUT((KEY), &keyview); \
+ if (!has_uint32_t_buffer_length(&keyview)) { \
+ PyBuffer_Release(&keyview); \
+ set_invalid_key_length_error(); \
+ return NULL; \
+ } \
+ GET_BUFFER_VIEW_OR_ERROR((MSG), &msgview, \
+ PyBuffer_Release(&keyview); \
+ return NULL); \
+ if (!has_uint32_t_buffer_length(&msgview)) { \
+ PyBuffer_Release(&msgview); \
+ PyBuffer_Release(&keyview); \
+ set_invalid_msg_length_error(); \
+ return NULL; \
+ } \
+ uint8_t out[Py_hmac_## HACL_HID ##_digest_size]; \
+ Py_hmac_## HACL_HID ##_compute_func( \
+ out, \
+ (uint8_t *)keyview.buf, (uint32_t)keyview.len, \
+ (uint8_t *)msgview.buf, (uint32_t)msgview.len \
+ ); \
+ PyBuffer_Release(&msgview); \
+ PyBuffer_Release(&keyview); \
+ return PyBytes_FromStringAndSize( \
+ (const char *)out, \
+ Py_hmac_## HACL_HID ##_digest_size \
+ ); \
} while (0)
/*[clinic input]
_______________________________________________
Python-checkins mailing list -- python-checkins@python.org
To unsubscribe send an email to python-checkins-le...@python.org
https://mail.python.org/mailman3/lists/python-checkins.python.org/
Member address: arch...@mail-archive.com
