➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2020-05-03 10:52 by christian.heimes, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 19880 | closed | christian.heimes, 2020-05-03 10:55 | |
| Messages (4) | |||
|---|---|---|---|
| msg367968 - (view) | Author: Christian Heimes (christian.heimes) *  |
Date: 2020-05-03 10:52 | |
Python uses valid Python identifiers for hashing algorithms while OpenSSL uses slightly different default names. For example OpenSSL uses "SHA3-256" while Python has "sha3_256". The function py_digest_by_name() in _hashopenssl.c maps from Python names to EVP_MD pointer. It's possible to simplify the lookup by registering Python's aliases with OpenSSL, e.g. EVP_add_digest_alias(SN_sha3_512, "sha3_512"). Also see https://github.com/openssl/openssl/issues/11715 |
|||
| msg367979 - (view) | Author: Gregory P. Smith (gregory.p.smith) * |
Date: 2020-05-03 15:53 | |
Adding aliases in openssl is presumably process global right? Is that wise given it'd mean other openssl using c/c++ code in the process would now see the same aliases and could behave differently when used with python vs without? On Sun, May 3, 2020, 3:55 AM Christian Heimes <report@bugs.python.org> wrote: > > Change by Christian Heimes <lists@cheimes.de>: > > > ---------- > keywords: +patch > pull_requests: +19193 > pull_request: https://github.com/python/cpython/pull/19880 > > _______________________________________ > Python tracker <report@bugs.python.org> > <https://bugs.python.org/issue40482> > _______________________________________ > |
|||
| msg367980 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2020-05-03 16:10 | |
Yes, it changes the global state of libcrypto.
I consider the risk to other application slim to non-existing. Two cases are problematic:
1) an application relies on the fact that EVP_get_digestbyname("sha3_256") fails.
2) an application also uses EVP_add_digest_alias() but registers a different digest algorithm.
Both cases seem highly unlikely to me.
|
|||
| msg391311 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-04-17 19:41 | |
I decided against the approach. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:30 | admin | set | github: 84662 |
| 2021-04-17 19:41:03 | christian.heimes | set | status: open -> closed resolution: rejected messages: + msg391311 stage: patch review -> resolved |
| 2020-05-03 16:10:24 | christian.heimes | set | messages: + msg367980 |
| 2020-05-03 15:53:30 | gregory.p.smith | set | messages: + msg367979 |
| 2020-05-03 10:55:47 | christian.heimes | set | keywords:
+ patch pull_requests: + pull_request19193 |
| 2020-05-03 10:52:09 | christian.heimes | create | |