Skip to content

Handle error scenarios of HACL* functions #131316

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
chris-eibl opened this issue Mar 16, 2025 · 2 comments
Closed

Handle error scenarios of HACL* functions #131316

chris-eibl opened this issue Mar 16, 2025 · 2 comments
Assignees
@picnixz
Labels
extension-modules C modules in the Modules dir type-feature A feature request or enhancement

Comments

@chris-eibl
Copy link
Member

chris-eibl commented Mar 16, 2025
edited by bedevere-app bot
Loading

This is a follow-up on #130960 (comment):

For all hash algorithms (NEW with this PR):
malloc, malloc_with_params_and_key, malloc_with_key: may return NULL (out of memory)
copy: may return NULL (out of memory)

Full list from #130960 (comment)

For Hacl_Streaming_HMAC:

  • malloc may return OutOfMemory, InvalidAlgorithm (e.g. requesting Blake2b_256 on an ARM machine), or Success
  • reset may return InvalidLength (if trying to reset the state with a key of different length, this is not supported), or Success
  • update: MaximumLengthExceeded or Success
  • digest: OutOfMemory or Success
  • copy: may return NULL (indicates out of memory)

For all hash algorithms (NEW with this PR):

  • malloc, malloc_with_params_and_key, malloc_with_key: may return NULL (out of memory)
  • copy: may return NULL (out of memory)

For SHA3/Keccak only:

  • digest may return InvalidAlgorithm (if the algorithm is shake)
  • squeeze may return InvalidAlgorithm (if the algorithm is not shake)

I think all of these can be handled as a followup, I just thought it would be good to have it in writing here so that you can decide which of these are worth checking for. The reason I brought up other hash algorithms is that, since you requested (or maybe @picnixz ?) proper out of memory handling in HACL*, we now may return NULL for other algorithms (like hash algorithms), meaning that this PR will introduce new possibly-NULL return values as a side-effect of updating the vendored copy of HACL*.

For the record, Python ignores MaximumLengthExceeded on the basis that this cannot happen in practice.

Linked PRs
@picnixz picnixz added type-feature A feature request or enhancement extension-modules C modules in the Modules dir labels Mar 16, 2025
@picnixz

This comment has been minimized.

Sign in to view
@chris-eibl
Copy link
Member Author

I don't think I've got enough bandwith atm. Please take over ❤

@picnixz picnixz self-assigned this Mar 16, 2025
@bedevere-app bedevere-app bot mentioned this issue Mar 16, 2025
Merged
picnixz added a commit that referenced this issue Mar 17, 2025
@picnixz
gh-131316: handle NULL values returned by HACL* functions (#131324)
261633b 
- Handle NULL returned by allocation functions.
- Handle NULL returned by copy functions.
- Suppress unused impossible return codes.
@picnixz picnixz closed this as completed Mar 17, 2025
plashchynski pushed a commit to plashchynski/cpython that referenced this issue Mar 17, 2025
@picnixz @plashchynski
pythongh-131316: handle NULL values returned by HACL* functions (pyth…
e042956 
…on#131324)

- Handle NULL returned by allocation functions.
- Handle NULL returned by copy functions.
- Suppress unused impossible return codes.
seehwan pushed a commit to seehwan/cpython that referenced this issue Apr 16, 2025
@picnixz @seehwan80
pythongh-131316: handle NULL values returned by HACL* functions (pyth…
3450563 
…on#131324)

- Handle NULL returned by allocation functions.
- Handle NULL returned by copy functions.
- Suppress unused impossible return codes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@picnixz picnixz

Labels
extension-modules C modules in the Modules dir type-feature A feature request or enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@picnixz @chris-eibl