Refactor tests for HMAC #130149
Assignees
Labels
Comments
picnixz
added
tests
1 task
picnixz
added a commit
that referenced
this issue
Mar 3, 2025
Since we plan to introduce a built-in implementation for HMAC based on HACL*, it becomes important for the HMAC tests to be flexible enough to avoid code duplication. In addition to the new layout based on mixin classes, we extend test coverage by also testing the `__repr__` of HMAC objects and the HMAC one-shot functions. We also fix the import to `_sha256` which, since gh-101924, resulted in some tests being skipped as the module is no more available (its content was moved to the `_sha2` module).
|
I won't backport this one because there will be too many conflicts. In addition, since we won't have multiple implementations of HMAC on 3.12 and 3.13, there is no need for the mixins. |
picnixz
added a commit
that referenced
this issue
Mar 4, 2025
Skips some HMAC tests for some FIPS-only build bots that do not have the underlying hash functions.
|
I'm re-opening this one as I want to introduce some tweaks I did in #130157 instead of the other PR. |
picnixz
added a commit
that referenced
this issue
Mar 17, 2025
New features: * refactor `hashlib_helper.requires_hashdigest` in prevision of a future `hashlib_helper.requires_builtin_hashdigest` for built-in hashes only * add `hashlib_helper.requires_openssl_hashdigest` to request OpenSSL hashes, assuming that `_hashlib` exists. Refactoring: * split hmac.copy() test by implementation * update how algorithms are discovered for RFC test cases * simplify how OpenSSL hash digests are requested * refactor hexdigest tests for RFC test vectors * typo fix: `assert_hmac_hexdigest_by_new` -> `assert_hmac_hexdigest_by_name` Improvements: * strengthen contract on `hmac_new_by_name` and `hmac_digest_by_name` * rename mixin classes to better match their responsibility
plashchynski
pushed a commit
to plashchynski/cpython
that referenced
this issue
Mar 17, 2025
…1318) New features: * refactor `hashlib_helper.requires_hashdigest` in prevision of a future `hashlib_helper.requires_builtin_hashdigest` for built-in hashes only * add `hashlib_helper.requires_openssl_hashdigest` to request OpenSSL hashes, assuming that `_hashlib` exists. Refactoring: * split hmac.copy() test by implementation * update how algorithms are discovered for RFC test cases * simplify how OpenSSL hash digests are requested * refactor hexdigest tests for RFC test vectors * typo fix: `assert_hmac_hexdigest_by_new` -> `assert_hmac_hexdigest_by_name` Improvements: * strengthen contract on `hmac_new_by_name` and `hmac_digest_by_name` * rename mixin classes to better match their responsibility
seehwan
pushed a commit
to seehwan/cpython
that referenced
this issue
Apr 16, 2025
Since we plan to introduce a built-in implementation for HMAC based on HACL*, it becomes important for the HMAC tests to be flexible enough to avoid code duplication. In addition to the new layout based on mixin classes, we extend test coverage by also testing the `__repr__` of HMAC objects and the HMAC one-shot functions. We also fix the import to `_sha256` which, since pythongh-101924, resulted in some tests being skipped as the module is no more available (its content was moved to the `_sha2` module).
seehwan
pushed a commit
to seehwan/cpython
that referenced
this issue
Apr 16, 2025
…#130788) Skips some HMAC tests for some FIPS-only build bots that do not have the underlying hash functions.
seehwan
pushed a commit
to seehwan/cpython
that referenced
this issue
Apr 16, 2025
…1318) New features: * refactor `hashlib_helper.requires_hashdigest` in prevision of a future `hashlib_helper.requires_builtin_hashdigest` for built-in hashes only * add `hashlib_helper.requires_openssl_hashdigest` to request OpenSSL hashes, assuming that `_hashlib` exists. Refactoring: * split hmac.copy() test by implementation * update how algorithms are discovered for RFC test cases * simplify how OpenSSL hash digests are requested * refactor hexdigest tests for RFC test vectors * typo fix: `assert_hmac_hexdigest_by_new` -> `assert_hmac_hexdigest_by_name` Improvements: * strengthen contract on `hmac_new_by_name` and `hmac_digest_by_name` * rename mixin classes to better match their responsibility
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The tests for HMAC are organized in such a way that makes the adoption of HACL* HMAC harder. More precisely, it'll be a bit harder to test the OpenSSL and the HACL* implementation of HMAC (for instance, some tests may or may not work with HACL* as they only support a subset of the hash functions supported by OpenSSL).
I am suggesting a way to make the test interface more generic using mixin classes. For instance, we have multiple ways of creating a HMAC object. It can be through
hmac.HMACor throughhmac.newor through_hashlib.hmac_new. Whilehmac.newandhmac.HMACare identical,_hashlib.hmac_newis different in the sense that the signature is different as well (and that the objects being returned are also different; they are not instances ofhmac.HMACbut instances of_hashlib.HMAC, though they implement the same interface).Now, once we add HACL* implementation, the interface will be similar to the Python implementation of HMAC and thus we need to test them both. Currently, it's hard to switch from the Python module implementation to the C implementation.
Linked PRs
test_hmac.py#131318The text was updated successfully, but these errors were encountered: