(name)
| 130 | |
| 131 | |
| 132 | def __get_openssl_constructor(name): |
| 133 | # This function is only used until the module has been initialized. |
| 134 | assert isinstance(name, str), "invalid call to __get_openssl_constructor()" |
| 135 | if name in __block_openssl_constructor: |
| 136 | # Prefer our builtin blake2 implementation. |
| 137 | return __get_builtin_constructor(name) |
| 138 | try: |
| 139 | # Fetch the OpenSSL hash function if it exists, |
| 140 | # independently of the context security policy. |
| 141 | f = getattr(_hashlib, 'openssl_' + name) |
| 142 | # Check if the context security policy blocks the digest or not |
| 143 | # by allowing the C module to raise a ValueError. The function |
| 144 | # will be defined but the hash will not be available at runtime. |
| 145 | # |
| 146 | # We use "usedforsecurity=False" to prevent falling back to the |
| 147 | # built-in function in case the security policy does not allow it. |
| 148 | # |
| 149 | # Note that this only affects the explicit named constructors, |
| 150 | # and not the algorithms exposed through hashlib.new() which |
| 151 | # can still be resolved to a built-in function even if the |
| 152 | # current security policy does not allow it. |
| 153 | # |
| 154 | # See https://github.com/python/cpython/issues/84872. |
| 155 | f(usedforsecurity=False) |
| 156 | # Use the C function directly (very fast) |
| 157 | return f |
| 158 | except (AttributeError, ValueError): |
| 159 | return __get_builtin_constructor(name) |
| 160 | |
| 161 | |
| 162 | def __py_new(name, *args, **kwargs): |
nothing calls this directly
no test coverage detected
searching dependent graphs…