Remove HashLib IHash leak from public IDigest#126
Merged
Conversation
IDigest is an adapter over HashLib4Pascal's IHash, but it re-exposed that IHash on its public contract via GetUnderlyingHasher/UnderlyingHasher. That baked HashLib into the public digest API (ClpIDigest.pas itself used HlpIHash) and advertised a capability not every digest has - TPrehash returned nil, so building an HMAC from a prehash digest passed nil into HashLib and crashed cryptically. Move the raw-hash access off IDigest onto a small internal capability interface, IBackingHashProvider (property BackingHash), implemented by TDigest. The public IDigest is now HashLib-free. - New ClpIBackingHashProvider.pas; IDigest drops GetUnderlyingHasher and its HlpIHash dependency. - TDigest implements IBackingHashProvider (GetUnderlyingHasher -> GetBackingHash); TPrehash's override still returns nil. - THMac and TPkcs5S2ParametersGenerator obtain the hash via Supports(digest, IBackingHashProvider, p) then p.BackingHash, raising a clear "digest does not provide a backing hash" error when it is nil/absent (fixes the prehash nil footgun). - TDsaParametersGenerator replaces the `hasher is TSHA1` type check with AlgorithmName = 'SHA-1', dropping the HlpSHA1 import.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
IDigest is an adapter over HashLib4Pascal's IHash, but it re-exposed that IHash on its public contract via GetUnderlyingHasher/UnderlyingHasher. That baked HashLib into the public digest API (ClpIDigest.pas itself used HlpIHash) and advertised a capability not every digest has - TPrehash returned nil, so building an HMAC from a prehash digest passed nil into HashLib and crashed cryptically.
Move the raw-hash access off IDigest onto a small internal capability interface, IBackingHashProvider (property BackingHash), implemented by TDigest. The public IDigest is now HashLib-free.
hasher is TSHA1type check with AlgorithmName = 'SHA-1', dropping the HlpSHA1 import.