➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2014-04-19 00:49 by alex, last changed 2022-04-11 14:58 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| pbkdf2.diff | alex, 2014-04-19 00:49 | review | ||
| pbkdf2.diff | alex, 2014-05-13 13:37 | review | ||
| pbkdf2.diff | alex, 2014-05-21 20:49 | review | ||
| pbkdf2.diff | alex, 2014-05-27 03:06 | review | ||
| Messages (17) | |||
|---|---|---|---|
| msg216823 - (view) | Author: Alex Gaynor (alex) *  |
Date: 2014-04-19 00:49 | |
Pursuant to PEP466, this is a backport of Python 3.4's hashlib.pbkdf2_hmac. Of note in this patch: * None of the utilities for testing both a python and a C implementation simultaneously were present, so this only tests whichever implementation is available. * Due to a variety of API changes and missing APIs, the code is not an exact copy-paste, tough luck :-) * I haven't done docs yet. * It currently accepts unicode values because the ``y*`` format from Python3 doesn't have any parallel in Python2. I'm not sure whether consistency with the rest of the 2-verse is more important than consistency with a sane way to treat data / the 3-verse. |
|||
| msg216841 - (view) | Author: Gregory P. Smith (gregory.p.smith) * |
Date: 2014-04-19 04:33 | |
See also http://bugs.python.org/issue21288 to consider one fix/oversite/addition to the existing API as part of this process. (discuss that there) by default: use the exact same API as 3.4 if it is suitable for PEP 466 and 2.7.7's needs. the above issue is about fixing a possible oversight; so if it happens in 3.4 it should happen in 2.7.7. |
|||
| msg216842 - (view) | Author: Alex Gaynor (alex) * |
Date: 2014-04-19 04:38 | |
Yup, I've got my eyes on it, if anything lands there I'll include it in this in the 2.7 code, whether it's before or after this patch lands :-) |
|||
| msg218454 - (view) | Author: Alex Gaynor (alex) * |
Date: 2014-05-13 13:37 | |
New patch includes the documentation as well. |
|||
| msg218456 - (view) | Author: Donald Stufft (dstufft) * |
Date: 2014-05-13 13:54 | |
The attached patch looks pretty good to me. |
|||
| msg218457 - (view) | Author: Alex Gaynor (alex) * |
Date: 2014-05-13 13:55 | |
I'm still concerned about the unicode issue, but I'm not sure what the right way to fix it is. |
|||
| msg218458 - (view) | Author: Donald Stufft (dstufft) * |
Date: 2014-05-13 13:56 | |
I don't think there's any way around it, nor do I think that it actually leaks any meaningful timing. |
|||
| msg218459 - (view) | Author: Alex Gaynor (alex) * |
Date: 2014-05-13 13:57 | |
Sorry, I wasn't concerned from a timing attack perspective here, I was concerned from an "oh my god implicit coercion is terrible" perspective :-) |
|||
| msg218460 - (view) | Author: Donald Stufft (dstufft) * |
Date: 2014-05-13 13:57 | |
Oh, gotcha. Yea I agree, but it's Python 2.x that's par for the course. |
|||
| msg218785 - (view) | Author: Marc-Andre Lemburg (lemburg) * |
Date: 2014-05-19 09:20 | |
Some comments:
* Python 2.7 ships with OpenSSL 0.9.8 on Windows, so the Python version will always get used on that platform, so it needs to be fast.
* The iterations loop should use xrange instead of range
* The .encode('ascii') in _long_to_bin() is not necessary in Python 2
* Given that _long_to_bin() and _bin_to_long() are only used once in the function, it's better to inline the code directly.
* bytes(buffer()) should not be necessary in Python 2, since objects with a buffer interface will usually also implement the tp_str slot used by bytes().
|
|||
| msg218786 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2014-05-19 10:24 | |
Sorry that I join the party rather late. How about you take my back port from https://bitbucket.org/tiran/backports.pbkdf2/ and remove all Python 3.x related code? :) I spent a lot of time to make the code as fast as possible. |
|||
| msg218787 - (view) | Author: Marc-Andre Lemburg (lemburg) * |
Date: 2014-05-19 10:34 | |
On 19.05.2014 12:24, Christian Heimes wrote: > > How about you take my back port from https://bitbucket.org/tiran/backports.pbkdf2/ and remove all Python 3.x related code? :) I spent a lot of time to make the code as fast as possible. Could you perhaps compare this to the proposed patch ? |
|||
| msg218885 - (view) | Author: Alex Gaynor (alex) * |
Date: 2014-05-21 20:49 | |
Updated patch applies all of MAL's suggestions. Except the buffer() one, the purpose of the buffer() call is to make it an error to pass a list (or random other types) since you can call bytes() on any object. |
|||
| msg218887 - (view) | Author: Alex Gaynor (alex) * |
Date: 2014-05-21 21:52 | |
As a note, the current code is basically identical to the code in Christain's backport, without the py3k compat. |
|||
| msg219188 - (view) | Author: Benjamin Peterson (benjamin.peterson) * |
Date: 2014-05-26 22:55 | |
Looks like there's a debugging turd in the test. |
|||
| msg219197 - (view) | Author: Alex Gaynor (alex) * |
Date: 2014-05-27 03:06 | |
New patch removes the pdb nonsense in the test. |
|||
| msg219475 - (view) | Author: Roundup Robot (python-dev)  |
Date: 2014-05-31 20:26 | |
New changeset e4da3ba9dcac by Benjamin Peterson in branch '2.7': backport hashlib.pbkdf2_hmac per PEP 466 (closes #21304) http://hg.python.org/cpython/rev/e4da3ba9dcac |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:02 | admin | set | github: 65503 |
| 2014-05-31 20:26:54 | python-dev | set | status: open -> closed nosy: + python-dev messages: + msg219475 resolution: fixed stage: resolved |
| 2014-05-27 03:06:58 | alex | set | files:
+ pbkdf2.diff messages: + msg219197 |
| 2014-05-26 22:55:31 | benjamin.peterson | set | messages: + msg219188 |
| 2014-05-21 21:52:28 | alex | set | messages: + msg218887 |
| 2014-05-21 20:49:12 | alex | set | files:
+ pbkdf2.diff messages: + msg218885 |
| 2014-05-19 10:34:07 | lemburg | set | messages: + msg218787 |
| 2014-05-19 10:24:15 | christian.heimes | set | messages: + msg218786 |
| 2014-05-19 09:20:37 | lemburg | set | nosy:
+ lemburg messages: + msg218785 |
| 2014-05-13 13:57:42 | dstufft | set | messages: + msg218460 |
| 2014-05-13 13:57:03 | alex | set | messages: + msg218459 |
| 2014-05-13 13:56:19 | dstufft | set | messages: + msg218458 |
| 2014-05-13 13:55:15 | alex | set | messages: + msg218457 |
| 2014-05-13 13:54:47 | dstufft | set | messages: + msg218456 |
| 2014-05-13 13:37:28 | alex | set | keywords:
+ needs review files: + pbkdf2.diff messages: + msg218454 |
| 2014-04-19 04:38:55 | alex | set | messages: + msg216842 |
| 2014-04-19 04:33:48 | gregory.p.smith | set | nosy:
+ gregory.p.smith messages: + msg216841 |
| 2014-04-19 02:32:26 | ncoghlan | set | title: PEP 446: Backport hashlib.pbkdf2_hmac to Python 2.7 -> PEP 466: Backport hashlib.pbkdf2_hmac to Python 2.7 |
| 2014-04-19 02:25:19 | r.david.murray | set | title: Backport hashlib.pbkdf2_hmac to Python 2.7 -> PEP 446: Backport hashlib.pbkdf2_hmac to Python 2.7 |
| 2014-04-19 01:40:18 | benjamin.peterson | unlink | issue21307 superseder |
| 2014-04-19 01:40:18 | benjamin.peterson | link | issue21307 dependencies |
| 2014-04-19 01:33:28 | benjamin.peterson | link | issue21307 superseder |
| 2014-04-19 01:05:23 | alex | set | nosy:
+ pitrou, benjamin.peterson |
| 2014-04-19 00:49:36 | alex | set | nosy:
+ ncoghlan, christian.heimes, dstufft |
| 2014-04-19 00:49:06 | alex | create | |