This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients Jon.Oberheide, alex, christian.heimes, fijall, georg.brandl, hynek, loewis, ncoghlan, petri.lehtinen, pitrou, python-dev, serhiy.storchaka
Date 2012-06-21.16:24:38
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1340295879.65.0.78638872331.issue15061@psf.upfronthosting.co.za>
In-reply-to
Content 
I've attached a header for that implements a single C function timingsafe_eq(a, b). The file is targeted for Objects/stringlib/timingsafe.h. Please review the file.

Comments
--------

- I only handle exact byte or unicode types (no subclasses) since a user may have overwritten __eq__ and I don't want to special case it.

- The unicode path works only with compact ASCII strings. I'm not familiar with the new API so please scream if I did it wrong.

- length difference is currently optimized, length 0 isn't. I could easily un-optimize the len(a) != len(b) case or optimize the len(a) == len(b) == 0 case.

Open questions
--------------

Where should I place the function? hashlib would be a nice place but there are multiple backends for hashlib. _hashopenssl.c seems wrong.
History
Date User Action Args
2012-06-21 16:24:39christian.heimessetrecipients: + christian.heimes, loewis, georg.brandl, ncoghlan, pitrou, alex, fijall, python-dev, petri.lehtinen, hynek, serhiy.storchaka, Jon.Oberheide
2012-06-21 16:24:39christian.heimessetmessageid: <1340295879.65.0.78638872331.issue15061@psf.upfronthosting.co.za>
2012-06-21 16:24:39christian.heimeslinkissue15061 messages
2012-06-21 16:24:38christian.heimescreate