This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Jon.Oberheide
Recipients Jon.Oberheide, neologix, r.david.murray, sbt, vstinner
Date 2012-04-12.13:59:58
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1334239199.12.0.829921984475.issue14532@psf.upfronthosting.co.za>
In-reply-to
Content 
> This is not time independent. Is it an issue?

You're correct, the length check does leak the length of the expected digest as a performance enhancement (otherwise, your comparison runtime is bounded by the length of the attackers input).

Generally, exposing the length and thereby potentially the underlying cryptographic hash function (eg. 20 bytes -> hmac-sha1) is not considered a security risk for this type of scenario, whereas leaking key material certainly is. I considered including this nuance in the documentation and probably should.

> It's better to write isinstance(a, bytes). You should raise a
> TypeError if a is not a bytes or str.

Ack, thanks.
History
Date User Action Args
2012-04-12 13:59:59Jon.Oberheidesetrecipients: + Jon.Oberheide, vstinner, r.david.murray, neologix, sbt
2012-04-12 13:59:59Jon.Oberheidesetmessageid: <1334239199.12.0.829921984475.issue14532@psf.upfronthosting.co.za>
2012-04-12 13:59:58Jon.Oberheidelinkissue14532 messages
2012-04-12 13:59:58Jon.Oberheidecreate