Message162587
A comment above the length check referring back to this issue and the deliberate decision to allow a timing attack to determine the length of the expected digest would be handy.
I was just looking at hmac.secure_compare and my thought when reading the source and the docstring was "No, it's not time-independent, you can still use a timing attack to figure out the expected digest length". |
|
Date |
User |
Action |
Args |
2012-06-10 15:16:25 | ncoghlan | set | recipients:
+ ncoghlan, pitrou, vstinner, r.david.murray, neologix, python-dev, sbt, Jon.Oberheide |
2012-06-10 15:16:25 | ncoghlan | set | messageid: <1339341385.6.0.0171386457531.issue14532@psf.upfronthosting.co.za> |
2012-06-10 15:16:25 | ncoghlan | link | issue14532 messages |
2012-06-10 15:16:24 | ncoghlan | create | |
|