Message162885
As a first step, I'm going to make a change to:
1. Rename the function to "compare_digest"
2. Remove the support for comparing strings
3. Update the documentation to be much clearer about its limitations (including why it's considered OK to leak the expected length of the digest)
If a C implemented operator.total_compare is made available, then hmac.compare_digest could be updated to use it (retaining the length shortcircuiting behaviour) |
|
Date |
User |
Action |
Args |
2012-06-15 10:52:36 | ncoghlan | set | recipients:
+ ncoghlan, loewis, pitrou, christian.heimes, fijall, petri.lehtinen, hynek |
2012-06-15 10:52:36 | ncoghlan | set | messageid: <1339757556.89.0.400384454931.issue15061@psf.upfronthosting.co.za> |
2012-06-15 10:52:36 | ncoghlan | link | issue15061 messages |
2012-06-15 10:52:36 | ncoghlan | create | |
|