Message162891
OK, the worst aspects (the misleading name and documentation) have been dealt with, so that leaves the questions of:
1. Avoiding leaking the length information (seems unnecessary, since most digests are part of protocols where they have a known, published length, or you can find out the length by looking at public source code)
2. Providing a C implementation via the operator module (given the restriction to bytes values, and the assumption of caching for all relevant integers, would a C reimplementation really be buying us much additional security?)
As far as restoring unicode support (even in a C implementation) goes, I actually don't like the idea. For the general unicode case, as suggested in the updated documentation for hexdigest(), I believe the better approach is to try to stay in the bytes domain as much as possible, and avoid having a Unicode->bytes conversion for the expected value anywhere in the comparison timing path. |
|
Date |
User |
Action |
Args |
2012-06-15 12:16:11 | ncoghlan | set | recipients:
+ ncoghlan, loewis, pitrou, christian.heimes, fijall, python-dev, petri.lehtinen, hynek |
2012-06-15 12:16:11 | ncoghlan | set | messageid: <1339762571.55.0.30282178743.issue15061@psf.upfronthosting.co.za> |
2012-06-15 12:16:10 | ncoghlan | link | issue15061 messages |
2012-06-15 12:16:10 | ncoghlan | create | |
|