Message163377
I'm a bit rusty and I hope I got it right. The ASCII unicode case is a good idea and IMO timing safe. The buffer path is also timing safe once I have both views.
The function leaks some timing information when an error occurs. Since the timing just reveals minimal information about the involved types and none about the bytes it's IMO safe. The acquiring of the buffer views may leak an unknown amount of timing data which may be an issue. The comparison is still safe.
I've introduced a new module _hashlibfb (fb = fallback) for systems without openssl. I'm also open for a completely new module for future implementation of other digest, key derivation (PBKDF2) and password related C code. |
|
Date |
User |
Action |
Args |
2012-06-21 22:40:35 | christian.heimes | set | recipients:
+ christian.heimes, loewis, georg.brandl, ncoghlan, pitrou, alex, fijall, python-dev, petri.lehtinen, hynek, serhiy.storchaka, Jon.Oberheide |
2012-06-21 22:40:34 | christian.heimes | set | messageid: <1340318434.96.0.298431922884.issue15061@psf.upfronthosting.co.za> |
2012-06-21 22:40:34 | christian.heimes | link | issue15061 messages |
2012-06-21 22:40:33 | christian.heimes | create | |
|