This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dchest
Recipients Zooko.Wilcox-O'Hearn, alex, christian.heimes, dchest, dstufft, gregory.p.smith
Date 2016-05-08.14:02:24
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Christian: yes, and I'm also happy that you kept the drawing of hash tree, as it helps a lot with understanding of terminology.

I had a quick look at the patch and it looks good to me.

Some comments, which you can ignore:

In keyed hashing example there's:

+    >>> def verify(cookie, sig):
+    ...     good_sig = sign(cookie)
+    ...     if len(sig) != len(good_sig):
+    ...          return False
+    ...     # Use constant-time comparison to avoid timing attacks.
+    ...     result = 0
+    ...     for x, y in zip(sig, good_sig):
+    ...         result |= ord(x) ^ ord(y)
+    ...     return result == 0

Perhaps, you can replace comparison with hmac.compare_digest(sig, goodsig) now that we have it in Python.

+    *Salted hashing* (or just hashing) with BLAKE2 or any other general-purpose
+    cryptographic hash function, such as SHA-256, is not suitable for hashing
+    passwords.  See `BLAKE2 FAQ <>`_ for more
+    information.

Maybe also point readers to hashlib.html#key-derivation

+On platforms with support for 64bit integer types (some 32bit platforms,
+all 64bit platforms), blake2b and blake2s are supported.

Theoretically, blake2s shouldn't require 64bit int, reference code only uses it for sizes -- is this something worth fixing? Are there platforms that have uint32_t, but not uint64_t?

@@ -162,7 +192,7 @@ class HashLibTestCase(unittest.TestCase):
         for cons in self.hash_constructors:
             h = cons()
             self.assertIsInstance(, str)
-            self.assertIn(, self.supported_hash_names)
+            #self.assertIn(, self.supported_hash_names)

Was this commented-out on purpose? Also, in

+            #if os.uname().machine == "x86_64":
+                # Every x86_64 machine has at least SSE2.
+                #blake2_macros.append(('BLAKE2_USE_SSE', '1'))
Date User Action Args
2016-05-08 14:02:25dchestsetrecipients: + dchest, gregory.p.smith, christian.heimes, alex, dstufft, Zooko.Wilcox-O'Hearn
2016-05-08 14:02:25dchestsetmessageid: <>
2016-05-08 14:02:24dchestlinkissue26798 messages
2016-05-08 14:02:24dchestcreate