Message401461
Hey Tarek, long time no see!
* the _sha256 module is optional, can be disabled and is not available in some distributions.
* I also don't like to use sha256 has default. It's slow, even slower than sha512. Any default makes it also harder to upgrade to a better, more secure default in the future.
* like hmac.new() a file_digest() should accept PEP 452-compatible arguments and hash name as digstmod argument, not just a callable.
* a filename argument prevents users from passing in file-like objects like BytesIO.
* 4096 bytes chunk size is very conservative. The call overhead for read() and update() may dominate the performance of the function.
* The hex argument feels weird.
In a perfect world, the hash and hmac objects should get an "update_file" method. The OpenSSL-based hashes could even release the GIL and utilize OpenSSL's BIO layer to avoid any Python overhead. |
|
Date |
User |
Action |
Args |
2021-09-09 10:48:48 | christian.heimes | set | recipients:
+ christian.heimes, gregory.p.smith, tarek, python-dev |
2021-09-09 10:48:47 | christian.heimes | set | messageid: <1631184527.72.0.575812256156.issue45150@roundup.psfhosted.org> |
2021-09-09 10:48:47 | christian.heimes | link | issue45150 messages |
2021-09-09 10:48:47 | christian.heimes | create | |
|