Christian Heimes <li...@cheimes.de> added the comment:

I'm a bit rusty and I hope I got it right. The ASCII unicode case is a good 
idea and IMO timing safe. The buffer path is also timing safe once I have both 
views. 

The function leaks some timing information when an error occurs. Since the 
timing just reveals minimal information about the involved types and none about 
the bytes it's IMO safe. The acquiring of the buffer views may leak an unknown 
amount of timing data which may be an issue. The comparison is still safe.

I've introduced a new module _hashlibfb (fb = fallback) for systems without 
openssl. I'm also open for a completely new module for future implementation of 
other digest, key derivation (PBKDF2) and password related C code.

----------
Added file: http://bugs.python.org/file26079/timingsafe_cmp.patch

_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue15061>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to