[issue15061] hmac.secure_compare() leaks information about length of strings
Christian Heimes
report at bugs.python.org
Fri Jun 15 14:34:17 CEST 2012
Christian Heimes <lists at cheimes.de> added the comment:
Am 15.06.2012 14:21, schrieb Antoine Pitrou:
> I like the fact that a C implementation can be audited much more easily.
> Who knows what kind of effects the Python implementation can trigger, if
> some optimizations get added in the future.
Secondly we can predict the function's timing on other implementations
of Python. Jython or PyPy might have different settings for small int
caching -- or non at all.
> The point of supporting unicode would precisely be to avoid a
> unicode->bytes conversion when unicode strings are received.
A byte-wise comparison of the memory representation would work IFF both
sides have the same type and unicode kind. Anything else could give away
details of the content.
Either:
PyBytes_CheckExact(a) && PyBytes_CheckExact(b)
or
PyUnicode_CheckExact(a) && PyUnicode_CheckExact(b) && PyUnicode_KIND(a)
== PyUnicode_KIND(b)
I'm not sure about CheckExact, just being paranoid.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue15061>
_______________________________________
More information about the Python-bugs-list
mailing list