[issue15061] hmac.secure_compare() leaks information about length of strings
Antoine Pitrou
report at bugs.python.org
Sat Jun 23 16:25:16 CEST 2012
Antoine Pitrou <pitrou at free.fr> added the comment:
I'm not really happy with the addition of a separate extension module for a single private function. You could just put it in the operator module, for instance.
Also, the idea was not to expose timingsafe_cmp but to use it in compare_digest().
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue15061>
_______________________________________
More information about the Python-bugs-list
mailing list