[Python-checkins] Improve code examples in hashlib cookie signing (GH-3562)
Mariatta
webhook-mailer at python.org
Thu Sep 14 02:24:38 EDT 2017
https://github.com/python/cpython/commit/312ffead1eb272535e021e248b5d74ab04b2e72e
commit: 312ffead1eb272535e021e248b5d74ab04b2e72e
branch: master
author: sww <sww at users.noreply.github.com>
committer: Mariatta <Mariatta at users.noreply.github.com>
date: 2017-09-13T23:24:36-07:00
summary:
Improve code examples in hashlib cookie signing (GH-3562)
The `blake2b` function does not take the `data` keyword argument.
The hex digest returned by sign was a string, whereas compare_digest expects bytes-like objects.
Typo fix: compare_digesty -> compare_digest
files:
M Doc/library/hashlib.rst
diff --git a/Doc/library/hashlib.rst b/Doc/library/hashlib.rst
index 9d563566d49..725dce6fa15 100644
--- a/Doc/library/hashlib.rst
+++ b/Doc/library/hashlib.rst
@@ -506,8 +506,9 @@ to users and later verify them to make sure they weren't tampered with::
>>> AUTH_SIZE = 16
>>>
>>> def sign(cookie):
- ... h = blake2b(data=cookie, digest_size=AUTH_SIZE, key=SECRET_KEY)
- ... return h.hexdigest()
+ ... h = blake2b(digest_size=AUTH_SIZE, key=SECRET_KEY)
+ ... h.update(cookie)
+ ... return h.hexdigest().encode('utf-8')
>>>
>>> cookie = b'user:vatrogasac'
>>> sig = sign(cookie)
@@ -517,7 +518,7 @@ to users and later verify them to make sure they weren't tampered with::
True
>>> compare_digest(b'user:policajac', sig)
False
- >>> compare_digesty(cookie, '0102030405060708090a0b0c0d0e0f00')
+ >>> compare_digest(cookie, b'0102030405060708090a0b0c0d0e0f00')
False
Even though there's a native keyed hashing mode, BLAKE2 can, of course, be used
More information about the Python-checkins
mailing list