On Tue, May 19, 2020 at 8:49 PM David Mertz <me...@gnosis.cx> wrote: > elif fmt == "PBKDF2_SHA256": > h = base64.b64encode(base64.b64decode(text)[:32]) > # a terrible hack follows, use "adapted base64" alphabet > (using . instead of + and with no padding) > h = h.rstrip("=").replace("+", ".") > salt = base64.b64encode(salt) > salt = salt.rstrip("=").replace("+", ".") > > We actually know that base64 code should only produce at most 2 '='s as > padding. In this instance, the encoding comes immediately before the > stripping. However, perhaps some code would pass the encoded string and > you wouldn't be as confident locally that extra '='s hadn't snuck in. > > If it existed, I think these lines would be good candidates for 'maxstrip'. >
Not a very strong ending 🤣 I may be misunderstanding, but it sounds like = is not acceptable in the final result, so it's not enough to remove only 2 of 4 ='s. You want to make sure nothing messed up your string. So if the code existed, what you'd want is: ``` assert salt.count("=") <= 2 salt = salt.rstrip("=", "") assert "=" not in salt ```
_______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-le...@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/TI3RETFLVKRWA6JMQCCDBVHZXESJCMYL/ Code of Conduct: http://python.org/psf/codeofconduct/