[issue14955] hmac.secure_compare() is not time-independent for unicode strings

Christian Heimes added the comment: Python 3.3 contains a secure and working implementation for bytes. unicode isn't supported unless both sides contains ASCII text only. -- resolution: - fixed stage: - committed/rejected status: open - closed ___

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

Christian Heimes li...@cheimes.de added the comment: Nick has pushed a patch in rf36af3766a20 that disables the comparison of unicode strings. See #15061 -- dependencies: +hmac.secure_compare() leaks information about length of strings ___ Python

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

Nick Coghlan ncogh...@gmail.com added the comment: As a result of the discussions on #15061, I removed unicode comparison support altogether in f36af3766a20 (updating the warning on the hexdigest() method accordingly). Are folks happy to close this issue on that basis? (I'll raise the

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

Jon Oberheide j...@oberheide.org added the comment: Sounds good to me, Nick. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue14955 ___ ___

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

Antoine Pitrou pit...@free.fr added the comment: With PEP 393 unicode objects can have several representations, which makes it unlikely that *really* constant-timing functions can be devised. However, a C version could provide some guarantees, by raising an error if the passed unicode strings

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

Changes by Hynek Schlawack h...@ox.cx: -- nosy: +hynek ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue14955 ___ ___ Python-bugs-list mailing list

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

Christian Heimes li...@cheimes.de added the comment: The second patch looks fine. -- nosy: +christian.heimes ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue14955 ___

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

Jon Oberheide j...@oberheide.org added the comment: Thanks for the feedback, haypo. I've updated the patch to use unicode-internal. As long as the encode() of the expected non-attacker-controlled digest is not dependent on the actual contents of the digest, we should be good. -- Added

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

STINNER Victor victor.stin...@gmail.com added the comment: I'm not sure that encoding to UTF-8 is time indenpendant. You may try UTF-32-LE or unicode-internal? -- nosy: +haypo ___ Python tracker rep...@bugs.python.org

[issue14955] hmac.secure_compare() is not time-independent for unicode strings

New submission from Jon Oberheide j...@oberheide.org: Hi all, I was informed that the hmac.secure_compare() function added in 14532 is not time-independent when processing unicode values: The function as given is probably not timing independent if the attacker can provide unicode values.