Donald Stufft added the comment:
That's also a security sensitive thing, you don't want to compare two different
encoding and have it accidentally fail. Strictly speaking you can only do a
constant time comparison on bytes, the fact it accepts unicode at all (even on
Python 3.x) is a
Matthias Urlichs added the comment:
Currently (Debian's 2.7.7-rc1 package) hmac.compare_digest accepts two
bytestring arguments, or two Unicode stings, but not one bytestring and one
unicode.
I don't think that's a good idea.
--
nosy: +smurfix
___
Nick Coghlan added the comment:
That restriction is deliberate (and documented). As a 3.x backport, this
utility inherits some of Python 3's pedantry about requiring explicit
conversions between binary and text data and being consistent as to which
domain you're operating in.
--
Roundup Robot added the comment:
New changeset b40f1a00b134 by Benjamin Peterson in branch '2.7':
backport hmac.compare_digest to partially implement PEP 466 (closes #21306)
http://hg.python.org/cpython/rev/b40f1a00b134
--
nosy: +python-dev
resolution: - fixed
stage: needs patch -
Donald Stufft added the comment:
The attached patch looks good to me.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue21306
___
___
Alex Gaynor added the comment:
Attached patch now includes documentation and should be complete.
--
keywords: +needs review
Added file: http://bugs.python.org/file35122/compare_digest.diff
___
Python tracker rep...@bugs.python.org
Alex Gaynor added the comment:
Design question here: compare_digest on Python 3 supports comparing str (text)
objects, if they're both ascii-only. This feature is provided, primarily, so
you can compare hexdigests or similar.
Should the Python 2 version support comparing unicodes? Arguments
Donald Stufft added the comment:
try:
data = data.encode(ascii)
except UnicodeEncodeError:
raise TypeError(comparing unicode with non-ASCII characters is not
supported)
?
--
___
Python tracker rep...@bugs.python.org
Nick Coghlan added the comment:
8-bit str only makes more sense to me. The wishy-washiness of some APIs in
Py3 is mostly to work around porting issues where stuff that should have
become bytes was left as str.
--
___
Python tracker
Alex Gaynor added the comment:
encode(ascii) has data dependent branches, so it's to be avoided.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue21306
___
Alex Gaynor added the comment:
Thanks Nick. I'll get a patch up for str (bytes) only this afternoon.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue21306
___
Donald Stufft added the comment:
I'm not sure that the timing leakage in an encode is actually something to be
worried about. I'm not sure what secret information would be getting leaked in
a way that you could determine it by examining the timing.
However I think the bigger thing is if I'm
Alex Gaynor added the comment:
Attached patch implements compare_digest. Code is mostly a 1-1 from 3.x, except
the Unicode paths are changed, and the tests are a tiny bit different.
* Still needs to backport the docs.
* Compares all unicode objects, not just ascii ones.
If the patch looks
New submission from Nick Coghlan:
Tracker issue for the hmac.compare_digest backport to 2.7 described in PEP 466.
--
messages: 216826
nosy: alex, benjamin.peterson, christian.heimes, dstufft, giampaolo.rodola,
janssen, ncoghlan, pitrou
priority: normal
severity: normal
stage: needs
14 matches
Mail list logo
