mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-03 16:39:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Improve hmac.compare_digest() docstring and documentation, courtesy of Larry H.

Browse source
This commit is contained in:
Georg Brandl 2012-06-24 16:07:33 +02:00
parent 39e810eb6c
commit a1bc35f07f
2 changed files with 29 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

14
Modules/operator.c
View file

@ -211,14 +211,14 @@ _tscmp(const unsigned char *a, const unsigned char *b,
PyDoc_STRVAR(compare_digest__doc__,
"compare_digest(a, b) -> bool\n"
"\n"
"Return the equivalent of 'a == b', but avoid any short circuiting to\n"
"counterfeit timing analysis of input data. The function should be used to\n"
"compare cryptographic secrets. a and b must both either support the buffer\n"
"protocol (e.g. bytes) or be ASCII only str instances at the same time.\n"
"Return 'a == b'. This function uses an approach designed to prevent\n"
"timing analysis, making it appropriate for cryptography.\n"
"a and b must both be of the same type: either str (ASCII only),\n"
"or any type that supports the buffer protocol (e.g. bytes).\n"
"\n"
"Note: In case of an error or different lengths the function may disclose\n"
"some timing information about the types and lengths of a and b.\n");
"Note: If a and b are of different lengths, or if an error occurs,\n"
"a timing attack may be able to infer information about the types\n"
"and lengths of a and b, but not their values.\n");
static PyObject*
compare_digest(PyObject *self, PyObject *args)