| Server IP : 51.89.169.208 / Your IP : 18.216.45.231 Web Server : Apache System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64 User : yellowleaf ( 1019) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /proc/self/root/usr/share/doc/python3-cryptography/docs/hazmat/primitives/ |
Upload File : |
.. hazmat::
Constant time functions
=======================
.. currentmodule:: cryptography.hazmat.primitives.constant_time
This module contains functions for operating with secret data in a way that
does not leak information about that data through how long it takes to perform
the operation. These functions should be used whenever operating on secret data
along with data that is user supplied.
An example would be comparing a HMAC signature received from a client to the
one generated by the server code for authentication purposes.
For more information about this sort of issue, see `Coda Hale's blog post`_
about the timing attacks on KeyCzar and Java's ``MessageDigest.isEqual()``.
.. function:: bytes_eq(a, b)
Compares ``a`` and ``b`` with one another. If ``a`` and ``b`` have
different lengths, this returns ``False`` immediately. Otherwise it
compares them in a way that takes the same amount of time, regardless of
how many characters are the same between the two.
.. doctest::
>>> from cryptography.hazmat.primitives import constant_time
>>> constant_time.bytes_eq(b"foo", b"foo")
True
>>> constant_time.bytes_eq(b"foo", b"bar")
False
:param bytes a: The left-hand side.
:param bytes b: The right-hand side.
:returns bool: ``True`` if ``a`` has the same bytes as ``b``, otherwise
``False``.
:raises TypeError: This exception is raised if ``a`` or ``b`` is not
``bytes``.
.. _`Coda Hale's blog post`: https://codahale.com/a-lesson-in-timing-attacks/