Changes between Initial Version and Version 1 of Ticket #17040, comment 6


Ignore:
Timestamp:
10/26/11 14:11:33 (3 years ago)
Author:
adsworth
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #17040, comment 6

    initial v1  
    1 I am by no crypto expert, but since constant_time_compare in the django and the contrib apps is only used to compare hashes or some sort of tokens I'd think it save to assume byte strings is the "right thing". Since a unicode string can use one or two bytes per char depending on the contents I think you are right about a constant time compare not being possible.
     1I am no crypto expert, but since constant_time_compare in django and in the contrib apps is only used to compare hashes or some sort of token. I'd think it save to assume byte strings is the "right thing".
     2
     3Since a unicode string can use one or two bytes per char depending on the contents I think you are right about a constant time compare not being possible.
    24
    35also calling ord() on a unicode char that is 2 bytes long results in a TypeError.
Back to Top