Now that it's possible, avoid timing attacks in the crypt module examples)

ncoghlan · ncoghlan · commit 74cca70ce288 · 2012-09-28T18:50:38.000+05:30
diff --git a/Doc/library/crypt.rst b/Doc/library/crypt.rst
@@ -121,11 +121,14 @@ The :mod:`crypt` module defines the following functions:
 Examples
 --------
 
-A simple example illustrating typical use::
+A simple example illustrating typical use (a constant-time comparison
+operation is needed to limit exposure to timing attacks.
+:func:`hmac.compare_digest` is suitable for this purpose)::
 
    import pwd
    import crypt
    import getpass
+   from hmac import compare_digest as compare_hash
 
    def login():
        username = input('Python login: ')
@@ -134,15 +137,16 @@ A simple example illustrating typical use::
            if cryptedpasswd == 'x' or cryptedpasswd == '*':
                raise ValueError('no support for shadow passwords')
            cleartext = getpass.getpass()
-           return crypt.crypt(cleartext, cryptedpasswd) == cryptedpasswd
+           return compare_hash(crypt.crypt(cleartext, cryptedpasswd), cryptedpasswd)
        else:
            return True
 
 To generate a hash of a password using the strongest available method and
 check it against the original::
 
    import crypt
+   from hmac import compare_digest as compare_hash
 
    hashed = crypt.crypt(plaintext)
-   if hashed != crypt.crypt(plaintext, hashed):
+   if not compare_hash(hashed, crypt.crypt(plaintext, hashed)):
       raise ValueError("hashed version doesn't validate against original")
diff --git a/Doc/library/crypto.rst b/Doc/library/crypto.rst
@@ -8,6 +8,7 @@ Cryptographic Services
 
 The modules described in this chapter implement various algorithms of a
 cryptographic nature.  They are available at the discretion of the installation.
+On Unix systems, the :mod:`crypt` module may also be available.
 Here's an overview:
 
 
