diff options
| -rw-r--r-- | Doc/library/hmac.rst | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/Doc/library/hmac.rst b/Doc/library/hmac.rst index 877f3b7..809636e 100644 --- a/Doc/library/hmac.rst +++ b/Doc/library/hmac.rst @@ -88,14 +88,10 @@ This module also provides the following helper function: .. note:: - While this function reduces the likelihood of leaking the contents of the - expected digest via a timing attack, it still may leak some timing - information when the input values differ in lengths as well as in error - cases like unsupported types or non ASCII strings. When the inputs have - different length the timing depends solely on the length of ``b``. It is - assumed that the expected length of the digest is not a secret, as it is - typically published as part of a file format, network protocol or API - definition. + If *a* and *b* are of different lengths, or if an error occurs, + a timing attack may be able to reveal information about the types + and lengths of *a* and *b*, but not their values. + .. versionadded:: 3.3 |