rfc:timing_attack

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
rfc:timing_attack [2014/04/13 21:32] realitykingrfc:timing_attack [2014/06/25 13:35] realityking
Line 4: Line 4:
   * Date: 2013-12-22   * Date: 2013-12-22
   * Author: Rouven Weßling, me@rouvenwessling.de   * Author: Rouven Weßling, me@rouvenwessling.de
-  * Status: Accepted (implemented in 5.6 as hash_equals())+  * Status: Implemented in 5.6 as hash_equals()
   * First Published at: http://wiki.php.net/rfc/timing_attack   * First Published at: http://wiki.php.net/rfc/timing_attack
  
Line 61: Line 61:
   * 0.2 Renamed to hash_compare, added link to Zend Framework 2, removed information leak when knownString is empty (Thank you Tjerk)   * 0.2 Renamed to hash_compare, added link to Zend Framework 2, removed information leak when knownString is empty (Thank you Tjerk)
   * 1.0 Moved function to ext/hash. Started voting.   * 1.0 Moved function to ext/hash. Started voting.
 +  * 1.1 Added section about differences between RFC and implementation 
 +
 +===== Differences between this RFC and the implementation ====
 +  * The function is now called hash_equals
 +  * Both arguments passed to the function have to be strings, otherwise an E_WARNING is raised.
rfc/timing_attack.txt · Last modified: 2017/09/22 13:28 by 127.0.0.1

Page Tools