I did a couple greps of my git/ directory to see if I found examples.
Given that there are a couple ways one might achieve the effect now, I
don't necessarily find everything. But here's something in software I did
not write myself.
This is from ./JohnTheRipper/run/sspr2john.py. I found another example in
a different file, but looking at it I'm pretty sure it is actually a
potential bug (it has a comment similar to "Is this safe?" which I won't
bother showing.
elif fmt == "PBKDF2_SHA256":
h = base64.b64encode(base64.b64decode(text)[:32])
# a terrible hack follows, use "adapted base64" alphabet (using
. instead of + and with no padding)
h = h.rstrip("=").replace("+", ".")
salt = base64.b64encode(salt)
salt = salt.rstrip("=").replace("+", ".")
We actually know that base64 code should only produce at most 2 '='s as
padding. In this instance, the encoding comes immediately before the
stripping. However, perhaps some code would pass the encoded string and
you wouldn't be as confident locally that extra '='s hadn't snuck in.
If it existed, I think these lines would be good candidates for 'maxstrip'.
On Tue, May 19, 2020 at 2:07 PM Henk-Jaap Wagenaar <
wagenaarhenkj...@gmail.com> wrote:
> David (or somebody else) could you give us some, as real as possible,
> examples? This will strengthen the case for it!
>
> I am confident they exist and are pretty plentiful but I myself am coming
> up blank thinking about it for a few minutes and documenting them would be
> good for discussion.
>
--
The dead increasingly dominate and strangle both the living and the
not-yet born. Vampiric capital and undead corporate persons abuse
the lives and control the thoughts of homo faber. Ideas, once born,
become abortifacients against new conceptions.
_______________________________________________
Python-ideas mailing list -- python-ideas@python.org
To unsubscribe send an email to python-ideas-le...@python.org
https://mail.python.org/mailman3/lists/python-ideas.python.org/
Message archived at
https://mail.python.org/archives/list/python-ideas@python.org/message/ULBSV3U2SDUPXY7NBA6XO4PLE3N4UWUS/
Code of Conduct: http://python.org/psf/codeofconduct/
