General

Profile

arrtchiu (Matt U)

  • Login: arrtchiu
  • Email: arrtchiu@gmail.com
  • Registered on: 07/28/2014
  • Last sign in: 07/05/2016

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 0 2 2

Activity

07/05/2016

09:51 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
Yui, I'm a little confused. The patch you have in your comment looks timing-safe to me. Also I suggest taking a look ... arrtchiu (Matt U)

02/25/2016

07:01 AM Ruby master Bug #12109 (Rejected): Exception during class load can cause partially-loaded class
I noticed this bug using Rails, which lazy-loads classes (via ActiveSupport.)
Here's a minimal test case:
~~~ru...
arrtchiu (Matt U)
06:42 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
Aleksandrs Ļedovskis wrote:
> Can someone clarify, what state is this feature in? Do we still need to get Matz's app...
arrtchiu (Matt U)

09/18/2014

09:50 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
Keen to hear feedback if any. Completely understand there are many more important tickets than this one, but it would... arrtchiu (Matt U)

08/23/2014

09:12 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
Changelog:
* Renamed `rb_tsafe_eql` => `rb_consttime_memequal`.
* Renamed `rb_str_tsafe_eql` => `rb_str_consttime...
arrtchiu (Matt U)

07/30/2014

02:07 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
Nobuyoshi Nakada wrote:
> `rb_tsafe_eql()` doesn't need to be `VALUE`, `int` is OK.
> Tests for timing-safeness are...
arrtchiu (Matt U)

07/29/2014

10:30 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
What's your thoughts on this new patch?
At the moment I'm using OSX and Linux, unable to test `timingsafe_memcmp()...
arrtchiu (Matt U)
05:59 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
Nobuyoshi Nakada wrote:
> According to [notes on timingsafe_memcmp](http://www.tedunangst.com/flak/post/notes-on-tim...
arrtchiu (Matt U)
03:56 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
Nobuyoshi Nakada wrote:
> `slow` is not the main concern here, IMHO.
> The latter is more descriptive, but seems le...
arrtchiu (Matt U)
01:39 AM Ruby master Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC
Thanks for the feedback!
Nobuyoshi Nakada wrote:
> * Indent style mismatch
> * Should try to convert the argumen...
arrtchiu (Matt U)

Also available in: Atom