indentation fix
This commit is contained in:
parent
ccf0a2ed4d
commit
a1feadece0
@ -227,21 +227,21 @@ def CreateHexHmac( content, hmac_secret ):
|
|||||||
# This is the compare_digest function from python 3.4, adapted for 2.7:
|
# This is the compare_digest function from python 3.4, adapted for 2.7:
|
||||||
# http://hg.python.org/cpython/file/460407f35aa9/Lib/hmac.py#l16
|
# http://hg.python.org/cpython/file/460407f35aa9/Lib/hmac.py#l16
|
||||||
def SecureCompareStrings( a, b ):
|
def SecureCompareStrings( a, b ):
|
||||||
"""Returns the equivalent of 'a == b', but avoids content based short
|
"""Returns the equivalent of 'a == b', but avoids content based short
|
||||||
circuiting to reduce the vulnerability to timing attacks."""
|
circuiting to reduce the vulnerability to timing attacks."""
|
||||||
# Consistent timing matters more here than data type flexibility
|
# Consistent timing matters more here than data type flexibility
|
||||||
if not ( isinstance( a, str ) and isinstance( b, str ) ):
|
if not ( isinstance( a, str ) and isinstance( b, str ) ):
|
||||||
raise TypeError( "inputs must be str instances" )
|
raise TypeError( "inputs must be str instances" )
|
||||||
|
|
||||||
# We assume the length of the expected digest is public knowledge,
|
# We assume the length of the expected digest is public knowledge,
|
||||||
# thus this early return isn't leaking anything an attacker wouldn't
|
# thus this early return isn't leaking anything an attacker wouldn't
|
||||||
# already know
|
# already know
|
||||||
if len( a ) != len( b ):
|
if len( a ) != len( b ):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
# We assume that integers in the bytes range are all cached,
|
# We assume that integers in the bytes range are all cached,
|
||||||
# thus timing shouldn't vary much due to integer object creation
|
# thus timing shouldn't vary much due to integer object creation
|
||||||
result = 0
|
result = 0
|
||||||
for x, y in zip( a, b ):
|
for x, y in zip( a, b ):
|
||||||
result |= ord( x ) ^ ord( y )
|
result |= ord( x ) ^ ord( y )
|
||||||
return result == 0
|
return result == 0
|
||||||
|
Loading…
Reference in New Issue
Block a user