indentation fix
This commit is contained in:
parent
ccf0a2ed4d
commit
a1feadece0
@ -227,21 +227,21 @@ def CreateHexHmac( content, hmac_secret ):
|
||||
# This is the compare_digest function from python 3.4, adapted for 2.7:
|
||||
# http://hg.python.org/cpython/file/460407f35aa9/Lib/hmac.py#l16
|
||||
def SecureCompareStrings( a, b ):
|
||||
"""Returns the equivalent of 'a == b', but avoids content based short
|
||||
circuiting to reduce the vulnerability to timing attacks."""
|
||||
# Consistent timing matters more here than data type flexibility
|
||||
if not ( isinstance( a, str ) and isinstance( b, str ) ):
|
||||
raise TypeError( "inputs must be str instances" )
|
||||
"""Returns the equivalent of 'a == b', but avoids content based short
|
||||
circuiting to reduce the vulnerability to timing attacks."""
|
||||
# Consistent timing matters more here than data type flexibility
|
||||
if not ( isinstance( a, str ) and isinstance( b, str ) ):
|
||||
raise TypeError( "inputs must be str instances" )
|
||||
|
||||
# We assume the length of the expected digest is public knowledge,
|
||||
# thus this early return isn't leaking anything an attacker wouldn't
|
||||
# already know
|
||||
if len( a ) != len( b ):
|
||||
return False
|
||||
# We assume the length of the expected digest is public knowledge,
|
||||
# thus this early return isn't leaking anything an attacker wouldn't
|
||||
# already know
|
||||
if len( a ) != len( b ):
|
||||
return False
|
||||
|
||||
# We assume that integers in the bytes range are all cached,
|
||||
# thus timing shouldn't vary much due to integer object creation
|
||||
result = 0
|
||||
for x, y in zip( a, b ):
|
||||
result |= ord( x ) ^ ord( y )
|
||||
return result == 0
|
||||
# We assume that integers in the bytes range are all cached,
|
||||
# thus timing shouldn't vary much due to integer object creation
|
||||
result = 0
|
||||
for x, y in zip( a, b ):
|
||||
result |= ord( x ) ^ ord( y )
|
||||
return result == 0
|
||||
|
Loading…
Reference in New Issue
Block a user