[Python-checkins] cpython: Remove python fallback for compare_digest.

[steven.daprano]

https://hg.python.org/cpython/rev/92388bdba01c
changeset:   100988:92388bdba01c
user:        Steven D'Aprano <steve at pearwood.info>
date:        Sat Apr 16 04:33:55 2016 +1000
summary:
  Remove python fallback for compare_digest.

See https://mail.python.org/pipermail/python-dev/2016-April/144198.html
https://mail.python.org/pipermail/python-dev/2016-April/144203.html

files:
  Lib/secrets.py |  33 +--------------------------------
  1 files changed, 1 insertions(+), 32 deletions(-)


diff --git a/Lib/secrets.py b/Lib/secrets.py
--- a/Lib/secrets.py
+++ b/Lib/secrets.py
@@ -91,38 +91,7 @@
 import binascii
 import os
 
-try:
-    from hmac import compare_digest
-except ImportError:
-    # Python version is too old. Fall back to a pure-Python version.
-
-    import operator
-    from functools import reduce
-
-    def compare_digest(a, b):
-        """Return ``a == b`` using an approach resistant to timing analysis.
-
-        a and b must both be of the same type: either both text strings,
-        or both byte strings.
-
-        Note: If a and b are of different lengths, or if an error occurs,
-        a timing attack could theoretically reveal information about the
-        types and lengths of a and b, but not their values.
-        """
-        # For a similar approach, see
-        # http://codahale.com/a-lesson-in-timing-attacks/
-        for T in (bytes, str):
-            if isinstance(a, T) and isinstance(b, T):
-                break
-        else:  # for...else
-            raise TypeError("arguments must be both strings or both bytes")
-        if len(a) != len(b):
-            return False
-        # Thanks to Raymond Hettinger for this one-liner.
-        return reduce(operator.and_, map(operator.eq, a, b), True)
-
-
-
+from hmac import compare_digest
 from random import SystemRandom
 
 _sysrand = SystemRandom()

-- 
Repository URL: https://hg.python.org/cpython