diff --git a/django/utils/crypto.py b/django/utils/crypto.py
index 1587bfc..36d03a6 100644
|
a
|
b
|
Django's standard crypto functions and utilities.
|
| 4 | 4 | |
| 5 | 5 | import hashlib |
| 6 | 6 | import hmac |
| | 7 | import sys |
| 7 | 8 | from django.conf import settings |
| | 9 | from django.utils.encoding import smart_str |
| 8 | 10 | from django.utils.py3 import b |
| 9 | 11 | |
| 10 | 12 | def salted_hmac(key_salt, value, secret=None): |
| … |
… |
def salted_hmac(key_salt, value, secret=None):
|
| 28 | 30 | # However, we need to ensure that we *always* do this. |
| 29 | 31 | return hmac.new(key, msg=value, digestmod=hashlib.sha1) |
| 30 | 32 | |
| 31 | | def constant_time_compare |
| | 33 | def constant_time_compare_py2(val1, val2): |
| 32 | 34 | """ |
| 33 | 35 | Returns True if the two strings are equal, False otherwise. |
| 34 | 36 | |
| … |
… |
def constant_time_compare(val1, val2):
|
| 40 | 42 | for x, y in zip(val1, val2): |
| 41 | 43 | result |= ord(x) ^ ord(y) |
| 42 | 44 | return result == 0 |
| | 45 | |
| | 46 | def constant_time_compare_py3(val1, val2): |
| | 47 | """ |
| | 48 | Returns True if the two strings are equal, False otherwise. |
| | 49 | |
| | 50 | The time taken is independent of the number of characters that match. |
| | 51 | """ |
| | 52 | val1 = smart_str(val1) |
| | 53 | val2 = smart_str(val2) |
| | 54 | |
| | 55 | if len(val1) != len(val2): |
| | 56 | return False |
| | 57 | result = 0 |
| | 58 | for x, y in zip(val1, val2): |
| | 59 | result |= x ^ y |
| | 60 | return result == 0 |
| | 61 | |
| | 62 | if sys.version_info < (3, 0): |
| | 63 | constant_time_compare = constant_time_compare_py2 |
| | 64 | else: |
| | 65 | constant_time_compare = constant_time_compare_py3 |