Ticket #17040: utils-crypto_constant_time_compare.patch

File utils-crypto_constant_time_compare.patch, 554 bytes (added by adsworth, 13 years ago)

  • django/utils/crypto.py 

    diff --git a/django/utils/crypto.py b/django/utils/crypto.py
index 1587bfc..fc0976c 100644
    a b def constant_time_compare(val1, val2):  
    3838        return False
    3939    result = 0
    4040    for x, y in zip(val1, val2):
    41         result |= ord(x) ^ ord(y)
     41        #in Python 3 iterating a bte string will already return ints.
     42        if not isinstance(x, int):
     43            x = ord(x)
     44        if not isinstance(y, int):
     45            y = ord(y)
     46        result |= x ^ y
    4247    return result == 0
Back to Top