From e89bc39935afc5096e6a51a49874b2d30cbc2b5e Mon Sep 17 00:00:00 2001 From: Aymeric Augustin Date: Tue, 21 Aug 2012 08:44:16 +0200 Subject: [PATCH] Reverted type check added in 62954ba04c. Refs #17040. --- django/utils/crypto.py | 6 ++---- tests/regressiontests/utils/crypto.py | 4 ++-- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/django/utils/crypto.py b/django/utils/crypto.py index e8fd2b1e2d..1fdcc3082e 100644 --- a/django/utils/crypto.py +++ b/django/utils/crypto.py @@ -82,16 +82,14 @@ def get_random_string(length=12, def constant_time_compare(val1, val2): """ - Returns True if the two bytestrings are equal, False otherwise. + Returns True if the two strings are equal, False otherwise. The time taken is independent of the number of characters that match. """ - if not (isinstance(val1, bytes) and isinstance(val2, bytes)): - raise TypeError("constant_time_compare only supports bytes") if len(val1) != len(val2): return False result = 0 - if six.PY3: + if six.PY3 and isinstance(val1, bytes) and isinstance(val2, bytes): for x, y in zip(val1, val2): result |= x ^ y else: diff --git a/tests/regressiontests/utils/crypto.py b/tests/regressiontests/utils/crypto.py index 447b2e5b80..4c6b722ca9 100644 --- a/tests/regressiontests/utils/crypto.py +++ b/tests/regressiontests/utils/crypto.py @@ -15,8 +15,8 @@ class TestUtilsCryptoMisc(unittest.TestCase): # It's hard to test for constant time, just test the result. self.assertTrue(constant_time_compare(b'spam', b'spam')) self.assertFalse(constant_time_compare(b'spam', b'eggs')) - with self.assertRaises(TypeError): - constant_time_compare('spam', 'spam') + self.assertTrue(constant_time_compare('spam', 'spam')) + self.assertFalse(constant_time_compare('spam', 'eggs')) class TestUtilsCryptoPBKDF2(unittest.TestCase):