Python/apps/py-cutils: cutils/shasum.py comparison

Remove the use of "hmac.compare_digest()": there are no secrets to protect here

author	Franz Glasner <fzglas.hg@dom66.de>
date	Sun, 27 Feb 2022 15:42:34 +0100
parents	c3268f4e752f
children	8708c34e2723

comparison

equal deleted inserted replaced

-:6cec638c995c
+:a31de3c65877
 import argparse
 import base64
 import binascii
 import errno
 import hashlib
-try:
-from hmac import compare_digest
-except ImportError:
-compare_digest = None
 import io
 try:
 import mmap
 except ImportError:
 mmap = None
 exd = base64.b64decode(expected_digest)
 except TypeError:
 return False
 else:
 return False
-if compare_digest:
+return given_digest == exd
-return compare_digest(given_digest, exd)
-else:
-return given_digest == exd
 def verify_digests_with_checklist(opts):
 dest = opts.dest or sys.stdout
 exit_code = 0

Mercurial > hgrepos > Python > apps > py-cutils