[Python-Dev] Should secrets include a fallback for hmac.compare_digest?
Paul Moore
p.f.moore at gmail.com
Fri Apr 15 05:55:38 EDT 2016
On 15 April 2016 at 10:35, Victor Stinner <victor.stinner at gmail.com> wrote:
> 2016-04-15 11:21 GMT+02:00 Steven D'Aprano <steve at pearwood.info>:
>> This isn't just a question about the secrets module. PEP 399 suggests
>> than any C classes/functions should have a pure Python version as
>> fallback, but compare_digest doesn't. I don't know whether it should or
>> not.
>
> The hmac module is responsible to providing a fallback, not the secrets module.
Agreed. The library docs state that the hmac module provides
compare_digest, so you are therefore entitled to unconditionally
import it (just as end user code would).
Paul
More information about the Python-Dev
mailing list