secretutils¶
Secret utilities.
New in version 3.5.
-
oslo_utils.secretutils.
constant_time_compare
(a, b, /)¶ Return ‘a == b’.
This function uses an approach designed to prevent timing analysis, making it appropriate for cryptography.
a and b must both be of the same type: either str (ASCII only), or any bytes-like object.
Note: If a and b are of different lengths, or if an error occurs, a timing attack could theoretically reveal information about the types and lengths of a and b–but not their values.