Remove python fallback for compare_digest.

See https://mail.python.org/pipermail/python-dev/2016-April/144198.html
https://mail.python.org/pipermail/python-dev/2016-April/144203.html

diff --git a/Lib/secrets.py b/Lib/secrets.py
index e0f26567ff93625bae6a95ae4f97911a88ce8a85..e4e9714ac038a1806f2f10c51f79b34f27e325ce 100644 (file)
--- a/Lib/secrets.py
+++ b/Lib/secrets.py
@@ -91,38 +91,7 @@ import base64
 import binascii
 import os
 
-try:
-    from hmac import compare_digest
-except ImportError:
-    # Python version is too old. Fall back to a pure-Python version.
-
-    import operator
-    from functools import reduce
-
-    def compare_digest(a, b):
-        """Return ``a == b`` using an approach resistant to timing analysis.
-
-        a and b must both be of the same type: either both text strings,
-        or both byte strings.
-
-        Note: If a and b are of different lengths, or if an error occurs,
-        a timing attack could theoretically reveal information about the
-        types and lengths of a and b, but not their values.
-        """
-        # For a similar approach, see
-        # http://codahale.com/a-lesson-in-timing-attacks/
-        for T in (bytes, str):
-            if isinstance(a, T) and isinstance(b, T):
-                break
-        else:  # for...else
-            raise TypeError("arguments must be both strings or both bytes")
-        if len(a) != len(b):
-            return False
-        # Thanks to Raymond Hettinger for this one-liner.
-        return reduce(operator.and_, map(operator.eq, a, b), True)
-
-
-
+from hmac import compare_digest
 from random import SystemRandom
 
 _sysrand = SystemRandom()