From 844c2870be39af0872cd68e6204597d6663561cd Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Tue, 19 Nov 2013 10:48:37 -0800
Subject: Constant time comparisons here

---
 cryptography/hazmat/primitives/padding.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cryptography/hazmat/primitives/padding.py b/cryptography/hazmat/primitives/padding.py
index 4e834726..cf7dbecd 100644
--- a/cryptography/hazmat/primitives/padding.py
+++ b/cryptography/hazmat/primitives/padding.py
@@ -49,8 +49,8 @@ bool Cryptography_check_padding(const uint8_t *data, uint8_t block_len) {
     }
 
     /* Check to make sure the pad_size was within the valid range. */
-    mismatch |= !(0 < pad_size);
-    mismatch |= !(pad_size <= block_len);
+    mismatch |= ~Cryptography_constant_time_lt(0, pad_size);
+    mismatch |= Cryptography_constant_time_lt(block_len, pad_size);
 
     /* Make sure any bits set are copied to the lowest bit */
     mismatch |= mismatch >> 4;
-- 
cgit v1.2.3