From f108871b04c27c557f3e1a7fa3982c6d9d77d7fd Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Tue, 29 Oct 2013 15:14:28 -0700
Subject: Perform this comparison in a constan ttime fashion

---
 cryptography/hazmat/primitives/padding.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cryptography/hazmat/primitives/padding.py b/cryptography/hazmat/primitives/padding.py
index 86ea26e3..ddcadd89 100644
--- a/cryptography/hazmat/primitives/padding.py
+++ b/cryptography/hazmat/primitives/padding.py
@@ -109,9 +109,12 @@ class _PKCS7UnpaddingContext(object):
         if pad_size > self.block_size // 8:
             raise ValueError("Invalid padding bytes")
 
+        mismatch = 0
         for b in six.iterbytes(self._buffer[-pad_size:]):
-            if b != pad_size:
-                raise ValueError("Invalid padding bytes")
+            mismatch |= b ^ pad_size
+
+        if mismatch != 0:
+            raise ValueError("Invalid padding bytes")
 
         res = self._buffer[:-pad_size]
         self._buffer = None
-- 
cgit v1.2.3