From ae9451f145b1850ac6d0fd4891932f24c49c3c21 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 4 Feb 2014 17:16:37 -0800 Subject: [PATCH] More clearly describe the behavior of constant_time.bytes_eq --- docs/hazmat/primitives/constant-time.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/hazmat/primitives/constant-time.rst b/docs/hazmat/primitives/constant-time.rst index 632e7c6865a8..7924efcaa8db 100644 --- a/docs/hazmat/primitives/constant-time.rst +++ b/docs/hazmat/primitives/constant-time.rst @@ -19,8 +19,10 @@ about the timing attacks on KeyCzar and Java's ``MessageDigest.isEqual()``. .. function:: bytes_eq(a, b) - Compare ``a`` and ``b`` to one another in constant time if they are of the - same length. + Compares ``a`` and ``b`` with one another. If ``a`` and ``b`` have + different lengths, this returns ``False`` immediately. Otherwise it + compares them in a way that takes the same amount of time, regardless of + how many characters are the same between the two. .. doctest::