diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/bcrypt/__init__.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/bcrypt/__init__.py b/src/bcrypt/__init__.py index cd779a6..301ccb6 100644 --- a/src/bcrypt/__init__.py +++ b/src/bcrypt/__init__.py @@ -106,6 +106,9 @@ def checkpw(password, hashed_password): ret = hashpw(password, hashed_password) + if len(ret) != len(hashed_password): + return False + return _bcrypt.lib.timingsafe_bcmp(ret, hashed_password, len(ret)) == 0 |