From 73ca0f38fd2010d3445b7c790badbecf7c84b2b8 Mon Sep 17 00:00:00 2001 From: joergschulz Date: Thu, 7 Sep 2023 11:14:11 +0200 Subject: [PATCH] verify(): use formatted strings instead of bytes --- src/otpauth/rfc4226.py | 2 +- src/otpauth/rfc6238.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/otpauth/rfc4226.py b/src/otpauth/rfc4226.py index 86c9879..968d722 100644 --- a/src/otpauth/rfc4226.py +++ b/src/otpauth/rfc4226.py @@ -35,7 +35,7 @@ def verify(self, code: int, counter: int) -> bool: # type: ignore[override] """ if len(str(code)) > self.digit: return False - return hmac.compare_digest(bytes(self.generate(counter)), bytes(code)) + return hmac.compare_digest(f'{self.generate(counter):0{self.digit}}', f'{code:0{self.digit}}') def to_uri(self, label: str, issuer: str, counter: int) -> str: # type: ignore[override] """Generate the otpauth protocal string for HOTP. diff --git a/src/otpauth/rfc6238.py b/src/otpauth/rfc6238.py index 04cfbbe..337c0d6 100644 --- a/src/otpauth/rfc6238.py +++ b/src/otpauth/rfc6238.py @@ -40,7 +40,7 @@ def verify(self, code: int, timestamp: t.Optional[int] = None) -> bool: # type: """ if len(str(code)) > self.digit: return False - return hmac.compare_digest(bytes(self.generate(timestamp)), bytes(code)) + return hmac.compare_digest(f'{self.generate(timestamp):0{self.digit}}', f'{code:0{self.digit}}') def to_uri(self, label: str, issuer: str) -> str: # type: ignore[override] """Generate the otpauth protocal string for TOTP.