Use the stdlib's compare_digest for constant time comparisons when available

django/utils/crypto.py

@@ -77,7 +77,11 @@ def get_random_string(length=12,
     return ''.join(random.choice(allowed_chars) for i in range(length))
 
 
-def constant_time_compare(val1, val2):
+if hasattr(hmac, "compare_digest"):
+    # Prefer the stdlib implementation, when available.
+    constant_time_compare = hmac.compare_digest
+else:
+    def constant_time_compare(val1, val2):
         """
         Returns True if the two strings are equal, False otherwise.