Replace use of `hmac.compare_digest`

[mvondracek]

hmac.compare_digest` uses an approach designed to prevent timing analysis by avoiding content-based short circuiting behaviour, making it appropriate for cryptography
https://docs.python.org/3.7/library/hmac.html#hmac.compare_digest

Note: If a and b are of different lengths, or if an error occurs, a timing attack could theoretically reveal information about the types and lengths of a and b—but not their values.

Type and length of seeds is known to the attacker, but not the value of expected seed.

---

I will ask after next lecture about hmac module.

[lsolodkova]

Actually, if we're really allowed to use anything from standard Python library aside from sha256 and sha512, it would be a cheating, since we could also use the whole pbkdf2 from hashlib.

[mvondracek]

Then the right question is what parts of standard library are we allowed to use... :) unhexlify from binascii, unittest, argsparse? I will ask after lecture to make sure.

[mvondracek]

I asked today. We can use functionality from the standard library. I even asked explicitly about PBKDF2. We should use standard library "reasonably".

I think it would be best to use functionality from standard library and when the implementation is finished (from our point of view), we can think about e. g. C extension modules as an excercise for static and dynamic analysis tools for C.

I would use standard library now.

[mvondracek]

Related: 53f7924, 402bb0e.

[mvondracek]

As I pointed out in here in #12, this was changed and we cannot use Python's PBKDF2. Function hmac.compare_digest probably should not be used as well.