From 5c49b58a88e5e30c695b0f5a5fc6bb267efe8a84 Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Sat, 31 Dec 2016 09:44:57 -0800
Subject: [PATCH] Indicate that memcmp::eq should be used for HMACs

---
 openssl/src/sign.rs | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/openssl/src/sign.rs b/openssl/src/sign.rs
index ca7986ca..ec37c885 100644
--- a/openssl/src/sign.rs
+++ b/openssl/src/sign.rs
@@ -35,12 +35,13 @@
 //! assert!(verifier.finish(&signature).unwrap());
 //! ```
 //!
-//! Compute an HMAC (note that `Verifier` cannot be used with HMACs):
+//! Compute an HMAC:
 //!
 //! ```rust
-//! use openssl::sign::Signer;
-//! use openssl::pkey::PKey;
 //! use openssl::hash::MessageDigest;
+//! use openssl::memcmp;
+//! use openssl::pkey::PKey;
+//! use openssl::sign::Signer;
 //!
 //! // Create a PKey
 //! let key = PKey::hmac(b"my secret").unwrap();
@@ -53,6 +54,12 @@
 //! signer.update(data).unwrap();
 //! signer.update(data2).unwrap();
 //! let hmac = signer.finish().unwrap();
+//!
+//! // `Verifier` cannot be used with HMACs; use the `memcmp::eq` function instead
+//! //
+//! // Do not simply check for equality with `==`!
+//! # let target = hmac.clone();
+//! assert!(memcmp::eq(&hmac, &target));
 //! ```
 use ffi;
 use std::io::{self, Write};