19 lines
454 B
Go
19 lines
454 B
Go
package basic
|
|
|
|
import (
|
|
"crypto/sha1"
|
|
"crypto/subtle"
|
|
)
|
|
|
|
func constantTimeEquals(a string, b string) bool {
|
|
// compare SHA-1 as a gatekeeper in constant time
|
|
// then check that we didn't get by because of a collision
|
|
aSha := sha1.Sum([]byte(a))
|
|
bSha := sha1.Sum([]byte(b))
|
|
if subtle.ConstantTimeCompare(aSha[:], bSha[:]) == 1 {
|
|
// yes, this bit isn't constant, but you had to make a Sha1 collision to get here
|
|
return a == b
|
|
}
|
|
return false
|
|
}
|