6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# File 'ext/fast_secure_compare/secure_compare.c', line 6
static VALUE
method_compare(VALUE self, VALUE secret, VALUE input) {
Check_Type(secret, T_STRING);
Check_Type(input, T_STRING);
// handle 0-length secrets
if (RSTRING_LEN(secret) == 0 && RSTRING_LEN(input) != 0) {
return Qfalse;
}
int input_pos;
int secret_pos = 0;
int input_len = RSTRING_LEN(input);
int secret_len = RSTRING_LEN(secret);
char * secret_ = RSTRING_PTR(secret);
char * input_ = RSTRING_PTR(input);
int result = secret_len - input_len;
// make sure our time isn't dependent on secret_len, and only dependent
// on input_len
for (input_pos = 0; input_pos < input_len; input_pos++) {
result |= input_[input_pos] ^ secret_[secret_pos];
secret_pos = (secret_pos + 1) % secret_len;
}
return ((result == 0) ? Qtrue : Qfalse);
}
|