Module: Shmac::Security
- Defined in:
- lib/shmac/security.rb
Class Method Summary collapse
-
.secure_compare(a, b) ⇒ Object
Constant time comparison of strings Borrowed from ActiveSupport::SecurityUtils.
Class Method Details
.secure_compare(a, b) ⇒ Object
Constant time comparison of strings Borrowed from ActiveSupport::SecurityUtils
5 6 7 8 9 10 11 12 13 14 |
# File 'lib/shmac/security.rb', line 5 def self.secure_compare a, b return false if a.empty? || b.empty? return false unless a.bytesize == b.bytesize l = a.unpack "C#{a.bytesize}" res = 0 b.each_byte { |byte| res |= byte ^ l.shift } res == 0 end |