github.com/zntrio/harp/v2@v2.0.9/pkg/sdk/security/compare.go (about) 1 // Licensed to Elasticsearch B.V. under one or more contributor 2 // license agreements. See the NOTICE file distributed with 3 // this work for additional information regarding copyright 4 // ownership. Elasticsearch B.V. licenses this file to you under 5 // the Apache License, Version 2.0 (the "License"); you may 6 // not use this file except in compliance with the License. 7 // You may obtain a copy of the License at 8 // 9 // http://www.apache.org/licenses/LICENSE-2.0 10 // 11 // Unless required by applicable law or agreed to in writing, 12 // software distributed under the License is distributed on an 13 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 // KIND, either express or implied. See the License for the 15 // specific language governing permissions and limitations 16 // under the License. 17 18 package security 19 20 import ( 21 "crypto/subtle" 22 ) 23 24 // SecureCompare use constant time function to compare the two given array. 25 func SecureCompare(given, actual []byte) bool { 26 if subtle.ConstantTimeEq(int32(len(given)), int32(len(actual))) == 1 { 27 return subtle.ConstantTimeCompare(given, actual) == 1 28 } 29 // Securely compare actual to itself to keep constant time, but always return false 30 if subtle.ConstantTimeCompare(actual, actual) == 1 { 31 return false 32 } 33 34 return false 35 } 36 37 // SecureCompareString use constant time function to compare the two given string. 38 func SecureCompareString(given, actual string) bool { 39 if subtle.ConstantTimeEq(int32(len(given)), int32(len(actual))) == 1 { 40 return subtle.ConstantTimeCompare([]byte(given), []byte(actual)) == 1 41 } 42 // Securely compare actual to itself to keep constant time, but always return false 43 if subtle.ConstantTimeCompare([]byte(actual), []byte(actual)) == 1 { 44 return false 45 } 46 47 return false 48 }