Sha256: 32b19c06527a3acfb92c63d51ca4efd3e88d5cf752b59f19b8019eabc5f48e24

Contents?: true

Size: 798 Bytes

Versions: 85

Compression:

Stored size: 798 Bytes

Contents

require 'digest'

module ActiveSupport
  module SecurityUtils
    # Constant time string comparison.
    #
    # The values compared should be of fixed length, such as strings
    # that have already been processed by HMAC. This should not be used
    # on variable length plaintext strings because it could leak length info
    # via timing attacks.
    def secure_compare(a, b)
      return false unless a.bytesize == b.bytesize

      l = a.unpack "C#{a.bytesize}"

      res = 0
      b.each_byte { |byte| res |= byte ^ l.shift }
      res == 0
    end
    module_function :secure_compare

    def variable_size_secure_compare(a, b) # :nodoc:
      secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b))
    end
    module_function :variable_size_secure_compare
  end
end

Version data entries

85 entries across 82 versions & 11 rubygems

Version Path
files.com-1.0.55 docs/vendor/bundle/ruby/2.5.0/gems/activesupport-5.0.7.1/lib/active_support/security_utils.rb
activesupport-4.2.11.3 lib/active_support/security_utils.rb
activesupport-4.2.11.2 lib/active_support/security_utils.rb
cocoapods-dependency-html-0.0.2 vendor/bundle/gems/activesupport-4.2.11.1/lib/active_support/security_utils.rb
cocoapods-dependency-html-0.0.1 vendor/bundle/gems/activesupport-4.2.11.1/lib/active_support/security_utils.rb
activesupport-5.0.7.2 lib/active_support/security_utils.rb
activesupport-4.2.11.1 lib/active_support/security_utils.rb
activesupport-5.0.7.1 lib/active_support/security_utils.rb
activesupport-4.2.11 lib/active_support/security_utils.rb
activesupport-5.0.7 lib/active_support/security_utils.rb
activesupport-4.2.10 lib/active_support/security_utils.rb
activesupport-4.2.10.rc1 lib/active_support/security_utils.rb
activesupport-5.0.6 lib/active_support/security_utils.rb
activesupport-5.0.6.rc1 lib/active_support/security_utils.rb
activesupport-5.0.5 lib/active_support/security_utils.rb
activesupport-5.0.5.rc2 lib/active_support/security_utils.rb
activesupport-5.0.5.rc1 lib/active_support/security_utils.rb
tdiary-5.0.5 vendor/bundle/gems/activesupport-5.0.2/lib/active_support/security_utils.rb
tdiary-5.0.5 vendor/bundle/gems/tdiary-5.0.4/vendor/bundle/gems/activesupport-5.0.2/lib/active_support/security_utils.rb
activesupport-4.2.9 lib/active_support/security_utils.rb