Module: Increase::Util
- Defined in:
- lib/increase/util.rb
Class Method Summary collapse
-
.secure_compare(a, b) ⇒ Object
Constant time string comparison to prevent timing attacks Code borrowed from ‘stripe-ruby`, which was borrowed from ActiveSupport.
Class Method Details
.secure_compare(a, b) ⇒ Object
Constant time string comparison to prevent timing attacks Code borrowed from ‘stripe-ruby`, which was borrowed from ActiveSupport
5 6 7 8 9 10 11 12 13 |
# File 'lib/increase/util.rb', line 5 def self.secure_compare(a, b) return false unless a.bytesize == b.bytesize l = a.unpack "C#{a.bytesize}" res = 0 b.each_byte { |byte| res |= byte ^ l.shift } res.zero? end |