You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is maybe just supposed to be a documented constraint, but it just showed up when I
tried to say "well, go does this right".
if (subtle.ConstantTimeCompare([]byte{}, []byte{'1'})) == 1) {
t.Errorf("nope")
}
If x is zero length, the returned byte is 1, instead of zero for any y input.
Also, I assume that x is supposed to be the array of unknown provenance (to prevent
attackers learning the length of y, that is secret), but that's not documented here.
The text was updated successfully, but these errors were encountered:
This function only works for slices of equal length. This is noted in the documentation.
And the argument order doesn't matter. The convention in the standard library is to
place the local slice first and the attacker-controlled slice second.
The text was updated successfully, but these errors were encountered: