akanealw
eec8c28fb3
Some checks failed
Go Benchmark / Performance Regression Check (push) Has been cancelled
Cerberus Integration / Cerberus Security Stack Integration (push) Has been cancelled
Upload Coverage to Codecov / Backend Codecov Upload (push) Has been cancelled
Upload Coverage to Codecov / Frontend Codecov Upload (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (go) (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Has been cancelled
CrowdSec Integration / CrowdSec Bouncer Integration (push) Has been cancelled
Docker Build, Publish & Test / build-and-push (push) Has been cancelled
Quality Checks / Auth Route Protection Contract (push) Has been cancelled
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Has been cancelled
Quality Checks / Backend (Go) (push) Has been cancelled
Quality Checks / Frontend (React) (push) Has been cancelled
Rate Limit integration / Rate Limiting Integration (push) Has been cancelled
Security Scan (PR) / Trivy Binary Scan (push) Has been cancelled
Supply Chain Verification (PR) / Verify Supply Chain (push) Has been cancelled
WAF integration / Coraza WAF Integration (push) Has been cancelled
Docker Build, Publish & Test / Security Scan PR Image (push) Has been cancelled
Repo Health Check / Repo health (push) Has been cancelled
History Rewrite Dry-Run / Dry-run preview for history rewrite (push) Has been cancelled
Prune Renovate Branches / prune (push) Has been cancelled
Renovate / renovate (push) Has been cancelled
Nightly Build & Package / sync-development-to-nightly (push) Has been cancelled
Nightly Build & Package / Trigger Nightly Validation Workflows (push) Has been cancelled
Nightly Build & Package / build-and-push-nightly (push) Has been cancelled
Nightly Build & Package / test-nightly-image (push) Has been cancelled
Nightly Build & Package / verify-nightly-supply-chain (push) Has been cancelled
Update GeoLite2 Checksum / update-checksum (push) Has been cancelled
Container Registry Prune / prune-ghcr (push) Has been cancelled
Container Registry Prune / prune-dockerhub (push) Has been cancelled
Container Registry Prune / summarize (push) Has been cancelled
Supply Chain Verification / Verify SBOM (push) Has been cancelled
Supply Chain Verification / Verify Release Artifacts (push) Has been cancelled
Supply Chain Verification / Verify Docker Image Supply Chain (push) Has been cancelled
Monitor Caddy Major Release / check-caddy-major (push) Has been cancelled
Weekly Nightly to Main Promotion / Verify Nightly Branch Health (push) Has been cancelled
Weekly Nightly to Main Promotion / Create Promotion PR (push) Has been cancelled
Weekly Nightly to Main Promotion / Trigger Missing Required Checks (push) Has been cancelled
Weekly Nightly to Main Promotion / Notify on Failure (push) Has been cancelled
Weekly Nightly to Main Promotion / Workflow Summary (push) Has been cancelled
43 lines
1.8 KiB
Go
Executable File
43 lines
1.8 KiB
Go
Executable File
package util
|
|
|
|
import (
|
|
"crypto/subtle"
|
|
)
|
|
|
|
// ConstantTimeCompare compares two strings in constant time to prevent comparison timing attacks.
|
|
//
|
|
// PROTECTION SCOPE:
|
|
// This function protects against timing attacks during the comparison operation itself,
|
|
// where an attacker might measure how long it takes to compare two strings byte-by-byte
|
|
// to infer information about the expected value.
|
|
//
|
|
// IMPORTANT LIMITATIONS:
|
|
// This does NOT protect against timing variance in database queries. If you retrieve a token
|
|
// from the database (e.g., WHERE invite_token = ?), the DB query timing will vary based on
|
|
// whether the token exists, potentially revealing information to an attacker through timing analysis.
|
|
// See backend/internal/api/handlers/user_handler.go for examples of this limitation.
|
|
//
|
|
// DEFENSE-IN-DEPTH:
|
|
// Despite this limitation, using constant-time comparison is still valuable as part of a
|
|
// defense-in-depth strategy. It eliminates one potential timing leak and should be used
|
|
// when comparing sensitive values like API keys, tokens, or passwords that are already
|
|
// in memory.
|
|
//
|
|
// Returns true if the strings are equal, false otherwise.
|
|
func ConstantTimeCompare(a, b string) bool {
|
|
aBytes := []byte(a)
|
|
bBytes := []byte(b)
|
|
|
|
// subtle.ConstantTimeCompare returns 1 if equal, 0 if not
|
|
return subtle.ConstantTimeCompare(aBytes, bBytes) == 1
|
|
}
|
|
|
|
// ConstantTimeCompareBytes compares two byte slices in constant time to prevent comparison timing attacks.
|
|
//
|
|
// This function has the same protection scope and limitations as ConstantTimeCompare.
|
|
// See ConstantTimeCompare documentation for details on what this protects against and
|
|
// what it does NOT protect against (e.g., database query timing variance).
|
|
func ConstantTimeCompareBytes(a, b []byte) bool {
|
|
return subtle.ConstantTimeCompare(a, b) == 1
|
|
}
|