• David Symonds's avatar
    crypto/subtle: make ConstantTimeCompare return zero for args of different length. · 446bfffc
    David Symonds authored
    This is more useful than panicking, since otherwise every caller needs
    to do the length check before calling; some will forget, and have a
    potential submarine crasher as a result. Other implementations of this
    functionality do a length check.
    
    This is backward compatible, except if someone has written code that
    relies on this panicking with different length args. However, that was
    not the case before Go 1.3 either.
    
    Updates #7304.
    
    LGTM=agl
    R=agl, minux, hanwen
    CC=golang-codereviews
    https://golang.org/cl/118750043
    446bfffc
constant_time.go 1.86 KB