hare

The Hare programming language
git clone https://git.torresjrjr.com/hare.git
Log | Files | Refs | README | LICENSE
commit 36453c2551f6dcc542bce4377e3822ff156367f6
parent 31ec76f3816769c34b84cbac52bc7242f1585b73
Author: Sebastian <sebastian@sebsite.pw>
Date:   Fri, 25 Feb 2022 19:18:57 -0500

bytes: add security warning to equal function

Signed-off-by: Sebastian <sebastian@sebsite.pw>

Diffstat:

Mbytes/equal.ha | 4++++


1 file changed, 4 insertions(+), 0 deletions(-)

diff --git a/bytes/equal.ha b/bytes/equal.ha
@@ -2,6 +2,10 @@
 // (c) 2021 Drew DeVault <sir@cmpwn.com>
 
 // Returns true if the two byte sequences are identical.
+//
+// This function should NOT be used with sensitive data such as cryptographic
+// hashes. In such a case, the constant-time [[crypto::compare]] should be used
+// instead.
 export fn equal(a: []u8, b: []u8) bool = {
 	if (len(a) != len(b)) {
 		return false;