diff options
Diffstat (limited to 'modules/caddyhttp/caddyauth/hashes.go')
| -rw-r--r-- | modules/caddyhttp/caddyauth/hashes.go | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/modules/caddyhttp/caddyauth/hashes.go b/modules/caddyhttp/caddyauth/hashes.go index a515c09..13010db 100644 --- a/modules/caddyhttp/caddyauth/hashes.go +++ b/modules/caddyhttp/caddyauth/hashes.go @@ -15,6 +15,8 @@ package caddyauth import ( + "crypto/subtle" + "github.com/caddyserver/caddy/v2" "golang.org/x/crypto/bcrypt" "golang.org/x/crypto/scrypt" @@ -103,6 +105,10 @@ func (s ScryptHash) Compare(hashed, plaintext, salt []byte) (bool, error) { return false, nil } +func hashesMatch(pwdHash1, pwdHash2 []byte) bool { + return subtle.ConstantTimeCompare(pwdHash1, pwdHash2) == 1 +} + // Interface guards var ( _ Comparer = (*BcryptHash)(nil) |