d26a9c3c58
This adds some security utilities to core including: - A library for basic crypto operations (e.g. to encrypt passwords) - A better library for cryptographic actions which allows you to specify the charset - A library for secure string comparisions Remove .htaccess Remove .htaccess Fix typo Add public API Use timing constant comparision Remove CBC constant Adjust code Remove confusing $this
25 lines
791 B
PHP
25 lines
791 B
PHP
<?php
|
|
/**
|
|
* Copyright (c) 2014 Lukas Reschke <lukas@owncloud.com>
|
|
* This file is licensed under the Affero General Public License version 3 or
|
|
* later.
|
|
* See the COPYING-README file.
|
|
*/
|
|
|
|
|
|
namespace OCP\Security;
|
|
|
|
class StringUtils {
|
|
/**
|
|
* Compares whether two strings are equal. To prevent guessing of the string
|
|
* length this is done by comparing two hashes against each other and afterwards
|
|
* a comparison of the real string to prevent against the unlikely chance of
|
|
* collisions.
|
|
* @param string $expected The expected value
|
|
* @param string $input The input to compare against
|
|
* @return bool True if the two strings are equal, otherwise false.
|
|
*/
|
|
public static function equals($expected, $input) {
|
|
return \OC\Security\StringUtils::equals($expected, $input);
|
|
}
|
|
}
|