You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At the time we were working on this there were some heated arguments (in erlang/otp#2749 and erlang/otp#4750) about this function. We neglected to update the document with the final name. Thanks for the heads-up, I proposed a fix.
The page https://github.com/erlef/security-wg/blob/master/docs/secure_coding_and_deployment_hardening/timing_attacks.md describes a function
crypto:equal_const_time/2
which is not documented. It seems an official API has been added in erlang/otp#4750 calledcrypto:hash_equals/2
which should probably be recommended instead?The text was updated successfully, but these errors were encountered: