ssh/agent: remove len check in Unlock

Unlock compares the length of the passphrase with the given one before calling subtle.ConstantTimeCompare. This is redundant, since ConstantTimeCompare already perform a lengths check before doing anything. Remove the check from Unlock. Updates golang/go#25173 Change-Id: Ib5fec3a94392bddf2996f5c6bf5a414529e86f2f Reviewed-on: https://go-review.googlesource.com/110068 Run-TryBot: Alberto Donizetti <alb.donizetti@gmail.com> Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
golang · Apr 30, 2018 · db7d123 · db7d123
1 parent b49d69b
commit db7d123
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/ssh/agent/keyring.go b/ssh/agent/keyring.go
@@ -102,7 +102,7 @@ func (r *keyring) Unlock(passphrase []byte) error {
 	if !r.locked {
 		return errors.New("agent: not locked")
 	}
-	if len(passphrase) != len(r.passphrase) || 1 != subtle.ConstantTimeCompare(passphrase, r.passphrase) {
+	if 1 != subtle.ConstantTimeCompare(passphrase, r.passphrase) {
 		return fmt.Errorf("agent: incorrect passphrase")
 	}