Plug

v1.5.0-rc.0

Plug v1.5.0-rc.0 Plug.Crypto View Source

Namespace and module for Crypto functionality.

Please see Plug.Crypto.KeyGenerator, Plug.Crypto.MessageEncryptor, and Plug.Crypto.MessageVerifier for more functionality.

Link to this section Summary

Functions

mask(left, right)

Masks the token on the left with the token on the right

masked_compare(left, right, mask)

Compares the two binaries (one being masked) in constant-time to avoid timing attacks

safe_binary_to_term(binary, opts \\ [])

A restricted version a :erlang.binary_to_term/1 that forbids possibly unsafe terms

secure_compare(left, right)

Compares the two binaries in constant-time to avoid timing attacks

Link to this section Functions

Link to this function mask(left, right) View Source

Masks the token on the left with the token on the right.

Both tokens are required to have the same size.

Link to this function masked_compare(left, right, mask) View Source

Compares the two binaries (one being masked) in constant-time to avoid timing attacks.

It is assumed the right token is masked according to the given mask.

Link to this function safe_binary_to_term(binary, opts \\ []) View Source

A restricted version a :erlang.binary_to_term/1 that forbids possibly unsafe terms.

Link to this function secure_compare(left, right) View Source

Compares the two binaries in constant-time to avoid timing attacks.

See: http://codahale.com/a-lesson-in-timing-attacks/