Plug.Crypto

v1.0.0

Plug.Crypto v1.0.0 Plug.Crypto View Source

Namespace and module for crypto-related functionality.

Please see Plug.Crypto.KeyGenerator, Plug.Crypto.MessageEncryptor, and Plug.Crypto.MessageVerifier for more functionality.

Link to this section Summary

Functions

mask(left, right)

Masks the token on the left with the token on the right

masked_compare(left, right, mask)

Compares the two binaries (one being masked) in constant-time to avoid timing attacks

prune_args_from_stacktrace(stacktrace)

Prunes the stacktrace to remove any argument trace

safe_binary_to_term(binary, opts \\ [])

A restricted version of :erlang.binary_to_term/2 that forbids possibly unsafe terms

secure_compare(left, right)

Compares the two binaries in constant-time to avoid timing attacks

Link to this section Functions

Link to this function mask(left, right) View Source 
mask(binary(), binary()) :: binary()

Masks the token on the left with the token on the right.

Both tokens are required to have the same size.

Link to this function masked_compare(left, right, mask) View Source 
masked_compare(binary(), binary(), binary()) :: boolean()

Compares the two binaries (one being masked) in constant-time to avoid timing attacks.

It is assumed the right token is masked according to the given mask.

Link to this function prune_args_from_stacktrace(stacktrace) View Source 
prune_args_from_stacktrace(Exception.stacktrace()) :: Exception.stacktrace()

Prunes the stacktrace to remove any argument trace.

Link to this function safe_binary_to_term(binary, opts \\ []) View Source 
safe_binary_to_term(binary(), [atom()]) :: term() | {term(), non_neg_integer()}

A restricted version of :erlang.binary_to_term/2 that forbids possibly unsafe terms.

Link to this function secure_compare(left, right) View Source 
secure_compare(binary(), binary()) :: boolean()

Compares the two binaries in constant-time to avoid timing attacks.

See: http://codahale.com/a-lesson-in-timing-attacks/