/usr/share/doc/ruby-securecompare/README.md is in ruby-securecompare 1.0.0-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 | [](http://travis-ci.org/samuelkadolph/securecompare)
[](http://badge.fury.io/rb/securecompare)
[](https://gemnasium.com/samuelkadolph/securecompare)
[](https://codeclimate.com/github/samuelkadolph/securecompare)
# securecompare
securecompare is a gem that implements a constant time string comparison method safe for use in cryptographic functions.
## Description
securecompare borrows the `secure_compare` private method from `ActiveSupport::MessageVerifier` which lets you do safely compare strings without being vulnerable to timing attacks. Useful for Basic HTTP Authentication in your rack/rails application.
## Installation
Add this line to your application's Gemfile:
```ruby
gem "securecompare"
```
And then execute:
```
$ bundle install
```
Or install it yourself as:
```
$ gem install securecompare
```
## Usage
```ruby
require "securecompare"
SecureCompare.compare("password", "password") # => true
SecureCompare.compare("password", "passw0rd") # => false
```
```ruby
require "securecompare"
class Password < String
include SecureCompare
def ==(other)
secure_compare(self, other)
end
end
Password.new("password") == "password" # => true
Password.new("password") == "passw0rd" # => false
```
```ruby
require "securecompare"
class ApplicationController < ActionController::Base
include SecureCompare
before_filter :authenticate
proctected
def authenticate
authenticate_or_request_with_http_basic("My Rails App") do |username, password|
secure_compare(username, "username") & secure_compare(password, "password")
end
end
end
```
## Contributing
Fork, branch & pull request.
|