Use `subtle` for constant-time compare
cjpatton opened this issue · comments
Christopher Patton commented
When validating a bearer token we use a constant-time comparison algorithm in order to avoid leaking bits of the bearer token via a side channel: https://github.com/cloudflare/daphne/blob/main/daphne/src/messages/mod.rs#L1184
We should replace this with the implementation in the subtle
crate, since the code is delicate and easy to get wrong.