From f3360d51c6d069fc873a0b5563c01d37d58727c7 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Fri, 11 Dec 2015 06:17:47 +0100
Subject: Use PHP polyfills

---
 lib/private/security/stringutils.php | 60 ------------------------------------
 1 file changed, 60 deletions(-)
 delete mode 100644 lib/private/security/stringutils.php

(limited to 'lib/private/security/stringutils.php')

diff --git a/lib/private/security/stringutils.php b/lib/private/security/stringutils.php
deleted file mode 100644
index fa4342a2b45..00000000000
--- a/lib/private/security/stringutils.php
+++ /dev/null
@@ -1,60 +0,0 @@
-<?php
-/**
- * @author Lukas Reschke <lukas@owncloud.com>
- * @author Morris Jobke <hey@morrisjobke.de>
- *
- * @copyright Copyright (c) 2015, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-namespace OC\Security;
-
-class StringUtils {
-
-	/**
-	 * Compares whether two strings are equal. To prevent guessing of the string
-	 * length this is done by comparing two hashes against each other and afterwards
-	 * a comparison of the real string to prevent against the unlikely chance of
-	 * collisions.
-	 *
-	 * Be aware that this function may leak whether the string to compare have a different
-	 * length.
-	 *
-	 * @param string $expected The expected value
-	 * @param string $input The input to compare against
-	 * @return bool True if the two strings are equal, otherwise false.
-	 */
-	public static function equals($expected, $input) {
-
-		if(!is_string($expected) || !is_string($input)) {
-			return false;
-		}
-
-		if(function_exists('hash_equals')) {
-			return hash_equals($expected, $input);
-		}
-
-		$randomString = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(10);
-
-		if(hash('sha512', $expected.$randomString) === hash('sha512', $input.$randomString)) {
-			if($expected === $input) {
-				return true;
-			}
-		}
-
-		return false;
-	}
-}
\ No newline at end of file
-- 
cgit v1.2.3