`crypto/subtle`

Guided tour · Crypto · pkg.go.dev →

Constant-time operations. Use these when a timing leak would compromise secrets.

ConstantTimeCompare

Compare two secrets

Returns 1 if equal, 0 otherwise. Only safe for equal-length inputs — check len first.

func eqSecret(a, b []byte) bool {
    return subtle.ConstantTimeCompare(a, b) == 1
}

Also available: ConstantTimeSelect, ConstantTimeByteEq, XORBytes