From b4488bd4ae50c5d81b0c9570bc98a0730bd80933 Mon Sep 17 00:00:00 2001
From: armfazh <armfazh@cloudflare.com>
Date: Tue, 14 Feb 2023 06:28:05 -0800
Subject: [PATCH] Add constant time compare.

---
 cipher/ascon/ascon.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cipher/ascon/ascon.go b/cipher/ascon/ascon.go
index b4aebe85..4ff41041 100644
--- a/cipher/ascon/ascon.go
+++ b/cipher/ascon/ascon.go
@@ -5,7 +5,7 @@
 package ascon
 
 import (
-	"bytes"
+	"crypto/subtle"
 	"encoding/binary"
 	"errors"
 	"math/bits"
@@ -127,7 +127,7 @@ func (a *Cipher) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, er
 	a.procText(ciphertext, plaintext, false)
 	a.finalize(tag1)
 
-	if !bytes.Equal(tag0, tag1) {
+	if subtle.ConstantTimeCompare(tag0, tag1) == 0 {
 		return nil, ErrDecryption
 	}