From c34473b4a186f1c1bf3c5430b04bafd7a37b338b Mon Sep 17 00:00:00 2001
From: Jorropo <jorropo.pgm@gmail.com>
Date: Mon, 26 Jun 2023 15:13:24 +0200
Subject: [PATCH] util: use subtle for XORing bytes

Fixes #377
---
 util/util.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/util/util.go b/util/util.go
index ffcab2f33..74cf1aaff 100644
--- a/util/util.go
+++ b/util/util.go
@@ -3,6 +3,7 @@
 package util
 
 import (
+	"crypto/subtle"
 	"errors"
 	"io"
 	"math/rand"
@@ -150,9 +151,9 @@ func IsValidHash(s string) bool {
 
 // XOR takes two byte slices, XORs them together, returns the resulting slice.
 func XOR(a, b []byte) []byte {
+	_ = b[len(a)-1] // keeping same behaviour as previously but this looks like a bug
+
 	c := make([]byte, len(a))
-	for i := 0; i < len(a); i++ {
-		c[i] = a[i] ^ b[i]
-	}
+	subtle.XORBytes(c, a, b)
 	return c
 }