Prevent timing attacks when validating credentials

Review Request #9795 — Created March 16, 2018 and submitted — Latest diff uploaded

Information

rb-gateway
master
6ce24af...

Reviewers

We now use constant time comparison to compare the credentials to the
configuration. We also do not short circuit the operation in the case
that the username is incorrect.

Ran unit tests.