Skip to content

An isomorphic timing-safe equality function for strings and Uint8Arrays.

License

Notifications You must be signed in to change notification settings

fabiospampinato/crypto-timing-safe-equals

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Crypto Timing-Safe Equals

An isomorphic timing-safe equality function for strings and Uint8Arrays.

This is a port of @ircmaxell's function for PHP, published here.

If you want to avoid leaking the length of your secret, you should always pass that as the first argument to the function.

Install

npm install crypto-timing-safe-equals

Usage

import timingSafeEquals from 'crypto-timing-safe-equals';

// Let's check if two strings are equal, in a timing-safe manner

timingSafeEquals ( 'secret', 'secret' ); // => true
timingSafeEquals ( 'secret', 'attempt' ); // => false

// Let's check if two Uint8Arrays are equal, in a timing-safe manner

timingSafeEquals ( new Uint8Array ([ 102, 111, 111 ]), new Uint8Array ([ 102, 111, 111 ]) ); // => true
timingSafeEquals ( new Uint8Array ([ 102, 111, 111 ]), new Uint8Array ([ 98, 97, 114 ]) ); // => false

License

MIT © Fabio Spampinato

About

An isomorphic timing-safe equality function for strings and Uint8Arrays.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published