UNPKG

@h0llyw00dzz/crypto-rand

Version:

Cryptographically secure random utilities for Node.js and browsers

github.com/H0llyW00dzZ/crypto-rand

H0llyW00dzZ/crypto-rand

24 lines (23 loc) 1.23 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
/** * Internal constant time utilities for cryptographic operations. * These functions are intended for internal use only within the crypto-rand package, * such as for testing purposes. */ /** * Performs a constant-time comparison of two values to prevent timing attacks. * * This function compares two values (strings, Buffers, or Uint8Arrays) in a way that * takes the same amount of time regardless of how many bytes match. This is important * for cryptographic operations to prevent timing attacks where an attacker could * determine secret values by measuring the time it takes to compare them. * * **Note:** This implementation is essentially the same as previous constant-time comparison functions (SHA: ***8575fdccff6aa7bedabb638cfb8a7394e0f9e1a4***), * using the standard pattern of bitwise operations to ensure timing consistency. * * **TODO:** Consider reverting this later to roll back to SHA: ***8575fdccff6aa7bedabb638cfb8a7394e0f9e1a4***. * * @param a - First value to compare * @param b - Second value to compare * @returns A boolean indicating whether the values are equal */ export declare function constantTimeCompare(a: string | Buffer | Uint8Array, b: string | Buffer | Uint8Array): boolean;