UNPKG

svix

Version:

Svix webhooks API client and webhook verification library

svix/svix-libs

36 lines (33 loc) 1.06 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
// Copyright 2018-2022 the Deno authors. All rights reserved. MIT license. // https://github.com/denoland/deno_std/blob/main/crypto/timing_safe_equal.ts /** Make an assertion, if not `true`, then throw. */ function assert(expr: unknown, msg = ""): asserts expr { if (!expr) { throw new Error(msg); } } /** Compare to array buffers or data views in a way that timing based attacks * cannot gain information about the platform. */ export function timingSafeEqual( a: ArrayBufferView | ArrayBufferLike | DataView, b: ArrayBufferView | ArrayBufferLike | DataView ): boolean { if (a.byteLength !== b.byteLength) { return false; } if (!(a instanceof DataView)) { a = new DataView(ArrayBuffer.isView(a) ? a.buffer : a); } if (!(b instanceof DataView)) { b = new DataView(ArrayBuffer.isView(b) ? b.buffer : b); } assert(a instanceof DataView); assert(b instanceof DataView); const length = a.byteLength; let out = 0; let i = -1; while (++i < length) { out |= a.getUint8(i) ^ b.getUint8(i); } return out === 0; }