node_modules/tsscmp/lib/index.js - nifi-fds - Git at Google

 'use strict';

 // Implements Brad Hill's Double HMAC pattern from
 // https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2011/february/double-hmac-verification/.
 // The approach is similar to the node's native implementation of timing safe buffer comparison that will be available on v6+.
 // https://github.com/nodejs/node/issues/3043
 // https://github.com/nodejs/node/pull/3073

 var crypto = require('crypto');

 function bufferEqual(a, b) {
   if (a.length !== b.length) {
     return false;
   }
   for (var i = 0; i < a.length; i++) {
     if (a[i] !== b[i]) {
       return false;
     }
   }
   return true;
 }

 function timeSafeCompare(a, b) {
   var sa = String(a);
   var sb = String(b);
   var key = crypto.pseudoRandomBytes(32);
   var ah = crypto.createHmac('sha256', key).update(sa).digest();
   var bh = crypto.createHmac('sha256', key).update(sb).digest();

   return bufferEqual(ah, bh) && a === b;
 }

 module.exports = timeSafeCompare;
	'use strict';

	// Implements Brad Hill's Double HMAC pattern from
	// https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2011/february/double-hmac-verification/.
	// The approach is similar to the node's native implementation of timing safe buffer comparison that will be available on v6+.
	// https://github.com/nodejs/node/issues/3043
	// https://github.com/nodejs/node/pull/3073

	var crypto = require('crypto');

	function bufferEqual(a, b) {
	if (a.length !== b.length) {
	return false;
	}
	for (var i = 0; i < a.length; i++) {
	if (a[i] !== b[i]) {
	return false;
	}
	}
	return true;
	}

	function timeSafeCompare(a, b) {
	var sa = String(a);
	var sb = String(b);
	var key = crypto.pseudoRandomBytes(32);
	var ah = crypto.createHmac('sha256', key).update(sa).digest();
	var bh = crypto.createHmac('sha256', key).update(sb).digest();

	return bufferEqual(ah, bh) && a === b;
	}

	module.exports = timeSafeCompare;