/scmp

safe, constant-time string comparison

Primary LanguageJavaScriptBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

scmp

travis npm downloads

Safe, constant-time comparison of strings.

Install

npm install scmp

Why?

To minimize vulnerability against timing attacks.

Examples

var scmp = require('scmp');

var hash      = 'e727d1464ae12436e899a726da5b2f11d8381b26';
var givenHash = 'e727e1b80e448a213b392049888111e1779a52db';

if (scmp(hash, givenHash)) {
  console.log('good hash');
} else {
  console.log('bad hash');
}