Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/shahradelahi/timing-safe-compare

🔐 Isomorphic constant-time string and buffer comparison to prevent timing attacks.
https://github.com/shahradelahi/timing-safe-compare

browser constant-time cryptography isomorphic nodejs security timing-attack

Last synced: 2 months ago
JSON representation

🔐 Isomorphic constant-time string and buffer comparison to prevent timing attacks.

Awesome Lists containing this project

README 

          


  timing-safe-compare

  


  CI

  NPM Version

  MIT License

  npm bundle size

  Install Size




_@se-oss/timing-safe-compare_ provides constant-time string and buffer comparison for Node.js and browsers to prevent timing attacks.



---



- [Installation](#-installation)

- [Usage](#-usage)

- [Documentation](#-documentation)

- [Contributing](#-contributing)

- [License](#license)



## 📦 Installation



```bash

npm install @se-oss/timing-safe-compare

```



Install using your favorite package manager



**pnpm**



```bash

pnpm install @se-oss/timing-safe-compare

```



**yarn**



```bash

yarn add @se-oss/timing-safe-compare

```



## 📖 Usage



### String Comparison



Compare two strings in constant time. This is useful for comparing passwords, tokens, or any other sensitive data where the length is already known or handled.



```ts

import { safeCompare } from '@se-oss/timing-safe-compare';



if (safeCompare(inputPassword, storedPassword)) {

  // Passwords match

}

```



### Buffer Comparison



Compare two `Uint8Array` (or `Buffer` in Node.js) instances in constant time. Note that both buffers must have the same length.



```ts

import { timingSafeEqual } from '@se-oss/timing-safe-compare';



const a = new Uint8Array([1, 2, 3]);

const b = new Uint8Array([1, 2, 3]);



if (timingSafeEqual(a, b)) {

  // Buffers are equal

}

```



## 📚 Documentation



For all configuration options, please see [the API docs](https://www.jsdocs.io/package/@se-oss/timing-safe-compare).



## 🤝 Contributing



Want to contribute? Awesome! To show your support is to star the project, or to raise issues on [GitHub](https://github.com/shahradelahi/timing-safe-compare).



Thanks again for your support, it is much appreciated! 🙏



## License



[MIT](/LICENSE) © [Shahrad Elahi](https://github.com/shahradelahi) and [contributors](https://github.com/shahradelahi/timing-safe-compare/graphs/contributors).