JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 10899
  • Score
    100M100P100Q131988F
  • License MIT

Timing safe string equals

Package Exports

  • tsse

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (tsse) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

tsse

Travis CI Codecov npm npm version npm dependencies npm dev dependencies

⏱ Timing safe string equals.

String comparison algorithm to prevent Node.js timing attacks.

image

Install

$ npm install --save tsse

Usage

const tsse = require('tsse');

const hash      = '0a4d55a8d778e5022fab701977c5d840bbc486d0';
const givenHash = '1265a5eb08997ced279d3854629cba68a378b528';

if (tsse(hash, givenHash)) {
  console.log('good hash');
} else {
  console.log('bad hash');
}
//=> bad hash

API

tsse(strA, strB)

Does a timing sage string comparison using the native crypto.timingSafeEqual function if available or a js implemented version otherwise.

strA

Type: string

The first string.

strB

Type: string

The second string.

Authors

See also the list of contributors who participated in this project.

License

This project is licensed under the MIT License - see the LICENSE file for details.