Signature
bool crypto_equal(String a, String b)
Parameters
a : first value
b : second value
return value : true if the byte strings are equal
Compares two byte strings in constant time, so the comparison takes the same time whether they differ in the first byte or the last. Always use it to check secrets such as HMACs, tokens, and password hashes — == can leak how much of a secret matched via timing.
Example
String expected = hmac_sha256_hex("key", "payload");
print(crypto_equal(expected, hmac_sha256_hex("key", "payload")) ? "valid" : "invalid", " / ");
print(crypto_equal(expected, "tampered") ? "valid" : "invalid", "\n");
Output
valid / invalid