uawdijnntqw1x1x1
IP : 216.73.216.86
Hostname : 6.87.74.97.host.secureserver.net
Kernel : Linux 6.87.74.97.host.secureserver.net 4.18.0-553.83.1.el8_10.x86_64 #1 SMP Mon Nov 10 04:22:44 EST 2025 x86_64
Disable Function : None :)
OS : Linux
PATH:
/
home
/
emeraadmin
/
.razor
/
..
/
www
/
PSCU
/
..
/
node_modules
/
interpret
/
..
/
debug
/
..
/
..
/
4d695
/
scmp.tar
/
/
benchmark/benchmark.js000064400000001415151701467500010775 0ustar00'use strict' const Benchmark = require('benchmark') const scmp = require('../') // `safe-buffer` in case `Buffer.from` in newer versions of node aren't available const Buffer = require('safe-buffer').Buffer const HASH1 = Buffer.from('e727d1464ae12436e899a726da5b2f11d8381b26', 'hex') const HASH2 = Buffer.from('f727d1464ae12436e899a726da5b2f11d8381b26', 'hex') const suite = new Benchmark.Suite() suite.add('short-circuit compares', function () { // eslint-disable-next-line no-unused-expressions HASH1 === HASH2 }) .add('scmp compares', function () { scmp(HASH1, HASH2) }) .on('cycle', function (event) { console.log(String(event.target)) }) .on('complete', function () { console.log('Fastest is ' + this.filter('fastest').map('name')) }) .run() benchmark/crypto-check.js000064400000001701151701467500011434 0ustar00'use strict' const crypto = require('crypto') const Benchmark = require('benchmark') const scmpCompare = require('../lib/scmpCompare') const compareFn = crypto.timingSafeEqual || scmpCompare // `safe-buffer` in case `Buffer.from` in newer versions of node aren't available const Buffer = require('safe-buffer').Buffer const HASH1 = Buffer.from('e727d1464ae12436e899a726da5b2f11d8381b26', 'hex') const HASH2 = Buffer.from('f727d1464ae12436e899a726da5b2f11d8381b26', 'hex') const suite = new Benchmark.Suite() suite.add('crypto check each fn call', function () { if (crypto.timingSafeEqual) { return crypto.timingSafeEqual(HASH1, HASH2) } return scmpCompare(HASH1, HASH2) }) .add('crypto check once', function () { return compareFn(HASH1, HASH2) }) .on('cycle', function (event) { console.log(String(event.target)) }) .on('complete', function () { console.log('Fastest is ' + this.filter('fastest').map('name')) }) .run() package.json000064400000003145151701467500007043 0ustar00{ "_from": "scmp@^2.1.0", "_id": "scmp@2.1.0", "_inBundle": false, "_integrity": "sha512-o/mRQGk9Rcer/jEEw/yw4mwo3EU/NvYvp577/Btqrym9Qy5/MdWGBqipbALgd2lrdWTJ5/gqDusxfnQBxOxT2Q==", "_location": "/scmp", "_phantomChildren": {}, "_requested": { "type": "range", "registry": true, "raw": "scmp@^2.1.0", "name": "scmp", "escapedName": "scmp", "rawSpec": "^2.1.0", "saveSpec": null, "fetchSpec": "^2.1.0" }, "_requiredBy": [ "/twilio" ], "_resolved": "https://registry.npmjs.org/scmp/-/scmp-2.1.0.tgz", "_shasum": "37b8e197c425bdeb570ab91cc356b311a11f9c9a", "_spec": "scmp@^2.1.0", "_where": "C:\\xampp\\htdocs\\emeraltd\\node_modules\\twilio", "author": { "name": "Sean Lavine" }, "bugs": { "url": "https://github.com/freewil/scmp/issues" }, "bundleDependencies": false, "dependencies": {}, "deprecated": false, "description": "safe, constant-time comparison of Buffers", "devDependencies": { "benchmark": "^2.1.4", "mocha": "^6.2.0", "safe-buffer": "^5.1.2", "standard": "^14.3.1" }, "homepage": "https://github.com/freewil/scmp#readme", "keywords": [ "safe-compare", "compare", "time-equivalent-comparison", "time equivalent", "constant-time", "constant time" ], "license": "BSD-3-Clause", "main": "index.js", "name": "scmp", "repository": { "type": "git", "url": "git://github.com/freewil/scmp.git" }, "scripts": { "posttest": "node benchmark/benchmark.js && node benchmark/crypto-check.js", "pretest": "standard --verbose", "test": "mocha" }, "version": "2.1.0" } lib/scmpCompare.js000064400000000275151701467510010134 0ustar00'use strict' module.exports = function scmpCompare (a, b) { const len = a.length let result = 0 for (let i = 0; i < len; ++i) { result |= a[i] ^ b[i] } return result === 0 } .travis.yml000064400000000064151701467510006664 0ustar00language: node_js node_js: - "6" - "8" - "10" test/test.js000064400000002363151701467510007053 0ustar00/* eslint-env mocha */ 'use strict' const assert = require('assert') const scmp = require('../') // use safe-buffer in case Buffer.from in newer versions of node aren't // available const Buffer = require('safe-buffer').Buffer describe('scmp', function () { it('should return true for identical strings', function () { assert(scmp(Buffer.from('a', 'utf8'), Buffer.from('a', 'utf8'))) assert(scmp(Buffer.from('abc', 'utf8'), Buffer.from('abc', 'utf8'))) assert(scmp(Buffer.from('e727d1464ae12436e899a726da5b2f11d8381b26', 'hex'), Buffer.from('e727d1464ae12436e899a726da5b2f11d8381b26', 'hex'))) }) it('should return false for non-identical strings', function () { assert(!scmp(Buffer.from('a', 'utf8'), Buffer.from('b', 'utf8'))) assert(!scmp(Buffer.from('abc', 'utf8'), Buffer.from('b', 'utf8'))) assert(!scmp(Buffer.from('e727d1464ae12436e899a726da5b2f11d8381b26', 'hex'), Buffer.from('e727e1b80e448a213b392049888111e1779a52db', 'hex'))) }) it('should throw errors for non-Buffers', function () { assert.throws(scmp.bind(null, 'a', {})) assert.throws(scmp.bind(null, {}, 'b')) assert.throws(scmp.bind(null, 1, 2)) assert.throws(scmp.bind(null, undefined, 2)) assert.throws(scmp.bind(null, null, 2)) }) }) LICENSE000064400000002746151701467510005571 0ustar00Copyright (c) 2014, Sean Lavine All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the scmp project nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. index.js000064400000001713151701467510006222 0ustar00'use strict' const crypto = require('crypto') const scmpCompare = require('./lib/scmpCompare') /** * Does a constant-time Buffer comparison by not short-circuiting * on first sign of non-equivalency. * * @param {Buffer} a The first Buffer to be compared against the second * @param {Buffer} b The second Buffer to be compared against the first * @return {Boolean} */ module.exports = function scmp (a, b) { // check that both inputs are buffers if (!Buffer.isBuffer(a) || !Buffer.isBuffer(b)) { throw new Error('Both scmp args must be Buffers') } // return early here if buffer lengths are not equal since timingSafeEqual // will throw if buffer lengths are not equal if (a.length !== b.length) { return false } // use crypto.timingSafeEqual if available (since Node.js v6.6.0), // otherwise use our own scmp-internal function. if (crypto.timingSafeEqual) { return crypto.timingSafeEqual(a, b) } return scmpCompare(a, b) } HISTORY.md000064400000000626151701467510006242 0ustar00# History ## v2.1.0 (2019/12/26) * code now uses `standard` as linter * `var` has been replaced with `const` and `let` * code now executed in strict mode ## v2.0.0 (2016/11/05) * Buffers are now required to be passed as arguments. In 1.x, the arguments were assumed to be strings, and were always run through `String()`. * Starting with Node.js v6.6.0, use `crypto.timingSafeEqual()` (if available). README.md000064400000001771151701467510006040 0ustar00# scmp [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [travis-image]: https://travis-ci.org/freewil/scmp.svg?branch=master [travis-url]: https://travis-ci.org/freewil/scmp [npm-image]: https://img.shields.io/npm/v/scmp.svg?style=flat [npm-url]: https://npmjs.org/package/scmp [downloads-image]: https://img.shields.io/npm/dm/scmp.svg?style=flat [downloads-url]: https://npmjs.org/package/scmp Safe, constant-time comparison of Buffers. ## Install ``` npm install scmp ``` ## Why? To minimize vulnerability against [timing attacks](http://codahale.com/a-lesson-in-timing-attacks/). ## Example ```js const scmp = require('scmp'); const Buffer = require('safe-buffer').Buffer; const hash = Buffer.from('e727d1464ae12436e899a726da5b2f11d8381b26', 'hex'); const givenHash = Buffer.from('e727e1b80e448a213b392049888111e1779a52db', 'hex'); if (scmp(hash, givenHash)) { console.log('good hash'); } else { console.log('bad hash'); } ```
/home/emeraadmin/.razor/../www/PSCU/../node_modules/interpret/../debug/../../4d695/scmp.tar