blob: c8a046d7433235efa0adaab8aa77ffb007b83e99 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
// Load modules
var Crypto = require('crypto');
var Boom = require('boom');
// Declare internals
var internals = {};
// Generate a cryptographically strong pseudo-random data
exports.randomString = function (size) {
var buffer = exports.randomBits((size + 1) * 6);
if (buffer instanceof Error) {
return buffer;
}
var string = buffer.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/\=/g, '');
return string.slice(0, size);
};
exports.randomBits = function (bits) {
if (!bits ||
bits < 0) {
return Boom.internal('Invalid random bits count');
}
var bytes = Math.ceil(bits / 8);
try {
return Crypto.randomBytes(bytes);
}
catch (err) {
return Boom.internal('Failed generating random bits: ' + err.message);
}
};
// Compare two strings using fixed time algorithm (to prevent time-based analysis of MAC digest match)
exports.fixedTimeComparison = function (a, b) {
if (typeof a !== 'string' ||
typeof b !== 'string') {
return false;
}
var mismatch = (a.length === b.length ? 0 : 1);
if (mismatch) {
b = a;
}
for (var i = 0, il = a.length; i < il; ++i) {
var ac = a.charCodeAt(i);
var bc = b.charCodeAt(i);
mismatch |= (ac ^ bc);
}
return (mismatch === 0);
};
|
