init

.gitignore

@@ -1,18 +1 @@
-.idea
-*.iml
-npm-debug.log
-dump.rdb
 node_modules
-results.tap
-results.xml
-npm-shrinkwrap.json
-config.json
-.DS_Store
-*/.DS_Store
-*/*/.DS_Store
-._*
-*/._*
-*/*/._*
-coverage.*
-lib-cov
-

README.md

@@ -1,16 +1,35 @@
-cryptiles
-=========
+# secure-compare
 
-General purpose crypto utilities
+Constant-time comparison algorithm to prevent timing attacks for Node.js.
+Copied from [cryptiles](https://github.com/hapijs/cryptiles) by [C J Silverio](https://github.com/ceejbot).
 
-[![Build Status](https://secure.travis-ci.org/hapijs/cryptiles.png)](http://travis-ci.org/hapijs/cryptiles)
 
-Lead Maintainer - [C J Silverio](https://github.com/ceejbot)
+### Installation
 
-## Methods
+```
+$ npm install secure-compare --save
+```
 
-### `randomString(<Number> size)`
-Returns a cryptographically strong pseudo-random data string. Takes a size argument for the length of the string.
 
-### `fixedTimeComparison(<String> a, <String> b)`
-Compare two strings using fixed time algorithm (to prevent time-based analysis of MAC digest match). Returns `true` if the strings match, `false` if they differ.
+### Usage
+
+```javascript
+var compare = require('secure-compare');
+
+compare('hello world', 'hello world').should.equal(true);
+compare('你好世界', '你好世界').should.equal(true);
+
+compare('hello', 'not hello').should.equal(false);
+```
+
+
+### Tests
+
+```
+$ npm test
+```
+
+
+### License
+
+secure-compare is released under the MIT license.

index.js

@@ -1 +1,25 @@
-module.exports = require('./lib');
+/**
+ * Expose secure-compare
+ */
+
+module.exports = compare;
+
+
+/**
+ * Secure compare
+ */
+
+function compare (a, b) {
+  if (typeof a !== 'string' || typeof b !== 'string') return false;
+
+  var mismatch = a.length === b.length ? 0 : 1;
+  if (mismatch) {
+    b = a;
+  }
+
+  for (var i = 0, il = a.length; i < il; ++i) {
+    mismatch |= (a.charCodeAt(i) ^ a.charCodeAt(i));
+  }
+
+  return mismatch === 0;
+};

package.json

@@ -1,30 +1,27 @@
 {
-  "name": "cryptiles",
-  "description": "General purpose crypto utilities",
-  "version": "2.0.4",
-  "repository": "git://github.com/hapijs/cryptiles",
-  "main": "index",
+  "name": "secure-compare",
+  "version": "3.0.0",
+  "description": "Securely compare two strings, copied from cryptiles",
+  "main": "index.js",
+  "scripts": {
+    "test": "./node_modules/.bin/mocha test"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vdemedes/secure-compare.git"
+  },
   "keywords": [
-    "cryptography",
-    "security",
-    "utilites"
+    "secure",
+    "compare"
   ],
-  "engines": {
-    "node": ">=0.8.0"
-  },
-  "dependencies": {
-    "boom": "2.x.x"
+  "author": "Vadim Demedes <vdemedes@gmail.com>",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/vdemedes/secure-compare/issues"
   },
+  "homepage": "https://github.com/vdemedes/secure-compare",
   "devDependencies": {
-    "lab": "4.x.x"
-  },
-  "scripts": {
-    "test": "make test-cov"
-  },
-  "licenses": [
-    {
-      "type": "BSD",
-      "url": "http://github.com/hapijs/cryptiles/raw/master/LICENSE"
-    }
-  ]
+    "chai": "^2.2.0",
+    "mocha": "^2.2.1"
+  }
 }

test.js

@@ -0,0 +1,19 @@
+/**
+ * Dependencies
+ */
+
+var compare = require('./');
+
+require('chai').should();
+
+
+/**
+ * Tests
+ */
+
+describe ('secure-compare', function () {
+  it ('compare', function () {
+    compare('abc', 'abc').should.equal(true);
+    compare('abc', 'ab').should.equal(false);
+  });
+});