scuffle
Prevent node.js timing attacks using a combination of Knuth Fisher-Yates shuffling and random sleep, where sleep time is defined in microseconds.
For example, when comparing a stored API key with the API key sent with a user request.
Install
$ npm install scuffle
Usage
const scuffle = require("scuffle");
scuffle.compare("Hello, World!", "Hello, World!");
scuffle.compare([0, 1, 2, 3], [1, 2, 3, 4]);
scuffle.compare("Short string", "A much longer string");
scuffle.compare("Hello, World!", "Hello, World!", {minAddedTime: 200, maxAddedTime: 500});
scuffle.compare(10, "I am a string");