Tools for cryptography
Compare two strings to avoid timing attacks
C function memcmp() internally used by PHP, exits as soon as a difference is found in the two buffers. That makes possible of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g. password).
Parameters: |
|
---|---|
Return type: | bool |