index.js
1.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
'use strict';
// Load modules
const Crypto = require('crypto');
const Boom = require('boom');
// Declare internals
const internals = {};
// Generate a cryptographically strong pseudo-random data
exports.randomString = function (size) {
const buffer = exports.randomBits((size + 1) * 6);
if (buffer instanceof Error) {
return buffer;
}
const string = buffer.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/\=/g, '');
return string.slice(0, size);
};
// Return a random string of digits
exports.randomDigits = function (size) {
const buffer = exports.randomBits(size * 8);
if (buffer instanceof Error) {
return buffer;
}
const digits = [];
for (let i = 0; i < buffer.length; ++i) {
digits.push(Math.floor(buffer[i] / 25.6));
}
return digits.join('');
};
// Generate a buffer of random bits
exports.randomBits = function (bits) {
if (!bits ||
bits < 0) {
return Boom.internal('Invalid random bits count');
}
const bytes = Math.ceil(bits / 8);
try {
return Crypto.randomBytes(bytes);
}
catch (err) {
return Boom.internal('Failed generating random bits: ' + err.message);
}
};
// Compare two strings using fixed time algorithm (to prevent time-based analysis of MAC digest match)
exports.fixedTimeComparison = function (a, b) {
if (typeof a !== 'string' ||
typeof b !== 'string') {
return false;
}
let mismatch = (a.length === b.length ? 0 : 1);
if (mismatch) {
b = a;
}
for (let i = 0; i < a.length; ++i) {
const ac = a.charCodeAt(i);
const bc = b.charCodeAt(i);
mismatch |= (ac ^ bc);
}
return (mismatch === 0);
};