'use strict'

const crypto = require('crypto')

/**
 * Do a constant time string comparison. Always compare the complete strings
 * against each other to get a constant time. This method does not short-cut
 * if the two string's length differs.
 *
 * @param {string} a
 * @param {string} b
 *
 * @return {boolean}
 */
module.exports = function(a, b) {
    const strA = String(a)
    const strB = String(b)

    const len = Math.max(Buffer.byteLength(strA), Buffer.byteLength(strB))

    const bufA = Buffer.alloc(len, 0, 'utf8')
    bufA.write(strA)

    const bufB = Buffer.alloc(len, 0, 'utf8')
    bufB.write(strB)

    return crypto.timingSafeEqual(bufA, bufB)
}