1. Home
  2. Reference documentation
  3. VCL Reference
  4. Functions
  5. Cryptographic

digest.secure_is_equal

BOOLdigest.secure_is_equalSTRINGs1STRINGs2

Available inall subroutines.

Returns true if s1 and s2 are equal. Comparison time varies on the length of s1 and s2 but not the contents of s1 and s2. For strings of the same length, the comparison is done in constant time to defend against timing attacks.

Example

if (!(table.lookup(user2hashedpass, req.http.User) && digest.secure_is_equal(req.http.HashedPass, table.lookup(user2hashedpass, req.http.User)))) {
  error 401 "Unauthorized";
}

Try it out

digest.secure_is_equal is used in the following code examples. Examples apply VCL to real-world use cases and can be deployed as they are, or adapted for your own service. See the full list of code examples for more inspiration.

Click RUN on a sample below to provision a Fastly service, execute the code on Fastly, and see how the function behaves.

Apply HTTP basic auth to private endpoints

Store username/password list in an edge dictionary, authorize user at the edge, reject requests that don't have correct credentials.

User contributed notes

BETA
powered by community.fastly.com

Do you see an error in this page? Do have an interesting use case, example or edge case people should know about? Share your knowledge and help people who are reading this page! (Comments are moderated; for support, please contact support@fastly.com)

Fastly Developers
© Fastly 2023