SecureComparison Equals Method CryptSharp
Compares two strings in a timing-insensitive manner.

Namespace: CryptSharp.Utility
Assembly: CryptSharp (in CryptSharp.dll) Version: 2.0.0.0
Syntax

public static bool Equals(
	string potentialAttackerSuppliedString,
	string referenceString
)

Parameters

potentialAttackerSuppliedString
Type: OnlineSystem String
The string controlled by a potential attacker.
referenceString
Type: OnlineSystem String
The string not controlled by a potential attacker.

Return Value

true if the strings are equal.
Remarks

If the reference string is zero-length, this method does not protect it against timing attacks. If the reference string is extremely long, memory caching effects may reveal that fact.
See Also