<?php function hmac_compare(string $a, string $b): bool { $random = random_bytes(32); return hash_hmac('sha256', $a, $random) === hash_hmac('sha256', $b, $random); } $key = random_bytes(32); $x = hash_hmac('sha256', 'test', $key); $y = hash_hmac('sha256', 'test', $key); $z = hash_hmac('sha256', 'test2', $key); var_dump( hmac_compare($x, $y), // true hmac_compare($y, $z) );
You have javascript disabled. You will not be able to edit any code.