To prevent timing attacks, sometimes you'd want to compare bytes (like hashes) in constant time, since this can give the attacker information on how far they have matched the bytes.
This is a semi-quick example of what it might/would look like (did not compile, might have errors)
(based it off of constEq from the memory package)
constEq :: ByteString -> ByteString -> Bool
constEq (BS fptr1 len1) (BS fptr2 len2)
| len1 /= len2 = False
| otherwise = accursedUnutterablePerformIO $ do
withForeignPtr fptr1 $ \ptr1 ->
withForeignPtr fptr2 $ \ptr2 ->
let loop i !acc
| i == len1 = pure $! acc == 0
| otherwise = do
mZero <- xor <$> peekByteOff i ptr1 <*> (peekByteOff i ptr2 :: IO Word8)
loop (i + 1) (acc .|. mZero)
in loop 0 0
To prevent timing attacks, sometimes you'd want to compare bytes (like hashes) in constant time, since this can give the attacker information on how far they have matched the bytes.
This is a semi-quick example of what it might/would look like (did not compile, might have errors) (based it off of
constEqfrom thememorypackage)