/** * Returns whether this response is valid. * * @param SignatureComposer $composer * @return bool */ public function isValid(SignatureComposer $composer) { // Constant Time String Comparison @see http://php.net/hash_equals if (!function_exists('hash_equals')) { // Polyfill for PHP < 5.6 return Security::hashEquals($composer->compose($this->parameters), $this->signature); } else { return hash_equals($composer->compose($this->parameters), $this->signature); } }
/** * From PHP 5.6 * * @ref https://php.net/hash_equals * * @param string $a * @param string $b * * @return boolean */ function hash_equals($known_string, $user_string) { return Future\Security::hashEquals($known_string, $user_string); }