// Not private in order to prevent optimizations.static class Blackhole { p

1. // Not private in order to prevent optimizations.
2. static class Blackhole {
3. private static void eat(long n) {
4. dummy += n;
5. }
6.  
7. // Not private in order to prevent optimizations.
8. static volatile long dummy;
9. }
10.  
11. public boolean areEqual(String input, String secret) {
12. final int length = secret.length();
13. // No need to keep the length secret.
14. if (input.length() != length) {
15. return false;
16. }
17. long delta = 0;
18. for (int i = 0; i < length; ++i) {
19. // Any char is interpreted as a non-negative number.
20. // Xoring such numbers preserves non-negativity.
21. // The result depends on every input bit, so no short-circuit is possible.
22. // Overflow is impossible, therefore diff is zero <=> all chars are the same.
23. delta += input.charAt(i) ^ secret.charAt(i);
24. }
25. Blackhole.eat(delta);
26. return delta == 0;
27. }
28.  
29. int i = 0
30. for (; ; ++i) {
31. if (input.charAt(i) != secret.charAt(i)) break;
32. }
33. for (; i < length; ++i) {
34. delta += input.charAt(i) ^ secret.charAt(i);
35. }
36.  
37. private static void eat(long n) {
38. if (n == dummy) {
39. dummy = new SecureRandom().nextLong();
40. }
41. }
42.  
43. int differences = 0, matches = 0;
44. for (int i = 0; i < length; ++i) {
45. if ((input.charAt(i) ^ secret.charAt(i)) != 0)
46. ++differences;
47. else
48. ++matches;
49. }
50.  
51. try
52. {
53. new SecureRandom().nextLong(differences);
54. }
55. catch (IllegalArgumentException) {
56. // If argument is 0 (what we want for an exact match)
57. // then nextLong() throws this exception
58. return true;
59. }
60.  
61. return false;
62.  
63. int differences = 0, i= 0;
64. for (i = 0; i < length; ++i) {
65. // ...
66. }
67.  
68. if (i != length - 1)
69. throw new Exception("..."); // Is it better Error here?
70.  
71. int differences = 0, matches = 0;
72. for (int i = 0; i <= input.length(); ++i) {
73. char secretChar = input.charAt(Math.min(input.length() - 1, i));
74. if ((input.charAt(i) ^ secretChar) != 0)
75. ++differences;
76. else
77. ++matches;
78. }
79.  
80. new SecureRandom().nextLong(differences + (input.length() ^ secret.length()));
81.  
82. int secretPasswordHash = Hash(secret);
83.  
84. public boolean areEqual(String input, String secret) {
85. if (secretPasswordHash != Hash(input))
86. return false;
87.  
88. if (input.length() != secret.length())
89. return false;
90.  
91. // With a good hash you really do not need constant-time comparison...
92. for (int i = 0; i < input.length(); ++i)
93. if (input.charAt(i) != secret.charAt(i))
94. return false;
95.  
96. return true;
97. }
98.  
99. int compareLength = min(a.length(), b.length());
100.  
101. if (compareLength == 0)
102. {
103. // at least one string is empty (zero length)
104. // so if they're both the same length, both are empty (equal)
105. return a.length() == b.length();
106. }
107.  
108. int state = 0;
109. for (int i = 0; i < compareLength; i++)
110. {
111. state |= a.charAt(i) ^ b.charAt(i);
112. }
113.  
114. return state == 0;