Supported Versions: PHP 5 >= 5.6.0, PHP 7, PHP 8
Timing attack safe string comparison
hash_equals(string $known_stringstring $user_string): bool
            $this->connection->table($this->table)->find($identifier)

        );



        return 
$user && $user->getRememberToken() && hash_equals($user->getRememberToken(), $token)

                    ? 
$user null;

    }
        $rememberToken $retrievedModel->getRememberToken();



        return 
$rememberToken && hash_equals($rememberToken$token)

                        ? 
$retrievedModel null;

    }
    protected function validMac(array $payload)

    {

        return 
hash_equals(

            
$this->hash($payload['iv'], $payload['value']), $payload['mac']

        );

    }
    public function authorize()

    {

        if (! 
hash_equals((string) $this->route('id'),

                          (string) 
$this->user()->getKey())) {

            return 
false;

        }
            return false;

        }



        if (! 
hash_equals((string) $this->route('hash'),

                          
sha1($this->user()->getEmailForVerification()))) {

            return 
false;

        }
        return is_array($payload) &&

            
is_numeric($payload['expires_at'] ?? null) &&

            isset(
$payload['mac']) &&

            
hash_equals(hash_hmac('sha256'$payload['expires_at'], $key), $payload['mac']) &&

            (int) 
$payload['expires_at'] >= Carbon::now()->getTimestamp();

    }

}
        return is_string($request->session()->token()) &&

               
is_string($token) &&

               
hash_equals($request->session()->token(), $token);

    }
        $signature hash_hmac('sha256'$originalcall_user_func($this->keyResolver));



        return 
hash_equals($signature, (string) $request->query('signature'''));

    }