A faster pure Ruby constant-time secure compare

fixed_length_secure_compare.rb

def fixed_length_secure_compare(a, b)
  raise ArgumentError, 'length mismatch' unless a.bytesize == b.bytesize

  res = 0
  if a.bytesize >= 4 && a.bytesize % 4 == 0
    ai = a.unpack "L*"
    bi = b.unpack "L*"
    ai.each { |int| res |= int ^ bi.shift }
  else
    ab = a.bytes
    b.each_byte { |byte| res |= byte ^ ab.shift }
  end
  res == 0
end

Against a SHA256 hexdigest:

       rails compare    157.661k (± 0.1%) i/s -    803.505k in   5.096422s
        fast compare    447.140k (± 6.1%) i/s -      2.236M in   5.016808s
     OpenSSL compare     13.818M (± 9.0%) i/s -     69.452M in   5.067903s

Might have been useful prior to OpenSSL.fixed_length_secure_compare - now it's just a bit of fun.