hash_equals(): Avoid division by zero when $known_string is empty

hash_equals(): Avoid division by zero when $known_string is empty

Per Tim Starling's review of Icb239471, reverted back to the version of
the function from Patch Set 1 of Iece006ec, which did not have the bug.
This version does not attempt to minimize the inevitable leakage of the
string's length.

Also revised the doc comment to explain more effectively what the problem
with a normal (===) string comparison is for the use cases of this function.

Follows-up b9e1d5f5c066.

Change-Id: I1b347e69b39af3d7d8ba6673af63f1a616befbdf