From a080a5325ce8671d87267376409387400c0bca84 Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Fri, 30 Apr 2021 12:00:40 -0700 Subject: [PATCH] wip: add HMAC to crypto.timingSafeEqual() Refs: https://github.com/nodejs/node/issues/38226 --- src/crypto/crypto_timing.cc | 41 ++++++++++++++++++++++++++++++++++++- src/crypto/crypto_timing.h | 2 ++ 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/src/crypto/crypto_timing.cc b/src/crypto/crypto_timing.cc index 0a9b167223b846..3195cf020d92d2 100644 --- a/src/crypto/crypto_timing.cc +++ b/src/crypto/crypto_timing.cc @@ -6,6 +6,8 @@ #include "node.h" #include +#include +#include namespace node { @@ -42,8 +44,45 @@ void TimingSafeEqual(const FunctionCallbackInfo& args) { return; } + uint16_t bufKey[8]; + CHECK(crypto::EntropySource(reinterpret_cast(bufKey), + sizeof(bufKey))); + char key[kKeySize]; + snprintf(key, sizeof(key), "%04x%04x%04x%04x%04x%04x%04x%04x", + bufKey[0], + bufKey[1], + bufKey[2], + bufKey[3], + bufKey[4], + bufKey[5], + bufKey[6], + bufKey[7]); + + std::array hash1; + std::array hash2; + unsigned int hash1Len; + unsigned int hash2Len; + + HMAC(EVP_sha256(), + key, + kKeySize, + reinterpret_cast(buf1.data()), + static_cast(buf1.size()), + hash1.data(), + &hash1Len); + + HMAC(EVP_sha256(), + key, + kKeySize, + reinterpret_cast(buf2.data()), + static_cast(buf2.size()), + hash2.data(), + &hash2Len); + + assert(hash1Len == hash2Len); + return args.GetReturnValue().Set( - CRYPTO_memcmp(buf1.data(), buf2.data(), buf1.size()) == 0); + CRYPTO_memcmp(hash1.data(), hash2.data(), hash1Len) == 0); } void Initialize(Environment* env, Local target) { diff --git a/src/crypto/crypto_timing.h b/src/crypto/crypto_timing.h index a164650861978c..0a98787b66f261 100644 --- a/src/crypto/crypto_timing.h +++ b/src/crypto/crypto_timing.h @@ -11,6 +11,8 @@ namespace crypto { namespace Timing { void Initialize(Environment* env, v8::Local target); +static const int kKeySize = 256; + } // namespace Timing } // namespace crypto } // namespace node