Skip to content

Commit

Permalink
crypto: use byteLength in timingSafeEqual
Browse files Browse the repository at this point in the history
PR-URL: #29657
Co-authored-by: ZaneHannanAU <ZaneHannanAU@users.noreply.github.com>
Co-authored-by: Rich Trott <rtrott@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
  • Loading branch information
3 people authored and targos committed Oct 1, 2019
1 parent 6579b1a commit 588b388
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 3 deletions.
2 changes: 1 addition & 1 deletion lib/internal/crypto/util.js
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ function timingSafeEqual(buf1, buf2) {
throw new ERR_INVALID_ARG_TYPE('buf2',
['Buffer', 'TypedArray', 'DataView'], buf2);
}
if (buf1.length !== buf2.length) {
if (buf1.byteLength !== buf2.byteLength) {
throw new ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH();
}
return _timingSafeEqual(buf1, buf2);
Expand Down
2 changes: 1 addition & 1 deletion lib/internal/errors.js
Original file line number Diff line number Diff line change
Expand Up @@ -750,7 +750,7 @@ E('ERR_CRYPTO_SCRYPT_NOT_SUPPORTED', 'Scrypt algorithm not supported', Error);
// Switch to TypeError. The current implementation does not seem right.
E('ERR_CRYPTO_SIGN_KEY_REQUIRED', 'No key provided to sign', Error);
E('ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH',
'Input buffers must have the same length', RangeError);
'Input buffers must have the same byte length', RangeError);
E('ERR_DNS_SET_SERVERS_FAILED', 'c-ares failed to set servers: "%s" [%s]',
Error);
E('ERR_DOMAIN_CALLBACK_NOT_AVAILABLE',
Expand Down
16 changes: 15 additions & 1 deletion test/sequential/test-crypto-timing-safe-equal.js
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,26 @@ assert.strictEqual(
false
);

{
// Test TypedArrays with different lengths but equal byteLengths.
const buf = crypto.randomBytes(16).buffer;
const a1 = new Uint8Array(buf);
const a2 = new Uint16Array(buf);
const a3 = new Uint32Array(buf);

for (const left of [a1, a2, a3]) {
for (const right of [a1, a2, a3]) {
assert.strictEqual(crypto.timingSafeEqual(left, right), true);
}
}
}

common.expectsError(
() => crypto.timingSafeEqual(Buffer.from([1, 2, 3]), Buffer.from([1, 2])),
{
code: 'ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH',
type: RangeError,
message: 'Input buffers must have the same length'
message: 'Input buffers must have the same byte length'
}
);

Expand Down

0 comments on commit 588b388

Please sign in to comment.