crypto: use byteLength in timingSafeEqual

PR-URL: https://github.com/nodejs/node/pull/29657 Co-authored-by: ZaneHannanAU <ZaneHannanAU@users.noreply.github.com> Co-authored-by: Rich Trott <rtrott@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
author: Tobias Nießen <tniessen@tnie.de> 2018-10-09 09:36:46 +1100
committer: Michaël Zasso <targos@protonmail.com> 2019-10-01 14:39:10 +0200
commit: 588b388181b2884a3f7197c462227ce05c4c2358 (patch)
tree: 6e7f7358b49ba392af92e3b7099e47ffd949d52c
parent: 6579b1a547455320bcecf00645f5623b7ccecac7 (diff)
download: node-new-588b388181b2884a3f7197c462227ce05c4c2358.tar.gz
3 files changed, 17 insertions, 3 deletions
diff --git a/lib/internal/crypto/util.js b/lib/internal/crypto/util.js
index ddef1a163c..544d44669a 100644
--- a/lib/internal/crypto/util.js
+++ b/lib/internal/crypto/util.js
@@ -78,7 +78,7 @@ function timingSafeEqual(buf1, buf2) {
     throw new ERR_INVALID_ARG_TYPE('buf2',
                                    ['Buffer', 'TypedArray', 'DataView'], buf2);
   }
-  if (buf1.length !== buf2.length) {
+  if (buf1.byteLength !== buf2.byteLength) {
     throw new ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH();
   }
   return _timingSafeEqual(buf1, buf2);
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index eff688e6f5..8412c710c9 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -750,7 +750,7 @@ E('ERR_CRYPTO_SCRYPT_NOT_SUPPORTED', 'Scrypt algorithm not supported', Error);
 // Switch to TypeError. The current implementation does not seem right.
 E('ERR_CRYPTO_SIGN_KEY_REQUIRED', 'No key provided to sign', Error);
 E('ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH',
-  'Input buffers must have the same length', RangeError);
+  'Input buffers must have the same byte length', RangeError);
 E('ERR_DNS_SET_SERVERS_FAILED', 'c-ares failed to set servers: "%s" [%s]',
   Error);
 E('ERR_DOMAIN_CALLBACK_NOT_AVAILABLE',
diff --git a/test/sequential/test-crypto-timing-safe-equal.js b/test/sequential/test-crypto-timing-safe-equal.js
index dcebef29d7..75385e5f88 100644
--- a/test/sequential/test-crypto-timing-safe-equal.js
+++ b/test/sequential/test-crypto-timing-safe-equal.js
@@ -18,12 +18,26 @@ assert.strictEqual(
   false
 );
 
+{
+  // Test TypedArrays with different lengths but equal byteLengths.
+  const buf = crypto.randomBytes(16).buffer;
+  const a1 = new Uint8Array(buf);
+  const a2 = new Uint16Array(buf);
+  const a3 = new Uint32Array(buf);
+
+  for (const left of [a1, a2, a3]) {
+    for (const right of [a1, a2, a3]) {
+      assert.strictEqual(crypto.timingSafeEqual(left, right), true);
+    }
+  }
+}
+
 common.expectsError(
   () => crypto.timingSafeEqual(Buffer.from([1, 2, 3]), Buffer.from([1, 2])),
   {
     code: 'ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH',
     type: RangeError,
-    message: 'Input buffers must have the same length'
+    message: 'Input buffers must have the same byte length'
   }
 );
author	Tobias Nießen <tniessen@tnie.de>	2018-10-09 09:36:46 +1100
committer	Michaël Zasso <targos@protonmail.com>	2019-10-01 14:39:10 +0200
commit	588b388181b2884a3f7197c462227ce05c4c2358 (patch)
tree	6e7f7358b49ba392af92e3b7099e47ffd949d52c
parent	6579b1a547455320bcecf00645f5623b7ccecac7 (diff)
download	node-new-588b388181b2884a3f7197c462227ce05c4c2358.tar.gz