Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto.timingSafeEqual does not throw on different byteLength #27214

Closed
panva opened this issue Dec 3, 2024 · 0 comments · Fixed by #27470
Closed

crypto.timingSafeEqual does not throw on different byteLength #27214

panva opened this issue Dec 3, 2024 · 0 comments · Fixed by #27470
Assignees
@littledivy
Labels
bug Something isn't working correctly crypto Related to node:crypto or WebCrypto node compat

Comments

@panva
Copy link
Contributor

panva commented Dec 3, 2024

Version: Deno 2.1.2

See https://nodejs.org/api/crypto.html#cryptotimingsafeequala-b

they must have the same byte length. An error is thrown if a and b have different byte lengths

deno/ext/node/polyfills/internal_binding/_timingSafeEqual.ts

Lines 21 to 23 in 2fbc5fe

if (a.byteLength !== b.byteLength) {
return false;
}

Node:

globalThis.process?.getBuiltinModule?.('node:crypto')?.timingSafeEqual(new Uint8Array(), new Uint8Array([1,2]))
Uncaught [RangeError: Input buffers must have the same byte length] {
  code: 'ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH'
}

Deno:

globalThis.process?.getBuiltinModule?.('node:crypto')?.timingSafeEqual(new Uint8Array(), new Uint8Array([1,2]))
false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@littledivy littledivy

Labels
bug Something isn't working correctly crypto Related to node:crypto or WebCrypto node compat
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(ext/node): RangeError timingSafeEqual with different byteLength littledivy/deno
3 participants
@panva @marvinhagemeister @littledivy