f1e1ad73ad
The previous implementation returned early when buffer lengths differed, leaking the expected secret's length via timing side-channel. Hashing both inputs with SHA-256 before comparison ensures fixed-length buffers and constant-time comparison regardless of input lengths.
13 lines
407 B
TypeScript
13 lines
407 B
TypeScript
import { createHash, timingSafeEqual } from "node:crypto";
|
|
|
|
export function safeEqualSecret(
|
|
provided: string | undefined | null,
|
|
expected: string | undefined | null,
|
|
): boolean {
|
|
if (typeof provided !== "string" || typeof expected !== "string") {
|
|
return false;
|
|
}
|
|
const hash = (s: string) => createHash("sha256").update(s).digest();
|
|
return timingSafeEqual(hash(provided), hash(expected));
|
|
}
|