projects / nodejs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6943103)
[PATCH] crypto: use timing-safe comparison in Web Cryptography HMAC
authorFilip Skokan <panva.ip@gmail.com>
Fri, 20 Feb 2026 11:32:14 +0000 (12:32 +0100)
committerJérémy Lal <kapouer@melix.org>
Tue, 24 Mar 2026 21:11:25 +0000 (22:11 +0100)
Use `CRYPTO_memcmp` instead of `memcmp` in `HMAC`
Web Cryptography algorithm implementations.

Ref: https://hackerone.com/reports/3533945
PR-URL: https://github.com/nodejs-private/node-private/pull/831
Refs: https://hackerone.com/reports/3533945
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
CVE-ID: CVE-2026-21713

Gbp-Pq: Topic sec
Gbp-Pq: Name 50-crypto-use-timing-safe-comparison-HMAC.patch

src/crypto/crypto_hmac.cc patch | blob | history

diff --git a/src/crypto/crypto_hmac.cc b/src/crypto/crypto_hmac.cc
index 0b42a66238586775c29c664749e631919d20f8ab..e66755bfa5bd05403b6bf540122f756242f3298d 100644 (file)
--- a/src/crypto/crypto_hmac.cc
+++ b/src/crypto/crypto_hmac.cc
@@ -268,7 +268,8 @@ Maybe<bool> HmacTraits::EncodeOutput(
       *result = Boolean::New(
           env->isolate(),
           out->size() > 0 && out->size() == params.signature.size() &&
-              memcmp(out->data(), params.signature.data(), out->size()) == 0);
+              CRYPTO_memcmp(
+                  out->data(), params.signature.data(), out->size()) == 0);
       break;
     default:
       UNREACHABLE();
Unnamed repository; edit this file 'description' to name the repository.