From f69e3040f77ac52f3b4ffe29b328f417f703b00c Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Fri, 20 Feb 2026 12:32:14 +0100
Subject: [PATCH] [PATCH] crypto: use timing-safe comparison in Web
 Cryptography HMAC

Use `CRYPTO_memcmp` instead of `memcmp` in `HMAC`
Web Cryptography algorithm implementations.

Ref: https://hackerone.com/reports/3533945
PR-URL: https://github.com/nodejs-private/node-private/pull/831
Refs: https://hackerone.com/reports/3533945
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
CVE-ID: CVE-2026-21713

Gbp-Pq: Topic sec
Gbp-Pq: Name 50-crypto-use-timing-safe-comparison-HMAC.patch
---
 src/crypto/crypto_hmac.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/crypto/crypto_hmac.cc b/src/crypto/crypto_hmac.cc
index 0b42a6623..e66755bfa 100644
--- a/src/crypto/crypto_hmac.cc
+++ b/src/crypto/crypto_hmac.cc
@@ -268,7 +268,8 @@ Maybe<bool> HmacTraits::EncodeOutput(
       *result = Boolean::New(
           env->isolate(),
           out->size() > 0 && out->size() == params.signature.size() &&
-              memcmp(out->data(), params.signature.data(), out->size()) == 0);
+              CRYPTO_memcmp(
+                  out->data(), params.signature.data(), out->size()) == 0);
       break;
     default:
       UNREACHABLE();
-- 
2.30.2