github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 23:34:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): SHA-256 hash before timingSafeEqual to prevent length leak (#20856)

Browse Source 
The previous implementation returned early when buffer lengths differed,
leaking the expected secret's length via timing side-channel. Hashing both
inputs with SHA-256 before comparison ensures fixed-length buffers and
constant-time comparison regardless of input lengths.
This commit is contained in:
David Rudduck
2026-02-19 21:16:35 +10:00
committed by GitHub
parent baf4a799a9
commit f1e1ad73ad
1 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/security/secret-equal.ts
View File

@@ -1,4 +1,4 @@
import { timingSafeEqual } from "node:crypto"; import { createHash, timingSafeEqual } from "node:crypto";
export function safeEqualSecret( export function safeEqualSecret(
provided: string | undefined | null, provided: string | undefined | null,
@@ -7,10 +7,6 @@ export function safeEqualSecret(
if (typeof provided !== "string" || typeof expected !== "string") { if (typeof provided !== "string" || typeof expected !== "string") {
return false; return false;
} }
const providedBuffer = Buffer.from(provided); const hash = (s: string) => createHash("sha256").update(s).digest();
const expectedBuffer = Buffer.from(expected); return timingSafeEqual(hash(provided), hash(expected));
if (providedBuffer.length !== expectedBuffer.length) {
return false;
}
return timingSafeEqual(providedBuffer, expectedBuffer);
} }