Implement non-standard SubtleCrypto timingSafeEqual (cloudflare#542)

* Implement timingSafeEqual and test * Add subtlecrypto extension types * Use fancy ava methods Co-authored-by: MrBBot <[email protected]> --------- Co-authored-by: MrBBot <[email protected]>
nut163 · Mar 22, 2023 · f05a97e · f05a97e
1 parent 1271c80
commit f05a97e
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 1 deletion.
diff --git a/packages/core/src/standards/crypto.ts b/packages/core/src/standards/crypto.ts
@@ -1,4 +1,4 @@
-import { createHash, webcrypto } from "crypto";
+import { createHash, timingSafeEqual, webcrypto } from "crypto";
 import { WritableStream } from "stream/web";
 import { DOMException } from "@miniflare/core";
 import { viewToBuffer } from "@miniflare/shared";
@@ -215,6 +215,7 @@ export function createCrypto(blockGlobalRandom = false): WorkerCrypto {
       if (propertyKey === "importKey") return importKey;
       if (propertyKey === "exportKey") return exportKey;
       if (propertyKey === "sign") return sign;
+      if (propertyKey === "timingSafeEqual") return timingSafeEqual;
       if (propertyKey === "verify") return verify;
 
       let result = Reflect.get(target, propertyKey, receiver);

diff --git a/packages/core/test/standards/crypto.spec.ts b/packages/core/test/standards/crypto.spec.ts
@@ -184,6 +184,22 @@ test("crypto: sign/verify: supports other algorithm", async (t) => {
   t.true(await crypto.subtle.verify("HMAC", key, signature, data));
 });
 
+test("crypto: timingSafeEqual equals", (t) => {
+  const array1 = new Uint8Array(12);
+  array1.fill(0, 0);
+  const array2 = new Uint8Array(12);
+  array2.fill(0, 0);
+  t.true(crypto.subtle.timingSafeEqual(array1, array2));
+});
+test("crypto: timingSafeEqual not equals", (t) => {
+  const array1 = new Uint8Array(12);
+  array1.fill(0, 0);
+  const array2 = new Uint8Array(12);
+  array2.fill(0, 0);
+  array2[7] = 1;
+  t.false(crypto.subtle.timingSafeEqual(array1, array2));
+});
+
 // Checking other functions aren't broken by proxy...
 
 test("crypto: gets random values", (t) => {

diff --git a/types/crypto.d.ts b/types/crypto.d.ts
@@ -0,0 +1,10 @@
+declare module "crypto" {
+  namespace webcrypto {
+    interface SubtleCrypto {
+      timingSafeEqual(
+        a: ArrayBuffer | ArrayBufferView,
+        b: ArrayBuffer | ArrayBufferView
+      ): boolean;
+    }
+  }
+}