From 65ef1feb6c9cb5e200191977c81f290f5dda6e46 Mon Sep 17 00:00:00 2001
From: Bryan Ashby <bryan@l33t.codes>
Date: Wed, 20 Feb 2019 21:12:41 -0700
Subject: [PATCH] Use crypto.timingSafeEqual() vs hand rolled method for
 constant time password comparison

---
 core/user.js | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/core/user.js b/core/user.js
index 3b261dc6..43779bca 100644
--- a/core/user.js
+++ b/core/user.js
@@ -60,18 +60,6 @@ module.exports = class User {
         };
     }
 
-    static isSamePasswordSlowCompare(passBuf1, passBuf2) {
-        if(passBuf1.length !== passBuf2.length) {
-            return false;
-        }
-
-        let c = 0;
-        for(let i = 0; i < passBuf1.length; i++) {
-            c |= passBuf1[i] ^ passBuf2[i];
-        }
-        return 0 === c;
-    }
-
     isAuthenticated() {
         return true === this.authenticated;
     }
@@ -220,7 +208,7 @@ module.exports = class User {
                     const passDkBuf     = Buffer.from(passDk,   'hex');
                     const propsDkBuf    = Buffer.from(propsDk,  'hex');
 
-                    return callback(User.isSamePasswordSlowCompare(passDkBuf, propsDkBuf) ?
+                    return callback(crypto.timingSafeEqual(passDkBuf, propsDkBuf) ?
                         null :
                         Errors.AccessDenied('Invalid password')
                     );