fix: always perform timing safe euqal check on PKCE challenge

Author: jankapunkt

lib/grant-types/authorization-code-grant-type.js

@@ -160,9 +160,7 @@ class AuthorizationCodeGrantType extends AbstractGrantType {
 
       // xxx: Use timingSafeEqual to prevent against timing attacks when comparing
       // the hash of the code_verifier to the stored code_challenge.
-      const hashesAreEqual = crypto.timingSafeEqual(Buffer.from(hash), Buffer.from(code.codeChallenge));
-
-      if (!hashesAreEqual) {
+      if (!this.hashesAreEqual(hash, code.codeChallenge)) {
         throw new InvalidGrantError('Invalid grant: code verifier is invalid');
       }
     }
@@ -174,6 +172,15 @@ class AuthorizationCodeGrantType extends AbstractGrantType {
     }
   }
 
+  hashesAreEqual(trusted, untrusted) {
+    const trustedBuf = Buffer.isBuffer(trusted) ? trusted : Buffer.from(trusted);
+    const untrustedBuf = Buffer.isBuffer(untrusted) ? untrusted : Buffer.from(untrusted);
+    const equalLength = trustedBuf.byteLength === untrustedBuf.byteLength;
+    // if the buffers are the same length, compare them,
+    // otherwise only compare with the trusted buffer but return false anyway
+    return crypto.timingSafeEqual(trustedBuf, equalLength ? untrustedBuf : trustedBuf) && equalLength;
+  }
+
   getCodeChallengeMethod(method) {
     if (method) {
       return method;

test/compliance/pkce_test.js

@@ -45,7 +45,7 @@ const { base64URLEncode } = require('../../lib/utils/string-util');
 const { createHash } = require('../../lib/utils/crypto-util');
 const { InvalidRequestError } = require('../../index');
 const ServerError = require('../../lib/errors/server-error');
-const InvalidGrantError = require('../../lib/errors/invalid-grant-error')
+const InvalidGrantError = require('../../lib/errors/invalid-grant-error');
 require('chai').should();
 
 /**