fix(ext/node): use constant-time comparison for secret key equality (#32994)

bartlomieju · claude · web-flow · commit d043fd6fc3ae · 2026-03-26T12:59:01.000Z
## Summary
- `KeyObjectHandle::Secret` `PartialEq` impl used standard `==` for byte
slice comparison, which short-circuits on first mismatch
- Switched to `subtle::ConstantTimeEq` (`ct_eq`) to prevent potential
timing side-channels when comparing secret keys via `key.equals()`
- The `subtle` crate was already a dependency of `deno_node_crypto`

Co-authored-by: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/ext/node_crypto/keys.rs b/ext/node_crypto/keys.rs
@@ -411,7 +411,10 @@ impl PartialEq for KeyObjectHandle {
     match (self, other) {
       (Self::AsymmetricPrivate(a), Self::AsymmetricPrivate(b)) => a == b,
       (Self::AsymmetricPublic(a), Self::AsymmetricPublic(b)) => a == b,
-      (Self::Secret(a), Self::Secret(b)) => a == b,
+      (Self::Secret(a), Self::Secret(b)) => {
+        use subtle::ConstantTimeEq;
+        a.ct_eq(b).into()
+      }
       _ => false,
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -411,7 +411,10 @@ impl PartialEq for KeyObjectHandle {`
`411`	`411`	`match (self, other) {`
`412`	`412`	`(Self::AsymmetricPrivate(a), Self::AsymmetricPrivate(b)) => a == b,`
`413`	`413`	`(Self::AsymmetricPublic(a), Self::AsymmetricPublic(b)) => a == b,`
`414`		`- (Self::Secret(a), Self::Secret(b)) => a == b,`
	`414`	`+ (Self::Secret(a), Self::Secret(b)) => {`
	`415`	`+ use subtle::ConstantTimeEq;`
	`416`	`+ a.ct_eq(b).into()`
	`417`	`+ }`
`415`	`418`	`_ => false,`
`416`	`419`	`}`
`417`	`420`	`}`