PR feedback

Author: MackinnonBuck

src/Identity/Core/src/DefaultPasskeyHandler.cs

@@ -117,7 +117,7 @@ private async Task<PasskeyAttestationResult> PerformAttestationCoreAsync(
         }
 
         // 8. Verify that the value of clientData.challenge equals the base64url encoding of pkOptions.challenge.
-        if (!clientData.Challenge.Equals(originalOptions.Challenge))
+        if (!clientData.Challenge.FixedTimeEquals(originalOptions.Challenge))
         {
             throw PasskeyException.InvalidChallenge();
         }
@@ -162,7 +162,7 @@ private async Task<PasskeyAttestationResult> PerformAttestationCoreAsync(
 
         // 14. Verify that the rpIdHash in authenticatorData is the SHA-256 hash of the RP ID expected by the Relying Party.
         var rpIdHash = SHA256.HashData(Encoding.UTF8.GetBytes(originalOptions.Rp.Id ?? string.Empty));
-        if (!authenticatorData.RpIdHash.Span.SequenceEqual(rpIdHash.AsSpan()))
+        if (!CryptographicOperations.FixedTimeEquals(authenticatorData.RpIdHash.Span, rpIdHash.AsSpan()))
         {
             throw PasskeyException.InvalidRelyingPartyIDHash();
         }
@@ -373,7 +373,7 @@ private async Task<PasskeyAssertionResult<TUser>> PerformAssertionCoreAsync(
         }
 
         // 11. Verify that the value of C.challenge equals the base64url encoding of originalOptions.challenge.
-        if (!clientData.Challenge.Equals(originalOptions.Challenge))
+        if (!clientData.Challenge.FixedTimeEquals(originalOptions.Challenge))
         {
             throw PasskeyException.InvalidChallenge();
         }
@@ -403,7 +403,7 @@ private async Task<PasskeyAssertionResult<TUser>> PerformAssertionCoreAsync(
 
         // 15. Verify that the rpIdHash in authData is the SHA-256 hash of the RP ID expected by the Relying Party.
         var rpIdHash = SHA256.HashData(Encoding.UTF8.GetBytes(originalOptions.RpId ?? string.Empty));
-        if (!authenticatorData.RpIdHash.Span.SequenceEqual(rpIdHash.AsSpan()))
+        if (!CryptographicOperations.FixedTimeEquals(authenticatorData.RpIdHash.Span, rpIdHash.AsSpan()))
         {
             throw PasskeyException.InvalidRelyingPartyIDHash();
         }

src/Identity/Core/src/Passkeys/BufferSource.cs

@@ -2,6 +2,7 @@
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using System.Linq;
+using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json.Serialization;
 
@@ -77,6 +78,15 @@ public bool Equals(BufferSource? other)
         return other is not null && _bytes.Span.SequenceEqual(other._bytes.Span);
     }
 
+    /// <summary>
+    /// Performs a fixed-time value-based equality comparison with another <see cref="BufferSource"/> instance
+    /// using <see cref="CryptographicOperations.FixedTimeEquals"/>.
+    /// </summary>
+    public bool FixedTimeEquals(BufferSource? other)
+    {
+        return other is not null && CryptographicOperations.FixedTimeEquals(_bytes.Span, other._bytes.Span);
+    }
+
     /// <inheritdoc/>
     public override bool Equals(object? obj)
         => obj is BufferSource other && Equals(other);

src/Identity/Core/src/SignInManager.cs

@@ -522,7 +522,7 @@ private void ThrowIfNoPasskeyHandler()
     }
 
     /// <summary>
-    /// Attempts to sign in the user with a passkey, as an asynchronous operation.
+    /// Attempts to sign in the user with a passkey.
     /// </summary>
     /// <param name="credentialJson">The credentials obtained by JSON-serializing the result of the <c>navigator.credentials.get()</c> JavaScript function.</param>
     /// <param name="options">The original passkey request options provided to the browser.</param>