auth: use constant-time NIP-42 challenge comparison

lib/parrhesia/auth/challenges.ex

@@ -67,7 +67,16 @@ defmodule Parrhesia.Auth.Challenges do
   end
 
   def handle_call({:valid?, owner_pid, challenge}, _from, state) do
-    {:reply, Map.get(state.entries, owner_pid) == challenge, state}
+    valid? =
+      case Map.get(state.entries, owner_pid) do
+        stored_challenge when is_binary(stored_challenge) ->
+          Plug.Crypto.secure_compare(stored_challenge, challenge)
+
+        _other ->
+          false
+      end
+
+    {:reply, valid?, state}
   end
 
   def handle_call({:clear, owner_pid}, _from, state) do

test/parrhesia/auth/challenges_test.exs

@@ -13,6 +13,7 @@ defmodule Parrhesia.Auth.ChallengesTest do
     assert Challenges.valid?(server, self(), challenge)
 
     refute Challenges.valid?(server, self(), "wrong")
+    refute Challenges.valid?(server, self(), challenge <> "x")
 
     assert :ok = Challenges.clear(server, self())
     assert Challenges.current(server, self()) == nil