Use bigger random one-time keys in timing_safe_compare. fixes #2165
authorDaira Hopwood <daira@jacaranda.org>
Mon, 24 Feb 2014 20:23:39 +0000 (20:23 +0000)
committerDaira Hopwood <daira@jacaranda.org>
Mon, 24 Feb 2014 20:43:23 +0000 (20:43 +0000)
Follows this advice from Marsh Ray and Solar Designer: https://twitter.com/zooko/status/431105294777597952

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
src/allmydata/util/hashutil.py

index 546dc0b0afafd1aa2ab043f44467b22ff276b346..81522ad5dbd00b65e0291df62f31246a628cbc67 100644 (file)
@@ -203,7 +203,7 @@ def ssk_storage_index_hash(readkey):
     return tagged_hash(MUTABLE_STORAGEINDEX_TAG, readkey, KEYLEN)
 
 def timing_safe_compare(a, b):
-    n = os.urandom(8)
+    n = os.urandom(32)
     return bool(tagged_hash(n, a) == tagged_hash(n, b))
 
 BACKUPDB_DIRHASH_TAG = "allmydata_backupdb_dirhash_v1"