From: Daira Hopwood Date: Mon, 24 Feb 2014 20:21:24 +0000 (+0000) Subject: Rename 'constant_time_compare' to 'timing_safe_compare'. refs #2165 X-Git-Tag: allmydata-tahoe-1.10.1a1~201 X-Git-Url: https://git.rkrishnan.org/simplejson/%22news.html/status?a=commitdiff_plain;h=d5651a0d0eebdc144db53425ee461e186319e5fd;p=tahoe-lafs%2Ftahoe-lafs.git Rename 'constant_time_compare' to 'timing_safe_compare'. refs #2165 Signed-off-by: Daira Hopwood --- diff --git a/src/allmydata/storage/immutable.py b/src/allmydata/storage/immutable.py index a50ff422..280dff39 100644 --- a/src/allmydata/storage/immutable.py +++ b/src/allmydata/storage/immutable.py @@ -6,7 +6,7 @@ from zope.interface import implements from allmydata.interfaces import RIBucketWriter, RIBucketReader from allmydata.util import base32, fileutil, log from allmydata.util.assertutil import precondition -from allmydata.util.hashutil import constant_time_compare +from allmydata.util.hashutil import timing_safe_compare from allmydata.storage.lease import LeaseInfo from allmydata.storage.common import UnknownImmutableContainerVersionError, \ DataTooLargeError @@ -141,7 +141,7 @@ class ShareFile: def renew_lease(self, renew_secret, new_expire_time): for i,lease in enumerate(self.get_leases()): - if constant_time_compare(lease.renew_secret, renew_secret): + if timing_safe_compare(lease.renew_secret, renew_secret): # yup. See if we need to update the owner time. if new_expire_time > lease.expiration_time: # yes @@ -171,7 +171,7 @@ class ShareFile: leases = list(self.get_leases()) num_leases_removed = 0 for i,lease in enumerate(leases): - if constant_time_compare(lease.cancel_secret, cancel_secret): + if timing_safe_compare(lease.cancel_secret, cancel_secret): leases[i] = None num_leases_removed += 1 if not num_leases_removed: diff --git a/src/allmydata/storage/mutable.py b/src/allmydata/storage/mutable.py index 1f95e515..a8392eac 100644 --- a/src/allmydata/storage/mutable.py +++ b/src/allmydata/storage/mutable.py @@ -3,7 +3,7 @@ import os, stat, struct from allmydata.interfaces import BadWriteEnablerError from allmydata.util import idlib, log from allmydata.util.assertutil import precondition -from allmydata.util.hashutil import constant_time_compare +from allmydata.util.hashutil import timing_safe_compare from allmydata.storage.lease import LeaseInfo from allmydata.storage.common import UnknownMutableContainerVersionError, \ DataTooLargeError @@ -290,7 +290,7 @@ class MutableShareFile: accepting_nodeids = set() f = open(self.home, 'rb+') for (leasenum,lease) in self._enumerate_leases(f): - if constant_time_compare(lease.renew_secret, renew_secret): + if timing_safe_compare(lease.renew_secret, renew_secret): # yup. See if we need to update the owner time. if new_expire_time > lease.expiration_time: # yes @@ -336,7 +336,7 @@ class MutableShareFile: f = open(self.home, 'rb+') for (leasenum,lease) in self._enumerate_leases(f): accepting_nodeids.add(lease.nodeid) - if constant_time_compare(lease.cancel_secret, cancel_secret): + if timing_safe_compare(lease.cancel_secret, cancel_secret): self._write_lease_record(f, leasenum, blank_lease) modified += 1 else: @@ -391,7 +391,7 @@ class MutableShareFile: f.close() # avoid a timing attack #if write_enabler != real_write_enabler: - if not constant_time_compare(write_enabler, real_write_enabler): + if not timing_safe_compare(write_enabler, real_write_enabler): # accomodate share migration by reporting the nodeid used for the # old write enabler. self.log(format="bad write enabler on SI %(si)s," diff --git a/src/allmydata/test/test_util.py b/src/allmydata/test/test_util.py index 03c9b01d..b527771d 100644 --- a/src/allmydata/test/test_util.py +++ b/src/allmydata/test/test_util.py @@ -659,11 +659,11 @@ class HashUtilTests(unittest.TestCase): h2.update("foo") self.failUnlessEqual(h1, h2.digest()) - def test_constant_time_compare(self): - self.failUnless(hashutil.constant_time_compare("a", "a")) - self.failUnless(hashutil.constant_time_compare("ab", "ab")) - self.failIf(hashutil.constant_time_compare("a", "b")) - self.failIf(hashutil.constant_time_compare("a", "aa")) + def test_timing_safe_compare(self): + self.failUnless(hashutil.timing_safe_compare("a", "a")) + self.failUnless(hashutil.timing_safe_compare("ab", "ab")) + self.failIf(hashutil.timing_safe_compare("a", "b")) + self.failIf(hashutil.timing_safe_compare("a", "aa")) def _testknown(self, hashf, expected_a, *args): got = hashf(*args) diff --git a/src/allmydata/util/hashutil.py b/src/allmydata/util/hashutil.py index 2af8749b..546dc0b0 100644 --- a/src/allmydata/util/hashutil.py +++ b/src/allmydata/util/hashutil.py @@ -202,7 +202,7 @@ def ssk_readkey_data_hash(IV, readkey): def ssk_storage_index_hash(readkey): return tagged_hash(MUTABLE_STORAGEINDEX_TAG, readkey, KEYLEN) -def constant_time_compare(a, b): +def timing_safe_compare(a, b): n = os.urandom(8) return bool(tagged_hash(n, a) == tagged_hash(n, b))