Rename 'constant_time_compare' to 'timing_safe_compare'. refs #2165

Signed-off-by: Daira Hopwood <daira@jacaranda.org>

diff --git a/src/allmydata/storage/immutable.py b/src/allmydata/storage/immutable.py
index a50ff422d607c13845584cc3ba6556630e5d86dc..280dff3972ff89365c0ae6850ff98ba3238d94ab 100644 (file)
--- a/src/allmydata/storage/immutable.py
+++ b/src/allmydata/storage/immutable.py
@@ -6,7 +6,7 @@ from zope.interface import implements
 from allmydata.interfaces import RIBucketWriter, RIBucketReader
 from allmydata.util import base32, fileutil, log
 from allmydata.util.assertutil import precondition
-from allmydata.util.hashutil import constant_time_compare
+from allmydata.util.hashutil import timing_safe_compare
 from allmydata.storage.lease import LeaseInfo
 from allmydata.storage.common import UnknownImmutableContainerVersionError, \
      DataTooLargeError
@@ -141,7 +141,7 @@ class ShareFile:
 
     def renew_lease(self, renew_secret, new_expire_time):
         for i,lease in enumerate(self.get_leases()):
-            if constant_time_compare(lease.renew_secret, renew_secret):
+            if timing_safe_compare(lease.renew_secret, renew_secret):
                 # yup. See if we need to update the owner time.
                 if new_expire_time > lease.expiration_time:
                     # yes
@@ -171,7 +171,7 @@ class ShareFile:
         leases = list(self.get_leases())
         num_leases_removed = 0
         for i,lease in enumerate(leases):
-            if constant_time_compare(lease.cancel_secret, cancel_secret):
+            if timing_safe_compare(lease.cancel_secret, cancel_secret):
                 leases[i] = None
                 num_leases_removed += 1
         if not num_leases_removed:

diff --git a/src/allmydata/storage/mutable.py b/src/allmydata/storage/mutable.py
index 1f95e515a2d9a0c55028f8fb560d825208864327..a8392eac937259485bb8215fd2c64101aedd12fa 100644 (file)
--- a/src/allmydata/storage/mutable.py
+++ b/src/allmydata/storage/mutable.py
@@ -3,7 +3,7 @@ import os, stat, struct
 from allmydata.interfaces import BadWriteEnablerError
 from allmydata.util import idlib, log
 from allmydata.util.assertutil import precondition
-from allmydata.util.hashutil import constant_time_compare
+from allmydata.util.hashutil import timing_safe_compare
 from allmydata.storage.lease import LeaseInfo
 from allmydata.storage.common import UnknownMutableContainerVersionError, \
      DataTooLargeError
@@ -290,7 +290,7 @@ class MutableShareFile:
         accepting_nodeids = set()
         f = open(self.home, 'rb+')
         for (leasenum,lease) in self._enumerate_leases(f):
-            if constant_time_compare(lease.renew_secret, renew_secret):
+            if timing_safe_compare(lease.renew_secret, renew_secret):
                 # yup. See if we need to update the owner time.
                 if new_expire_time > lease.expiration_time:
                     # yes
@@ -336,7 +336,7 @@ class MutableShareFile:
         f = open(self.home, 'rb+')
         for (leasenum,lease) in self._enumerate_leases(f):
             accepting_nodeids.add(lease.nodeid)
-            if constant_time_compare(lease.cancel_secret, cancel_secret):
+            if timing_safe_compare(lease.cancel_secret, cancel_secret):
                 self._write_lease_record(f, leasenum, blank_lease)
                 modified += 1
             else:
@@ -391,7 +391,7 @@ class MutableShareFile:
         f.close()
         # avoid a timing attack
         #if write_enabler != real_write_enabler:
-        if not constant_time_compare(write_enabler, real_write_enabler):
+        if not timing_safe_compare(write_enabler, real_write_enabler):
             # accomodate share migration by reporting the nodeid used for the
             # old write enabler.
             self.log(format="bad write enabler on SI %(si)s,"

diff --git a/src/allmydata/test/test_util.py b/src/allmydata/test/test_util.py
index 03c9b01df56fd8f2bf88bb9640040121f24250e3..b527771d76f2520e3e5ee7a99debf8707954b705 100644 (file)
--- a/src/allmydata/test/test_util.py
+++ b/src/allmydata/test/test_util.py
@@ -659,11 +659,11 @@ class HashUtilTests(unittest.TestCase):
         h2.update("foo")
         self.failUnlessEqual(h1, h2.digest())
 
-    def test_constant_time_compare(self):
-        self.failUnless(hashutil.constant_time_compare("a", "a"))
-        self.failUnless(hashutil.constant_time_compare("ab", "ab"))
-        self.failIf(hashutil.constant_time_compare("a", "b"))
-        self.failIf(hashutil.constant_time_compare("a", "aa"))
+    def test_timing_safe_compare(self):
+        self.failUnless(hashutil.timing_safe_compare("a", "a"))
+        self.failUnless(hashutil.timing_safe_compare("ab", "ab"))
+        self.failIf(hashutil.timing_safe_compare("a", "b"))
+        self.failIf(hashutil.timing_safe_compare("a", "aa"))
 
     def _testknown(self, hashf, expected_a, *args):
         got = hashf(*args)

diff --git a/src/allmydata/util/hashutil.py b/src/allmydata/util/hashutil.py
index 2af8749bbe6761bc3f7e0f0245b3e2b3afcb92ef..546dc0b0afafd1aa2ab043f44467b22ff276b346 100644 (file)
--- a/src/allmydata/util/hashutil.py
+++ b/src/allmydata/util/hashutil.py
@@ -202,7 +202,7 @@ def ssk_readkey_data_hash(IV, readkey):
 def ssk_storage_index_hash(readkey):
     return tagged_hash(MUTABLE_STORAGEINDEX_TAG, readkey, KEYLEN)
 
-def constant_time_compare(a, b):
+def timing_safe_compare(a, b):
     n = os.urandom(8)
     return bool(tagged_hash(n, a) == tagged_hash(n, b))