Skip to content
This repository has been archived by the owner on Nov 6, 2020. It is now read-only.

Const time comparison #8113

Merged
merged 2 commits into from
Mar 14, 2018
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion ethcrypto/Cargo.toml
Original file line number Diff line number Diff line change
@@ -9,4 +9,4 @@ tiny-keccak = "1.3"
eth-secp256k1 = { git = "https://github.com/paritytech/rust-secp256k1" }
ethkey = { path = "../ethkey" }
ethereum-types = "0.2"
subtle = "0.1"
subtle = "0.5"
2 changes: 1 addition & 1 deletion ethcrypto/src/lib.rs
Original file line number Diff line number Diff line change
@@ -308,7 +308,7 @@ pub mod ecies {
hmac.raw_result(&mut mac);

// constant time compare to avoid timing attack.
if ::subtle::arrays_equal(&mac[..], msg_mac) != 1 {
if ::subtle::slices_equal(&mac[..], msg_mac) != 1 {
return Err(Error::InvalidMessage);
}

4 changes: 4 additions & 0 deletions ethstore/Cargo.toml
Original file line number Diff line number Diff line change
@@ -22,6 +22,10 @@ ethereum-types = "0.2"
dir = { path = "../util/dir" }
smallvec = "0.4"
parity-wordlist = "1.0"
subtle = "0.5"
tempdir = "0.3"

[dev-dependencies]
matches = "0.1"

[lib]
8 changes: 4 additions & 4 deletions ethstore/src/account/crypto.rs
Original file line number Diff line number Diff line change
@@ -21,6 +21,7 @@ use crypto::Keccak256;
use random::Random;
use smallvec::SmallVec;
use account::{Cipher, Kdf, Aes128Ctr, Pbkdf2, Prf};
use subtle;

/// Encrypted data
#[derive(Debug, PartialEq, Clone)]
@@ -136,7 +137,7 @@ impl Crypto {

let mac = crypto::derive_mac(&derived_right_bits, &self.ciphertext).keccak256();

if mac != self.mac {
if subtle::slices_equal(&mac, &self.mac) == 0 {
return Err(Error::InvalidPassword);
}

@@ -158,7 +159,7 @@ impl Crypto {
#[cfg(test)]
mod tests {
use ethkey::{Generator, Random};
use super::Crypto;
use super::{Crypto, Error};

#[test]
fn crypto_with_secret_create() {
@@ -169,11 +170,10 @@ mod tests {
}

#[test]
#[should_panic]
fn crypto_with_secret_invalid_password() {
let keypair = Random.generate().unwrap();
let crypto = Crypto::with_secret(keypair.secret(), "this is sparta", 10240);
let _ = crypto.secret("this is sparta!").unwrap();
assert_matches!(crypto.secret("this is sparta!"), Err(Error::InvalidPassword))
}

#[test]
5 changes: 5 additions & 0 deletions ethstore/src/lib.rs
Original file line number Diff line number Diff line change
@@ -28,6 +28,7 @@ extern crate rustc_hex;
extern crate serde;
extern crate serde_json;
extern crate smallvec;
extern crate subtle;
extern crate time;
extern crate tiny_keccak;
extern crate tempdir;
@@ -42,6 +43,10 @@ extern crate log;
#[macro_use]
extern crate serde_derive;

#[cfg(test)]
#[macro_use]
extern crate matches;

pub mod accounts_dir;
pub mod ethkey;