From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Original-To: poffice@blade.nagaokaut.ac.jp Delivered-To: poffice@blade.nagaokaut.ac.jp Received: from kankan.nagaokaut.ac.jp (kankan.nagaokaut.ac.jp [133.44.2.24]) by blade.nagaokaut.ac.jp (Postfix) with ESMTP id 299B01A002DA for ; Wed, 2 Mar 2016 12:05:56 +0900 (JST) Received: from voscc.nagaokaut.ac.jp (voscc.nagaokaut.ac.jp [133.44.1.100]) by kankan.nagaokaut.ac.jp (Postfix) with ESMTP id 1FB9BB5D8D4 for ; Wed, 2 Mar 2016 12:41:30 +0900 (JST) Received: from neon.ruby-lang.org (neon.ruby-lang.org [221.186.184.75]) by voscc.nagaokaut.ac.jp (Postfix) with ESMTP id 5E0CB18CC7E7 for ; Wed, 2 Mar 2016 12:41:30 +0900 (JST) Received: from [221.186.184.76] (localhost [IPv6:::1]) by neon.ruby-lang.org (Postfix) with ESMTP id 9C8EA12058A; Wed, 2 Mar 2016 12:41:29 +0900 (JST) X-Original-To: ruby-core@ruby-lang.org Delivered-To: ruby-core@ruby-lang.org Received: from o2.heroku.sendgrid.net (o2.heroku.sendgrid.net [67.228.50.55]) by neon.ruby-lang.org (Postfix) with ESMTPS id 5C262120497 for ; Wed, 2 Mar 2016 12:41:25 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.me; h=from:to:references:subject:mime-version:content-type:content-transfer-encoding:list-id; s=smtpapi; bh=YWDm0hZrLd2NrmBWjH0qhNrwcug=; b=jIymAno1kVOoD7a01R MBEnY3AvIWKI5z4qtd3QdNXyGHq8o4YxjTxY7fOieY7cUN4LD7FLrOSnA+6uGF4U X0qR+yJQBXEPDsxrIxK62gYq+D+S10QzpI0n45JZu3jlew4SdGEhzNTlXXzTIkRi Sf+ifdRhzYQx4lSwCVYNN/fZ8= Received: by filter0578p1mdw1.sendgrid.net with SMTP id filter0578p1mdw1.16327.56D660DF16 2016-03-02 03:41:19.26371599 +0000 UTC Received: from herokuapp.com (ec2-54-234-4-109.compute-1.amazonaws.com [54.234.4.109]) by ismtpd0001p1iad1.sendgrid.net (SG) with ESMTP id RnKH3CxOQRigdqOKdz7FEw Wed, 02 Mar 2016 03:41:19.275 +0000 (UTC) Date: Wed, 02 Mar 2016 03:41:19 +0000 From: naruse@airemix.jp To: ruby-core@ruby-lang.org Message-ID: References: Mime-Version: 1.0 X-Redmine-MailingListIntegration-Message-Ids: 48696 X-Redmine-Project: ruby-trunk X-Redmine-Issue-Id: 10098 X-Redmine-Issue-Author: arrtchiu X-Redmine-Issue-Assignee: matz X-Redmine-Sender: naruse X-Mailer: Redmine X-Redmine-Host: bugs.ruby-lang.org X-Redmine-Site: Ruby Issue Tracking System X-Auto-Response-Suppress: All Auto-Submitted: auto-generated X-SG-EID: ync6xU2WACa70kv/Ymy4QrNMhiuLXJG8OTL2vJD1yS494pPFIRUiDi4ZiK10dQGdPKQXdANuqV6Gen bVmwMaivd7Jh26do4VzbLU/nO9zh7HirXVBQINkRQBje00PMu+tt9YyCOcf7t3Zmrw7hNWPoe1wsC8 Nd9qr+vsxsAJ+GEYdnL1STj//PDw0HBOqhv8ZbJBbpdAOm6gkZdOrWOWRw== X-SendGrid-Contentd-ID: {"test_id":"1456890081"} X-ML-Name: ruby-core X-Mail-Count: 74087 Subject: [ruby-core:74087] [Ruby trunk Feature#10098] [PATCH] Timing-safe string comparison for OpenSSL::HMAC X-BeenThere: ruby-core@ruby-lang.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: Ruby developers List-Id: Ruby developers List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ruby-core-bounces@ruby-lang.org Sender: "ruby-core" Issue #10098 has been updated by Yui NARUSE. Assignee changed from openssl to Yukihiro Matsumoto ---------------------------------------- Feature #10098: [PATCH] Timing-safe string comparison for OpenSSL::HMAC https://bugs.ruby-lang.org/issues/10098#change-57234 * Author: Matt U * Status: Assigned * Priority: Normal * Assignee: Yukihiro Matsumoto ---------------------------------------- I could be totally wrong, but it seems the standard library doesn't provide a reliable way of comparing hashes in constant-time. * The docs for `OpenSSL::HMAC` encourage the use of `Digest#to_s` (see: http://ruby-doc.org/stdlib-2.1.0/libdoc/openssl/rdoc/OpenSSL/HMAC.html#method-c-new ) * Ruby's string comparison uses memcmp, which isn't timing safe (see: http://rxr.whitequark.org/mri/source/string.c#2382 ) With this patch I propose to add an additional method, `OpenSSL::HMAC#verify`, which takes a binary string with a digest and compares it against the computed hash. ---Files-------------------------------- hmac-timing.patch (2.5 KB) hmac-timing.patch (2.48 KB) tsafe_eql.patch (2.48 KB) tsafe_inline.patch (3.51 KB) 0001-add-timing-safe-string-compare-method.patch (4.31 KB) -- https://bugs.ruby-lang.org/