Also fix constantTimeCompare in pwstore-purehaskell.

PeterScott · Aug 28, 2014 · 3badc6c · 3badc6c
1 parent ce7e1d8
commit 3badc6c
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 9 deletions.
diff --git a/pwstore-purehaskell/Crypto/PasswordStore.hs b/pwstore-purehaskell/Crypto/PasswordStore.hs
@@ -1,4 +1,4 @@
-{-# LANGUAGE OverloadedStrings, ScopedTypeVariables #-}
+{-# LANGUAGE OverloadedStrings, ScopedTypeVariables, FlexibleInstances #-}
 -- |
 -- Module      : Crypto.PasswordStore
 -- Copyright   : (c) Peter Scott, 2011
@@ -91,6 +91,7 @@ import qualified Data.ByteString.Char8 as B
 import qualified Data.ByteString.Lazy.Char8 as L
 import Data.ByteString.Char8 (ByteString)
 import Data.ByteString.Base64 (encode, decodeLenient)
+import Data.Byteable (Byteable, toBytes, constEqBytes)
 import System.IO
 import System.Random
 import Data.Maybe
@@ -192,11 +193,8 @@ makePasswordSalt :: ByteString -> Salt -> Int -> ByteString
 makePasswordSalt password salt strength = writePwHash (strength, salt, hash)
     where hash = encode $ pbkdf1 password salt (2^strength)
 
--- | Constant-time comparison function to use instead of == when comparing with a secret
-constantTimeCompare a b = 
-  ((==) `on` length) a b && 0 == (foldl1 (.|.) joined)
-  where
-    joined = zipWith (xor `on` ord) a b
+instance Byteable [Char] where
+  toBytes = B.pack
 
 -- | @verifyPassword userInput pwHash@ verifies the password @userInput@ given
 -- by the user against the stored password hash @pwHash@.  Returns 'True' if the
@@ -206,7 +204,7 @@ verifyPassword userInput pwHash =
     case readPwHash pwHash of
       Nothing -> False
       Just (strength, salt, goodHash) ->
-          (encode $ pbkdf1 userInput salt (2^strength)) `constantTimeCompare` goodHash
+          (encode $ pbkdf1 userInput salt (2^strength)) `constEqBytes` goodHash
 
 -- | Try to strengthen a password hash, by hashing it some more
 -- times. @'strengthenPassword' pwHash new_strength@ will return a new password

diff --git a/pwstore-purehaskell/pwstore-purehaskell.cabal b/pwstore-purehaskell/pwstore-purehaskell.cabal
@@ -1,5 +1,5 @@
 Name:                pwstore-purehaskell
-Version:             2.1.2
+Version:             2.1.3
 Synopsis:            Secure password storage, in pure Haskell.
 Description:         To store passwords securely, they should be salted,
                      then hashed with a slow hash function. This library
@@ -26,6 +26,6 @@ Library
   Exposed-modules: Crypto.PasswordStore
   Build-depends:   base >= 4, base < 5, bytestring >= 0.9,
                    base64-bytestring >= 0.1,
-                   SHA >= 1.4.1, random >= 1
+                   SHA >= 1.4.1, random >= 1, byteable >= 0.1
   ghc-options:     -Wall