Fix timing attack against signature comparison

mpdaugherty · Jul 19, 2010 · 12efd78 · 12efd78
1 parent ce4630f
commit 12efd78
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/openid/association.py b/openid/association.py
@@ -532,7 +532,7 @@ def checkMessageSignature(self, message):
         if not message_sig:
             raise ValueError("%s has no sig." % (message,))
         calculated_sig = self.getMessageSignature(message)
-        return calculated_sig == message_sig
+        return cryptutil.const_eq(calculated_sig, message_sig)
 
 
     def _makePairs(self, message):

diff --git a/openid/cryptutil.py b/openid/cryptutil.py
@@ -218,3 +218,13 @@ def randomString(length, chrs=None):
     else:
         n = len(chrs)
         return ''.join([chrs[randrange(n)] for _ in xrange(length)])
+
+def const_eq(s1, s2):
+    if len(s1) != len(s2):
+        return False
+
+    result = True
+    for i in range(len(s1)):
+        result = result and (s1[i] == s2[i])
+
+    return result