Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove hashing from secure_compare and clarify documentation #39142

Merged
merged 1 commit into from May 4, 2020
Merged

Remove hashing from secure_compare and clarify documentation #39142

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
10 changes: 6 additions & 4 deletions activesupport/lib/active_support/security_utils.rb
View file
Open in desktop
Expand Up @@ -19,12 +19,14 @@ def fixed_length_secure_compare(a, b)
end
module_function :fixed_length_secure_compare

# Constant time string comparison, for variable length strings.
# Secure string comparison for strings of variable length.
#
# The values are first processed by SHA256, so that we don't leak length info
# via timing attacks.
# While a timing attack would not be able to discern the content of
# a secret compared via secure_compare, it is possible to determine
# the secret length. This should be considered when using secure_compare
# to compare weak, short secrets to user input.
def secure_compare(a, b)
fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b
a.length == b.length && fixed_length_secure_compare(a, b)
end
module_function :secure_compare
end
Expand Down