Skip to content

Commit

Permalink
Use constant-time string comparison algorithm.
Browse files Browse the repository at this point in the history 
This borrows the string comparison code from Devise to prevent timing
attacks (http://codahale.com/a-lesson-in-timing-attacks/).
  • Loading branch information
@tylerhunt
tylerhunt committed Jul 18, 2012
1 parent 5f6b74e commit b26e4e3
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion lib/bcrypt.rb
View file
Expand Up @@ -170,7 +170,13 @@ def initialize(raw_hash)

# Compares a potential secret against the hash. Returns true if the secret is the original secret, false otherwise.
def ==(secret)
super(BCrypt::Engine.hash_secret(secret, @salt))
hash = BCrypt::Engine.hash_secret(secret, @salt)
return false if self.empty? || hash.empty? || self.bytesize != hash.bytesize
l = self.unpack "C#{self.bytesize}"

res = 0
hash.each_byte { |byte| res |= byte ^ l.shift }
res == 0
end
alias_method :is_password?, :==

Expand Down

1 comment on commit b26e4e3

@eggie5
Copy link

@eggie5 eggie5 commented on b26e4e3 Sep 30, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's this how ruby's == (which uses <=>) is implemented anyways? It doesn't short circuit on a mis-match.

Please sign in to comment.