[Pkg-javascript-commits] [node-keygrip] 31/68: Use constant time comparison to check keys to prevent the possibility of a timing attack to brute force a signature

[Andrew Kelley]

This is an automated email from the git hooks/post-receive script.

andrewrk-guest pushed a commit to branch master
in repository node-keygrip.

commit 97898b8fc61e168294610c2104fd1df77e11ad39
Author: Chris Scribner <scriby at gmail.com>
Date:   Mon Apr 15 10:19:29 2013 +0900

    Use constant time comparison to check keys to prevent the possibility of a timing attack to brute force a signature
---
 index.js | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 219da47..ce7ebcf 100644
--- a/index.js
+++ b/index.js
@@ -35,7 +35,7 @@ function Keygrip(keys) {
 
   this.index = function(data, digest) {
     for (var i = 0, l = keys.length; i < l; i++) {
-      if (digest === sign(data, keys[i])) return i
+      if (constantTimeCompare(digest, sign(data, keys[i]))) return i
     }
 
     return -1
@@ -46,4 +46,27 @@ Keygrip.sign = Keygrip.verify = Keygrip.index = function() {
   throw "Usage: require('keygrip')(<array-of-keys>)"
 }
 
+//http://codahale.com/a-lesson-in-timing-attacks/
+var constantTimeCompare = function(val1, val2){
+    if(val1 == null && val2 != null){
+        return false;
+    } else if(val2 == null && val1 != null){
+        return false;
+    } else if(val1 == null && val2 == null){
+        return true;
+    }
+
+    if(val1.length !== val2.length){
+        return false;
+    }
+
+    var matches = 1;
+
+    for(var i = 0; i < val1.length; i++){
+        matches &= (val1.charAt(i) === val2.charAt(i) ? 1 : 0); //Don't short circuit
+    }
+
+    return matches === 1;
+};
+
 module.exports = Keygrip

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-javascript/node-keygrip.git