aboutsummaryrefslogtreecommitdiffstats
path: root/ext/openssl/ossl.c
diff options
context:
space:
mode:
authorBart de Water <bartdewater@gmail.com>2019-10-26 11:32:34 -0400
committerSamuel Williams <samuel.williams@oriontransfer.co.nz>2019-10-28 17:54:29 +1300
commit0faa750c223e2aec90637d895e23a3104266fd85 (patch)
treefaed30dc3faa0b3ea1bc4721e333bd4ab5010e8f /ext/openssl/ossl.c
parent0c927a4b6e188319d2f07640f6d057fbc8747c47 (diff)
downloadruby-openssl-0faa750c223e2aec90637d895e23a3104266fd85.tar.gz
Rename OpenSSL.secure_compare to fixed_length_secure_compare
In 1ade643cbc01f3f7bd96e90bd8837df7ed491a09 the Rails-like secure_compare naming was adopted and in original pull request introducing this functionality debate around timing of hash functions followed. This made me realize why Rails' default of hashing the values to protect users from making mistakes is a good idea.
Diffstat (limited to 'ext/openssl/ossl.c')
-rw-r--r--ext/openssl/ossl.c28
1 files changed, 8 insertions, 20 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index bfc4065a..bdf6053d 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -606,29 +606,17 @@ static void Init_ossl_locks(void)
/*
* call-seq:
- * OpenSSL.secure_compare(string, string) -> boolean
+ * OpenSSL.fixed_length_secure_compare(string, string) -> boolean
*
- * Constant time memory comparison. Inputs must be of equal length, otherwise
- * an error is raised since timing attacks could leak the length of a
- * secret.
+ * Constant time memory comparison for fixed length strings, such as results
+ * of HMAC calculations.
*
- * Returns +true+ if the strings are identical, +false+ otherwise.
- *
- * For securely comparing user input, it's recommended to use hashing and
- * regularly compare after to prevent an unlikely false positive due to a
- * collision.
- *
- * user_input = "..."
- * secret = "..."
- * hashed_input = OpenSSL::Digest::SHA256.digest(user_input)
- * hashed_secret = OpenSSL::Digest::SHA256.digest(secret)
- * OpenSSL.secure_compare(hashed_input, hashed_secret) && user_input == secret
- *
- * Be aware that timing attacks against the hash functions may reveal the
- * length of the secret.
+ * Returns +true+ if the strings are identical, +false+ if they are of the same
+ * length but not identical. If the length is different, +ArgumentError+ is
+ * raised.
*/
static VALUE
-ossl_crypto_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
+ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
{
const unsigned char *p1 = (const unsigned char *)StringValuePtr(str1);
const unsigned char *p2 = (const unsigned char *)StringValuePtr(str2);
@@ -1166,7 +1154,7 @@ Init_openssl(void)
*/
mOSSL = rb_define_module("OpenSSL");
rb_global_variable(&mOSSL);
- rb_define_singleton_method(mOSSL, "secure_compare", ossl_crypto_secure_compare, 2);
+ rb_define_singleton_method(mOSSL, "fixed_length_secure_compare", ossl_crypto_fixed_length_secure_compare, 2);
/*
* OpenSSL ruby extension version