Browse Source

fix Equals

pull/1782/head
Ethan Buchman 7 years ago
parent
commit
eaf4b8c795
3 changed files with 34 additions and 22 deletions
  1. +6
    -10
      priv_key.go
  2. +4
    -12
      signature.go
  3. +24
    -0
      signature_test.go

+ 6
- 10
priv_key.go View File

@ -55,13 +55,11 @@ func (privKey PrivKeyEd25519) PubKey() PubKey {
return PubKeyEd25519(pubBytes).Wrap()
}
// Equals - you probably don't need to use this.
// Runs in constant time based on length of the keys.
func (privKey PrivKeyEd25519) Equals(other PrivKey) bool {
if otherEd, ok := other.Unwrap().(PrivKeyEd25519); ok {
// It is essential that we constant time compare
// private keys and signatures instead of bytes.Equal,
// to avoid susceptibility to timing/side channel attacks.
// See Issue https://github.com/tendermint/go-crypto/issues/43
return subtle.ConstantTimeCompare(privKey[:], otherEd[:]) == 0
return subtle.ConstantTimeCompare(privKey[:], otherEd[:]) == 1
} else {
return false
}
@ -146,13 +144,11 @@ func (privKey PrivKeySecp256k1) PubKey() PubKey {
return pub.Wrap()
}
// Equals - you probably don't need to use this.
// Runs in constant time based on length of the keys.
func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool {
if otherSecp, ok := other.Unwrap().(PrivKeySecp256k1); ok {
// It is essential that we constant time compare
// private keys and signatures instead of bytes.Equal,
// to avoid susceptibility to timing/side channel attacks.
// See Issue https://github.com/tendermint/go-crypto/issues/43
return subtle.ConstantTimeCompare(privKey[:], otherSecp[:]) == 0
return subtle.ConstantTimeCompare(privKey[:], otherSecp[:]) == 1
} else {
return false
}


+ 4
- 12
signature.go View File

@ -1,7 +1,7 @@
package crypto
import (
"crypto/subtle"
"bytes"
"fmt"
"github.com/tendermint/go-wire"
@ -46,11 +46,7 @@ func (sig SignatureEd25519) String() string { return fmt.Sprintf("/%X.../", Fing
func (sig SignatureEd25519) Equals(other Signature) bool {
if otherEd, ok := other.Unwrap().(SignatureEd25519); ok {
// It is essential that we constant time compare
// private keys and signatures instead of bytes.Equal,
// to avoid susceptibility to timing/side channel attacks.
// See Issue https://github.com/tendermint/go-crypto/issues/43
return subtle.ConstantTimeCompare(sig[:], otherEd[:]) == 0
return bytes.Equal(sig[:], otherEd[:])
} else {
return false
}
@ -85,12 +81,8 @@ func (sig SignatureSecp256k1) IsZero() bool { return len(sig) == 0 }
func (sig SignatureSecp256k1) String() string { return fmt.Sprintf("/%X.../", Fingerprint(sig[:])) }
func (sig SignatureSecp256k1) Equals(other Signature) bool {
if otherEd, ok := other.Unwrap().(SignatureSecp256k1); ok {
// It is essential that we constant time compare
// private keys and signatures instead of bytes.Equal,
// to avoid susceptibility to timing/side channel attacks.
// See Issue https://github.com/tendermint/go-crypto/issues/43
return subtle.ConstantTimeCompare(sig[:], otherEd[:]) == 0
if otherSecp, ok := other.Unwrap().(SignatureSecp256k1); ok {
return bytes.Equal(sig[:], otherSecp[:])
} else {
return false
}


+ 24
- 0
signature_test.go View File

@ -141,3 +141,27 @@ func TestWrapping(t *testing.T) {
}
}
func TestPrivKeyEquality(t *testing.T) {
{
privKey := GenPrivKeySecp256k1().Wrap()
privKey2 := GenPrivKeySecp256k1().Wrap()
assert.False(t, privKey.Equals(privKey2))
assert.False(t, privKey2.Equals(privKey))
privKeyCopy := privKey // copy
assert.True(t, privKey.Equals(privKeyCopy))
assert.True(t, privKeyCopy.Equals(privKey))
}
{
privKey := GenPrivKeyEd25519().Wrap()
privKey2 := GenPrivKeyEd25519().Wrap()
assert.False(t, privKey.Equals(privKey2))
assert.False(t, privKey2.Equals(privKey))
privKeyCopy := privKey // copy
assert.True(t, privKey.Equals(privKeyCopy))
assert.True(t, privKeyCopy.Equals(privKey))
}
}

Loading…
Cancel
Save