|
|
@ -55,13 +55,11 @@ func (privKey PrivKeyEd25519) PubKey() PubKey { |
|
|
|
return PubKeyEd25519(pubBytes).Wrap() |
|
|
|
} |
|
|
|
|
|
|
|
// Equals - you probably don't need to use this.
|
|
|
|
// Runs in constant time based on length of the keys.
|
|
|
|
func (privKey PrivKeyEd25519) Equals(other PrivKey) bool { |
|
|
|
if otherEd, ok := other.Unwrap().(PrivKeyEd25519); ok { |
|
|
|
// It is essential that we constant time compare
|
|
|
|
// private keys and signatures instead of bytes.Equal,
|
|
|
|
// to avoid susceptibility to timing/side channel attacks.
|
|
|
|
// See Issue https://github.com/tendermint/go-crypto/issues/43
|
|
|
|
return subtle.ConstantTimeCompare(privKey[:], otherEd[:]) == 0 |
|
|
|
return subtle.ConstantTimeCompare(privKey[:], otherEd[:]) == 1 |
|
|
|
} else { |
|
|
|
return false |
|
|
|
} |
|
|
@ -146,13 +144,11 @@ func (privKey PrivKeySecp256k1) PubKey() PubKey { |
|
|
|
return pub.Wrap() |
|
|
|
} |
|
|
|
|
|
|
|
// Equals - you probably don't need to use this.
|
|
|
|
// Runs in constant time based on length of the keys.
|
|
|
|
func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool { |
|
|
|
if otherSecp, ok := other.Unwrap().(PrivKeySecp256k1); ok { |
|
|
|
// It is essential that we constant time compare
|
|
|
|
// private keys and signatures instead of bytes.Equal,
|
|
|
|
// to avoid susceptibility to timing/side channel attacks.
|
|
|
|
// See Issue https://github.com/tendermint/go-crypto/issues/43
|
|
|
|
return subtle.ConstantTimeCompare(privKey[:], otherSecp[:]) == 0 |
|
|
|
return subtle.ConstantTimeCompare(privKey[:], otherSecp[:]) == 1 |
|
|
|
} else { |
|
|
|
return false |
|
|
|
} |
|
|
|