Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
p2p
go-p2p-core
Commits
963cc997
Commit
963cc997
authored
Jun 29, 2019
by
Steven Allen
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
remove non-constant-time private key comparison
parent
9a4415d1
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
3 additions
and
7 deletions
+3
-7
crypto/key.go
crypto/key.go
+1
-2
crypto/rsa_go.go
crypto/rsa_go.go
+1
-4
crypto/secp256k1.go
crypto/secp256k1.go
+1
-1
No files found.
crypto/key.go
View file @
963cc997
...
...
@@ -4,7 +4,6 @@
package
crypto
import
(
"bytes"
"crypto/elliptic"
"crypto/hmac"
"crypto/rand"
...
...
@@ -380,5 +379,5 @@ func basicEquals(k1, k2 Key) bool {
if
err
!=
nil
{
return
false
}
return
bytes
.
Equal
(
a
,
b
)
return
subtle
.
ConstantTimeCompare
(
a
,
b
)
==
1
}
crypto/rsa_go.go
View file @
963cc997
...
...
@@ -108,6 +108,7 @@ func (sk *RsaPrivateKey) Equals(k Key) bool {
a
:=
sk
.
sk
b
:=
other
.
sk
// Don't care about constant time. We're only comparing the public half.
if
a
.
PublicKey
.
N
.
Cmp
(
b
.
PublicKey
.
N
)
!=
0
{
return
false
}
...
...
@@ -115,10 +116,6 @@ func (sk *RsaPrivateKey) Equals(k Key) bool {
return
false
}
if
a
.
D
.
Cmp
(
b
.
D
)
!=
0
{
return
false
}
return
true
}
...
...
crypto/secp256k1.go
View file @
963cc997
...
...
@@ -69,7 +69,7 @@ func (k *Secp256k1PrivateKey) Equals(o Key) bool {
return
basicEquals
(
k
,
o
)
}
return
k
.
D
.
Cmp
(
sk
.
D
)
==
0
return
k
.
GetPublic
()
.
Equals
(
sk
.
GetPublic
())
}
// Sign returns a signature from input data
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment