Merge pull request #94 from Liamsi/const_time
Use constant-time comparator to compare signatures
This commit is contained in:
commit
434759e17b
|
@ -1,9 +1,10 @@
|
|||
package crypto
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
|
||||
"crypto/subtle"
|
||||
|
||||
. "github.com/tendermint/tmlibs/common"
|
||||
)
|
||||
|
||||
|
@ -41,7 +42,7 @@ func (sig SignatureEd25519) String() string { return fmt.Sprintf("/%X.../", Fing
|
|||
|
||||
func (sig SignatureEd25519) Equals(other Signature) bool {
|
||||
if otherEd, ok := other.(SignatureEd25519); ok {
|
||||
return bytes.Equal(sig[:], otherEd[:])
|
||||
return subtle.ConstantTimeCompare(sig[:], otherEd[:]) == 1
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
|
@ -74,7 +75,7 @@ func (sig SignatureSecp256k1) String() string { return fmt.Sprintf("/%X.../", Fi
|
|||
|
||||
func (sig SignatureSecp256k1) Equals(other Signature) bool {
|
||||
if otherSecp, ok := other.(SignatureSecp256k1); ok {
|
||||
return bytes.Equal(sig[:], otherSecp[:])
|
||||
return subtle.ConstantTimeCompare(sig[:], otherSecp[:]) == 1
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue