rails--rails/activesupport/lib/active_support/security_utils.rb

# frozen_string_literal: true

require "digest/sha2"

module ActiveSupport
  module SecurityUtils
    # Constant time string comparison, for fixed length strings.
    #
    # The values compared should be of fixed length, such as strings
    # that have already been processed by HMAC. Raises in case of length mismatch.
    def fixed_length_secure_compare(a, b)
      raise ArgumentError, "string length mismatch." unless a.bytesize == b.bytesize

      l = a.unpack "C#{a.bytesize}"

      res = 0
      b.each_byte { |byte| res |= byte ^ l.shift }
      res == 0
    end
    module_function :fixed_length_secure_compare

    # Constant time string comparison, for variable length strings.
    #
    # The values are first processed by SHA256, so that we don't leak length info
    # via timing attacks.
    def secure_compare(a, b)
      fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b
    end
    module_function :secure_compare
  end
end
Use frozen-string-literal in ActiveSupport 2017-07-09 08:06:36 -04:00			`# frozen_string_literal: true`
[Active Support] `rubocop -a --only Layout/EmptyLineAfterMagicComment` 2017-07-10 09:39:13 -04:00
Preload digest/sha2 to avoid thread safe error. I got this error in production using Puma in multi-threaded mode: ``` RuntimeError: Digest::Base cannot be directly inherited in Ruby from active_support/security_utils.rb:23:in `variable_size_secure_compare' from active_support/security_utils.rb:23:in `hexdigest' from active_support/security_utils.rb:23:in `digest' ``` Looks like Digest uses const_missing to load Digest::SHA256 (https://github.com/ruby/ruby/blob/trunk/ext/digest/lib/digest.rb#L8) - https://bugs.ruby-lang.org/issues/9494 - https://github.com/ruby/ruby/commit/c02fa39463a0c6bf698b01bc610135604aca2ff4 2017-09-25 08:06:15 -04:00			`require "digest/sha2"`
use secure string comparisons for basic auth username / password this will avoid timing attacks against applications that use basic auth. CVE-2015-7576 2015-10-29 13:42:44 -04:00
Add AS::SecurityUtils.secure_compare for constant time string comparison 2014-10-23 09:56:48 -04:00			`module ActiveSupport`
			`module SecurityUtils`
Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings. 2016-04-11 17:11:06 -04:00			`# Constant time string comparison, for fixed length strings.`
Add AS::SecurityUtils.secure_compare for constant time string comparison 2014-10-23 09:56:48 -04:00			`#`
			`# The values compared should be of fixed length, such as strings`
Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings. 2016-04-11 17:11:06 -04:00			`# that have already been processed by HMAC. Raises in case of length mismatch.`
			`def fixed_length_secure_compare(a, b)`
			`raise ArgumentError, "string length mismatch." unless a.bytesize == b.bytesize`
Add AS::SecurityUtils.secure_compare for constant time string comparison 2014-10-23 09:56:48 -04:00
			`l = a.unpack "C#{a.bytesize}"`

			`res = 0`
			`b.each_byte { \|byte\| res \|= byte ^ l.shift }`
			`res == 0`
			`end`
Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings. 2016-04-11 17:11:06 -04:00			`module_function :fixed_length_secure_compare`
use secure string comparisons for basic auth username / password this will avoid timing attacks against applications that use basic auth. CVE-2015-7576 2015-10-29 13:42:44 -04:00
Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings. 2016-04-11 17:11:06 -04:00			`# Constant time string comparison, for variable length strings.`
			`#`
			`# The values are first processed by SHA256, so that we don't leak length info`
			`# via timing attacks.`
			`def secure_compare(a, b)`
Don't encode in secure_compare for speedup Hex encoding is base 16 which makes the original input twice as big. With this change less time need to be spent in fixed_length_secure_compare. 2019-03-09 10:56:39 -05:00			`fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b`
use secure string comparisons for basic auth username / password this will avoid timing attacks against applications that use basic auth. CVE-2015-7576 2015-10-29 13:42:44 -04:00			`end`
Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings. 2016-04-11 17:11:06 -04:00			`module_function :secure_compare`
Add AS::SecurityUtils.secure_compare for constant time string comparison 2014-10-23 09:56:48 -04:00			`end`
			`end`