proxmox-mirrors/proxmox
1
0
Fork 1
mirror of https://git.proxmox.com/git/proxmox synced 2025-08-07 01:27:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

auth-api: use constant time comparison for csrf tokens

Browse Source 
by using openssl's `memcmp::eq()` we can avoid potential side-channel
attack on the csrf token comparison. this comparison's runtime only
depends on the length of the two byte vectors, not their contents.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
This commit is contained in:
Stefan Sterz 2024-03-06 13:36:01 +01:00 committed by Wolfgang Bumiller
parent b926ea1f5c
commit 8609fb58ef
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
proxmox-auth-api/src/api/access.rs
View File

@ -286,14 +286,15 @@ fn verify_csrf_prevention_token_do(
} }
let timestamp = parts.pop_front().unwrap(); let timestamp = parts.pop_front().unwrap();
let sig = parts.pop_front().unwrap(); let sig = parts.pop_front().unwrap().as_bytes();
let ttime = i64::from_str_radix(timestamp, 16) let ttime = i64::from_str_radix(timestamp, 16)
.map_err(|err| format_err!("timestamp format error - {}", err))?; .map_err(|err| format_err!("timestamp format error - {}", err))?;
let digest = compute_csrf_secret_digest(ttime, secret, userid); let digest = compute_csrf_secret_digest(ttime, secret, userid);
let digest = digest.as_bytes();
if digest != sig { if digest.len() != sig.len() || !openssl::memcmp::eq(digest, sig) {
bail!("invalid signature."); bail!("invalid signature.");
} }