Use a constant time comparison for comparing an HMAC

Fixes #2
author: Alex Gaynor <alex.gaynor@gmail.com> 2015-03-08 17:11:31 -0400
committer: Simo Sorce <simo@redhat.com> 2015-03-08 17:31:47 -0400
commit: 7cf181023c2dd69d5d2f6733df60b1c8332c85bf (patch)
tree: 29ea892bfbfec381ec0e7f5cf8bdd5e283f5c3df
parent: 1f8bd71e9d65fd23ac1ba2df7debd217285bb702 (diff)
download: jwcrypto-7cf181023c2dd69d5d2f6733df60b1c8332c85bf.tar.gz
jwcrypto-7cf181023c2dd69d5d2f6733df60b1c8332c85bf.tar.xz
jwcrypto-7cf181023c2dd69d5d2f6733df60b1c8332c85bf.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/jwcrypto/jwe.py b/jwcrypto/jwe.py
index 7845b26..3e7ea19 100644
--- a/jwcrypto/jwe.py
+++ b/jwcrypto/jwe.py
@@ -1,7 +1,7 @@
 # Copyright (C) 2015 JWCrypto Project Contributors - see LICENSE file
 
 from cryptography.hazmat.backends import default_backend
-from cryptography.hazmat.primitives import hashes, hmac
+from cryptography.hazmat.primitives import constant_time, hashes, hmac
 from cryptography.hazmat.primitives.padding import PKCS7
 from cryptography.hazmat.primitives.asymmetric import padding
 from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
@@ -183,7 +183,7 @@ class _aes_cbc_hmac_sha2(_raw_jwe):
         dkey = k[self.blocksize:]
 
         # verify mac
-        if t != self._mac(hkey, a, iv, e):
+        if not constant_time.bytes_eq(t, self._mac(hkey, a, iv, e)):
             raise InvalidJWEData('Failed to verify MAC')
 
         # decrypt
author	Alex Gaynor <alex.gaynor@gmail.com>	2015-03-08 17:11:31 -0400
committer	Simo Sorce <simo@redhat.com>	2015-03-08 17:31:47 -0400
commit	7cf181023c2dd69d5d2f6733df60b1c8332c85bf (patch)
tree	29ea892bfbfec381ec0e7f5cf8bdd5e283f5c3df
parent	1f8bd71e9d65fd23ac1ba2df7debd217285bb702 (diff)
download	jwcrypto-7cf181023c2dd69d5d2f6733df60b1c8332c85bf.tar.gz jwcrypto-7cf181023c2dd69d5d2f6733df60b1c8332c85bf.tar.xz jwcrypto-7cf181023c2dd69d5d2f6733df60b1c8332c85bf.zip