hmac.compare_digest is not in earlier version python2.7.7

[charsyam]

earlier version python2.7.7
hmac doesn't support compare_digest
so I implement workaround for this. :)

[be-hase]

Hi, @charsyam
Thanks for your feedback. 😄
But str comparing is not good because of timing attack.
( https://en.wikipedia.org/wiki/Timing_attack )

OK. In the near future, I will fix this issue and release 1.0.2 version.

[darjeeling]

maybe @charsyam can get hint here https://github.com/python/cpython/blob/2.7/Modules/operator.c#L289

[charsyam]

Hi, @be-hase

could you review this? I implemented safe_compare_digest func to refer tscmp

[be-hase]

Oh... thanks for your patch. 👍

[be-hase]

Would you like to use if hasattr(hmac, "compare_digest"): ?
I think that it is readable.

[charsyam]

@be-hase how about this approach?
I applied hasattr and made function reference as compare_digest.

[okdtsk]

One more thing, we adopt Google style docstring but yours is reST format. Can you rewrite your function's docstring as Google one?

Google python style guide
https://google.github.io/styleguide/pyguide.html?showone=Comments#Comments

This SO question will help you :)
http://stackoverflow.com/a/24385103

[okdtsk]

Why does not use len2 directly when comparing to len1?
And the line if len1 != length can be rewritten else statement under if len1 == length, which will have same meaning, same cost to avoid time at track and more readable.

[charsyam]

@okdtsk Good Catch, I will apply your review to use len2 directlry
and I have a question about docstring.
python webhook.py and other code just follow reST format not Google Style.
could you please check this?

[darjeeling]

why not else ?

[charsyam]

In your hint. There is an answer. so I avoid to use else :)
/* don't use else here to keep the amount of CPU instructions constant,
* volatile forces re-evaluation */

[be-hase]

I'm sorry reply late.

docstring

Yes, we use reST format. Sorry @okdtsk 😢

This feature is sensitive, so I want a test code.

[okdtsk]

@charsyam @be-hase
Ah sorry I checked previous code. Please ignore my comment about docstring. 😭

[be-hase]

And...
I think that we can simplify like below.

def compare_digest(target1, target2):
    if len(target1) != len(target1):
        return False

    result = 0
    for x, y in zip(target1, target2):
        result |= ord(x) ^ ord(y)

    return result == 0

[charsyam]

@be-hase Yes, I also worry about that. How we can test it well?
because I think this verify consuming time is equals.

[charsyam]

@be-hase and We can't just return False when length is different.
(It violates timeing attack.)

[be-hase]

@charsyam
At least, I want to check like a below. (very simple checking 😄 )
https://github.com/line/line-bot-sdk-python/blob/master/tests/test_webhook.py#L37-L46

LINE Signature is hashed by SHA-256 algorithm, so bytes length must be 32bytes.
Then we just need constant-time-compare.

(Example)
For the same reason, Django provide as below.
https://github.com/django/django/blob/master/django/utils/crypto.py#L80-L105

[be-hase]

OK, looks good to me.

Sorry..., How about this ?

:param val1: string or bytes for compare
:type val1: str | bytes

ref:
https://github.com/line/line-bot-sdk-python/blob/master/linebot/api.py#L79-L83

And Have you signed up ICLA?
( https://feedback.line.me/enquete/public/919-h9Yqmr1u )
If you have completed, I will merge and release 1.0.2

Thanks 😄

[charsyam]

@be-hase I singed ICLA and update your review for changing docstring Thanks