| Julian Krause | 9c3088f | 2013-12-04 14:49:50 -0800 | [diff] [blame] | 1 | .. hazmat:: |
| 2 | |
| 3 | Constant time functions |
| 4 | ======================= |
| 5 | |
| 6 | .. currentmodule:: cryptography.hazmat.primitives.constant_time |
| 7 | |
| 8 | In order for cryptographic operations to not leak information through timing |
| Julian Krause | d6f14da | 2013-12-05 11:06:27 -0800 | [diff] [blame^] | 9 | side channels, constant time operations need to be used. |
| 10 | |
| 11 | One should use these functions whenever you are comparing a secret to |
| 12 | something received. This includes things like HMAC signatures as described by |
| 13 | a `timing attack on KeyCzar`_. |
| 14 | |
| Julian Krause | 9c3088f | 2013-12-04 14:49:50 -0800 | [diff] [blame] | 15 | |
| 16 | .. function:: bytes_eq(a, b) |
| 17 | |
| Julian Krause | d6f14da | 2013-12-05 11:06:27 -0800 | [diff] [blame^] | 18 | Compare ``a`` and ``b`` to one another in constant time if they are of the |
| 19 | same length. |
| Julian Krause | 9c3088f | 2013-12-04 14:49:50 -0800 | [diff] [blame] | 20 | |
| 21 | .. doctest:: |
| 22 | |
| 23 | >>> from cryptography.hazmat.primitives import constant_time |
| 24 | >>> constant_time.bytes_eq(b"foo", b"foo") |
| 25 | True |
| 26 | >>> constant_time.bytes_eq(b"foo", b"bar") |
| 27 | False |
| 28 | |
| Julian Krause | d6f14da | 2013-12-05 11:06:27 -0800 | [diff] [blame^] | 29 | :param a bytes: The left-hand side. |
| 30 | :param b bytes: The right-hand side. |
| 31 | :returns boolean: True if ``a`` has the same bytes as ``b``. |
| 32 | |
| 33 | |
| 34 | .. _`timing attack on KeyCzar`: http://rdist.root.org/2009/05/28/timing-attack-in-google-keyczar-library/ |