security #4183 WSSE Auth: Timing safe comparison (merk)

weaverryan · weaverryan · commit 9f1ef22c32c3 · 2015-03-22T18:30:25.000-04:00
This PR was merged into the 2.3 branch. Discussion ---------- WSSE Auth: Timing safe comparison | Q | A | ------------- | --- | Doc fix? | yes | New docs? | no | Applies to | 2.3+ | Fixed tickets | n/a I believe we should be providing examples that use timing safe operations when comparing password hashes, or any other kind of sensitive comparison that could leak timing information. Commits ------- 822f91a Add note about the constant time comparison 098afc3 WSSE Auth: Timing safe comparison
diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst
@@ -202,6 +202,7 @@ the ``PasswordDigest`` header value matches with the user's password.
     use Symfony\Component\Security\Core\Exception\NonceExpiredException;
     use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
     use AppBundle\Security\Authentication\Token\WsseUserToken;
+    use Symfony\Component\Security\Core\Util\StringUtils;
 
     class WsseProvider implements AuthenticationProviderInterface
     {
@@ -260,7 +261,7 @@ the ``PasswordDigest`` header value matches with the user's password.
             // Validate Secret
             $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));
 
-            return $digest === $expected;
+            return StringUtils::equals($expected, $digest);
         }
 
         public function supports(TokenInterface $token)
@@ -277,6 +278,14 @@ the ``PasswordDigest`` header value matches with the user's password.
     provider for the given token. In the case of multiple providers, the
     authentication manager will then move to the next provider in the list.
 
+.. note::
+
+    The comparsion of the expected and the provided digests uses a constant
+    time comparison provided by the
+    :method:`Symfony\\Component\\Security\\Core\\Util\\StringUtils::equals`
+    method of the ``StringUtils`` class. It is used to mitigate possible
+    `timing attacks`_.
+
 The Factory
 -----------
 
@@ -608,3 +617,4 @@ in the factory and consumed or passed to the other classes in the container.
 
 .. _`WSSE`: http://www.xml.com/pub/a/2003/12/17/dive.html
 .. _`nonce`: http://en.wikipedia.org/wiki/Cryptographic_nonce
+.. _`timing attacks`: http://en.wikipedia.org/wiki/Timing_attack
