Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 11 for ConstantTimeCompare (0.2 sec)

  2. github.com/minio/minio

    cmd/sftp-server.go 

    		if err != nil {
			return nil, errAuthentication
		}
	} else {
		// Temporary credentials are not allowed.
		if ui.Credentials.IsTemp() {
			return nil, errAuthentication
		}
		if subtle.ConstantTimeCompare([]byte(ui.Credentials.SecretKey), pass) != 1 {
			return nil, errAuthentication
		}

	}

	copts := map[string]string{
		"AccessKey": ui.Credentials.AccessKey,
		"SecretKey": ui.Credentials.SecretKey,
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Aug 20 20:00:29 UTC 2024
    - 16K bytes
    - Viewed (0)
  3. github.com/minio/minio

    cmd/ftp-server-driver.go 

    			return len(ldapPolicies) > 0, nil
		}
		return subtle.ConstantTimeCompare([]byte(sa.Credentials.SecretKey), []byte(password)) == 1, nil
	}

	ui, ok := globalIAMSys.GetUser(context.Background(), username)
	if !ok {
		return false, nil
	}
	return subtle.ConstantTimeCompare([]byte(ui.Credentials.SecretKey), []byte(password)) == 1, nil
}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Aug 14 17:11:51 UTC 2024
    - 14K bytes
    - Viewed (0)
  4. github.com/minio/minio

    cmd/signature-v4.go 

    func compareSignatureV4(sig1, sig2 string) bool {
	// The CTC using []byte(str) works because the hex encoding
	// is unique for a sequence of bytes. See also compareSignatureV2.
	return subtle.ConstantTimeCompare([]byte(sig1), []byte(sig2)) == 1
}

// doesPolicySignatureMatch - Verify query headers with post policy
//   - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-HTTPPOSTConstructPolicy.html
//
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu May 16 23:13:47 UTC 2024
    - 12.4K bytes
    - Viewed (0)
  5. github.com/minio/minio

    internal/auth/credentials.go 

    func (cred Credentials) Equal(ccred Credentials) bool {
	if !ccred.IsValid() {
		return false
	}
	return (cred.AccessKey == ccred.AccessKey && subtle.ConstantTimeCompare([]byte(cred.SecretKey), []byte(ccred.SecretKey)) == 1 &&
		subtle.ConstantTimeCompare([]byte(cred.SessionToken), []byte(ccred.SessionToken)) == 1)
}

var timeSentinel = time.Unix(0, 0).UTC()

// ErrInvalidDuration invalid token expiry
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 28 17:14:16 UTC 2024
    - 12K bytes
    - Viewed (0)
  6. github.com/minio/minio

    cmd/object-lambda-handlers.go 

    		tokenErr := errorCodes.ToAPIErr(ErrInvalidRequest)
		tokenErr.Description = "The request route included in the request is invalid"
		writeErrorResponse(ctx, w, tokenErr, r.URL)
		return
	}

	if subtle.ConstantTimeCompare([]byte(resp.Header.Get(xhttp.AmzRequestToken)), []byte(eventData.GetObjectContext.OutputToken)) != 1 {
		tokenErr := errorCodes.ToAPIErr(ErrInvalidToken)
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Mon Jul 22 07:04:48 UTC 2024
    - 10.3K bytes
    - Viewed (0)
  7. github.com/minio/minio

    cmd/kms-handlers.go 

    			return
		}
		writeSuccessResponseJSON(w, resp)
		return
	}

	// 3. Compare generated key with decrypted key
	if subtle.ConstantTimeCompare(key.Plaintext, decryptedKey) != 1 {
		response.DecryptionErr = "The generated and the decrypted data key do not match"
		resp, err := json.Marshal(response)
		if err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 10.1K bytes
    - Viewed (0)
  8. github.com/minio/minio

    cmd/auth-handler.go 

    	// based on admin credential such that token cannot be decoded
	// on the client side and is treated like an opaque value.
	claims, err := auth.ExtractClaims(token, secret)
	if err != nil {
		if subtle.ConstantTimeCompare([]byte(secret), []byte(globalActiveCred.SecretKey)) == 1 {
			return nil, errAuthentication
		}
		claims, err = auth.ExtractClaims(token, globalActiveCred.SecretKey)
		if err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Sep 17 16:45:46 UTC 2024
    - 26.1K bytes
    - Viewed (0)
  9. github.com/minio/minio

    cmd/signature-v2.go 

    	if err != nil {
		return false
	}
	signature2, err := base64.StdEncoding.DecodeString(sig2)
	if err != nil {
		return false
	}
	return subtle.ConstantTimeCompare(signature1, signature2) == 1
}

// Return canonical headers.
func canonicalizedAmzHeadersV2(headers http.Header) string {
	var keys []string
	keyval := make(map[string]string, len(headers))
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Jan 18 07:03:17 UTC 2024
    - 12.2K bytes
    - Viewed (0)
  10. github.com/minio/minio

    cmd/encryption-v1.go 

    			if subtle.ConstantTimeCompare(oldKey, newKey) == 1 {
				return errInvalidSSEParameters // AWS returns special error for equal but invalid keys.
			}
			return crypto.ErrInvalidCustomerKey // To provide strict AWS S3 compatibility we return: access denied.

		}
		if subtle.ConstantTimeCompare(oldKey, newKey) == 1 && sealedKey.Algorithm == crypto.SealAlgorithm {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Oct 13 13:06:08 UTC 2024
    - 37.2K bytes
    - Viewed (0)
  11. github.com/minio/minio

    cmd/admin-handlers.go 

    			return
		}
		writeSuccessResponseJSON(w, resp)
		return
	}

	// 3. Compare generated key with decrypted key
	if subtle.ConstantTimeCompare(key.Plaintext, decryptedKey) != 1 {
		response.DecryptionErr = "The generated and the decrypted data key do not match"
		resp, err := json.Marshal(response)
		if err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri Oct 04 11:32:32 UTC 2024
    - 99.7K bytes
    - Viewed (0)
Back to top