Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 11 for ConstantTimeCompare (0.18 sec)

  1. cmd/sftp-server.go

    		if err != nil {
    			return nil, errAuthentication
    		}
    	} else {
    		// Temporary credentials are not allowed.
    		if ui.Credentials.IsTemp() {
    			return nil, errAuthentication
    		}
    		if subtle.ConstantTimeCompare([]byte(ui.Credentials.SecretKey), pass) != 1 {
    			return nil, errAuthentication
    		}
    
    	}
    
    	copts := map[string]string{
    		"AccessKey": ui.Credentials.AccessKey,
    		"SecretKey": ui.Credentials.SecretKey,
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Aug 20 20:00:29 UTC 2024
    - 16K bytes
    - Viewed (0)
  2. cmd/ftp-server-driver.go

    			return len(ldapPolicies) > 0, nil
    		}
    		return subtle.ConstantTimeCompare([]byte(sa.Credentials.SecretKey), []byte(password)) == 1, nil
    	}
    
    	ui, ok := globalIAMSys.GetUser(context.Background(), username)
    	if !ok {
    		return false, nil
    	}
    	return subtle.ConstantTimeCompare([]byte(ui.Credentials.SecretKey), []byte(password)) == 1, nil
    }
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Aug 14 17:11:51 UTC 2024
    - 14K bytes
    - Viewed (0)
  3. cmd/signature-v4.go

    func compareSignatureV4(sig1, sig2 string) bool {
    	// The CTC using []byte(str) works because the hex encoding
    	// is unique for a sequence of bytes. See also compareSignatureV2.
    	return subtle.ConstantTimeCompare([]byte(sig1), []byte(sig2)) == 1
    }
    
    // doesPolicySignatureMatch - Verify query headers with post policy
    //   - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-HTTPPOSTConstructPolicy.html
    //
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu May 16 23:13:47 UTC 2024
    - 12.4K bytes
    - Viewed (0)
  4. internal/auth/credentials.go

    func (cred Credentials) Equal(ccred Credentials) bool {
    	if !ccred.IsValid() {
    		return false
    	}
    	return (cred.AccessKey == ccred.AccessKey && subtle.ConstantTimeCompare([]byte(cred.SecretKey), []byte(ccred.SecretKey)) == 1 &&
    		subtle.ConstantTimeCompare([]byte(cred.SessionToken), []byte(ccred.SessionToken)) == 1)
    }
    
    var timeSentinel = time.Unix(0, 0).UTC()
    
    // ErrInvalidDuration invalid token expiry
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 28 17:14:16 UTC 2024
    - 12K bytes
    - Viewed (0)
  5. cmd/object-lambda-handlers.go

    		tokenErr := errorCodes.ToAPIErr(ErrInvalidRequest)
    		tokenErr.Description = "The request route included in the request is invalid"
    		writeErrorResponse(ctx, w, tokenErr, r.URL)
    		return
    	}
    
    	if subtle.ConstantTimeCompare([]byte(resp.Header.Get(xhttp.AmzRequestToken)), []byte(eventData.GetObjectContext.OutputToken)) != 1 {
    		tokenErr := errorCodes.ToAPIErr(ErrInvalidToken)
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Mon Jul 22 07:04:48 UTC 2024
    - 10.3K bytes
    - Viewed (0)
  6. cmd/kms-handlers.go

    			return
    		}
    		writeSuccessResponseJSON(w, resp)
    		return
    	}
    
    	// 3. Compare generated key with decrypted key
    	if subtle.ConstantTimeCompare(key.Plaintext, decryptedKey) != 1 {
    		response.DecryptionErr = "The generated and the decrypted data key do not match"
    		resp, err := json.Marshal(response)
    		if err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 10.1K bytes
    - Viewed (0)
  7. cmd/auth-handler.go

    	// based on admin credential such that token cannot be decoded
    	// on the client side and is treated like an opaque value.
    	claims, err := auth.ExtractClaims(token, secret)
    	if err != nil {
    		if subtle.ConstantTimeCompare([]byte(secret), []byte(globalActiveCred.SecretKey)) == 1 {
    			return nil, errAuthentication
    		}
    		claims, err = auth.ExtractClaims(token, globalActiveCred.SecretKey)
    		if err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Sep 17 16:45:46 UTC 2024
    - 26.1K bytes
    - Viewed (0)
  8. cmd/signature-v2.go

    	if err != nil {
    		return false
    	}
    	signature2, err := base64.StdEncoding.DecodeString(sig2)
    	if err != nil {
    		return false
    	}
    	return subtle.ConstantTimeCompare(signature1, signature2) == 1
    }
    
    // Return canonical headers.
    func canonicalizedAmzHeadersV2(headers http.Header) string {
    	var keys []string
    	keyval := make(map[string]string, len(headers))
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Jan 18 07:03:17 UTC 2024
    - 12.2K bytes
    - Viewed (0)
  9. cmd/encryption-v1.go

    			if subtle.ConstantTimeCompare(oldKey, newKey) == 1 {
    				return errInvalidSSEParameters // AWS returns special error for equal but invalid keys.
    			}
    			return crypto.ErrInvalidCustomerKey // To provide strict AWS S3 compatibility we return: access denied.
    
    		}
    		if subtle.ConstantTimeCompare(oldKey, newKey) == 1 && sealedKey.Algorithm == crypto.SealAlgorithm {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Oct 13 13:06:08 UTC 2024
    - 37.2K bytes
    - Viewed (0)
  10. cmd/admin-handlers.go

    			return
    		}
    		writeSuccessResponseJSON(w, resp)
    		return
    	}
    
    	// 3. Compare generated key with decrypted key
    	if subtle.ConstantTimeCompare(key.Plaintext, decryptedKey) != 1 {
    		response.DecryptionErr = "The generated and the decrypted data key do not match"
    		resp, err := json.Marshal(response)
    		if err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri Oct 04 11:32:32 UTC 2024
    - 99.7K bytes
    - Viewed (0)
Back to top