@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Don't use "phutil_hashes_are_identical()" to compare public keys
Summary:
Ref T13436. There's no real security value to doing this comparison, it just wards off evil "security researchers" who get upset if you ever compare two strings with a non-constant-time algorithm.
In practice, SSH public keys are pretty long, pretty public, and have pretty similar lengths. This leads to a relatively large amount of work to do constant-time comparisons on them (we frequently can't abort early after identifying differing string length).
Test Plan: Ran `bin/ssh-auth --sshd-key ...` on `secure` with ~1K keys, saw runtime drop by ~50% (~400ms to ~200ms) with `===`.
Maniphest Tasks: T13436
Differential Revision: https://secure.phabricator.com/D20875
+1
-1
+1
-1
scripts/ssh/ssh-auth.php
+1
-1
scripts/ssh/ssh-auth.php
···
109
109
if ($sshd_key !== null) {
110
110
$matches = array();
111
111
foreach ($authstruct['keys'] as $key => $key_struct) {
112
-
if (phutil_hashes_are_identical($key_struct['key'], $sshd_key)) {
112
+
if ($key_struct['key'] === $sshd_key) {
113
113
$matches[$key] = $key_struct;
114
114
}
115
115
}