From 65cc19842c418a0c9bba16abcc6b4cb77023e8ff Mon Sep 17 00:00:00 2001 From: Evgeny Date: Sat, 14 Jun 2025 07:10:51 +0100 Subject: [PATCH] servers: restore constant time for absent queue/wrong key (regression in 6.4-beta.9) (#1567) --- src/Simplex/Messaging/Server.hs | 4 ++-- tests/ServerTests.hs | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Simplex/Messaging/Server.hs b/src/Simplex/Messaging/Server.hs index 1efaa0650..b17054025 100644 --- a/src/Simplex/Messaging/Server.hs +++ b/src/Simplex/Messaging/Server.hs @@ -1272,8 +1272,8 @@ verifyCmdAuth thAuth k authenticator authorized (CorrId corrId) = case thAuth of Just THAuthServer {serverPrivKey = pk} -> C.cbVerify k pk (C.cbNonce corrId) authenticator authorized Nothing -> False -dummyVerifyCmd :: Maybe (THandleAuth 'TServer) -> Maybe TAuthorizations -> ByteString -> CorrId -> Maybe Bool -dummyVerifyCmd thAuth tAuth authorized corrId = verify <$> tAuth +dummyVerifyCmd :: Maybe (THandleAuth 'TServer) -> Maybe TAuthorizations -> ByteString -> CorrId -> Bool +dummyVerifyCmd thAuth tAuth authorized corrId = maybe False verify tAuth where verify = \case (TASignature (C.ASignature a s), _) -> C.verify' (dummySignKey a) s authorized diff --git a/tests/ServerTests.hs b/tests/ServerTests.hs index e7f2c35c6..354573852 100644 --- a/tests/ServerTests.hs +++ b/tests/ServerTests.hs @@ -939,7 +939,7 @@ testTiming = ] timeRepeat n = fmap fst . timeItT . forM_ (replicate n ()) . const similarTime t1 t2 - | t1 <= t2 = abs (1 - t1 / t2) < 0.35 -- normally the difference between "no queue" and "wrong key" is less than 5% + | t1 <= t2 = abs (1 - t1 / t2) < 0.3 -- normally the difference between "no queue" and "wrong key" is less than 5% | otherwise = similarTime t2 t1 testSameTiming :: forall c. Transport c => THandleSMP c 'TClient -> THandleSMP c 'TClient -> (C.AuthAlg, C.AuthAlg, Int) -> Expectation testSameTiming rh sh (C.AuthAlg goodKeyAlg, C.AuthAlg badKeyAlg, n) = do