Impact
When using the derivation_endpoint
plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL.
Patches
The problem has been fixed by comparing sent and calculated signature in constant time, using Rack::Utils.secure_compare
. Users using the derivation_endpoint
plugin are urged to upgrade to Shrine 3.3.0 or greater.
Workarounds
Users of older Shrine versions can apply the following monkey-patch after loading the derivation_endpoint
plugin:
class Shrine
class UrlSigner
def verify_signature(string, signature)
if signature.nil?
fail InvalidSignature, "missing \"signature\" param"
elsif !Rack::Utils.secure_compare(signature, generate_signature(string))
fail InvalidSignature, "provided signature does not match the calculated signature"
end
end
end
end
References
You can read more about timing attacks here.
Impact
When using the
derivation_endpoint
plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL.Patches
The problem has been fixed by comparing sent and calculated signature in constant time, using
Rack::Utils.secure_compare
. Users using thederivation_endpoint
plugin are urged to upgrade to Shrine 3.3.0 or greater.Workarounds
Users of older Shrine versions can apply the following monkey-patch after loading the
derivation_endpoint
plugin:References
You can read more about timing attacks here.