com.oracle.truffle.tools.chromeinspector.instrument

Class Token

java.lang.Object

com.oracle.truffle.tools.chromeinspector.instrument.Token

public final class Token
extends Object

Token encapsulates some sensitive data that can be compared in a secure way. That is, the Token.equals(Object) method does not leak any information through timing. While one could be careful with String or byte[] and perform all the comparisons in a secure way, just one careless call of Object.equals(Object) could expose the secret data to an attacker. For this reason, we encapsulate it into a class to prevent such accidental exposure. The Token class does not allow the data to be extracted in the original form. It has limited set of operation that allow you to learn something about the data:

• Comparison - designed not to leak any data through its execution time.
• Token.hashCode() - this might expose part of the hash. Note that some collection implementations like HashMap might use it and leak this value through timing attack.
• Token.toString() might contain whole hash of the sensitive data.

At worst, just a hash of the sensitive data can leak by careless operation. If this happens:

• All secrets with entropy outside of attacker's capability for offline attacks are safe.
• Secrets with low entropy (e.g., short secrets or secrets made in a predictable way) might be cracked by a offline attack.

Please note that this class does not use a slow hashing function (like bcrypt), that are recommended for secrets of potentially entropy (e.g., passwords). You should not store low-entropy secrets there unless you are extremely careful about calling methods such as Token.hashCode() and Token.toString(). Those operations are explicitly not planned to be ever supported:

• serialization - Allowing serialization would not allow us to change the hash function or String encoding in future.
• comparing values like Comparable.compareTo(Object) - This could be hardly implemented in a meaningful way without compromising security.

Method Summary

Modifier and Type	Method and Description
static Token	createHashedTokenFromString(String secret)
boolean	equals(Object o) If the other object is not a Token, it immediatelly returns false.
int	hashCode()
String	toString() The String representation of Token might contain hash.

Methods inherited from class java.lang.Object

clone, getClass, notify, notifyAll, wait, wait, wait

Method Detail

createHashedTokenFromString

public static Token createHashedTokenFromString(String secret)

equals

public boolean equals(Object o)

If the other object is not a Token, it immediatelly returns false. If the other object is a Token, it compares values encapsulated by the tokens in a way that prevents timing attacks. That is, even if an attacker is able to measure the time of this operation, it gives them no valuable information about the secret contents.

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

toString

public String toString()

The String representation of Token might contain hash. Currently, it contains the hash. However, it might change in future. This means that you cannot rely on any of those variant. You should be careful when printing the value out, but you cannot rely on it to provide any information.

Overrides:

toString in class Object