Implement constant-time equality for delete tokens, inline alias cleanup

Cargo.lock

@@ -1860,6 +1860,7 @@ dependencies = [
  "sled",
  "storage-path-generator",
  "streem",
+ "subtle",
  "thiserror",
  "time",
  "tokio",

Cargo.toml

@@ -53,6 +53,7 @@ sha2 = "0.10.0"
 sled = { version = "0.34.7" }
 storage-path-generator = "0.1.0"
 streem = "0.2.0"
+subtle = { version = "2.5.0", default-features = false }
 thiserror = "1.0"
 time = { version = "0.3.0", features = ["serde", "serde-well-known"] }
 tokio = { version = "1", features = ["full", "tracing"] }

src/lib.rs

@@ -712,7 +712,8 @@ async fn delete(
     let token = DeleteToken::from_existing(&token);
     let alias = Alias::from_existing(&alias);
 
-    queue::cleanup_alias(&repo, alias, token).await?;
+    // delete alias inline
+    queue::cleanup::alias(&repo, alias, token).await?;
 
     Ok(HttpResponse::NoContent().finish())
 }

src/queue.rs

@@ -16,7 +16,7 @@ use std::{
 };
 use tracing::Instrument;
 
-mod cleanup;
+pub(crate) mod cleanup;
 mod process;
 
 const CLEANUP_QUEUE: &str = "cleanup";

src/queue/cleanup.rs

@@ -111,10 +111,10 @@ async fn hash(repo: &ArcRepo, hash: Hash) -> Result<(), Error> {
 }
 
 #[tracing::instrument(skip_all)]
-async fn alias(repo: &ArcRepo, alias: Alias, token: DeleteToken) -> Result<(), Error> {
+pub(crate) async fn alias(repo: &ArcRepo, alias: Alias, token: DeleteToken) -> Result<(), Error> {
     let saved_delete_token = repo.delete_token(&alias).await?;
 
-    if saved_delete_token.is_some() && saved_delete_token != Some(token) {
+    if !saved_delete_token.is_some_and(|t| t.ct_eq(&token)) {
         return Err(UploadError::InvalidToken.into());
     }
 

src/repo/delete_token.rs

@@ -71,6 +71,10 @@ impl DeleteToken {
             None
         }
     }
+
+    pub(crate) fn ct_eq(&self, rhs: &Self) -> bool {
+        subtle::ConstantTimeEq::ct_eq(self.id.as_bytes(), rhs.id.as_bytes()).unwrap_u8() == 1
+    }
 }
 
 impl std::str::FromStr for DeleteToken {