oscerd opened a new pull request, #24375:
URL: https://github.com/apache/camel/pull/24375

   ## CAMEL-23766
   
   `HMACAccumulator.validate()` compared the expected and actual MAC 
byte-by-byte with an early-exit loop that throws on the first differing byte. 
The time taken to reject a MAC therefore leaks how many leading bytes matched — 
a timing side-channel that can assist MAC forgery.
   
   ### Fix
   Use `java.security.MessageDigest.isEqual(expected, actual)`, which performs 
a constant-time comparison (since JDK 6u17) and is the standard practice for 
MAC/signature verification. Behaviour is otherwise unchanged (same 
`IllegalStateException` on mismatch, same message).
   
   ### Tests
   Added `testValidateFailsWhenAppendedMacDoesNotMatch` covering the mismatch 
case — previously only the matching path was exercised (via the `validate` 
helper). All `HMACAccumulatorTest` tests pass (9).
   
   Targets `main` (4.22.0); a backport to `camel-4.18.x` (4.18.4) will follow 
per the issue's fix versions.
   
   ---
   _Claude Code on behalf of Andrea Cosentino_
   
   🤖 Generated with [Claude Code](https://claude.com/claude-code)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to