[ https://issues.apache.org/jira/browse/SHIRO-458?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh updated SHIRO-458: -------------------------------------- Fix Version/s: 1.5.0 > Possible leaked timing information from DefaultPasswordService > -------------------------------------------------------------- > > Key: SHIRO-458 > URL: https://issues.apache.org/jira/browse/SHIRO-458 > Project: Shiro > Issue Type: Bug > Components: Cryptography & Hashing > Affects Versions: 1.2.2 > Environment: Mac OS X 10.8.3, Java 1.6.0_51 > Reporter: Stuart Broad > Assignee: Colm O hEigeartaigh > Priority: Trivial > Fix For: 1.5.0 > > Time Spent: 0.5h > Remaining Estimate: 0h > > Use of the String equals comparison for the password hash comparison could > leak timing information since it returns false as soon a character does not > match. > DefaultPasswordService>>passwordsMatch(Object submittedPlaintext, String > saved) > Last line is: > return saved.equals(formatted); //saved and formatted are strings > A possible constant time equals could be: > private boolean constantEquals(String s1, String s2) > { > /* > * Alternative option (simpler but I'm not sure about the intern > 'cost'): > * s1.intern(); > * s2.intern(); > * s1 == s2 > */ > int result = 0; > byte[] a = s1.getBytes(); > byte[] b = s2.getBytes(); > // Also leaks timing information but probably ok... > if (a.length != b.length) { > return false; > } > /* > * XOR each byte. If each byte is the > * same the XOR will result in 0. > */ > for (int i = 0; i < a.length; i++) { > result |= a[i] ^ b[i]; > } > return result == 0; > } -- This message was sent by Atlassian Jira (v8.3.4#803005)