This is an automated email from the ASF dual-hosted git repository.
rhauch pushed a commit to branch 2.7
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/2.7 by this push:
new 75fd76b MINOR: Use MessageDigest equals when comparing signature
(#10898)
75fd76b is described below
commit 75fd76bdeb9d02cdd103c68576867581f006c5f8
Author: Randall Hauch <[email protected]>
AuthorDate: Fri Jun 18 09:53:23 2021 -0500
MINOR: Use MessageDigest equals when comparing signature (#10898)
---
.../apache/kafka/connect/runtime/rest/InternalRequestSignature.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git
a/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/rest/InternalRequestSignature.java
b/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/rest/InternalRequestSignature.java
index d59425b..3cee577 100644
---
a/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/rest/InternalRequestSignature.java
+++
b/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/rest/InternalRequestSignature.java
@@ -24,6 +24,7 @@ import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.ws.rs.core.HttpHeaders;
import java.security.InvalidKeyException;
+import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;
@@ -108,7 +109,7 @@ public class InternalRequestSignature {
}
public boolean isValid(SecretKey key) {
- return Arrays.equals(sign(mac, key, requestBody), requestSignature);
+ return MessageDigest.isEqual(sign(mac, key, requestBody),
requestSignature);
}
private static Mac mac(String signatureAlgorithm) throws
NoSuchAlgorithmException {
