[
https://issues.apache.org/jira/browse/SHIRO-547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15044710#comment-15044710
]
Richard Bradley commented on SHIRO-547:
---------------------------------------
+1 from me.
Although this is likely a very hard weakness to exploit, as the strings being
compared are hashes rather than attacker-chosen plaintext, I think this looks
bad.
> Use MessageDigest#isEqual() instead of Arrays#equals() for comparing digests
> ----------------------------------------------------------------------------
>
> Key: SHIRO-547
> URL: https://issues.apache.org/jira/browse/SHIRO-547
> Project: Shiro
> Issue Type: Bug
> Components: Authentication (log-in), Cryptography & Hashing
> Affects Versions: 2.0.0, 1.2.4
> Reporter: Andreas Kohn
> Attachments: shiro-547-messagedigest.diff
>
>
> While looking through shiro code I noticed that there are three places which
> compare byte[]s representing hashes using `Arrays#equals()`
> To avoid potential timing attacks these should be using
> `MessageDigest#isEqual()`, which at least starting with Java 6u17 uses a
> constant-time comparison.
> I'm not sure which Java version shiro targets, but it might make sense to
> either require Java 7, or to at least strongly suggest this in the
> documentation.
> Attached a patch against trunk, but please also consider fixing this in the
> 1.2 branch.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
