kafka-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rha...@apache.org
Subject [kafka] branch 2.8 updated: MINOR: Use MessageDigest equals when comparing signature (#10898)
Date Fri, 18 Jun 2021 17:29:27 GMT
This is an automated email from the ASF dual-hosted git repository.

rhauch pushed a commit to branch 2.8
in repository https://gitbox.apache.org/repos/asf/kafka.git


The following commit(s) were added to refs/heads/2.8 by this push:
     new d7abd32  MINOR: Use MessageDigest equals when comparing signature (#10898)
d7abd32 is described below

commit d7abd32f3569a65a4b59c7dd8a655b17ffa1b455
Author: Randall Hauch <rhauch@gmail.com>
AuthorDate: Fri Jun 18 09:53:23 2021 -0500

    MINOR: Use MessageDigest equals when comparing signature (#10898)
---
 .../apache/kafka/connect/runtime/rest/InternalRequestSignature.java    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/rest/InternalRequestSignature.java
b/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/rest/InternalRequestSignature.java
index d59425b..3cee577 100644
--- a/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/rest/InternalRequestSignature.java
+++ b/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/rest/InternalRequestSignature.java
@@ -24,6 +24,7 @@ import javax.crypto.Mac;
 import javax.crypto.SecretKey;
 import javax.ws.rs.core.HttpHeaders;
 import java.security.InvalidKeyException;
+import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
 import java.util.Base64;
@@ -108,7 +109,7 @@ public class InternalRequestSignature {
     }
 
     public boolean isValid(SecretKey key) {
-        return Arrays.equals(sign(mac, key, requestBody), requestSignature);
+        return MessageDigest.isEqual(sign(mac, key, requestBody), requestSignature);
     }
 
     private static Mac mac(String signatureAlgorithm) throws NoSuchAlgorithmException {

Mime
View raw message