Commit [r668] Maximize Restore History

Hash matching: Replaced call to Arrays.equals() with a time-constant function in order to protect against timing attacks in hypothetical developer-made message authentication schemes. (Note password matching is not affected by this vulnerability)

dfernandez 2014-02-20

changed /trunk/jasypt/src/main/java/org/jasypt/digest/StandardByteDigester.java
/trunk/jasypt/src/main/java/org/jasypt/digest/StandardByteDigester.java Diff Switch to side-by-side view
Loading...