archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 23:04:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge

Browse source
This commit is contained in:
Mikael Vidstedt 2020-07-14 23:29:45 -07:00
commit 1982432db4
992 changed files with 2142 additions and 2081 deletions
Download patch file Download diff file Expand all files Collapse all files

22
src/java.base/share/classes/java/security/MessageDigest.java
View file

@ -465,8 +465,10 @@ public abstract class MessageDigest extends MessageDigestSpi {
* the same length and all bytes at corresponding positions are equal.
*
* @implNote
* If the digests are the same length, all bytes are examined to
* determine equality.
* All bytes in {@code digesta} are examined to determine equality.
* The calculation time depends only on the length of {@code digesta}.
* It does not depend on the length of {@code digestb} or the contents
* of {@code digesta} and {@code digestb}.
*
* @param digesta one of the digests to compare.
*
@ -479,14 +481,22 @@ public abstract class MessageDigest extends MessageDigestSpi {
if (digesta == null || digestb == null) {
return false;
}
if (digesta.length != digestb.length) {
return false;
int lenA = digesta.length;
int lenB = digestb.length;
if (lenB == 0) {
return lenA == 0;
}
int result = 0;
result |= lenA - lenB;
// time-constant comparison
for (int i = 0; i < digesta.length; i++) {
result |= digesta[i] ^ digestb[i];
for (int i = 0; i < lenA; i++) {
// If i >= lenB, indexB is 0; otherwise, i.
int indexB = ((i - lenB) >>> 31) * i;
result |= digesta[i] ^ digestb[indexB];
}
return result == 0;
}

3
src/java.base/share/classes/java/security/PKCS12Attribute.java
View file

@ -254,6 +254,9 @@ public final class PKCS12Attribute implements KeyStore.Entry.Attribute {
private void parse(byte[] encoded) throws IOException {
DerInputStream attributeValue = new DerInputStream(encoded);
DerValue[] attrSeq = attributeValue.getSequence(2);
if (attrSeq.length != 2) {
throw new IOException("Invalid length for PKCS12Attribute");
}
ObjectIdentifier type = attrSeq[0].getOID();
DerInputStream attrContent =
new DerInputStream(attrSeq[1].toByteArray());