Merge pull request #76 from jonasfj/fix-constant-time-comparison
Fixed constant-time comparison in `Digest`.
diff --git a/CHANGELOG.md b/CHANGELOG.md
index a7584d2..472f96f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## 2.1.3
+ * **Security vulnerability**: Fixed constant-time comparison in `Digest`.
+
## 2.1.2
* Fix bug in SHA-2 384/512 blocksize.
* Added HMAC-SHA-2 test vectors
diff --git a/lib/src/digest.dart b/lib/src/digest.dart
index 1ba4762..cb67c3c 100644
--- a/lib/src/digest.dart
+++ b/lib/src/digest.dart
@@ -17,8 +17,22 @@
/// This should be used instead of manual comparisons to avoid leaking
/// information via timing.
@override
- bool operator ==(Object other) =>
- other is Digest && const ListEquality().equals(bytes, other.bytes);
+ bool operator ==(Object other) {
+ if (other is Digest) {
+ final a = bytes;
+ final b = other.bytes;
+ if (a.length != b.length) {
+ return false;
+ }
+ final n = a.length;
+ int mismatch = 0;
+ for (int i = 0; i < n; i++) {
+ mismatch |= a[i] ^ b[i];
+ }
+ return mismatch == 0;
+ }
+ return false;
+ }
@override
int get hashCode => const ListEquality().hash(bytes);
diff --git a/pubspec.yaml b/pubspec.yaml
index ff53e02..38b55c3 100644
--- a/pubspec.yaml
+++ b/pubspec.yaml
@@ -1,5 +1,5 @@
name: crypto
-version: 2.1.2
+version: 2.1.3
author: Dart Team <misc@dartlang.org>
description: Library of cryptographic functions.
homepage: https://www.github.com/dart-lang/crypto