Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use timing secure function for hash compare #1138

Merged
merged 2 commits into from
May 21, 2017

Conversation

mik-laj
Copy link
Contributor

@mik-laj mik-laj commented May 20, 2017

No description provided.

Copy link
Contributor

@tgalopin tgalopin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, just a minor issue :)

@@ -37,10 +37,10 @@ public function getHash(): string
public function equals(SHA1 $other, $strict = false): bool
{
if (!$strict) {
return mb_strtolower($this->hash) === mb_strtolower($other->getHash());
return hash_equals (mb_strtolower($this->hash), mb_strtolower($other->getHash()));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is an extra space

@hhamon
Copy link
Contributor

hhamon commented May 21, 2017

👍

@tgalopin tgalopin merged commit d39267e into parti-renaissance:master May 21, 2017
@tgalopin
Copy link
Contributor

Thanks @mik-laj !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

3 participants