Constant Time Algorithms for Java

sipaynehsl

Hi David,

Just working through the Constant Time Algorithms section of the course, I came across an incorrect statement regarding Java library support for it. The name of the Java method that performs constant-time equality checking for digests is MessageDigest::isEqual see https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/security/MessageDigest.html#isEqual(byte[],byte[]) (the page names it equals).

There is also a Google Guava method HashCode::equals whose documentation explicitly states it is intended to protect against timing attacks, see https://github.com/google/guava/blob/master/guava/src/com/google/common/hash/HashCode.java#L371.

Best regards,

Simon

dwheeler

Thanks! I checked, and you're right, as shown by the link you gave. This is even supported by:
https://www.pixelstech.net/article/1431658986-Arrays-equals()-vs-MessageDigest-isEqual()#:~:text=equals() is not time,byte which is not equal.
https://stackoverflow.com/questions/37633688/constant-time-equals

I suspect I unintentionally swapped those, since it's the right name for the wrong class.

I have a proposed fix here:
https://github.com/ossf/secure-sw-dev-fundamentals/pull/172

If you have a chance to review, that'd be great. We want this fixed (and not just in time :-) ).