Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Major - P3
Fix Version/s: 3.1.0
Affects Version/s: None
Component/s: Authentication
Labels:
None

Epic Link:
MongoDB 3.2
Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Link:
None
Goal Name(s):
None

As of Java 6, Update 17, MessageDigest.isEqual is implemented with a constant time comparison function, so the driver can use that to compare the hashes for its SCRAM-SHA1 implementation instead of String.equals.

is depended on by

DRIVERS-255 Use constant-time hash comparison functions

Closed

Assignee:: Jeffrey Yemin
Reporter:: Rathi Gnanasekaran (Inactive)
Reviewers:: None
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: Aug 27 2015 03:39:27 PM UTC
Updated:: Oct 07 2015 01:01:02 PM UTC
Resolved:: Sep 04 2015 03:56:02 PM UTC
Confidence Status Last Update:: 03/Sep/15 11:10 PM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates