diff options
| author | Bart de Water <bartdewater@gmail.com> | 2019-03-09 10:56:39 -0500 |
|---|---|---|
| committer | Bart de Water <bartdewater@gmail.com> | 2019-03-26 21:43:52 -0400 |
| commit | c76a8c72d550734fc55877deecba0bf5dcc63c17 (patch) | |
| tree | 5184781ade8daef70395777a354f18556ac6c175 | |
| parent | 00690b27e5c3b1beaa9f6e73fec9e9a1c639f748 (diff) | |
| download | rails-c76a8c72d550734fc55877deecba0bf5dcc63c17.tar.gz rails-c76a8c72d550734fc55877deecba0bf5dcc63c17.tar.bz2 rails-c76a8c72d550734fc55877deecba0bf5dcc63c17.zip | |
Don't encode in secure_compare for speedup
Hex encoding is base 16 which makes the original input twice as big. With this change less time need to be spent in fixed_length_secure_compare.
| -rw-r--r-- | activesupport/lib/active_support/security_utils.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/activesupport/lib/active_support/security_utils.rb b/activesupport/lib/active_support/security_utils.rb index 20b6b9cd3f..5e455fca57 100644 --- a/activesupport/lib/active_support/security_utils.rb +++ b/activesupport/lib/active_support/security_utils.rb @@ -24,7 +24,7 @@ module ActiveSupport # The values are first processed by SHA256, so that we don't leak length info # via timing attacks. def secure_compare(a, b) - fixed_length_secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b)) && a == b + fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b end module_function :secure_compare end |