From e35c248e062cd1737e14b2343c3c1b7f8dfcd4d1 Mon Sep 17 00:00:00 2001
From: igerasim <unknown>
Date: Thu, 30 Mar 2017 22:29:57 -0700
Subject: [PATCH] 8176760: Better handling of PKCS8 material Reviewed-by:
 ascarpino, ahgross

---
 .../classes/sun/security/pkcs/PKCS8Key.java      | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

diff --git a/src/share/classes/sun/security/pkcs/PKCS8Key.java b/src/share/classes/sun/security/pkcs/PKCS8Key.java
index 59512f11b..6f47c9ccc 100644
--- a/src/share/classes/sun/security/pkcs/PKCS8Key.java
+++ b/src/share/classes/sun/security/pkcs/PKCS8Key.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,6 +32,7 @@ import java.security.Key;
 import java.security.KeyRep;
 import java.security.PrivateKey;
 import java.security.KeyFactory;
+import java.security.MessageDigest;
 import java.security.Security;
 import java.security.Provider;
 import java.security.InvalidKeyException;
@@ -420,18 +421,9 @@ public class PKCS8Key implements PrivateKey {
             // that encoding
             byte[] b2 = ((Key)object).getEncoded();
 
-            // do the comparison
-            int i;
-            if (b1.length != b2.length)
-                return false;
-            for (i = 0; i < b1.length; i++) {
-                if (b1[i] != b2[i]) {
-                    return false;
-                }
-            }
-            return true;
+            // time-constant comparison
+            return MessageDigest.isEqual(b1, b2);
         }
-
         return false;
     }
 
-- 
GitLab