Don't encode in secure_compare for speedup

Hex encoding is base 16 which makes the original input twice as big. With this change less time need to be spent in fixed_length_secure_compare.

Don't encode in secure_compare for speedup
Hex encoding is base 16 which makes the original input twice as big. With this change less time need to be spent in fixed_length_secure_compare.
c76a8c72 · Bart de Water · 00690b27 · c76a8c72
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

activesupport/lib/active_support/security_utils.rb activesupport/lib/active_support/security_utils.rb +1 -1

未找到文件。
--- a/activesupport/lib/active_support/security_utils.rb
+++ b/activesupport/lib/active_support/security_utils.rb
@@ -24,7 +24,7 @@ def fixed_length_secure_compare(a, b)
    # The values are first processed by SHA256, so that we don't leak length info
    # via timing attacks.
    def secure_compare(a, b)
-      fixed_length_secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b)) && a == b
+      fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b
    end
    module_function :secure_compare
  end