[doris] 11/29: [Improve](mysql)ensure constant time for computing hash value (#21569)

[kxiao]

This is an automated email from the ASF dual-hosted git repository.

kxiao pushed a commit to branch branch-2.0
in repository https://gitbox.apache.org/repos/asf/doris.git

commit 33629b01291e801a6e7c56911989f324815647ec
Author: Calvin Kirs <acm_mas...@163.com>
AuthorDate: Fri Jul 7 14:04:11 2023 +0800

    [Improve](mysql)ensure constant time for computing hash value (#21569)
---
 .../src/main/java/org/apache/doris/mysql/MysqlPassword.java   | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlPassword.java 
b/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlPassword.java
index 9bf5b68529..91b0255f52 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlPassword.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlPassword.java
@@ -29,7 +29,6 @@ import org.apache.logging.log4j.Logger;
 import java.io.UnsupportedEncodingException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
-import java.util.Arrays;
 import java.util.Random;
 
 // this is stolen from MySQL
@@ -82,7 +81,7 @@ public class MysqlPassword {
     public static final byte PVERSION41_CHAR = '*';
     private static final byte[] DIG_VEC_UPPER = {'0', '1', '2', '3', '4', '5', 
'6', '7',
             '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
-    private static Random random = new Random(System.currentTimeMillis());
+    private static final Random random = new 
Random(System.currentTimeMillis());
 
     public static byte[] createRandomString(int len) {
         byte[] bytes = new byte[len];
@@ -141,10 +140,10 @@ public class MysqlPassword {
 
         // compute result2: SHA-1(result1)
         md.reset();
-        byte[] candidateHash2 = md.digest(hashStage1);
-
-        // compare result2 and hashStage2
-        return Arrays.equals(candidateHash2, hashStage2);
+        md.update(hashStage1);
+        byte[] candidateHash2 = md.digest();
+        // compare result2 and hashStage2 using MessageDigest.isEqual()
+        return MessageDigest.isEqual(candidateHash2, hashStage2);
     }
 
     // MySQL client use this function to form scramble password


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org