From a7ff6932a5722beebdbf3401576b74ddd340784a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leif=20=C3=85strand?= <leif@vaadin.com>
Date: Tue, 26 Jan 2021 16:00:30 +0200
Subject: [PATCH] fix: use time-constant comparison for CSRF tokens (#9875)

This hardens the framework against a theoretical timing attack based on
comparing how quickly a request with an invalid CSRF token is rejected.
---
 .../src/main/java/com/vaadin/flow/server/VaadinService.java | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/flow-server/src/main/java/com/vaadin/flow/server/VaadinService.java b/flow-server/src/main/java/com/vaadin/flow/server/VaadinService.java
index c1d4c75530b..8bde62eded1 100644
--- a/flow-server/src/main/java/com/vaadin/flow/server/VaadinService.java
+++ b/flow-server/src/main/java/com/vaadin/flow/server/VaadinService.java
@@ -27,6 +27,8 @@
 import java.io.Serializable;
 import java.lang.reflect.Constructor;
 import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Comparator;
@@ -1850,7 +1852,9 @@ public static boolean isCsrfTokenValid(VaadinSession session,
                 .isXsrfProtectionEnabled()) {
             String sessionToken = session.getCsrfToken();
 
-            if (sessionToken == null || !sessionToken.equals(requestToken)) {
+            if (uiToken == null || !MessageDigest.isEqual(
+                    uiToken.getBytes(StandardCharsets.UTF_8),
+                    requestToken.getBytes(StandardCharsets.UTF_8))) {
                 return false;
             }
         }