From f2c9d01dc71c762e9f5942c902d13ee1b353eb98 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leif=20=C3=85strand?= <leif@vaadin.com>
Date: Tue, 26 Jan 2021 16:00:30 +0200
Subject: [PATCH] fix: use time-constant comparison for CSRF tokens (#9875)

This hardens the framework against a theoretical timing attack based on
comparing how quickly a request with an invalid CSRF token is rejected.
---
 .../src/main/java/com/vaadin/flow/server/VaadinService.java | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/flow-server/src/main/java/com/vaadin/flow/server/VaadinService.java b/flow-server/src/main/java/com/vaadin/flow/server/VaadinService.java
index 8c87d2423d1..1a500abf6fe 100644
--- a/flow-server/src/main/java/com/vaadin/flow/server/VaadinService.java
+++ b/flow-server/src/main/java/com/vaadin/flow/server/VaadinService.java
@@ -29,6 +29,8 @@
 import java.io.Serializable;
 import java.lang.reflect.Constructor;
 import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
@@ -1927,7 +1929,9 @@ public static boolean isCsrfTokenValid(UI ui, String requestToken) {
                 .isXsrfProtectionEnabled()) {
             String uiToken = ui.getCsrfToken();
 
-            if (uiToken == null || !uiToken.equals(requestToken)) {
+            if (uiToken == null || !MessageDigest.isEqual(
+                    uiToken.getBytes(StandardCharsets.UTF_8),
+                    requestToken.getBytes(StandardCharsets.UTF_8))) {
                 return false;
             }
         }