spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-24 11:13:30 +00:00

History

Rob Winch 8c08eeb57b SEC-1666: Use constant time comparison for sensitive data.

Constant time comparison helps to mitigate timing attacks. See the following link for more information

 * http://rdist.root.org/2010/07/19/exploiting-remote-timing-attacks/
 * http://en.wikipedia.org/wiki/Timing_attack for more information.

2011-01-31 23:03:51 -06:00

src

SEC-1666: Use constant time comparison for sensitive data.

2011-01-31 23:03:51 -06:00

crypto.gradle

Added check for maximum AES key size in crypto.gradle to skip tests if limited strength crypto policy files are in place.

2011-01-20 02:13:33 +00:00

template.mf

SEC-1659: fixed bundlor step of build

2011-01-19 18:17:03 +00:00