From 532c6ad97b0222966afa9dc36fe8446905b71478 Mon Sep 17 00:00:00 2001
From: Fabian Henneke <fabian@henneke.me>
Date: Sat, 7 Dec 2019 16:18:07 +0100
Subject: [PATCH] Verify master key signatures in constant time

---
 .../src/main/java/me/henneke/wearauthn/fido/context/Keystore.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/authenticator/src/main/java/me/henneke/wearauthn/fido/context/Keystore.kt b/authenticator/src/main/java/me/henneke/wearauthn/fido/context/Keystore.kt
index de50aa5..eeb7f62 100644
--- a/authenticator/src/main/java/me/henneke/wearauthn/fido/context/Keystore.kt
+++ b/authenticator/src/main/java/me/henneke/wearauthn/fido/context/Keystore.kt
@@ -317,7 +317,7 @@ fun pokeMasterSigningKey() {
 }
 
 private fun verifyWithMasterSigningKey(signature: ByteArray, vararg data: ByteArray): Boolean {
-    return signWithMasterSigningKey(*data).contentEquals(signature)
+    return MessageDigest.isEqual(signWithMasterSigningKey(*data), signature)
 }
 
 data class Assertion(val authenticatorData: ByteArray, val signature: ByteArray) {