private boolean safeEquals()

in sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBSigner.java [231:248]

• 15 lines of code
• 2 McCabe index (conditional complexity)

  private boolean safeEquals(ByteBuffer signature, byte[] calculatedSig) {
    try {
      signature.rewind();
      Mac hmac = Mac.getInstance(hmacComparisonKey.getAlgorithm());
      hmac.init(hmacComparisonKey);
      hmac.update(signature);
      byte[] signatureHash = hmac.doFinal();

      hmac.reset();
      hmac.update(calculatedSig);
      byte[] calculatedHash = hmac.doFinal();

      return MessageDigest.isEqual(signatureHash, calculatedHash);
    } catch (GeneralSecurityException ex) {
      // We've hardcoded these algorithms, so the error should not be possible.
      throw new RuntimeException("Unexpected exception", ex);
    }
  }