Comparing byte arrays

To prevent timing-based attacks on Message Authentication Code (MAC) algorithms, perform array equality checks using constant-time algorithms.

com.entrust.toolkit.util.CryptoUtils.isEqual(byte[] ba1, byte[] ba2)

com.entrust.toolkit.util.CryptoUtils.isEqual(byte[] ba1, int offset1, byte[] ba2, int offset2, int length)

The following methods perform byte array equality checks using a non-constant time algorithm and, therefore, SHOULD NOT be used during MAC verification.

java.util.Arrays.equals(byte[] a, byte[] a2)

iaik.utils.CryptoUtils.equalsBlock(byte[] a, byte[] b)

iaik.utils.CryptoUtils.equalsBlock(byte[] a, int aOff, byte[] b, int bOff, int len) 