[TASK] Use hash_equals for timing-safe comparison of hash-values
[Packages/TYPO3.CMS.git] / typo3 / sysext / saltedpasswords / Classes / Salt / PhpassSalt.php
index 89d93cb..ddff29c 100644 (file)
@@ -125,7 +125,7 @@ class PhpassSalt extends AbstractSalt implements SaltInterface
     public function checkPassword($plainPW, $saltedHashPW)
     {
         $hash = $this->cryptPassword($plainPW, $saltedHashPW);
-        return $hash && \hash_equals($hash, $saltedHashPW);
+        return $hash && hash_equals($hash, $saltedHashPW);
     }
 
     /**