From 3cf30aa4f7b84b6b3c8c32e10c5a1db643e7ffbd Mon Sep 17 00:00:00 2001
From: Slava Terekhin <153532746+iSlavok@users.noreply.github.com>
Date: Wed, 16 Jul 2025 00:59:24 +0500
Subject: [PATCH] fix(utils): use hmac.compare_digest for secure WebApp
 signature validation

The WebApp signature validation in utils.web_app currently compares the
calculated HMAC with the provided hash using `==`. While this works correctly
for cryptographic verification, it may theoretically leak timing information.

This change replaces the comparison with `hmac.compare_digest`, which is
designed to perform constant-time comparisons and is recommended for all
cryptographic checks. Although practical timing attacks are unlikely in this
context, this change improves overall security best practices.
---
 aiogram/utils/web_app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aiogram/utils/web_app.py b/aiogram/utils/web_app.py
index 192776fd..cb0e532b 100644
--- a/aiogram/utils/web_app.py
+++ b/aiogram/utils/web_app.py
@@ -134,7 +134,7 @@ def check_webapp_signature(token: str, init_data: str) -> bool:
     calculated_hash = hmac.new(
         key=secret_key.digest(), msg=data_check_string.encode(), digestmod=hashlib.sha256
     ).hexdigest()
-    return calculated_hash == hash_
+    return hmac.compare_digest(calculated_hash, hash_value)
 
 
 def parse_webapp_init_data(