mpdavis · Nexory · Jun 18, 2026
diff --git a/jose/jwe.py b/jose/jwe.py
@@ -1,4 +1,5 @@
 import binascii
+import hmac
 import json
 import zlib
 from collections.abc import Mapping
@@ -244,7 +245,7 @@ def _decrypt_and_auth(cek_bytes, enc, cipher_text, iv, aad, auth_tag):
         raise NotImplementedError(f"enc {enc} is not implemented!")
 
     plaintext = encryption_key.decrypt(cipher_text, iv, aad, auth_tag)
-    if auth_tag != auth_tag_check:
+    if not hmac.compare_digest(auth_tag, auth_tag_check):
         raise JWEError("Invalid JWE Auth Tag")
 
     return plaintext

diff --git a/jose/jwt.py b/jose/jwt.py
@@ -1,3 +1,4 @@
+import hmac
 import json
 from calendar import timegm
 from datetime import datetime, timedelta
@@ -468,7 +469,8 @@ def _validate_at_hash(claims, access_token, algorithm):
         msg = "Unable to calculate at_hash to verify against token claims."
         raise JWTClaimsError(msg)
 
-    if claims["at_hash"] != expected_hash:
+    at_hash = claims["at_hash"]
+    if not isinstance(at_hash, str) or not hmac.compare_digest(at_hash, expected_hash):
         raise JWTClaimsError("at_hash claim does not match access_token.")