-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Aloha!
Niels Möller wrote:
int mem_equal (const void *ap, const void *bp, size_t n) { volatile const unsigned char *a = ap; volatile const unsigned char *b = bp volatile unsigned char d; size_t i; for (i = d = 0; i < n; i++) d |= a[i] ^ b[i]; return d == 0; }
should do (even if maybe volatile const is an unusual combination of qualifiers). Is this a good name?
Yes, and a good function to add. One could think/hope that the OS provided side channel silent memory functions. But since that is not always (rarely) the case, providing one in nettle is a good thing.
AFAIK (browsing the docs) there aren't any specific functions for comparing digests. Instead the user has to implement thing themselves. Would it be an advantage to have mappings to either create a generic digest compare or specific for the different digests and MACs?
uint8_t compare_digests(uint8_t *digest0, uint8_t *digest1, uint8_t *DIGEST_SIZE);
or
uint8_t compare_md5_digests(uint8_t *digest0, uint8_t *digest1);
Or something like that. for MD5, SHA-digests, UMAC etc.
- -- Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== Joachim Strömbergson Secworks AB joachim@secworks.se ========================================================================