heck
3 years ago
2 changed files with 40 additions and 0 deletions
@ -0,0 +1,21 @@ |
|||||
|
// This file is under GNU General Public License 3.0
|
||||
|
// see LICENSE.txt
|
||||
|
|
||||
|
#include "constant_time_algo.hh" |
||||
|
|
||||
|
namespace pEp { |
||||
|
bool constant_time_equal(const std::string &a, const std::string &b) |
||||
|
{ |
||||
|
if (a.size() != b.size()) |
||||
|
return false; |
||||
|
|
||||
|
unsigned d = 0; |
||||
|
for (std::size_t idx = 0; idx < a.size(); ++idx) { |
||||
|
d |= (static_cast<unsigned>(a[idx]) ^ static_cast<unsigned>(b[idx])); |
||||
|
} |
||||
|
|
||||
|
// if d is still 0, the strings are equal.
|
||||
|
return d == 0; |
||||
|
} |
||||
|
|
||||
|
} // end of namespace pEp
|
||||
@ -0,0 +1,19 @@ |
|||||
|
// This file is under GNU General Public License 3.0
|
||||
|
// see LICENSE.txt
|
||||
|
|
||||
|
#ifndef LIBPEPADAPTER_CONSTANT_TIME_ALGO_HH |
||||
|
#define LIBPEPADAPTER_CONSTANT_TIME_ALGO_HH |
||||
|
|
||||
|
#include <string> |
||||
|
|
||||
|
namespace pEp { |
||||
|
// Returns false if a.size() != b.size().
|
||||
|
// Compares always _all_ characters of 'a' and 'b' so runtime does not
|
||||
|
// depends on the character position where the strings differ.
|
||||
|
// Use this function instead of operator== if timing sidechannel attack
|
||||
|
// might be a security problem.
|
||||
|
bool constant_time_equal(const std::string &a, const std::string &b); |
||||
|
|
||||
|
} // end of namespace pEp
|
||||
|
|
||||
|
#endif // LIBPEPADAPTER_CONSTANT_TIME_ALGO_HH
|
||||
Loading…
Reference in new issue