Acked-by: Gert Doering <[email protected]>
I still feel it hurts my eyes, and is way overcomplicating things, but
if this is what mbedtls is using internally (why are they not exporting
it??!), it should be good enough for us. Further, as it's not being
used for AEAD anyway, I withdraw my "performance" argument (Steffan
could have just ACKed it... :-) ).
Stared at the code (awww!), test-built with openssl and mbedtls, passed
t_client tests.
We do not have a unit test for this, and crypto.c::test_crypto() actually
does the "compare bytes loop" manually (to be able to print differences).
Volunteers...?
Your patch has been applied to the master branch.
commit 4dddca52a8432095dd85ff652fae61a2aedb3785
Author: Arne Schwabe
Date: Thu Apr 16 13:39:28 2020 +0200
Use crypto library functions for const time memcmp when possible
Signed-off-by: Arne Schwabe <[email protected]>
Acked-by: Gert Doering <[email protected]>
Message-Id: <[email protected]>
URL:
https://www.mail-archive.com/[email protected]/msg19749.html
Signed-off-by: Gert Doering <[email protected]>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
