crypto: provide apr_crypto_equals(), a timing attacks safe buffers comparison

function. git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1763669 13f79535-47bb-0310-9956-ffa450edef68
author: ylavic <ylavic@13f79535-47bb-0310-9956-ffa450edef68> 2016-10-06 22:25:22 +0000
committer: ylavic <ylavic@13f79535-47bb-0310-9956-ffa450edef68> 2016-10-06 22:25:22 +0000
commit: 8f219546a44d14252bb66df9a2b45f28c0d51142 (patch)
tree: 419af21439c2d7af3261e1065e9520753d5c05d8 /crypto
parent: f7d06cb0a53f88ad31343d70e35a8ca183ae6eb9 (diff)
download: libapr-8f219546a44d14252bb66df9a2b45f28c0d51142.tar.gz
1 files changed, 15 insertions, 0 deletions
diff --git a/crypto/apr_crypto.c b/crypto/apr_crypto.c
index f57b95f61..3b50ca531 100644
--- a/crypto/apr_crypto.c
+++ b/crypto/apr_crypto.c
@@ -167,6 +167,21 @@ APR_DECLARE(apr_status_t) apr_crypto_memzero(void *buffer, apr_size_t size)
     return APR_SUCCESS;
 }
 
+APR_DECLARE(int) apr_crypto_equals(const void *buf1, const void *buf2,
+                                   apr_size_t size)
+{
+    const unsigned char *p1 = buf1;
+    const unsigned char *p2 = buf2;
+    unsigned char diff = 0;
+    apr_size_t i;
+
+    for (i = 0; i < size; ++i) {
+        diff |= p1[i] ^ p2[i];
+    }
+
+    return 1 & ((diff - 1) >> 8);
+}
+
 APR_DECLARE(apr_status_t) apr_crypto_get_driver(
         const apr_crypto_driver_t **driver, const char *name,
         const char *params, const apu_err_t **result, apr_pool_t *pool)
author	ylavic <ylavic@13f79535-47bb-0310-9956-ffa450edef68>	2016-10-06 22:25:22 +0000
committer	ylavic <ylavic@13f79535-47bb-0310-9956-ffa450edef68>	2016-10-06 22:25:22 +0000
commit	8f219546a44d14252bb66df9a2b45f28c0d51142 (patch)
tree	419af21439c2d7af3261e1065e9520753d5c05d8 /crypto
parent	f7d06cb0a53f88ad31343d70e35a8ca183ae6eb9 (diff)
download	libapr-8f219546a44d14252bb66df9a2b45f28c0d51142.tar.gz