Paul Eggert <[email protected]> writes: > I named the new module "stringeq"; it implements both streq and memeq > in <string.h>.
Looks great! > [2]: https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3617.txt Principles - Enable secure programming I worry a bit about security implications here -- I understand your intention here, but for crypto code memory/string equality checks have security implications if implemented in non-constant time. https://security.stackexchange.com/questions/160808/why-should-memcmp-not-be-used-to-compare-security-critical-data Could the description clarify that memeq and streq functions are NOT intended to be constant-time depending on the input strings? Which I presume is the property you desire here, since this seems more about functionality and then performance is important. I wouldn't want anyone reading "secure programming" as meaning constant-time operation. This opens up for adding proper secure_memeq() API which DO guarantee constant-time though. What do you think about doing that? NetBSD has consttime_memequal() for this, but I've not seen it generally implemented. I'm not sure a naive secure_memeq() will actually be sufficient, maybe you want it to not even leak the length of the strings passed to the function. That is impossible generally, but for short strings you can do better. Maybe it should guarantee leaking nothing about string lengths for inputs < 255 bytes? I didn't look into the NetBSD implementation if it cares about this. /Simon
signature.asc
Description: PGP signature
