Mercurial > openid
comparison src/c/openid.c @ 43:00c8f43be8b7
Secure HMAC comparison
Fixes bug 67
author | Robin Green <greenrd@greenrd.org> |
---|---|
date | Sat, 02 Jul 2011 20:34:26 +0100 |
parents | 1068de1623a5 |
children | ba203b170476 |
comparison
equal
deleted
inserted
replaced
42:1068de1623a5 | 43:00c8f43be8b7 |
---|---|
567 bufO[i] = buf1[i] ^ buf2[i % len2]; | 567 bufO[i] = buf1[i] ^ buf2[i % len2]; |
568 | 568 |
569 return base64(ctx, bufO, len1); | 569 return base64(ctx, bufO, len1); |
570 } | 570 } |
571 | 571 |
572 uw_Basis_bool __attribute__((optimize(0))) uw_OpenidFfi_secCmp(uw_context ctx, uw_Basis_string s1, uw_Basis_string s2) { | |
573 int i, x = 0, len1 = strlen(s1); | |
574 if (len1 != strlen(s2)) return 0; | |
575 for (i = 0; i < len1; ++i) | |
576 x |= s1[i] ^ s2[i]; | |
577 return x == 0; | |
578 } | |
579 | |
572 uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context ctx, uw_OpenidFfi_outputs out, uw_Basis_string mode) { | 580 uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context ctx, uw_OpenidFfi_outputs out, uw_Basis_string mode) { |
573 uw_OpenidFfi_inputs in = uw_OpenidFfi_createInputs(ctx); | 581 uw_OpenidFfi_inputs in = uw_OpenidFfi_createInputs(ctx); |
574 char *s; | 582 char *s; |
575 | 583 |
576 for (s = out->start; *s; s = strchr(strchr(s, 0)+1, 0)+1) | 584 for (s = out->start; *s; s = strchr(strchr(s, 0)+1, 0)+1) |