From: David Sommerseth <davids@openvpn.net>
Date: Thu, 13 Oct 2016 19:59:27 +0000 (+0200)
Subject: Move memcmp_constant_time() to crypto.h
X-Git-Tag: v2.4_alpha1~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b891e57e1fe794483c08296e32c15751f2676a2d;p=thirdparty%2Fopenvpn.git

Move memcmp_constant_time() to crypto.h

This function is quite useful other places, so make it generally
accessible.

[DS: changed function declaration to static inline during commit]

Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Steffan Karger <steffan@karger.me>
Message-Id: <1476388771-16492-2-git-send-email-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12698.html
---

diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index 3dd4a9ebc..026d9aeb2 100644
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -66,24 +66,6 @@
 #define CRYPT_ERROR(format) \
   do { msg (D_CRYPT_ERRORS, "%s: " format, error_prefix); goto error_exit; } while (false)
 
-/**
- * As memcmp(), but constant-time.
- * Returns 0 when data is equal, non-zero otherwise.
- */
-static int
-memcmp_constant_time (const void *a, const void *b, size_t size) {
-  const uint8_t * a1 = a;
-  const uint8_t * b1 = b;
-  int ret = 0;
-  size_t i;
-
-  for (i = 0; i < size; i++) {
-      ret |= *a1++ ^ *b1++;
-  }
-
-  return ret;
-}
-
 static void
 openvpn_encrypt_aead (struct buffer *buf, struct buffer work,
 	 struct crypto_options *opt) {
diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h
index 3b6bb9805..4b90c674e 100644
--- a/src/openvpn/crypto.h
+++ b/src/openvpn/crypto.h
@@ -476,6 +476,24 @@ void get_tls_handshake_key (const struct key_type *key_type,
  * Inline functions
  */
 
+/**
+ * As memcmp(), but constant-time.
+ * Returns 0 when data is equal, non-zero otherwise.
+ */
+static inline int
+memcmp_constant_time (const void *a, const void *b, size_t size) {
+  const uint8_t * a1 = a;
+  const uint8_t * b1 = b;
+  int ret = 0;
+  size_t i;
+
+  for (i = 0; i < size; i++) {
+      ret |= *a1++ ^ *b1++;
+  }
+
+  return ret;
+}
+
 static inline bool
 key_ctx_bi_defined(const struct key_ctx_bi* key)
 {