On May 6, 2011, at 10:35 PM, Marsh Ray wrote: > Of course, we could always just compute SHA-256 hashes of each side and then > compare those, right? :-)
Yes, Brad Hill suggested that (in a Java/C# context). Nate Lawson didn't like it on performance grounds, but I don't recall hearing any correctness-related complaints. http://www.isecpartners.com/blog/2011/2/18/double-hmac-verification.html You could use the volatile sledgehammer, and then use a unit test to make sure that it remains working over time. And/or you could put it in its own file, and compile it with -O0, in case that helps. -- Chris Palmer Technology Director, Electronic Frontier Foundation https://www.eff.org/code _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
