Bryan Frimin
2021-04-20 12:13:19 UTC
Hello everyone,
I propose to add `secure_compare/2` function on the `crypto` module.
Constant time memory comparison is a common mechanism for
applications/libraries dealing with crypto logic. It is easy to code
this function in Erlang[1], but the OpenSSL one is safe and fast.
It's why I suggest enriching the crypto module with this function. I've
already opened a pull request[2].
I tried as much as possible to follow the contribution guide. Don't
hesitate to tell me if I made a mistake somewhere.
[1] https://github.com/exograd/erl-pkcs5/blob/master/src/pkcs5.erl#L34
[2] https://github.com/erlang/otp/pull/4750
Regards,
I propose to add `secure_compare/2` function on the `crypto` module.
Constant time memory comparison is a common mechanism for
applications/libraries dealing with crypto logic. It is easy to code
this function in Erlang[1], but the OpenSSL one is safe and fast.
It's why I suggest enriching the crypto module with this function. I've
already opened a pull request[2].
I tried as much as possible to follow the contribution guide. Don't
hesitate to tell me if I made a mistake somewhere.
[1] https://github.com/exograd/erl-pkcs5/blob/master/src/pkcs5.erl#L34
[2] https://github.com/erlang/otp/pull/4750
Regards,
--
Bryan Frimin
https://www.frimin.fr
***@frimin.fr
Bryan Frimin
https://www.frimin.fr
***@frimin.fr