util: mark Digest<Hash>::operator== as unsuitable for security related context refs #2395 Change-Id: Id03b89c42a3913aef5b9f18ac2b6936cf5f880e9

commit: 94f21835e24c33992c7ac1ac10ee272aee2493c8 [log] [tgz]
author: Junxiao Shi <git@mail1.yoursunny.com> Sat Feb 07 21:31:14 2015 -0700
committer: Junxiao Shi <git@mail1.yoursunny.com> Sat Feb 07 21:31:14 2015 -0700
tree: a41f4bb94c5846c264f77da97800baadfebf785f
parent: f46482c9c0004ae4f5758acdff5948e15df1bae7 [diff] [blame]
diff --git a/src/util/digest.hpp b/src/util/digest.hpp
index db9ccc1..b0189a4 100644
--- a/src/util/digest.hpp
+++ b/src/util/digest.hpp

@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2015 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -93,6 +93,9 @@
    *
    * Note that this method will invoke computeDigest().
    * Once this method is invoked, both this digest and the supplied digest are finalized.
+   *
+   * @warning This method cannot be used in security related context
+   *          because it is vulnerable to timing attack
    */
   bool
   operator==(Digest<Hash>& digest);
@@ -102,6 +105,9 @@
    *
    * Note that this method will invoke computeDigest().
    * Once this method is invoked, both this digest and the supplied digest are finalized.
+   *
+   * @warning This method cannot be used in security related context
+   *          because it is vulnerable to timing attack
    */
   bool
   operator!=(Digest<Hash>& digest)
commit	94f21835e24c33992c7ac1ac10ee272aee2493c8	[log] [tgz]
author	Junxiao Shi <git@mail1.yoursunny.com>	Sat Feb 07 21:31:14 2015 -0700
committer	Junxiao Shi <git@mail1.yoursunny.com>	Sat Feb 07 21:31:14 2015 -0700
tree	a41f4bb94c5846c264f77da97800baadfebf785f
parent	f46482c9c0004ae4f5758acdff5948e15df1bae7 [diff] [blame]