> BTW, is there any tool for checking C code whether it is constant-time?
I'm not aware of any. The body of information about it, for C, is slowly starting to emerge. There was some talk about an IETF draft on techniques, but I don't recall seeing it yet. The big thing is "avoid data-dependant jumps." For example, memcmp() always runs the full length, almost any "if" statement needs careful scrutiny, and so on. In openssl master, look at include/internal/constat_time_locl.h and test/constant_time_test.c (PS: What does SY stand for; "see you"? :) _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
