On Sun, Jun 21, 2020 at 7:01 PM David Gwynne <da...@gwynne.id.au> wrote: > > libc has undocumented base64 encoding and decoding funtionality. this > cuts ifconfig over to using it instead of the code in libcrypto. > > whether the libc functionality should be "blessed" and documented is a > separate issue. > > ok?
OK zx2c4 But, if you really want to get mega-crypto-nerd on this, we could replace it with the constant time base64 functions from wireguard-tools (I'm happy to s/gpl/mit/): https://git.zx2c4.com/wireguard-tools/tree/src/encoding.c key_{to,from}_base64 Bitsliced fixed-length base64 like this prevents potential cache timing attacks from the usual lookup table-based implementation. However, by most reasonable measures from most reasonable people, it's totally overkill.