|
|
|
|
|
|
by ludbb
3900 days ago
|
|
|
While using AES-256-CFB is not "rolling their own crypto", Steel has some other functionality around (see https://gitlab.com/Rosvall/steel/blob/master/crypto.c) which provides bad implementations, namely generate_pass which seeds from timestamp and verify_hmac which is not a constant time comparison function. |
|
|
[0]: http://www.cs.berkeley.edu/~daw/teaching/cs261-f12/misc/if.h...).