Implement and use crypto_pk_eq_keys

2 files changed, 13 insertions, 0 deletions

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 5b5fb755b2..283b00575d 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -774,6 +774,18 @@ crypto_pk_cmp_keys(crypto_pk_t *a, crypto_pk_t *b)
   return BN_cmp((a->key)->e, (b->key)->e);
 }
 
+/** Compare the public-key components of a and b.  Return non-zero iff
+ * a==b.  A NULL key is considered to be distinct from all non-NULL
+ * keys, and equal to itself.
+ *
+ *  Note that this may leak information about the keys through timing.
+ */
+int
+crypto_pk_eq_keys(crypto_pk_t *a, crypto_pk_t *b)
+{
+  return (crypto_pk_cmp_keys(a, b) == 0);
+}
+
 /** Return the size of the public key modulus in <b>env</b>, in bytes. */
 size_t
 crypto_pk_keysize(crypto_pk_t *env)
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 456a61173f..e8248508fc 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -148,6 +148,7 @@ int crypto_pk_write_private_key_to_filename(crypto_pk_t *env,
 
 int crypto_pk_check_key(crypto_pk_t *env);
 int crypto_pk_cmp_keys(crypto_pk_t *a, crypto_pk_t *b);
+int crypto_pk_eq_keys(crypto_pk_t *a, crypto_pk_t *b);
 size_t crypto_pk_keysize(crypto_pk_t *env);
 int crypto_pk_num_bits(crypto_pk_t *env);
 crypto_pk_t *crypto_pk_dup_key(crypto_pk_t *orig);