On May 6, 2011, at 10:35 PM, Marsh Ray wrote:
Of course, we could always just compute SHA-256 hashes of each side and then compare those, right? :-)
Yes, Brad Hill suggested that (in a Java/C# context). Nate Lawson didn't like it on performance grounds, but I don't recall hearing any correctness-related complaints.
http://www.isecpartners.com/blog/2011/2/18/double-hmac-verification.html
You could use the volatile sledgehammer, and then use a unit test to make sure that it remains working over time. And/or you could put it in its own file, and compile it with -O0, in case that helps.