--- gvpe/src/util.C	2011/03/08 17:33:31	1.25
+++ gvpe/src/util.C	2014/01/09 08:15:05	1.28
@@ -50,6 +50,8 @@
 # include <pthread.h>
 #endif
 
+#include <openssl/rand.h>
+
 #include "netcompat.h"
 
 #include "gettext.h"
@@ -294,6 +296,20 @@
 
 /*****************************************************************************/
 
+void hexdump (const char *header, void *data, int len)
+{
+  u8 *p = (u8 *)data;
+
+  printf ("%s:", header);
+
+  while (len--)
+    printf (" %02x", *p++);
+
+  printf ("\n");
+}
+
+/*****************************************************************************/
+
 #if ENABLE_HTTP_PROXY
 // works like strdup
 u8 *
@@ -342,6 +358,19 @@
 }
 #endif
 
+bool
+slow_memeq (const void *a, const void *b, int len)
+{
+  volatile const u8 *pa = (const u8 *)a;
+  volatile const u8 *pb = (const u8 *)b;
+  u8 diff = 0;
+
+  while (len--)
+    diff |= *pa++ ^ *pb++;
+
+  return !diff;
+}
+
 void
 id2mac (unsigned int id, void *m)
 {
@@ -367,3 +396,17 @@
     }
 }
 
+/*****************************************************************************/
+
+void rand_fill (void *data, int len)
+{
+  int l = RAND_bytes ((unsigned char *)data, len);
+
+  if (l > 0)
+    return;
+  else if (l == 0)
+    slog (L_WARN, _("Not enough random entropy to generate secure keys. Using weaker pseudo-random session keys."));
+  else
+    fatal (_("RAND_bytes failed, aborting."));
+}
+