feat(crypto) add crypto.memcmp bindings

[anvouk]

#220

[fffonion]

Thank you for the contribution!
However if we are only supporting comparing strings, why don't we have a for loop in lua land to compare it. It can also be done in a way to avoid timing attack right 🤔

[anvouk]

Fair point, I defaulted to using openssl because it's a battle tested implementation and to avoid writing a potentially unsafe version myself. I should be able to make it more generic and support more types.

[fffonion]

Yes, support some specific types of cdata pointer should also be fine.

[anvouk]

Done. Should support all lua types buffer.encode supports. strings and cdata are treated as is.

[anvouk]

Tests should be fixed now.

[fffonion]

ah actually, by cdata i was referring to passing them as-is without encoding it.

the function would accepts two string, or two cdata (treated as opaque pointer) and a third argument size.

user can always encode abitrary data as string as pass in so we shouldn't do the encode on our side.

[anvouk]

Yes It's already doing it that way. strings and cdata are not encoded but passed as-is. Everything else is encoded using the buffer built-in lib. You can also technically compare a cdata with a string, altough I'm not sure It could be useful.

[fffonion]

okay, that's good, i misread sorry.
let's do remove the buffer encode part, and only keep string and cdata, anything else we can return an error.
let's also add in the test case to compare two cdata pointer, we can ffi.new a pair of char* and compare them.

[anvouk]

done

[fffonion]

thank you @anvouk this is good to go ! the CI looks broken, i will fix it and then merge your PR.

[fffonion]

actually let me merge this first, will fix it on master