| CONSTTIME_MEMEQUAL(3) | Library Functions Manual | CONSTTIME_MEMEQUAL(3) |
consttime_memequal —
compare byte strings for equality without timing
leaks
Standard C Library (libc, -lc)
#include
<string.h>
int
consttime_memequal(void
*b1, void *b2,
size_t len);
The
consttime_memequal()
function compares len bytes of memory at
b1 and b2 for equality,
returning 0 if they are distinct and 1 if they are identical.
The time taken by
consttime_memequal()
depends on len, but not on the data at
b1 or b2. Thus,
consttime_memequal() is appropriate for comparing
cryptographic secrets, hashes, message authentication codes, etc., without
leaking information about them through a timing side channel. In crypto
literature, consttime_memequal() is said to take
‘constant time’, meaning time that does not vary depending on
the data it processes.
Note that unlike
memcmp(3),
consttime_memequal()
does not return a lexicographic ordering on the data at
b1 and b2; it tells only whether
they are equal. NetBSD does not provide a
consttime_memcmp()
function, because all known use cases that require ‘constant
time’ memory comparison also require only comparison for equality,
not lexicographic ordering.
The consttime_memequal() function appeared
in NetBSD 7.0.
| March 23, 2015 | NetBSD 11.0 |