CONSTTIME_MEMEQUAL(3) | Library Functions Manual | CONSTTIME_MEMEQUAL(3) |
consttime_memequal
—
#include <string.h>
int
consttime_memequal
(void
*b1, void *b2,
size_t len);
consttime_memequal
() function compares
len bytes of memory at b1 and
b2 for equality, returning 0 if they are distinct and 1
if they are identical.
The time taken by consttime_memequal
()
depends on len, but not on the data at
b1 or b2. Thus,
consttime_memequal
() is appropriate for comparing
cryptographic secrets, hashes, message authentication codes, etc., without
leaking information about them through a timing side channel. In crypto
literature, consttime_memequal
() is said to take
‘constant time’, meaning time that does not vary depending on
the data it processes.
Note that unlike
memcmp(3),
consttime_memequal
() does not return a lexicographic
ordering on the data at b1 and
b2; it tells only whether they are equal.
NetBSD does not provide a
consttime_memcmp
() function, because all known use
cases that require ‘constant time’ memory comparison also
require only comparison for equality, not lexicographic ordering.
consttime_memequal
() function appeared in
NetBSD 7.0.
March 23, 2015 | NetBSD 9.2 |