man.bsd.lv manual page server

Manual Page Search Parameters
CONSTTIME_MEMEQUAL(3) Library Functions Manual CONSTTIME_MEMEQUAL(3)

consttime_memequalcompare byte strings for equality without timing leaks

library “libc”

#include <string.h>

int
consttime_memequal(void *b1, void *b2, size_t len);

The () function compares len bytes of memory at b1 and b2 for equality, returning 0 if they are distinct and 1 if they are identical.

The time taken by () depends on len, but not on the data at b1 or b2. Thus, consttime_memequal() is appropriate for comparing cryptographic secrets, hashes, message authentication codes, etc., without leaking information about them through a timing side channel. In crypto literature, consttime_memequal() is said to take ‘constant time’, meaning time that does not vary depending on the data it processes.

Note that unlike memcmp(3), () does not return a lexicographic ordering on the data at b1 and b2; it tells only whether they are equal. NetBSD does not provide a () function, because all known use cases that require ‘constant time’ memory comparison also require only comparison for equality, not lexicographic ordering.

explicit_memset(3), memcmp(3)

The consttime_memequal() function appeared in NetBSD 7.0.

March 23, 2015 NetBSD-9.2