CONSTTIME_MEMEQUAL(3) | Library Functions Manual | CONSTTIME_MEMEQUAL(3) |
The time taken by consttime_memequal() depends on len, but not on the data at b1 or b2. Thus, consttime_memequal() is appropriate for comparing cryptographic secrets, hashes, message authentication codes, etc., without leaking information about them through a timing side channel. In crypto literature, consttime_memequal() is said to take ‘constant time’, meaning time that does not vary depending on the data it processes.
Note that unlike memcmp(3), consttime_memequal() does not return a lexicographic ordering on the data at b1 and b2; it tells only whether they are equal.
November 14, 2013 | NetBSD 7.2 |