xref: /freebsd/lib/libc/string/timingsafe_memcmp.c (revision 7fdf597e96a02165cfe22ff357b857d5fa15ed8a)
1 /*	$OpenBSD: timingsafe_memcmp.c,v 1.2 2015/08/31 02:53:57 guenther Exp $	*/
2 /*
3  * Copyright (c) 2014 Google Inc.
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include <limits.h>
19 #include <string.h>
20 
21 int __timingsafe_memcmp(const void *, const void *, size_t);
22 
23 int
24 __timingsafe_memcmp(const void *b1, const void *b2, size_t len)
25 {
26         const unsigned char *p1 = b1, *p2 = b2;
27         size_t i;
28         int res = 0, done = 0;
29 
30         for (i = 0; i < len; i++) {
31                 /* lt is -1 if p1[i] < p2[i]; else 0. */
32                 int lt = (p1[i] - p2[i]) >> CHAR_BIT;
33 
34                 /* gt is -1 if p1[i] > p2[i]; else 0. */
35                 int gt = (p2[i] - p1[i]) >> CHAR_BIT;
36 
37                 /* cmp is 1 if p1[i] > p2[i]; -1 if p1[i] < p2[i]; else 0. */
38                 int cmp = lt - gt;
39 
40                 /* set res = cmp if !done. */
41                 res |= cmp & ~done;
42 
43                 /* set done if p1[i] != p2[i]. */
44                 done |= lt | gt;
45         }
46 
47         return (res);
48 }
49 
50 __weak_reference(__timingsafe_memcmp, timingsafe_memcmp);
51