diff options
Diffstat (limited to 'src/mongo/util/secure_compare_memory.cpp')
-rw-r--r-- | src/mongo/util/secure_compare_memory.cpp | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/src/mongo/util/secure_compare_memory.cpp b/src/mongo/util/secure_compare_memory.cpp new file mode 100644 index 00000000000..1f22de56433 --- /dev/null +++ b/src/mongo/util/secure_compare_memory.cpp @@ -0,0 +1,47 @@ +/* Copyright 2017 MongoDB Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * As a special exception, the copyright holders give permission to link the + * code of portions of this program with the OpenSSL library under certain + * conditions as described in each individual source file and distribute + * linked combinations including the program with the OpenSSL library. You + * must comply with the GNU Affero General Public License in all respects + * for all of the code used other than as permitted herein. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you do not + * wish to do so, delete this exception statement from your version. If you + * delete this exception statement from all source files in the program, + * then also delete it in the license file. + */ + + +#include "mongo/platform/basic.h" + +#include "mongo/util/secure_compare_memory.h" + +namespace mongo { + +bool consttimeMemEqual(volatile const unsigned char* s1, // NOLINT - using volatile to + volatile const unsigned char* s2, // NOLINT - disable compiler optimizations + size_t length) { + unsigned int ret = 0; + + for (size_t i = 0; i < length; ++i) { + ret |= s1[i] ^ s2[i]; + } + + return (1 & ((ret - 1) >> 8)); +} + +} // namespace mongo |