[dpdk-dev v6 2/2] crypto/ipsec-mb: use constant-time memory comparison

Thomas Monjalon thomas at monjalon.net
Wed Oct 15 18:37:17 CEST 2025

Previous message (by thread): [dpdk-dev v6 2/2] crypto/ipsec-mb: use constant-time memory comparison
Next message (by thread): [dpdk-dev v6 1/2] eal: introduce rte_memeq_timingsafe() based on FreeBSD API
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

02/10/2025 17:32, Kai Ji:
> Replace memcmp() with rte_timingsafe_memcmp() in cryptographic
> authentication verification operations across iipsec-mb drivers.
> 
> Note: OpenSSL crypto driver already uses CRYPTO_memcmp() which
> provides equivalent timing attack resistance and is left unchanged.
> 
> Note: scheduler driver memcmp stays unchanged as its not secret data
> comparison and actually faster with no timing attack risk.
> 
> Bugzilla ID: 1773
> https://bugs.dpdk.org/show_bug.cgi?id=1773
> 
> Signed-off-by: Kai Ji <kai.ji at intel.com>

Applied with few minor edits, thanks.

Previous message (by thread): [dpdk-dev v6 2/2] crypto/ipsec-mb: use constant-time memory comparison
Next message (by thread): [dpdk-dev v6 1/2] eal: introduce rte_memeq_timingsafe() based on FreeBSD API
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list