Extensions to the Standard C Library
This section describes two functions that work similar to standard C library's memset() and memcmp() functions but guarantee properties that the standard functions may not provide.
NOTE The functions described in this section are only available if you are using Luna HSM Firmware 7.7.0 or newer.
fm_memisequal
This function is similar to the standard C library's memcmp() function but differs in the following ways:
>It guarantees that the time comparison takes is strictly proportional to the length of the comparison. In other words, comparison takes the same time regardless of whether the memory areas being compared are different or equal. This property is also known as "constant time comparison".
>It is not a lexicographic comparator.Unlike memcmp, if the compared memory areas differ, this function does not report which one is greater or smaller in mathematical sense; it only reports whether the memory areas are equal or not.
Synopsis
#include <fmstring.h> int fm_memisequal(const void *s1, const void *s2, size_t n);
Input Parameters
| s1 | Pointer to the first memory area. |
| s2 |
Pointer to the second memory area. |
| n |
Number of bytes in s1 and s2 to compare. |
Output Requirements
Return value: zero if the s1 and s2 memory areas are identical, not zero otherwise.
fm_memzero
This function is similar to a call memset(s, 0, n) of the standard C library’s memset() function. Unlike memset(), fm_memzero() guarantees that its call will never be optimized out by the compiler; that is, it guarantees that the first n bytes of the memory area s will be set to zero even if the compiler determines it is not necessary. For example, the compiler can determine that the memory area s is not used by the execution flow of the code after memset(s, 0, n) call. It may then consider the memset() call redundant and remove it. This never happens if you use the fm_memzero function call.
Synopsis
#include <fmstring.h> void fm_memzero(void *s, size_t n);
Input Parameters
| S | Pointer to the first memory area. |
| N |
Number of bytes in s to set to zero. |
Output Requirements
None
