Geralt
  • Introduction
  • Random data
  • Constant time
  • Secure memory
  • Encoding
  • Padding
  • Hashing
  • Message authentication
  • Password hashing
  • Key derivation
  • Authenticated encryption
    • Stream and file encryption
    • AEGIS-128L
    • AEGIS-256
    • ChaCha20-Poly1305
    • XChaCha20-Poly1305
  • Key exchange
  • Digital signatures
  • Advanced
    • Validation
    • Concat
    • ChaCha20
    • XChaCha20
    • HChaCha20
    • Poly1305
    • Ed25519 to X25519
Powered by GitBook
On this page
  • Purpose
  • Usage
  • Equals
  • Increment
  • Add
  • Subtract
  • IsLessThan
  • IsGreaterThan
  • IsAllZeros
  • Notes

Constant time

Last updated 9 months ago

Purpose

Whenever you interact with secrets and cryptographic parameters, you should use constant time functions to avoid leaking information via timing to an attacker. Such leaks can completely compromise security.

For example, you should increment counters/nonces, compare tags, compare passwords, and so on using this class.

Usage

Equals

Determines if two spans are equal in length and contain equal data. It returns true if so and false otherwise.

ConstantTime.Equals(ReadOnlySpan<byte> a, ReadOnlySpan<byte> b)

Exceptions

a has a length of 0.

b has a length of 0.

Increment

Increments a span counter.

ConstantTime.Increment(Span<byte> buffer)

Exceptions

buffer has a length of 0.

Add

Fills a span with the sum of two spans.

ConstantTime.Add(Span<byte> buffer, ReadOnlySpan<byte> a, ReadOnlySpan<byte> b)

Exceptions

buffer has a length of 0.

a has a length of 0 or not equal to buffer.Length.

b has a length of 0 or not equal to a.Length.

Subtract

Fills a span with the result of subtracting the second span from the first span.

ConstantTime.Subtract(Span<byte> buffer, ReadOnlySpan<byte> a, ReadOnlySpan<byte> b)

Exceptions

buffer has a length of 0.

a has a length of 0 or not equal to buffer.Length.

b has a length of 0 or not equal to a.Length.

IsLessThan

Determines if the contents of the first span is less than the second span. It returns true if so and false otherwise.

ConstantTime.IsLessThan(ReadOnlySpan<byte> a, ReadOnlySpan<byte> b)

Exceptions

a has a length of 0 or not equal to b.Length.

b has a length of 0.

IsGreaterThan

Determines if the contents of the first span is greater than the second span. It returns true if so and false otherwise.

ConstantTime.IsGreaterThan(ReadOnlySpan<byte> a, ReadOnlySpan<byte> b)

Exceptions

a has a length of 0 or not equal to b.Length.

b has a length of 0.

IsAllZeros

Determines if a span only contains zeros. It returns true if so and false otherwise.

ConstantTime.IsAllZeros(ReadOnlySpan<byte> buffer)

Notes

These constant time functions can also be used for non-secret values.

All of these functions use a little-endian format.

MUST be compared in constant time using ConstantTime.Equals(). The VerifyTag() and FinalizeAndVerify() functions do this for you.

ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
Tags