cybersecurity · intermediate · ~15 min
Avoid timing side-channels in comparisons.
Implement int ct_equal(const unsigned char *a, const unsigned char *b, int n) returning 1 if the n bytes are equal, else 0, WITHOUT early return — OR all the per-byte differences so the time doesn't depend on where they differ.
int ct_equal(const unsigned char *a, const unsigned char *b, int n) {
/* TODO */
return 0;
}
Solve this exercise in the browser editor — compile and run against the test harness, no setup required.