test: improve TimingResistantEqual test coverage #271

pull mangoostaa wants to merge 1 commits into bitcoin-core:master from mangoostaa:test/improve-timingresistantequal changing 2 files +30 −0

mangoostaa commented at 12:07 PM on April 13, 2026: contributor
This improves the test for TimingResistantEqual by adding more relevant edge cases, including:
- Empty string vs non-empty string
- Differences at the beginning of the string
- Additional prefix/suffix length mismatch tests
These cases help ensure the function properly resists timing attacks when comparing secrets of different lengths
test: improve TimingResistantEqual test coverage 232c2da82b
DrahtBot commented at 12:07 PM on April 13, 2026: none



The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.



Reviews

See the guideline for information on the review process. A summary of reviews will appear here.
ViniciusCestarii commented at 7:39 PM on April 15, 2026: contributor

Is there a planned call site for TimingResistantEqual? Is there any place libmultiprocess would need a constant-time comparison?
mangoostaa commented at 9:09 PM on April 15, 2026: contributor

Is there a planned call site for TimingResistantEqual? Is there any place libmultiprocess would need a constant-time comparison?

You're right, currently there is no clear call site in libmultiprocess that requires constant-time comparison. This test only improves coverage for the existing function, but I agree that without a concrete use case it might not be justified here.

Contributors

mangoostaa

DrahtBot

ViniciusCestarii

test: improve TimingResistantEqual test coverage #271

Reviews