mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 12:55:41 +00:00
Move mbedtls_cf_size_bool_eq function to the constant-time module
There were multiple functions called mbedtls_cf_size_bool_eq. They had exactly the same behavior, so move the one in bignum.c and remove the other. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit is contained in:
parent
a2bcabceb2
commit
96584ddd4b
|
@ -41,6 +41,7 @@
|
|||
#include "mbedtls/bn_mul.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "constant_time.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
@ -2227,42 +2228,6 @@ static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N,
|
|||
mpi_montmul( A, &U, N, mm, T );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant-flow boolean "equal" comparison:
|
||||
* return x == y
|
||||
*
|
||||
* This function can be used to write constant-time code by replacing branches
|
||||
* with bit operations - it can be used in conjunction with
|
||||
* mbedtls_ssl_cf_mask_from_bit().
|
||||
*
|
||||
* This function is implemented without using comparison operators, as those
|
||||
* might be translated to branches by some compilers on some platforms.
|
||||
*/
|
||||
static size_t mbedtls_cf_size_bool_eq( size_t x, size_t y )
|
||||
{
|
||||
/* diff = 0 if x == y, non-zero otherwise */
|
||||
const size_t diff = x ^ y;
|
||||
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
/* diff_msb's most significant bit is equal to x != y */
|
||||
const size_t diff_msb = ( diff | (size_t) -diff );
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
/* diff1 = (x != y) ? 1 : 0 */
|
||||
const size_t diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 );
|
||||
|
||||
return( 1 ^ diff1 );
|
||||
}
|
||||
|
||||
/**
|
||||
* Select an MPI from a table without leaking the index.
|
||||
*
|
||||
|
|
|
@ -177,3 +177,39 @@ size_t mbedtls_cf_size_mask_ge( size_t x, size_t y )
|
|||
{
|
||||
return( ~mbedtls_cf_size_mask_lt( x, y ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant-flow boolean "equal" comparison:
|
||||
* return x == y
|
||||
*
|
||||
* This function can be used to write constant-time code by replacing branches
|
||||
* with bit operations - it can be used in conjunction with
|
||||
* mbedtls_ssl_cf_mask_from_bit().
|
||||
*
|
||||
* This function is implemented without using comparison operators, as those
|
||||
* might be translated to branches by some compilers on some platforms.
|
||||
*/
|
||||
size_t mbedtls_cf_size_bool_eq( size_t x, size_t y )
|
||||
{
|
||||
/* diff = 0 if x == y, non-zero otherwise */
|
||||
const size_t diff = x ^ y;
|
||||
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
/* diff_msb's most significant bit is equal to x != y */
|
||||
const size_t diff_msb = ( diff | (size_t) -diff );
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
/* diff1 = (x != y) ? 1 : 0 */
|
||||
const size_t diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 );
|
||||
|
||||
return( 1 ^ diff1 );
|
||||
}
|
||||
|
|
|
@ -37,3 +37,5 @@ size_t mbedtls_cf_size_mask( size_t bit );
|
|||
size_t mbedtls_cf_size_mask_lt( size_t x, size_t y );
|
||||
|
||||
size_t mbedtls_cf_size_mask_ge( size_t x, size_t y );
|
||||
|
||||
size_t mbedtls_cf_size_bool_eq( size_t x, size_t y );
|
||||
|
|
|
@ -1045,41 +1045,6 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
|
||||
/*
|
||||
* Constant-flow boolean "equal" comparison:
|
||||
* return x == y
|
||||
*
|
||||
* This function can be used to write constant-time code by replacing branches
|
||||
* with bit operations - it can be used in conjunction with
|
||||
* mbedtls_cf_size_mask().
|
||||
*
|
||||
* This function is implemented without using comparison operators, as those
|
||||
* might be translated to branches by some compilers on some platforms.
|
||||
*/
|
||||
static size_t mbedtls_cf_size_bool_eq( size_t x, size_t y )
|
||||
{
|
||||
/* diff = 0 if x == y, non-zero otherwise */
|
||||
const size_t diff = x ^ y;
|
||||
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
/* diff_msb's most significant bit is equal to x != y */
|
||||
const size_t diff_msb = ( diff | -diff );
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
/* diff1 = (x != y) ? 1 : 0 */
|
||||
const size_t diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 );
|
||||
|
||||
return( 1 ^ diff1 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant-flow conditional memcpy:
|
||||
|
|
Loading…
Reference in a new issue