From d361ccd663a3bfaa837aa984c29e374c86c038af Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 27 Sep 2021 11:49:42 +0200 Subject: [PATCH] Move mbedtls_cf_size_mask function to the constant-time module Signed-off-by: Gabor Mezei --- library/constant_time.c | 25 +++++++++++++++++++++++++ library/constant_time.h | 2 ++ library/ssl_msg.c | 25 ------------------------- 3 files changed, 27 insertions(+), 25 deletions(-) diff --git a/library/constant_time.c b/library/constant_time.c index 0c5c04c1f..604859f0f 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -111,3 +111,28 @@ unsigned mbedtls_cf_uint_mask( unsigned value ) #pragma warning( pop ) #endif } + +/* + * Turn a bit into a mask: + * - if bit == 1, return the all-bits 1 mask, aka (size_t) -1 + * - if bit == 0, return the all-bits 0 mask, aka 0 + * + * This function can be used to write constant-time code by replacing branches + * with bit operations using masks. + * + * This function is implemented without using comparison operators, as those + * might be translated to branches by some compilers on some platforms. + */ +size_t mbedtls_cf_size_mask( size_t bit ) +{ + /* MSVC has a warning about unary minus on unsigned integer types, + * but this is well-defined and precisely what we want to do here. */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + return -bit; +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif +} diff --git a/library/constant_time.h b/library/constant_time.h index 0d6c0fdfc..3cbabe1d3 100644 --- a/library/constant_time.h +++ b/library/constant_time.h @@ -31,3 +31,5 @@ int mbedtls_safer_memcmp( const void *a, const void *b, size_t n ); unsigned mbedtls_cf_uint_mask( unsigned value ); + +size_t mbedtls_cf_size_mask( size_t bit ); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index b3bd80435..3efb74c9d 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -1045,31 +1045,6 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) -/* - * Turn a bit into a mask: - * - if bit == 1, return the all-bits 1 mask, aka (size_t) -1 - * - if bit == 0, return the all-bits 0 mask, aka 0 - * - * This function can be used to write constant-time code by replacing branches - * with bit operations using masks. - * - * This function is implemented without using comparison operators, as those - * might be translated to branches by some compilers on some platforms. - */ -static size_t mbedtls_cf_size_mask( size_t bit ) -{ - /* MSVC has a warning about unary minus on unsigned integer types, - * but this is well-defined and precisely what we want to do here. */ -#if defined(_MSC_VER) -#pragma warning( push ) -#pragma warning( disable : 4146 ) -#endif - return -bit; -#if defined(_MSC_VER) -#pragma warning( pop ) -#endif -} - /* * Constant-flow mask generation for "less than" comparison: * - if x < y, return all bits 1, that is (size_t) -1