yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-23 22:45:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move mbedtls_cf_size_mask function to the constant-time module

Browse source 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2021-09-27 11:49:42 +02:00 committed by Gabor Mezei
parent c11cac9f1b
commit d361ccd663
No known key found for this signature in database
GPG key ID: 106F5A41ECC305BD
3 changed files with 27 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
library/constant_time.c
View file

@ -111,3 +111,28 @@ unsigned mbedtls_cf_uint_mask( unsigned value )
#pragma warning( pop ) #pragma warning( pop )
#endif #endif
} }
/*
* Turn a bit into a mask:
* - if bit == 1, return the all-bits 1 mask, aka (size_t) -1
* - if bit == 0, return the all-bits 0 mask, aka 0
*
* This function can be used to write constant-time code by replacing branches
* with bit operations using masks.
*
* This function is implemented without using comparison operators, as those
* might be translated to branches by some compilers on some platforms.
*/
size_t mbedtls_cf_size_mask( size_t bit )
{
/* MSVC has a warning about unary minus on unsigned integer types,
* but this is well-defined and precisely what we want to do here. */
#if defined(_MSC_VER)
#pragma warning( push )
#pragma warning( disable : 4146 )
#endif
return -bit;
#if defined(_MSC_VER)
#pragma warning( pop )
#endif
}

2
library/constant_time.h
View file

@ -31,3 +31,5 @@ int mbedtls_safer_memcmp( const void *a, const void *b, size_t n );
unsigned mbedtls_cf_uint_mask( unsigned value ); unsigned mbedtls_cf_uint_mask( unsigned value );
size_t mbedtls_cf_size_mask( size_t bit );

25
library/ssl_msg.c
View file

@ -1045,31 +1045,6 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
} }
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
/*
* Turn a bit into a mask:
* - if bit == 1, return the all-bits 1 mask, aka (size_t) -1
* - if bit == 0, return the all-bits 0 mask, aka 0
*
* This function can be used to write constant-time code by replacing branches
* with bit operations using masks.
*
* This function is implemented without using comparison operators, as those
* might be translated to branches by some compilers on some platforms.
*/
static size_t mbedtls_cf_size_mask( size_t bit )
{
/* MSVC has a warning about unary minus on unsigned integer types,
* but this is well-defined and precisely what we want to do here. */
#if defined(_MSC_VER)
#pragma warning( push )
#pragma warning( disable : 4146 )
#endif
return -bit;
#if defined(_MSC_VER)
#pragma warning( pop )
#endif
}
/* /*
* Constant-flow mask generation for "less than" comparison: * Constant-flow mask generation for "less than" comparison:
* - if x < y, return all bits 1, that is (size_t) -1 * - if x < y, return all bits 1, that is (size_t) -1