diff --git a/include/mbedtls/constant_time.h b/include/mbedtls/constant_time.h new file mode 100644 index 000000000..69df954d4 --- /dev/null +++ b/include/mbedtls/constant_time.h @@ -0,0 +1,47 @@ +/** + * Constant-time functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONSTANT_TIME_H +#define MBEDTLS_CONSTANT_TIME_H + +#include "common.h" + +#include + + +/** Constant-time buffer comparison without branches. + * + * This is equivalent to the standard memncmp function, but is likely to be + * compiled to code using bitwise operation rather than a branch. + * + * This function can be used to write constant-time code by replacing branches + * with bit operations using masks. + * + * \param a Pointer to the first buffer. + * \param b Pointer to the second buffer. + * \param n The number of bytes to compare in the buffer. + * + * \return Zero if the content of the two buffer is the same, + * otherwise non-zero. + */ +int mbedtls_cf_memcmp( const void *a, + const void *b, + size_t n ); + +#endif /* MBEDTLS_CONSTANT_TIME_H */ diff --git a/library/cipher.c b/library/cipher.c index ce5179c5e..b48fd6d8a 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -29,7 +29,7 @@ #include "cipher_wrap.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#include "constant_time.h" +#include "mbedtls/constant_time.h" #include #include diff --git a/library/constant_time.c b/library/constant_time.c index 5bd74b6f8..aff30eae8 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -24,6 +24,7 @@ #include "common.h" #include "constant_time.h" +#include "mbedtls/constant_time.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" diff --git a/library/constant_time.h b/library/constant_time.h index 010cfad9d..598b0eb0a 100644 --- a/library/constant_time.h +++ b/library/constant_time.h @@ -33,25 +33,6 @@ #include -/** Constant-time buffer comparison without branches. - * - * This is equivalent to the standard memncmp function, but is likely to be - * compiled to code using bitwise operation rather than a branch. - * - * This function can be used to write constant-time code by replacing branches - * with bit operations using masks. - * - * \param a Pointer to the first buffer. - * \param b Pointer to the second buffer. - * \param n The number of bytes to compare in the buffer. - * - * \return Zero if the content of the two buffer is the same, - * otherwise non-zero. - */ -int mbedtls_cf_memcmp( const void *a, - const void *b, - size_t n ); - /** Turn a value into a mask: * - if \p value == 0, return the all-bits 0 mask, aka 0 * - otherwise, return the all-bits 1 mask, aka (unsigned) -1 diff --git a/library/nist_kw.c b/library/nist_kw.c index b71befd88..579544131 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -34,7 +34,7 @@ #include "mbedtls/nist_kw.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#include "constant_time.h" +#include "mbedtls/constant_time.h" #include #include diff --git a/library/rsa.c b/library/rsa.c index 6ac974a50..856a04bf4 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -45,6 +45,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" #include "constant_time.h" +#include "mbedtls/constant_time.h" #include diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 8fd28cf77..ec5e824cf 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -33,7 +33,7 @@ #include "ssl_misc.h" #include "mbedtls/debug.h" #include "mbedtls/error.h" -#include "constant_time.h" +#include "mbedtls/constant_time.h" #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "mbedtls/psa_util.h" diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 6ed3f2be3..cb89c9432 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -36,7 +36,7 @@ #include "ssl_misc.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" -#include "constant_time.h" +#include "mbedtls/constant_time.h" #include diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 55be04794..923f2b57e 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -41,6 +41,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/version.h" #include "constant_time.h" +#include "mbedtls/constant_time.h" #include diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 989cfe07b..006674453 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -35,6 +35,7 @@ #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "constant_time.h" +#include "mbedtls/constant_time.h" #include diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d6f038575..1a1543ea2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -39,7 +39,7 @@ #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "mbedtls/version.h" -#include "constant_time.h" +#include "mbedtls/constant_time.h" #include