cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 20:22:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

Move mbedtls_cf_size_mask_lt function to the constant-time module

Browse Source 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2021-09-27 11:53:54 +02:00
parent 3733bf805a
commit c76227d808
No known key found for this signature in database
GPG Key ID: 106F5A41ECC305BD
3 changed files with 27 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
library/constant_time.c
View File

@ -136,3 +136,28 @@ size_t mbedtls_cf_size_mask( size_t bit )
#pragma warning( pop )
#endif
}
/*
* Constant-flow mask generation for "less than" comparison:
* - if x < y, return all bits 1, that is (size_t) -1
* - otherwise, return all bits 0, that is 0
*
* This function can be used to write constant-time code by replacing branches
* with bit operations using masks.
*
* This function is implemented without using comparison operators, as those
* might be translated to branches by some compilers on some platforms.
*/
size_t mbedtls_cf_size_mask_lt( size_t x, size_t y )
{
/* This has the most significant bit set if and only if x < y */
const size_t sub = x - y;
/* sub1 = (x < y) ? 1 : 0 */
const size_t sub1 = sub >> ( sizeof( sub ) * 8 - 1 );
/* mask = (x < y) ? 0xff... : 0x00... */
const size_t mask = mbedtls_cf_size_mask( sub1 );
return( mask );
}

2
library/constant_time.h
View File

@ -33,3 +33,5 @@ int mbedtls_safer_memcmp( const void *a, const void *b, size_t n );
unsigned mbedtls_cf_uint_mask( unsigned value );
size_t mbedtls_cf_size_mask( size_t bit );
size_t mbedtls_cf_size_mask_lt( size_t x, size_t y );

25
library/ssl_msg.c
View File

@ -939,31 +939,6 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
}
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
/*
* Constant-flow mask generation for "less than" comparison:
* - if x < y, return all bits 1, that is (size_t) -1
* - otherwise, return all bits 0, that is 0
*
* This function can be used to write constant-time code by replacing branches
* with bit operations using masks.
*
* This function is implemented without using comparison operators, as those
* might be translated to branches by some compilers on some platforms.
*/
static size_t mbedtls_cf_size_mask_lt( size_t x, size_t y )
{
/* This has the most significant bit set if and only if x < y */
const size_t sub = x - y;
/* sub1 = (x < y) ? 1 : 0 */
const size_t sub1 = sub >> ( sizeof( sub ) * 8 - 1 );
/* mask = (x < y) ? 0xff... : 0x00... */
const size_t mask = mbedtls_cf_size_mask( sub1 );
return( mask );
}
/*
* Constant-flow mask generation for "greater or equal" comparison:
* - if x >= y, return all bits 1, that is (size_t) -1