diff options
author | Jack Lloyd <[email protected]> | 2015-10-26 12:33:05 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2015-10-26 12:33:05 -0400 |
commit | 191abfe7c95d79118f0f9b4ed6411796204c0db3 (patch) | |
tree | 672470d35a08dedac63c901f843e113d3088960e /src/lib/utils | |
parent | 475a9dacb8d285d6e5a0244bcf816d2ae72a00a8 (diff) | |
parent | 05ca920f0d8461b7da258f4e17afbf3d072b9327 (diff) |
Merge pull request #314 from randombit/ct-tls-cbc-padding
TLS improvements
Diffstat (limited to 'src/lib/utils')
-rw-r--r-- | src/lib/utils/ct_utils.h | 54 |
1 files changed, 53 insertions, 1 deletions
diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h index 52a3bc388..2307dd587 100644 --- a/src/lib/utils/ct_utils.h +++ b/src/lib/utils/ct_utils.h @@ -14,7 +14,7 @@ #ifndef BOTAN_TIMING_ATTACK_CM_H__ #define BOTAN_TIMING_ATTACK_CM_H__ -#include <botan/types.h> +#include <botan/secmem.h> #include <vector> #if defined(BOTAN_USE_CTGRIND) @@ -51,6 +51,12 @@ inline void unpoison(T* p, size_t n) #endif } +template<typename T> +inline void unpoison(T& p) + { + unpoison(&p, 1); + } + /* * T should be an unsigned machine integer type * Expand to a mask used for other operations @@ -90,6 +96,16 @@ inline T is_equal(T x, T y) } template<typename T> +inline T is_less(T x, T y) + { + /* + This expands to a constant time sequence with GCC 5.2.0 on x86-64 + but something more complicated may be needed for portable const time. + */ + return expand_mask<T>(x < y); + } + +template<typename T> inline void conditional_copy_mem(T value, T* to, const T* from0, @@ -102,6 +118,42 @@ inline void conditional_copy_mem(T value, to[i] = CT::select(mask, from0[i], from1[i]); } +template<typename T> +inline T expand_top_bit(T a) + { + return expand_mask<T>(a >> (sizeof(T)*8-1)); + } + +template<typename T> +inline T max(T a, T b) + { + const T a_larger = b - a; // negative if a is larger + return select(expand_top_bit(a), a, b); + } + +template<typename T> +inline T min(T a, T b) + { + const T a_larger = b - a; // negative if a is larger + return select(expand_top_bit(b), b, a); + } + +template<typename T, typename Alloc> +std::vector<T, Alloc> strip_leading_zeros(const std::vector<T, Alloc>& input) + { + size_t leading_zeros = 0; + + uint8_t only_zeros = 0xFF; + + for(size_t i = 0; i != input.size(); ++i) + { + only_zeros &= CT::is_zero(input[i]); + leading_zeros += CT::select<uint8_t>(only_zeros, 1, 0); + } + + return secure_vector<byte>(input.begin() + leading_zeros, input.end()); + } + } } |