aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/utils/ct_utils.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/utils/ct_utils.h')
-rw-r--r--src/lib/utils/ct_utils.h54
1 files changed, 53 insertions, 1 deletions
diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h
index 52a3bc388..2307dd587 100644
--- a/src/lib/utils/ct_utils.h
+++ b/src/lib/utils/ct_utils.h
@@ -14,7 +14,7 @@
#ifndef BOTAN_TIMING_ATTACK_CM_H__
#define BOTAN_TIMING_ATTACK_CM_H__
-#include <botan/types.h>
+#include <botan/secmem.h>
#include <vector>
#if defined(BOTAN_USE_CTGRIND)
@@ -51,6 +51,12 @@ inline void unpoison(T* p, size_t n)
#endif
}
+template<typename T>
+inline void unpoison(T& p)
+ {
+ unpoison(&p, 1);
+ }
+
/*
* T should be an unsigned machine integer type
* Expand to a mask used for other operations
@@ -90,6 +96,16 @@ inline T is_equal(T x, T y)
}
template<typename T>
+inline T is_less(T x, T y)
+ {
+ /*
+ This expands to a constant time sequence with GCC 5.2.0 on x86-64
+ but something more complicated may be needed for portable const time.
+ */
+ return expand_mask<T>(x < y);
+ }
+
+template<typename T>
inline void conditional_copy_mem(T value,
T* to,
const T* from0,
@@ -102,6 +118,42 @@ inline void conditional_copy_mem(T value,
to[i] = CT::select(mask, from0[i], from1[i]);
}
+template<typename T>
+inline T expand_top_bit(T a)
+ {
+ return expand_mask<T>(a >> (sizeof(T)*8-1));
+ }
+
+template<typename T>
+inline T max(T a, T b)
+ {
+ const T a_larger = b - a; // negative if a is larger
+ return select(expand_top_bit(a), a, b);
+ }
+
+template<typename T>
+inline T min(T a, T b)
+ {
+ const T a_larger = b - a; // negative if a is larger
+ return select(expand_top_bit(b), b, a);
+ }
+
+template<typename T, typename Alloc>
+std::vector<T, Alloc> strip_leading_zeros(const std::vector<T, Alloc>& input)
+ {
+ size_t leading_zeros = 0;
+
+ uint8_t only_zeros = 0xFF;
+
+ for(size_t i = 0; i != input.size(); ++i)
+ {
+ only_zeros &= CT::is_zero(input[i]);
+ leading_zeros += CT::select<uint8_t>(only_zeros, 1, 0);
+ }
+
+ return secure_vector<byte>(input.begin() + leading_zeros, input.end());
+ }
+
}
}