From 1d57a5fe543aee78acd1e21a7639e94010079306 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Tue, 19 Sep 2017 12:38:53 -0400 Subject: Add basic tests for const time utils Remove CT::min and CT::max which were unused and it turns out, broken. --- src/lib/utils/ct_utils.h | 38 ++++++++++---------------------------- 1 file changed, 10 insertions(+), 28 deletions(-) (limited to 'src/lib') diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h index 709b6d9e5..1a88cee20 100644 --- a/src/lib/utils/ct_utils.h +++ b/src/lib/utils/ct_utils.h @@ -94,6 +94,12 @@ inline T expand_mask(T x) return r; } +template +inline T expand_top_bit(T a) + { + return expand_mask(a >> (sizeof(T)*8-1)); + } + template inline T select(T mask, T from0, T from1) { @@ -119,19 +125,15 @@ inline T is_equal(T x, T y) } template -inline T is_less(T x, T y) +inline T is_less(T a, T b) { - /* - This expands to a constant time sequence with GCC 5.2.0 on x86-64 - but something more complicated may be needed for portable const time. - */ - return expand_mask(x < y); + return expand_top_bit(a ^ ((a^b) | ((a-b)^a))); } template -inline T is_lte(T x, T y) +inline T is_lte(T a, T b) { - return expand_mask(x <= y); + return CT::is_less(a, b) | CT::is_equal(a, b); } template @@ -163,26 +165,6 @@ inline void cond_zero_mem(T cond, } } -template -inline T expand_top_bit(T a) - { - return expand_mask(a >> (sizeof(T)*8-1)); - } - -template -inline T max(T a, T b) - { - const T a_larger = b - a; // negative if a is larger - return select(expand_top_bit(a), a, b); - } - -template -inline T min(T a, T b) - { - const T a_larger = b - a; // negative if a is larger - return select(expand_top_bit(b), b, a); - } - inline secure_vector strip_leading_zeros(const uint8_t in[], size_t length) { size_t leading_zeros = 0; -- cgit v1.2.3