Simplify some constant-time code
Some people recommend using bit operations to avoid the compiler producing a branch on `ret != 0`, but: - this makes the code less readable, - here I got a warning from some compilers about unsigned unary minus - and anyway modern compilers don't produce a branch here, checked on x64 and arm with various -O values.
This commit is contained in:
Manuel Pégourié-Gonnard
parent
06d7519697
commit
2ee8d24ca2
1 changed files with 1 additions and 5 deletions
|
|
@ -2887,7 +2887,6 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl,
|
||||||
unsigned char *pms = ssl->handshake->premaster + pms_offset;
|
unsigned char *pms = ssl->handshake->premaster + pms_offset;
|
||||||
unsigned char fake_pms[48], peer_pms[48];
|
unsigned char fake_pms[48], peer_pms[48];
|
||||||
unsigned char mask;
|
unsigned char mask;
|
||||||
unsigned int uret;
|
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
if( ! pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_RSA ) )
|
if( ! pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_RSA ) )
|
||||||
|
|
@ -2951,10 +2950,7 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl,
|
||||||
}
|
}
|
||||||
ssl->handshake->pmslen = 48;
|
ssl->handshake->pmslen = 48;
|
||||||
|
|
||||||
uret = (unsigned) ret;
|
mask = (unsigned char)( - ( ret != 0 ) ); /* ret ? 0xff : 0x00 */
|
||||||
uret |= -uret; /* msb = ( ret != 0 ) */
|
|
||||||
uret >>= 8 * sizeof( uret ) - 1; /* uret = ( ret != 0 ) */
|
|
||||||
mask = (unsigned char)( -uret ) ; /* ret ? 0xff : 0x00 */
|
|
||||||
for( i = 0; i < ssl->handshake->pmslen; i++ )
|
for( i = 0; i < ssl->handshake->pmslen; i++ )
|
||||||
pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] );
|
pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] );
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue