Move mbedtls_cf_size_gt function to the constant-time module

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2021-09-27 12:25:07 +02:00
parent 8d1d5fd204
commit 5a85442604
No known key found for this signature in database
GPG key ID: 106F5A41ECC305BD
3 changed files with 18 additions and 16 deletions

View file

@ -213,3 +213,19 @@ size_t mbedtls_cf_size_bool_eq( size_t x, size_t y )
return( 1 ^ diff1 );
}
/** Check whether a size is out of bounds, without branches.
*
* This is equivalent to `size > max`, but is likely to be compiled to
* to code using bitwise operation rather than a branch.
*
* \param size Size to check.
* \param max Maximum desired value for \p size.
* \return \c 0 if `size <= max`.
* \return \c 1 if `size > max`.
*/
unsigned mbedtls_cf_size_gt( size_t size, size_t max )
{
/* Return the sign bit (1 for negative) of (max - size). */
return( ( max - size ) >> ( sizeof( size_t ) * 8 - 1 ) );
}

View file

@ -39,3 +39,5 @@ size_t mbedtls_cf_size_mask_lt( size_t x, size_t y );
size_t mbedtls_cf_size_mask_ge( size_t x, size_t y );
size_t mbedtls_cf_size_bool_eq( size_t x, size_t y );
unsigned mbedtls_cf_size_gt( size_t size, size_t max );

View file

@ -1458,22 +1458,6 @@ cleanup:
#endif /* MBEDTLS_PKCS1_V21 */
#if defined(MBEDTLS_PKCS1_V15)
/** Check whether a size is out of bounds, without branches.
*
* This is equivalent to `size > max`, but is likely to be compiled to
* to code using bitwise operation rather than a branch.
*
* \param size Size to check.
* \param max Maximum desired value for \p size.
* \return \c 0 if `size <= max`.
* \return \c 1 if `size > max`.
*/
static unsigned mbedtls_cf_size_gt( size_t size, size_t max )
{
/* Return the sign bit (1 for negative) of (max - size). */
return( ( max - size ) >> ( sizeof( size_t ) * 8 - 1 ) );
}
/** Choose between two integer values, without branches.
*
* This is equivalent to `cond ? if1 : if0`, but is likely to be compiled