projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
ec/ecp_nistz256.c: harmonize with latest indent script.
[oweals/openssl.git]
/
crypto
/
constant_time_locl.h
diff --git
a/crypto/constant_time_locl.h
b/crypto/constant_time_locl.h
index 7b339a7c317b910805686c577761abf6deeb8e9c..6410ca789b07494c1aa3172be4e5e4cd7f7fc1a4 100644
(file)
--- a/
crypto/constant_time_locl.h
+++ b/
crypto/constant_time_locl.h
@@
-1,5
+1,5
@@
/* crypto/constant_time_locl.h */
/* crypto/constant_time_locl.h */
-/*
+/*
-
* Utilities for constant-time cryptography.
*
* Author: Emilia Kasper (emilia@openssl.org)
* Utilities for constant-time cryptography.
*
* Author: Emilia Kasper (emilia@openssl.org)
@@
-53,7
+53,7
@@
extern "C" {
#endif
extern "C" {
#endif
-/*
+/*
-
* The boolean methods return a bitmask of all ones (0xff...f) for true
* and 0 for false. This is useful for choosing a value based on the result
* of a conditional in constant time. For example,
* The boolean methods return a bitmask of all ones (0xff...f) for true
* and 0 for false. This is useful for choosing a value based on the result
* of a conditional in constant time. For example,
@@
-112,7
+112,7
@@
static inline unsigned int constant_time_eq_int(int a, int b);
static inline unsigned char constant_time_eq_int_8(int a, int b);
static inline unsigned char constant_time_eq_int_8(int a, int b);
-/*
+/*
-
* Returns (mask & a) | (~mask & b).
*
* When |mask| is all 1s or all 0s (as returned by the methods above),
* Returns (mask & a) | (~mask & b).
*
* When |mask| is all 1s or all 0s (as returned by the methods above),
@@
-129,17
+129,12
@@
static inline int constant_time_select_int(unsigned int mask, int a, int b);
static inline unsigned int constant_time_msb(unsigned int a)
{
static inline unsigned int constant_time_msb(unsigned int a)
{
- return
(unsigned int)((int)(a) >> (sizeof(int
) * 8 - 1));
+ return
0-(a >> (sizeof(a
) * 8 - 1));
}
static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
{
}
static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
{
- unsigned int lt;
- /* Case 1: msb(a) == msb(b). a < b iff the MSB of a - b is set.*/
- lt = ~(a ^ b) & (a - b);
- /* Case 2: msb(a) != msb(b). a < b iff the MSB of b is set. */
- lt |= ~a & b;
- return constant_time_msb(lt);
+ return constant_time_msb(a^((a^b)|((a-b)^b)));
}
static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
}
static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
@@
-149,12
+144,7
@@
static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
{
static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
{
- unsigned int ge;
- /* Case 1: msb(a) == msb(b). a >= b iff the MSB of a - b is not set.*/
- ge = ~((a ^ b) | (a - b));
- /* Case 2: msb(a) != msb(b). a >= b iff the MSB of a is set. */
- ge |= a & ~b;
- return constant_time_msb(ge);
+ return ~constant_time_lt(a, b);
}
static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)
}
static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)