wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 21:29:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2464 from SparkiDev/rshift_neg

Browse Source 
Use constant time comparison in MaskMac with scanStart and macStart
This commit is contained in:
toddouska
2019-09-13 11:56:12 -07:00
committed by GitHub
parent a2d3da2831 2a1a9f36cc
commit 40fc86dfd2
3 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
wolfcrypt/src/misc.c
View File

@@ -332,6 +332,12 @@ WC_STATIC WC_INLINE byte ctMaskGTE(int a, int b)
return (((word32)a - b ) >> 31) - 1;
}
/* Constant time - mask set when a >= b. */
WC_STATIC WC_INLINE int ctMaskIntGTE(int a, int b)
{
return (((word32)a - b ) >> 31) - 1;
}
/* Constant time - mask set when a < b. */
WC_STATIC WC_INLINE byte ctMaskLT(int a, int b)
{
@@ -347,18 +353,18 @@ WC_STATIC WC_INLINE byte ctMaskLTE(int a, int b)
/* Constant time - mask set when a == b. */
WC_STATIC WC_INLINE byte ctMaskEq(int a, int b)
{
return 0 - (a == b);
return (~ctMaskGT(a, b)) & (~ctMaskLT(a, b));
}
WC_STATIC WC_INLINE word16 ctMask16Eq(int a, int b)
{
return 0 - (a == b);
return (~ctMaskGT(a, b)) & (~ctMaskLT(a, b));
}
/* Constant time - mask set when a != b. */
WC_STATIC WC_INLINE byte ctMaskNotEq(int a, int b)
{
return 0 - (a != b);
return ctMaskGT(a, b) | ctMaskLT(a, b);
}
/* Constant time - select a when mask is set and b otherwise. */