diff options
| author | Emilia Kasper <emilia@openssl.org> | 2014-09-04 13:04:42 +0200 |
|---|---|---|
| committer | Emilia Kasper <emilia@openssl.org> | 2014-09-24 15:54:51 +0200 |
| commit | e1080ea3c7fe67ea19e77a759b498bc62f99b263 (patch) | |
| tree | 4aecceba8e7f1ed4d39af712da5fea595a600477 /crypto | |
| parent | 941af48fecc722a8bd2e0eaefc1b4a7f50256853 (diff) | |
RT3067: simplify patch
(Original commit adb46dbc6dd7347750df2468c93e8c34bcb93a4b)
Use the new constant-time methods consistently in s3_srvr.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 455b65dfab0de51c9f67b3c909311770f2b3f801)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/constant_time_locl.h | 15 | ||||
| -rw-r--r-- | crypto/constant_time_test.c | 39 |
2 files changed, 54 insertions, 0 deletions
diff --git a/crypto/constant_time_locl.h b/crypto/constant_time_locl.h index ccf7b62f5f..c0483939fe 100644 --- a/crypto/constant_time_locl.h +++ b/crypto/constant_time_locl.h @@ -106,6 +106,11 @@ static inline unsigned char constant_time_is_zero_8(unsigned int a); static inline unsigned int constant_time_eq(unsigned int a, unsigned int b); /* Convenience method for getting an 8-bit mask. */ static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b); +/* Signed integers. */ +static inline unsigned int constant_time_eq_int(int a, int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_eq_int_8(int a, int b); + /* * Returns (mask & a) | (~mask & b). @@ -177,6 +182,16 @@ static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b) return (unsigned char)(constant_time_eq(a, b)); } +static inline unsigned int constant_time_eq_int(int a, int b) + { + return constant_time_eq((unsigned)(a), (unsigned)(b)); + } + +static inline unsigned char constant_time_eq_int_8(int a, int b) + { + return constant_time_eq_8((unsigned)(a), (unsigned)(b)); + } + static inline unsigned int constant_time_select(unsigned int mask, unsigned int a, unsigned int b) { diff --git a/crypto/constant_time_test.c b/crypto/constant_time_test.c index 0e51892af5..1b4b18d199 100644 --- a/crypto/constant_time_test.c +++ b/crypto/constant_time_test.c @@ -196,6 +196,45 @@ static int test_select_int(int a, int b) return 0; } +static int test_eq_int(int a, int b) + { + unsigned int equal = constant_time_eq_int(a, b); + if (a == b && equal != CONSTTIME_TRUE) + { + fprintf(stderr, "Test failed for constant_time_select(%d, %d): " + "expected %du(TRUE), got %du\n", + a, b, CONSTTIME_TRUE, equal); + return 1; + } + else if (a != b && equal != CONSTTIME_FALSE) + { + fprintf(stderr, "Test failed for constant_time_select(%d, %d): " + "expected %du(FALSE), got %du\n", + a, b, CONSTTIME_FALSE, equal); + return 1; + } + return 0; + } + +static int test_eq_int_8(int a, int b) + { + unsigned char equal = constant_time_eq_int_8(a, b); + if (a == b && equal != CONSTTIME_TRUE_8) + { + fprintf(stderr, "Test failed for constant_time_select(%d, %d): " + "expected %u(TRUE), got %u\n", + a, b, CONSTTIME_TRUE_8, equal); + return 1; + } + else if (a != b && equal != CONSTTIME_FALSE_8) + { + fprintf(stderr, "Test failed for constant_time_select(%d, %d): " + "expected %u(FALSE), got %u\n", + a, b, CONSTTIME_FALSE_8, equal); + return 1; + } + return 0; + } static unsigned int test_values[] = {0, 1, 1024, 12345, 32000, UINT_MAX/2-1, UINT_MAX/2, UINT_MAX/2+1, UINT_MAX-1, |