From f81b2a14f22ae82750764bab66157b653af6bf81 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 21 Sep 2023 19:22:43 +0100 Subject: [PATCH] Generalise mbedtls_ct_error_if to mbedtls_ct_int_if Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 10 +++++----- library/constant_time_internal.h | 11 +++++------ 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 34b33b0a4..9bfb2c58c 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -397,15 +397,15 @@ static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if_else_0(mbedtls_ct_conditio #endif /* MBEDTLS_BIGNUM_C */ -static inline int mbedtls_ct_error_if(mbedtls_ct_condition_t condition, int if1, int if0) +static inline int mbedtls_ct_int_if(mbedtls_ct_condition_t condition, int if1, int if0) { - return -((int) mbedtls_ct_if(condition, (mbedtls_ct_uint_t) (-if1), - (mbedtls_ct_uint_t) (-if0))); + int a[2] = {if0, if1}; + return a[mbedtls_ct_uint_if_else_0(condition, 1)]; } -static inline int mbedtls_ct_error_if_else_0(mbedtls_ct_condition_t condition, int if1) +static inline int mbedtls_ct_int_if_else_0(mbedtls_ct_condition_t condition, int if1) { - return -((int) (condition & (-if1))); + return mbedtls_ct_int_if(condition, if1, 0); } static inline mbedtls_ct_condition_t mbedtls_ct_uint_eq(mbedtls_ct_uint_t x, diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index 63eb10421..604268e33 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -411,7 +411,7 @@ static inline unsigned char mbedtls_ct_uchar_in_range_if(unsigned char low, unsigned char c, unsigned char t); -/** Choose between two error values. The values must be zero or negative. +/** Choose between two int values. * * Functionally equivalent to: * @@ -423,23 +423,22 @@ static inline unsigned char mbedtls_ct_uchar_in_range_if(unsigned char low, * * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise \c if0. */ -static inline int mbedtls_ct_error_if(mbedtls_ct_condition_t condition, int if1, int if0); +static inline int mbedtls_ct_int_if(mbedtls_ct_condition_t condition, int if1, int if0); -/** Choose between an error value and 0. The error value must be zero or negative. +/** Choose between an int value and 0. * * Functionally equivalent to: * * condition ? if1 : 0. * - * Functionally equivalent to mbedtls_ct_error_if(condition, if1, 0) but - * results in smaller code size. + * Functionally equivalent to mbedtls_ct_int_if(condition, if1, 0). * * \param condition Condition to test. * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. * * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0. */ -static inline int mbedtls_ct_error_if_else_0(mbedtls_ct_condition_t condition, int if1); +static inline int mbedtls_ct_int_if_else_0(mbedtls_ct_condition_t condition, int if1); /* ============================================================================ * Block memory operations