ct/lc_ct_cmp: improve interface
Return 0xffffffff if arguments compare equal, 0 otherwise. Change all consumers accordingly.
This commit is contained in:
parent
ad42d99e0b
commit
52ab9ca179
4
README
4
README
|
|
@ -15,9 +15,7 @@ Utilities
|
|||
---------
|
||||
|
||||
- Constant-time operations
|
||||
- [/] compare: returns `0` if match, non-`0` otherwise. The non-`0`
|
||||
case might leak information. Would be better to return `0xffffffff`
|
||||
if match, `0` otherwise.
|
||||
- [x] compare
|
||||
|
||||
Hash
|
||||
----
|
||||
|
|
|
|||
|
|
@ -162,7 +162,7 @@ chacha20_poly1305_open(const uint8_t *key, size_t keylen, const uint8_t *iv,
|
|||
!poly1305_final(&pctx, tag, &olen))
|
||||
return 0;
|
||||
|
||||
if (lc_ct_cmp(tag, tagp, LC_POLY1305_TAGLEN) != 0)
|
||||
if (!lc_ct_cmp(tag, tagp, LC_POLY1305_TAGLEN))
|
||||
return 0;
|
||||
|
||||
lc_scrub(buf, sizeof(buf));
|
||||
|
|
|
|||
7
ct.c
7
ct.c
|
|
@ -25,5 +25,10 @@ lc_ct_cmp(const uint8_t *x, const uint8_t *y, size_t l)
|
|||
for (; l > 0; l--)
|
||||
r |= *x++ ^ *y++;
|
||||
|
||||
return r;
|
||||
/* Ensures that if any bit is set, then bit 7 is set. */
|
||||
r |= r << 4;
|
||||
r |= r << 2;
|
||||
r |= r << 1;
|
||||
|
||||
return 0xffffffff + ((r & 0x80) >> 7);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -249,7 +249,7 @@ main(int argc, char *argv[])
|
|||
}
|
||||
|
||||
if (ctlen != encoutlen - LC_POLY1305_TAGLEN ||
|
||||
lc_ct_cmp(encout, ct, ctlen) != 0) {
|
||||
!lc_ct_cmp(encout, ct, ctlen)) {
|
||||
if (verbose) {
|
||||
fprintf(stderr, "ct (%zu, %zu)\n", ctlen,
|
||||
encoutlen - LC_POLY1305_TAGLEN);
|
||||
|
|
@ -265,7 +265,7 @@ main(int argc, char *argv[])
|
|||
return 1;
|
||||
}
|
||||
if (taglenarg != LC_POLY1305_TAGLEN ||
|
||||
lc_ct_cmp(encout + ctlen, tag, LC_POLY1305_TAGLEN) != 0) {
|
||||
!lc_ct_cmp(encout + ctlen, tag, LC_POLY1305_TAGLEN)) {
|
||||
if (verbose) {
|
||||
fprintf(stderr, "tag (%zu, %zu)\n", taglenarg,
|
||||
(size_t)LC_POLY1305_TAGLEN);
|
||||
|
|
@ -300,7 +300,7 @@ main(int argc, char *argv[])
|
|||
return 1;
|
||||
}
|
||||
|
||||
if (msglen != decoutlen || lc_ct_cmp(decout, msg, msglen) != 0) {
|
||||
if (msglen != decoutlen || !lc_ct_cmp(decout, msg, msglen)) {
|
||||
if (verbose) {
|
||||
fprintf(stderr, "ct (%zu, %zu)\n", msglen, decoutlen);
|
||||
lc_hexdump_fp(stderr, msg, msglen);
|
||||
|
|
|
|||
|
|
@ -212,7 +212,7 @@ main(int argc, char *argv[])
|
|||
* be the full-length hash.
|
||||
*/
|
||||
if (taglen != taglenarg ||
|
||||
lc_ct_cmp(buf, tag, taglen) != 0) {
|
||||
!lc_ct_cmp(buf, tag, taglen)) {
|
||||
if (verbose) {
|
||||
fprintf(stderr, "tag (%zu, %zu, %zu)\n", taglen,
|
||||
taglenarg, olen);
|
||||
|
|
|
|||
Loading…
Reference in New Issue