Lucas
/
lilcrypto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ct/lc_ct_cmp: improve interface 

Return 0xffffffff if arguments compare equal, 0 otherwise. Change all
consumers accordingly.
This commit is contained in:
Lucas Gabriel Vuotto 2024-06-06 13:49:25 +00:00
parent ad42d99e0b
commit 52ab9ca179
5 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README
View File

@ -15,9 +15,7 @@ Utilities
--------- ---------
- Constant-time operations - Constant-time operations
- [/] compare: returns `0` if match, non-`0` otherwise. The non-`0` - [x] compare
case might leak information. Would be better to return `0xffffffff`
if match, `0` otherwise.
Hash Hash
---- ----

2
aead_chacha20_poly1305.c
View File

@ -162,7 +162,7 @@ chacha20_poly1305_open(const uint8_t *key, size_t keylen, const uint8_t *iv,
!poly1305_final(&pctx, tag, &olen)) !poly1305_final(&pctx, tag, &olen))
return 0; return 0;
if (lc_ct_cmp(tag, tagp, LC_POLY1305_TAGLEN) != 0) if (!lc_ct_cmp(tag, tagp, LC_POLY1305_TAGLEN))
return 0; return 0;
lc_scrub(buf, sizeof(buf)); lc_scrub(buf, sizeof(buf));

7
ct.c
View File

@ -25,5 +25,10 @@ lc_ct_cmp(const uint8_t *x, const uint8_t *y, size_t l)
for (; l > 0; l--) for (; l > 0; l--)
r |= *x++ ^ *y++; r |= *x++ ^ *y++;
return r; /* Ensures that if any bit is set, then bit 7 is set. */
r |= r << 4;
r |= r << 2;
r |= r << 1;
return 0xffffffff + ((r & 0x80) >> 7);
} }

6
wycheproof_aead.c
View File

@ -249,7 +249,7 @@ main(int argc, char *argv[])
} }
if (ctlen != encoutlen - LC_POLY1305_TAGLEN || if (ctlen != encoutlen - LC_POLY1305_TAGLEN ||
lc_ct_cmp(encout, ct, ctlen) != 0) { !lc_ct_cmp(encout, ct, ctlen)) {
if (verbose) { if (verbose) {
fprintf(stderr, "ct (%zu, %zu)\n", ctlen, fprintf(stderr, "ct (%zu, %zu)\n", ctlen,
encoutlen - LC_POLY1305_TAGLEN); encoutlen - LC_POLY1305_TAGLEN);
@ -265,7 +265,7 @@ main(int argc, char *argv[])
return 1; return 1;
} }
if (taglenarg != LC_POLY1305_TAGLEN || if (taglenarg != LC_POLY1305_TAGLEN ||
lc_ct_cmp(encout + ctlen, tag, LC_POLY1305_TAGLEN) != 0) { !lc_ct_cmp(encout + ctlen, tag, LC_POLY1305_TAGLEN)) {
if (verbose) { if (verbose) {
fprintf(stderr, "tag (%zu, %zu)\n", taglenarg, fprintf(stderr, "tag (%zu, %zu)\n", taglenarg,
(size_t)LC_POLY1305_TAGLEN); (size_t)LC_POLY1305_TAGLEN);
@ -300,7 +300,7 @@ main(int argc, char *argv[])
return 1; return 1;
} }
if (msglen != decoutlen || lc_ct_cmp(decout, msg, msglen) != 0) { if (msglen != decoutlen || !lc_ct_cmp(decout, msg, msglen)) {
if (verbose) { if (verbose) {
fprintf(stderr, "ct (%zu, %zu)\n", msglen, decoutlen); fprintf(stderr, "ct (%zu, %zu)\n", msglen, decoutlen);
lc_hexdump_fp(stderr, msg, msglen); lc_hexdump_fp(stderr, msg, msglen);

2
wycheproof_mac.c
View File

@ -212,7 +212,7 @@ main(int argc, char *argv[])
* be the full-length hash. * be the full-length hash.
*/ */
if (taglen != taglenarg || if (taglen != taglenarg ||
lc_ct_cmp(buf, tag, taglen) != 0) { !lc_ct_cmp(buf, tag, taglen)) {
if (verbose) { if (verbose) {
fprintf(stderr, "tag (%zu, %zu, %zu)\n", taglen, fprintf(stderr, "tag (%zu, %zu, %zu)\n", taglen,
taglenarg, olen); taglenarg, olen);