Botan 3.11.0
Crypto and TLS for C&
Public Types | Public Member Functions | Static Public Member Functions | List of all members
Botan::CT::Choice Class Referencefinal

#include <ct_utils.h>

Public Types

using underlying_type = word

Public Member Functions

constexpr bool as_bool () const
constexpr Choice (Choice &&other)=default
constexpr Choice (const Choice &other)=default
template<typename T>
requires std::unsigned_integral<T> && (!std::same_as<bool, T>)
constexpr T into_bitmask () const
constexpr Choice operator! () const
constexpr Choice operator!= (const Choice &other) const
constexpr Choice operator&& (const Choice &other) const
constexpr Choiceoperator= (Choice &&other) noexcept=default
constexpr Choiceoperator= (const Choice &other) noexcept=default
constexpr Choice operator== (const Choice &other) const
constexpr Choice operator|| (const Choice &other) const
constexpr underlying_type value () const
 Return the masked value.
constexpr ~Choice ()=default

Static Public Member Functions

template<typename T>
requires std::unsigned_integral<T> && (!std::same_as<bool, T>)
static constexpr Choice from_int (T v)
static constexpr Choice from_mask (underlying_type v)
static constexpr Choice no ()
static constexpr Choice yes ()

Detailed Description

A Choice is used for constant-time conditionals.

Internally it always is either |0| (all 0 bits) or |1| (all 1 bits) and measures are taken to block compilers from reasoning about the expected value of a Choice.

Definition at line 259 of file ct_utils.h.

Member Typedef Documentation

◆ underlying_type

using Botan::CT::Choice::underlying_type = word

Definition at line 261 of file ct_utils.h.

Constructor & Destructor Documentation

◆ Choice() [1/2]

Botan::CT::Choice::Choice ( const Choice & other)
constexprdefault

References Choice().

Referenced by Choice(), Choice(), from_int(), from_mask(), no(), operator!(), operator!=(), operator&&(), operator=(), operator=(), operator==(), operator||(), and yes().

◆ Choice() [2/2]

Botan::CT::Choice::Choice ( Choice && other)
constexprdefault

References Choice().

◆ ~Choice()

Botan::CT::Choice::~Choice ( )
constexprdefault

References Botan::CT::value_barrier().

Member Function Documentation

◆ as_bool()

bool Botan::CT::Choice::as_bool ( ) const
inlineconstexpr

Unsafe conversion to bool

This conversion itself is (probably) constant time, but once the choice is reduced to a simple bool, it's entirely possible for the compiler to perform range analysis on the values, since there are just the two. As a consequence even if the caller is not using this in an obviously branchy way (if(choice.as_bool()) ...) a smart compiler may introduce branches depending on the value.

Definition at line 329 of file ct_utils.h.

329{ return m_value != 0; }

Referenced by Botan::to_affine_batch().

◆ from_int()

template<typename T>
requires std::unsigned_integral<T> && (!std::same_as<bool, T>)
constexpr Choice Botan::CT::Choice::from_int ( T v)
inlinestaticconstexpr

If v == 0 return an unset (false) Choice, otherwise a set Choice

Definition at line 268 of file ct_utils.h.

268 {
269 if constexpr(sizeof(T) <= sizeof(underlying_type)) {
270 return !Choice(ct_is_zero<underlying_type>(v));
271 } else {
272 // Mask of T that is either |0| or |1|
273 const T v_is_0 = ct_is_zero<T>(value_barrier<T>(v));
274
275 // We want the mask to be set if v != 0 so we must check that
276 // v_is_0 is itself zero.
277 //
278 // Also sizeof(T) may not equal sizeof(underlying_type) so we must
279 // use ct_is_zero<underlying_type>. It's ok to either truncate or
280 // zero extend v_is_0 to 32 bits since we know it is |0| or |1|
281 // so even just the low bit is sufficient.
282 return Choice(ct_is_zero<underlying_type>(static_cast<underlying_type>(v_is_0)));
283 }
284 }
Botan::CT::Choice::Choice
constexpr Choice(const Choice &other)=default
Botan::CT::value_barrier
constexpr T value_barrier(T x)
Definition value_barrier.h:43
Botan::ct_is_zero
BOTAN_FORCE_INLINE constexpr T ct_is_zero(T x)
Definition bit_ops.h:37

References Choice(), Botan::ct_is_zero(), and Botan::CT::value_barrier().

Referenced by Botan::CT::Mask< T >::as_choice(), Botan::bitvector_base< secure_allocator >::has_odd_hamming_weight(), and Botan::IntMod< MontgomeryRep< ScalarParams > >::is_even().

◆ from_mask()

constexpr Choice Botan::CT::Choice::from_mask ( underlying_type v)
inlinestaticconstexpr

Create a Choice directly from a mask value - this assumes v is either |0| or |1|

Definition at line 303 of file ct_utils.h.

303{ return Choice(v); }

References Choice().

Referenced by Botan::CT::Mask< T >::as_choice().

◆ into_bitmask()

template<typename T>
requires std::unsigned_integral<T> && (!std::same_as<bool, T>)
T Botan::CT::Choice::into_bitmask ( ) const
inlineconstexpr

Return a bitmask |1| if the choice is set, or |0| otherwise

Definition at line 291 of file ct_utils.h.

291 {
292 if constexpr(sizeof(T) <= sizeof(underlying_type)) {
293 // The inner mask is already |0| or |1| so just truncate
294 return static_cast<T>(value());
295 } else {
296 return ~ct_is_zero<T>(value());
297 }
298 }
Botan::CT::Choice::value
constexpr underlying_type value() const
Return the masked value.
Definition ct_utils.h:332

References Botan::ct_is_zero(), and value().

Referenced by Botan::IntMod< MontgomeryRep< ScalarParams > >::conditional_assign(), Botan::IntMod< MontgomeryRep< ScalarParams > >::conditional_assign(), Botan::IntMod< MontgomeryRep< ScalarParams > >::conditional_assign(), and Botan::IntMod< MontgomeryRep< ScalarParams > >::conditional_swap().

◆ no()

constexpr Choice Botan::CT::Choice::no ( )
inlinestaticconstexpr

Definition at line 307 of file ct_utils.h.

307{ return Choice(0); }

References Choice().

Referenced by Botan::to_affine_batch(), and yes().

◆ operator!()

Choice Botan::CT::Choice::operator! ( ) const
inlineconstexpr

Definition at line 309 of file ct_utils.h.

309{ return Choice(~value()); }

References Choice(), and value().

◆ operator!=()

Choice Botan::CT::Choice::operator!= ( const Choice & other) const
inlineconstexpr

Definition at line 315 of file ct_utils.h.

315{ return Choice(value() ^ other.value()); }

References Choice(), and value().

◆ operator&&()

Choice Botan::CT::Choice::operator&& ( const Choice & other) const
inlineconstexpr

Definition at line 311 of file ct_utils.h.

311{ return Choice(value() & other.value()); }

References Choice(), and value().

◆ operator=() [1/2]

Choice & Botan::CT::Choice::operator= ( Choice && other)
constexprdefaultnoexcept

References Choice().

◆ operator=() [2/2]

Choice & Botan::CT::Choice::operator= ( const Choice & other)
constexprdefaultnoexcept

References Choice().

◆ operator==()

Choice Botan::CT::Choice::operator== ( const Choice & other) const
inlineconstexpr

Definition at line 317 of file ct_utils.h.

317{ return !(*this != other); }

References Choice().

◆ operator||()

Choice Botan::CT::Choice::operator|| ( const Choice & other) const
inlineconstexpr

Definition at line 313 of file ct_utils.h.

313{ return Choice(value() | other.value()); }

References Choice(), and value().

◆ value()

underlying_type Botan::CT::Choice::value ( ) const
inlineconstexpr

Return the masked value.

Definition at line 332 of file ct_utils.h.

332{ return value_barrier(m_value); }

References Botan::CT::value_barrier().

Referenced by Botan::CT::Mask< T >::from_choice(), into_bitmask(), operator!(), operator!=(), operator&&(), and operator||().

◆ yes()

constexpr Choice Botan::CT::Choice::yes ( )
inlinestaticconstexpr

Definition at line 305 of file ct_utils.h.

305{ return !no(); }
Botan::CT::Choice::no
static constexpr Choice no()
Definition ct_utils.h:307

References Choice(), and no().

Referenced by Botan::CT::strip_leading_zeros().

The documentation for this class was generated from the following file:
Generated by doxygen 1.15.0