Botan 3.5.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::CT::Choice Class Referencefinal

#include <ct_utils.h>

Public Member Functions

constexpr bool as_bool () const
 
constexpr Choice (Choice &&other)=default
 
constexpr Choice (const Choice &other)=default
 
constexpr Choice operator! () const
 
constexpr Choice operator!= (const Choice &other) const
 
constexpr Choice operator&& (const Choice &other) const
 
constexpr Choiceoperator= (Choice &&other) noexcept=default
 
constexpr Choiceoperator= (const Choice &other) noexcept=default
 
constexpr Choice operator|| (const Choice &other) const
 
constexpr uint32_t value () const
 Return the masked value.
 

Static Public Member Functions

template<typename T >
requires std::unsigned_integral<T> && (!std::same_as<bool, T>)
static constexpr Choice from_int (T v)
 
static constexpr Choice no ()
 
static constexpr Choice yes ()
 

Detailed Description

A Choice is used for constant-time conditionals.

Internally it always is either |0| (all 0 bits) or |1| (all 1 bits) and measures are taken to block compilers from reasoning about the expected value of a Choice.

Definition at line 117 of file ct_utils.h.

Constructor & Destructor Documentation

◆ Choice() [1/2]

Botan::CT::Choice::Choice ( const Choice & other)
constexprdefault

Referenced by from_int(), no(), operator!(), operator!=(), operator&&(), operator||(), and yes().

◆ Choice() [2/2]

Botan::CT::Choice::Choice ( Choice && other)
constexprdefault

Member Function Documentation

◆ as_bool()

bool Botan::CT::Choice::as_bool ( ) const
inlineconstexpr

Unsafe conversion to bool

This conversion itself is (probably) constant time, but once the choice is reduced to a simple bool, it's entirely possible for the compiler to perform range analysis on the values, since there are just the two. As a consequence even if the caller is not using this in an obviously branchy way (if(choice.as_bool()) ...) a smart compiler may introduce branches depending on the value.

Definition at line 160 of file ct_utils.h.

160{ return m_value != 0; }

Referenced by Botan::ProjectiveCurvePoint< FieldElement, Params >::from_affine().

◆ from_int()

template<typename T >
requires std::unsigned_integral<T> && (!std::same_as<bool, T>)
static constexpr Choice Botan::CT::Choice::from_int ( T v)
inlinestaticconstexpr

If v == 0 return an unset (false) Choice, otherwise a set Choice

Definition at line 124 of file ct_utils.h.

124 {
125 // Mask of T that is either |0| or |1|
126 const T v_is_0 = ct_is_zero<T>(value_barrier<T>(v));
127
128 // We want the mask to be set if v != 0 so we must check that
129 // v_is_0 is itself zero.
130 //
131 // Also sizeof(T) may not equal sizeof(uint32_t) so we must
132 // use ct_is_zero<uint32_t>. It's ok to either truncate or
133 // zero extend v_is_0 to 32 bits since we know it is |0| or |1|
134 // so even just the low bit is sufficient.
135 return Choice(ct_is_zero<uint32_t>(static_cast<uint32_t>(v_is_0)));
136 }
Botan::CT::Choice::Choice
constexpr Choice(const Choice &other)=default
T
FE_25519 T
Definition ge.cpp:34
Botan::CT::value_barrier
constexpr T value_barrier(T x)
Definition ct_utils.h:84
Botan::ct_is_zero
constexpr T ct_is_zero(T x)
Definition bit_ops.h:33

References Choice(), Botan::ct_is_zero(), T, and Botan::CT::value_barrier().

Referenced by Botan::CT::Mask< T >::as_choice(), and Botan::IntMod< Rep >::is_even().

◆ no()

static constexpr Choice Botan::CT::Choice::no ( )
inlinestaticconstexpr

Definition at line 140 of file ct_utils.h.

140{ return Choice(0); }

References Choice().

◆ operator!()

Choice Botan::CT::Choice::operator! ( ) const
inlineconstexpr

Definition at line 142 of file ct_utils.h.

142{ return Choice(~value()); }
Botan::CT::Choice::value
constexpr uint32_t value() const
Return the masked value.
Definition ct_utils.h:163

References Choice(), and value().

◆ operator!=()

Choice Botan::CT::Choice::operator!= ( const Choice & other) const
inlineconstexpr

Definition at line 148 of file ct_utils.h.

148{ return Choice(value() ^ other.value()); }

References Choice(), and value().

◆ operator&&()

Choice Botan::CT::Choice::operator&& ( const Choice & other) const
inlineconstexpr

Definition at line 144 of file ct_utils.h.

144{ return Choice(value() & other.value()); }

References Choice(), and value().

◆ operator=() [1/2]

Choice & Botan::CT::Choice::operator= ( Choice && other)
constexprdefaultnoexcept

◆ operator=() [2/2]

Choice & Botan::CT::Choice::operator= ( const Choice & other)
constexprdefaultnoexcept

◆ operator||()

Choice Botan::CT::Choice::operator|| ( const Choice & other) const
inlineconstexpr

Definition at line 146 of file ct_utils.h.

146{ return Choice(value() | other.value()); }

References Choice(), and value().

◆ value()

uint32_t Botan::CT::Choice::value ( ) const
inlineconstexpr

Return the masked value.

Definition at line 163 of file ct_utils.h.

163{ return value_barrier(m_value); }

References Botan::CT::value_barrier().

Referenced by Botan::CT::Mask< T >::from_choice(), operator!(), operator!=(), operator&&(), and operator||().

◆ yes()

static constexpr Choice Botan::CT::Choice::yes ( )
inlinestaticconstexpr

Definition at line 138 of file ct_utils.h.

138{ return Choice(static_cast<uint32_t>(-1)); }

References Choice().

The documentation for this class was generated from the following file:
Generated by doxygen 1.11.0