Botan 3.6.1
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::CT::Choice Class Referencefinal

#include <ct_utils.h>

Public Member Functions

constexpr bool as_bool () const
 
constexpr Choice (Choice &&other)=default
 
constexpr Choice (const Choice &other)=default
 
constexpr Choice operator! () const
 
constexpr Choice operator!= (const Choice &other) const
 
constexpr Choice operator&& (const Choice &other) const
 
constexpr Choiceoperator= (Choice &&other) noexcept=default
 
constexpr Choiceoperator= (const Choice &other) noexcept=default
 
constexpr Choice operator== (const Choice &other) const
 
constexpr Choice operator|| (const Choice &other) const
 
constexpr uint32_t value () const
 Return the masked value.
 

Static Public Member Functions

template<typename T >
requires std::unsigned_integral<T> && (!std::same_as<bool, T>)
static constexpr Choice from_int (T v)
 
static constexpr Choice no ()
 
static constexpr Choice yes ()
 

Detailed Description

A Choice is used for constant-time conditionals.

Internally it always is either |0| (all 0 bits) or |1| (all 1 bits) and measures are taken to block compilers from reasoning about the expected value of a Choice.

Definition at line 285 of file ct_utils.h.

Constructor & Destructor Documentation

◆ Choice() [1/2]

Botan::CT::Choice::Choice ( const Choice & other)
constexprdefault

Referenced by from_int(), no(), operator!(), operator!=(), operator&&(), operator||(), and yes().

◆ Choice() [2/2]

Botan::CT::Choice::Choice ( Choice && other)
constexprdefault

Member Function Documentation

◆ as_bool()

bool Botan::CT::Choice::as_bool ( ) const
inlineconstexpr

Unsafe conversion to bool

This conversion itself is (probably) constant time, but once the choice is reduced to a simple bool, it's entirely possible for the compiler to perform range analysis on the values, since there are just the two. As a consequence even if the caller is not using this in an obviously branchy way (if(choice.as_bool()) ...) a smart compiler may introduce branches depending on the value.

Definition at line 330 of file ct_utils.h.

330{ return m_value != 0; }

Referenced by Botan::CT::Option< T >::as_optional_vartime(), and Botan::CT::Option< T >::value().

◆ from_int()

template<typename T >
requires std::unsigned_integral<T> && (!std::same_as<bool, T>)
static constexpr Choice Botan::CT::Choice::from_int ( T v)
inlinestaticconstexpr

If v == 0 return an unset (false) Choice, otherwise a set Choice

Definition at line 292 of file ct_utils.h.

292 {
293 // Mask of T that is either |0| or |1|
294 const T v_is_0 = ct_is_zero<T>(value_barrier<T>(v));
295
296 // We want the mask to be set if v != 0 so we must check that
297 // v_is_0 is itself zero.
298 //
299 // Also sizeof(T) may not equal sizeof(uint32_t) so we must
300 // use ct_is_zero<uint32_t>. It's ok to either truncate or
301 // zero extend v_is_0 to 32 bits since we know it is |0| or |1|
302 // so even just the low bit is sufficient.
303 return Choice(ct_is_zero<uint32_t>(static_cast<uint32_t>(v_is_0)));
304 }
Botan::CT::Choice::Choice
constexpr Choice(const Choice &other)=default
T
FE_25519 T
Definition ge.cpp:34
Botan::CT::value_barrier
constexpr T value_barrier(T x)
Definition ct_utils.h:252
Botan::ct_is_zero
constexpr T ct_is_zero(T x)
Definition bit_ops.h:33

References Choice(), Botan::ct_is_zero(), T, and Botan::CT::value_barrier().

Referenced by Botan::CT::Mask< T >::as_choice().

◆ no()

static constexpr Choice Botan::CT::Choice::no ( )
inlinestaticconstexpr

Definition at line 308 of file ct_utils.h.

308{ return Choice(0); }

References Choice().

◆ operator!()

Choice Botan::CT::Choice::operator! ( ) const
inlineconstexpr

Definition at line 310 of file ct_utils.h.

310{ return Choice(~value()); }
Botan::CT::Choice::value
constexpr uint32_t value() const
Return the masked value.
Definition ct_utils.h:333

References Choice(), and value().

◆ operator!=()

Choice Botan::CT::Choice::operator!= ( const Choice & other) const
inlineconstexpr

Definition at line 316 of file ct_utils.h.

316{ return Choice(value() ^ other.value()); }

References Choice(), and value().

◆ operator&&()

Choice Botan::CT::Choice::operator&& ( const Choice & other) const
inlineconstexpr

Definition at line 312 of file ct_utils.h.

312{ return Choice(value() & other.value()); }

References Choice(), and value().

◆ operator=() [1/2]

Choice & Botan::CT::Choice::operator= ( Choice && other)
constexprdefaultnoexcept

◆ operator=() [2/2]

Choice & Botan::CT::Choice::operator= ( const Choice & other)
constexprdefaultnoexcept

◆ operator==()

Choice Botan::CT::Choice::operator== ( const Choice & other) const
inlineconstexpr

Definition at line 318 of file ct_utils.h.

318{ return !(*this != other); }

◆ operator||()

Choice Botan::CT::Choice::operator|| ( const Choice & other) const
inlineconstexpr

Definition at line 314 of file ct_utils.h.

314{ return Choice(value() | other.value()); }

References Choice(), and value().

◆ value()

uint32_t Botan::CT::Choice::value ( ) const
inlineconstexpr

Return the masked value.

Definition at line 333 of file ct_utils.h.

333{ return value_barrier(m_value); }

References Botan::CT::value_barrier().

Referenced by Botan::CT::Mask< T >::from_choice(), operator!(), operator!=(), operator&&(), and operator||().

◆ yes()

static constexpr Choice Botan::CT::Choice::yes ( )
inlinestaticconstexpr

Definition at line 306 of file ct_utils.h.

306{ return Choice(static_cast<uint32_t>(-1)); }

References Choice().

Referenced by Botan::CT::strip_leading_zeros().

The documentation for this class was generated from the following file:
Generated by doxygen 1.12.0