summaryrefslogtreecommitdiff
path: root/security/nss/lib/util/secport.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/util/secport.h')
-rw-r--r--security/nss/lib/util/secport.h74
1 files changed, 74 insertions, 0 deletions
diff --git a/security/nss/lib/util/secport.h b/security/nss/lib/util/secport.h
index c682f5d11b..b3021afafe 100644
--- a/security/nss/lib/util/secport.h
+++ b/security/nss/lib/util/secport.h
@@ -126,6 +126,15 @@ SEC_END_PROTOS
* ignored. See more details in Bug 1588015. */
#define PORT_AssertArg PR_ASSERT_ARG
+/* Assert the current location can't be reached, passing a reason-string. */
+#define PORT_AssertNotReached(reasonStr) PR_NOT_REACHED(reasonStr)
+
+/* macros to handle endian based byte conversion */
+#define PORT_GET_BYTE_BE(value, offset, len) \
+ ((unsigned char)(((len) - (offset)-1) >= sizeof(value) ? 0 : (((value) >> (((len) - (offset)-1) * PR_BITS_PER_BYTE)) & 0xff)))
+#define PORT_GET_BYTE_LE(value, offset, len) \
+ ((unsigned char)((offset) > sizeof(value) ? 0 : (((value) >> ((offset)*PR_BITS_PER_BYTE)) & 0xff)))
+
/* This runs a function that should return SECSuccess.
* Intended for NSS internal use only.
* The return value is asserted in a debug build, otherwise it is ignored.
@@ -296,4 +305,69 @@ PORT_LoadLibraryFromOrigin(const char *existingShLibName,
SEC_END_PROTOS
+/*
+ * Constant time macros
+ */
+/* These macros use the fact that arithmetic shift shifts-in the sign bit.
+ * However, this is not ensured by the C standard so you may need to replace
+ * them with something else for odd compilers. These macros work for object
+ * sizes up to 32 bits. The inequalities will produce incorrect results if
+ * abs(a-b) >= PR_UINT32_MAX/2. This can be a voided if unsigned values stay
+ * within the range 0-PRUINT32_MAX/2 and signed values stay within the range
+ * -PRINT32_MAX/2-PRINT32_MAX/2. If these are insufficient, we can fix
+ * this by either expanding the PORT_CT_DUPLICATE_MSB_TO_ALL to PRUint64
+ * or by creating the following new macros for inequality:
+ *
+ * PORT_CT_OVERFLOW prevents the overflow condition by handling the case
+ * where the high bits in a and b are different specially. Basically if
+ * the high bit in a and b differs we can just
+ * copy the high bit of one of the parameters to determine the result as
+ * follows:
+ * GxU if a has the high bit on, a>b, so d=a
+ * LxU if b has the high bit on, a<b, so d=b
+ * GxS if b has the high bit on, it's negative a>b so d=b
+ * LxS if a has the high bit on, it's negative a<b so d=a
+ * where PORT_CT_xxU() macros do unsigned compares and PORT_CT_xxS() do signed
+ * compares.
+ *
+ * #define PORT_CT_OVERFLOW(a,b,c,d) \
+ * PORT_CT_SEL(PORT_CT_DUPLICATE_MSB_TO_ALL((a)^(b)), \
+ * (PORT_CT_DUPLICATE_MSB_TO_ALL(d)),c)
+ * #define PORT_CT_GTU(a,b) PORT_CT_OVERFLOW(a,b,PORT_CT_GT(a,b),a)
+ * #define PORT_CT_LTU(a,b) PORT_CT_OVERFLOW(a,b,PORT_CT_LT(a,b),b)
+ * #define PORT_CT_GEU(a,b) PORT_CT_OVERFLOW(a,b,PORT_CT_GE(a,b),a)
+ * #define PORT_CT_LEU(a,b) PORT_CT_OVERFLOW(a,b,PORT_CT_LE(a,b),b)
+ * #define PORT_CT_GTS(a,b) PORT_CT_OVERFLOW(a,b,PORT_CT_GT(a,b),b)
+ * #define PORT_CT_LTS(a,b) PORT_CT_OVERFLOW(a,b,PORT_CT_LT(a,b),a)
+ * #define PORT_CT_GES(a,b) PORT_CT_OVERFLOW(a,b,PORT_CT_GE(a,b),b)
+ * #define PORT_CT_LES(a,b) PORT_CT_OVERFLOW(a,b,PORT_CT_LE(a,b),a)
+ *
+ *
+ * */
+/* Constant-time helper macro that copies the MSB of x to all other bits. */
+#define PORT_CT_DUPLICATE_MSB_TO_ALL(x) ((PRUint32)((PRInt32)(x) >> (sizeof(PRInt32) * 8 - 1)))
+
+/* Constant-time helper macro that selects l or r depending on all-1 or all-0
+ * mask m */
+#define PORT_CT_SEL(m, l, r) (((m) & (l)) | (~(m) & (r)))
+
+/* Constant-time helper macro that returns all-1s if x is not 0; and all-0s
+ * otherwise. */
+#define PORT_CT_NOT_ZERO(x) (PORT_CT_DUPLICATE_MSB_TO_ALL(((x) | (0 - (x)))))
+
+/* Constant-time helper macro that returns all-1s if x is 0; and all-0s
+ * otherwise. */
+#define PORT_CT_ZERO(x) (~PORT_CT_DUPLICATE_MSB_TO_ALL(((x) | (0 - (x)))))
+
+/* Constant-time helper macro for equalities and inequalities.
+ * returns all-1's for true and all-0's for false */
+#define PORT_CT_EQ(a, b) PORT_CT_ZERO(((a) - (b)))
+#define PORT_CT_NE(a, b) PORT_CT_NOT_ZERO(((a) - (b)))
+#define PORT_CT_GT(a, b) PORT_CT_DUPLICATE_MSB_TO_ALL((b) - (a))
+#define PORT_CT_LT(a, b) PORT_CT_DUPLICATE_MSB_TO_ALL((a) - (b))
+#define PORT_CT_GE(a, b) (~PORT_CT_LT(a, b))
+#define PORT_CT_LE(a, b) (~PORT_CT_GT(a, b))
+#define PORT_CT_TRUE (~0)
+#define PORT_CT_FALSE 0
+
#endif /* _SECPORT_H_ */
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-20 14:35:59 +0000