From 2ee8d24ca273487caa0b9b75e8791db75a77f51e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Feb 2015 15:29:15 +0000 Subject: [PATCH] Simplify some constant-time code Some people recommend using bit operations to avoid the compiler producing a branch on `ret != 0`, but: - this makes the code less readable, - here I got a warning from some compilers about unsigned unary minus - and anyway modern compilers don't produce a branch here, checked on x64 and arm with various -O values. --- library/ssl_srv.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 755bba9f1..7ff203be6 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2887,7 +2887,6 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl, unsigned char *pms = ssl->handshake->premaster + pms_offset; unsigned char fake_pms[48], peer_pms[48]; unsigned char mask; - unsigned int uret; size_t i; if( ! pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_RSA ) ) @@ -2951,10 +2950,7 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl, } ssl->handshake->pmslen = 48; - uret = (unsigned) ret; - uret |= -uret; /* msb = ( ret != 0 ) */ - uret >>= 8 * sizeof( uret ) - 1; /* uret = ( ret != 0 ) */ - mask = (unsigned char)( -uret ) ; /* ret ? 0xff : 0x00 */ + mask = (unsigned char)( - ( ret != 0 ) ); /* ret ? 0xff : 0x00 */ for( i = 0; i < ssl->handshake->pmslen; i++ ) pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] );