Move mbedtls_cf_size_gt function to the constant-time module

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>

library/constant_time.c

@@ -213,3 +213,19 @@ size_t mbedtls_cf_size_bool_eq( size_t x, size_t y )
 
     return( 1 ^ diff1 );
 }
+
+/** Check whether a size is out of bounds, without branches.
+ *
+ * This is equivalent to `size > max`, but is likely to be compiled to
+ * to code using bitwise operation rather than a branch.
+ *
+ * \param size      Size to check.
+ * \param max       Maximum desired value for \p size.
+ * \return          \c 0 if `size <= max`.
+ * \return          \c 1 if `size > max`.
+ */
+unsigned mbedtls_cf_size_gt( size_t size, size_t max )
+{
+    /* Return the sign bit (1 for negative) of (max - size). */
+    return( ( max - size ) >> ( sizeof( size_t ) * 8 - 1 ) );
+}

library/constant_time.h

@@ -39,3 +39,5 @@ size_t mbedtls_cf_size_mask_lt( size_t x, size_t y );
 size_t mbedtls_cf_size_mask_ge( size_t x, size_t y );
 
 size_t mbedtls_cf_size_bool_eq( size_t x, size_t y );
+
+unsigned mbedtls_cf_size_gt( size_t size, size_t max );

library/rsa.c

@@ -1458,22 +1458,6 @@ cleanup:
 #endif /* MBEDTLS_PKCS1_V21 */
 
 #if defined(MBEDTLS_PKCS1_V15)
-/** Check whether a size is out of bounds, without branches.
- *
- * This is equivalent to `size > max`, but is likely to be compiled to
- * to code using bitwise operation rather than a branch.
- *
- * \param size      Size to check.
- * \param max       Maximum desired value for \p size.
- * \return          \c 0 if `size <= max`.
- * \return          \c 1 if `size > max`.
- */
-static unsigned mbedtls_cf_size_gt( size_t size, size_t max )
-{
-    /* Return the sign bit (1 for negative) of (max - size). */
-    return( ( max - size ) >> ( sizeof( size_t ) * 8 - 1 ) );
-}
-
 /** Choose between two integer values, without branches.
  *
  * This is equivalent to `cond ? if1 : if0`, but is likely to be compiled