sgx_trts/src/memeq.rs - incubator-teaclave-sgx-sdk - Git at Google

 // Copyright (C) 2017-2018 Baidu, Inc. All Rights Reserved.
 //
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions
 // are met:
 //
 //  * Redistributions of source code must retain the above copyright
 //    notice, this list of conditions and the following disclaimer.
 //  * Redistributions in binary form must reproduce the above copyright
 //    notice, this list of conditions and the following disclaimer in
 //    the documentation and/or other materials provided with the
 //    distribution.
 //  * Neither the name of Baidu, Inc., nor the names of its
 //    contributors may be used to endorse or promote products derived
 //    from this software without specific prior written permission.
 //
 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 //! Comparing buffer contents in constant time.
 //!
 //! This crate provides constant time memory comparison functions. These functions
 //! are useful in cyptographic functions, defending against timing based side
 //! channel attacks

 use sgx_types::marker::{BytewiseEquality};
 use core::mem;
 use alloc::slice;

 pub trait ConsttimeMemEq<T: BytewiseEquality + ?Sized = Self> {
     fn consttime_memeq(&self, other: &T) -> bool;

     fn consttime_memne(&self, other: &T) -> bool { !self.consttime_memeq(other) }
 }

 impl<T> ConsttimeMemEq<[T]> for [T]
     where T: Eq + BytewiseEquality
 {
     fn consttime_memeq(&self, other: &[T]) -> bool {

         if self.len() != other.len() {
             return false;
         }
         if self.as_ptr() == other.as_ptr() {
             return true;
         }
         let size = mem::size_of_val(self);
         consttime_memequal(self.as_ptr() as * const u8,
                            other.as_ptr() as * const u8,
                            size) != 0
     }
 }

 impl<T> ConsttimeMemEq<T> for T
     where T: Eq + BytewiseEquality
 {
     fn consttime_memeq(&self, other: &T) -> bool {

         let size = mem::size_of_val(self);
         if size == 0 {
             return true;
         }
         consttime_memequal(self as * const T as * const u8,
                            other as * const T as * const u8,
                            size) != 0
     }
 }

 fn consttime_memequal(b1: * const u8, b2: * const u8, l: usize) -> i32
 {
     let mut res: i32 = 0;
     let mut len = l;
     let p1 = unsafe { slice::from_raw_parts(b1, l) };
     let p2 = unsafe { slice::from_raw_parts(b2, l) };

     while len > 0 {
         len -= 1;
         res |= i32::from(p1[len] ^ p2[len]);
     }
     /*
      * Map 0 to 1 and [1, 256) to 0 using only constant-time
      * arithmetic.
      *
      * This is not simply `!res' because although many CPUs support
      * branchless conditional moves and many compilers will take
      * advantage of them, certain compilers generate branches on
      * certain CPUs for `!res'.
      */
     (1 & ((res - 1) >> 8))
 }
	// Copyright (C) 2017-2018 Baidu, Inc. All Rights Reserved.
	//
	// Redistribution and use in source and binary forms, with or without
	// modification, are permitted provided that the following conditions
	// are met:
	//
	// * Redistributions of source code must retain the above copyright
	// notice, this list of conditions and the following disclaimer.
	// * Redistributions in binary form must reproduce the above copyright
	// notice, this list of conditions and the following disclaimer in
	// the documentation and/or other materials provided with the
	// distribution.
	// * Neither the name of Baidu, Inc., nor the names of its
	// contributors may be used to endorse or promote products derived
	// from this software without specific prior written permission.
	//
	// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
	// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
	// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

	//! Comparing buffer contents in constant time.
	//!
	//! This crate provides constant time memory comparison functions. These functions
	//! are useful in cyptographic functions, defending against timing based side
	//! channel attacks

	use sgx_types::marker::{BytewiseEquality};
	use core::mem;
	use alloc::slice;

	pub trait ConsttimeMemEq<T: BytewiseEquality + ?Sized = Self> {
	fn consttime_memeq(&self, other: &T) -> bool;

	fn consttime_memne(&self, other: &T) -> bool { !self.consttime_memeq(other) }
	}

	impl<T> ConsttimeMemEq<[T]> for [T]
	where T: Eq + BytewiseEquality
	{
	fn consttime_memeq(&self, other: &[T]) -> bool {

	if self.len() != other.len() {
	return false;
	}
	if self.as_ptr() == other.as_ptr() {
	return true;
	}
	let size = mem::size_of_val(self);
	consttime_memequal(self.as_ptr() as * const u8,
	other.as_ptr() as * const u8,
	size) != 0
	}
	}

	impl<T> ConsttimeMemEq<T> for T
	where T: Eq + BytewiseEquality
	{
	fn consttime_memeq(&self, other: &T) -> bool {

	let size = mem::size_of_val(self);
	if size == 0 {
	return true;
	}
	consttime_memequal(self as * const T as * const u8,
	other as * const T as * const u8,
	size) != 0
	}
	}

	fn consttime_memequal(b1: * const u8, b2: * const u8, l: usize) -> i32
	{
	let mut res: i32 = 0;
	let mut len = l;
	let p1 = unsafe { slice::from_raw_parts(b1, l) };
	let p2 = unsafe { slice::from_raw_parts(b2, l) };

	while len > 0 {
	len -= 1;
	res \|= i32::from(p1[len] ^ p2[len]);
	}
	/*
	* Map 0 to 1 and [1, 256) to 0 using only constant-time
	* arithmetic.
	*
	* This is not simply `!res' because although many CPUs support
	* branchless conditional moves and many compilers will take
	* advantage of them, certain compilers generate branches on
	* certain CPUs for `!res'.
	*/
	(1 & ((res - 1) >> 8))
	}