Home GnuPG
Diffusion libgcrypt 9e1ee6efea9d

mceliece6688128f: harden mask generation against branch optimization
9e1ee6efea9dUnpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

mceliece6688128f: harden mask generation against branch optimization

* cipher/mceliece6688128f.c (crypto_int64_negative_mask)
(crypto_int16_negative_mask, crypto_int32_negative_mask)
(crypto_uint64_signed_negative_mask, crypto_uint16_signed_negative_mask)
(crypto_uint32_signed_negative_mask, mask_nonzero, mask_leq, vec_cmov)
(layer, gen_e, gf_mul, same_mask, pk_gen): Generate masks with
const-time helper function.
* src/const-time.h (ct_u64_gen_mask, ct_u64_gen_inv_mask): New.

Cherry-pick master commit of:
4012e9a037c5bf9f296ca89a6e94bb3600ec0d35

  • Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>

Details

Provenance
jukiviliAuthored on Sep 17 2025, 6:14 PM
gniibeCommitted on Nov 20 2025, 2:34 AM
Parents
rC7ff58b28726e: sntrup761: use const-time helpers for memory comparison and cond move
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (2)

PathSize
cipher/
src/

rC9e1ee6efea9d

View Options

cipher/mceliece6688128f.c

Loading...
View Options

src/const-time.h

Loading...