Simplify some constant-time code Some people recommend using bit operations to avoid the compiler producing a branch on `ret != 0`, but: - this makes the code less readable, - here I got a warning from some compilers about unsigned unary minus - and anyway modern compilers don't produce a branch here, checked on x64 and arm with various -O values.

commit: 2ee8d24ca273487caa0b9b75e8791db75a77f51e [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Feb 11 15:29:15 2015 +0000
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Feb 11 15:29:15 2015 +0000
tree: 63d0c9a75cccf38d32ae0fbf264cf0efe5c74abe
parent: 06d751969761d7351c06957f4ac832be980e6ae3 [diff] [blame]
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 755bba9..7ff203b 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -2887,7 +2887,6 @@
     unsigned char *pms = ssl->handshake->premaster + pms_offset;
     unsigned char fake_pms[48], peer_pms[48];
     unsigned char mask;
-    unsigned int uret;
     size_t i;
 
     if( ! pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_RSA ) )
@@ -2951,10 +2950,7 @@
     }
     ssl->handshake->pmslen = 48;
 
-    uret = (unsigned) ret;
-    uret |= -uret; /* msb = ( ret != 0 ) */
-    uret >>= 8 * sizeof( uret ) - 1; /* uret = ( ret != 0 ) */
-    mask = (unsigned char)( -uret ) ; /* ret ? 0xff : 0x00 */
+    mask = (unsigned char)( - ( ret != 0 ) ); /* ret ? 0xff : 0x00 */
     for( i = 0; i < ssl->handshake->pmslen; i++ )
         pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] );
commit	2ee8d24ca273487caa0b9b75e8791db75a77f51e	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Wed Feb 11 15:29:15 2015 +0000
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Wed Feb 11 15:29:15 2015 +0000
tree	63d0c9a75cccf38d32ae0fbf264cf0efe5c74abe
parent	06d751969761d7351c06957f4ac832be980e6ae3 [diff] [blame]