libgo/go/crypto/subtle/constant_time.go - gofrontend - Git at Google

 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 // Package subtle implements functions that are often useful in cryptographic
 // code but require careful thought to use correctly.
 package subtle

 // ConstantTimeCompare returns 1 if the two slices, x and y, have equal contents
 // and 0 otherwise. The time taken is a function of the length of the slices and
 // is independent of the contents.
 func ConstantTimeCompare(x, y []byte) int {
 	if len(x) != len(y) {
 		return 0
 	}

 	var v byte

 	for i := 0; i < len(x); i++ {
 		v |= x[i] ^ y[i]
 	}

 	return ConstantTimeByteEq(v, 0)
 }

 // ConstantTimeSelect returns x if v == 1 and y if v == 0.
 // Its behavior is undefined if v takes any other value.
 func ConstantTimeSelect(v, x, y int) int { return ^(v-1)&x | (v-1)&y }

 // ConstantTimeByteEq returns 1 if x == y and 0 otherwise.
 func ConstantTimeByteEq(x, y uint8) int {
 	return int((uint32(x^y) - 1) >> 31)
 }

 // ConstantTimeEq returns 1 if x == y and 0 otherwise.
 func ConstantTimeEq(x, y int32) int {
 	return int((uint64(uint32(x^y)) - 1) >> 63)
 }

 // ConstantTimeCopy copies the contents of y into x (a slice of equal length)
 // if v == 1. If v == 0, x is left unchanged. Its behavior is undefined if v
 // takes any other value.
 func ConstantTimeCopy(v int, x, y []byte) {
 	if len(x) != len(y) {
 		panic("subtle: slices have different lengths")
 	}

 	xmask := byte(v - 1)
 	ymask := byte(^(v - 1))
 	for i := 0; i < len(x); i++ {
 		x[i] = x[i]&xmask | y[i]&ymask
 	}
 }

 // ConstantTimeLessOrEq returns 1 if x <= y and 0 otherwise.
 // Its behavior is undefined if x or y are negative or > 2**31 - 1.
 func ConstantTimeLessOrEq(x, y int) int {
 	x32 := int32(x)
 	y32 := int32(y)
 	return int(((x32 - y32 - 1) >> 31) & 1)
 }
	// Copyright 2009 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	// Package subtle implements functions that are often useful in cryptographic
	// code but require careful thought to use correctly.
	package subtle

	// ConstantTimeCompare returns 1 if the two slices, x and y, have equal contents
	// and 0 otherwise. The time taken is a function of the length of the slices and
	// is independent of the contents.
	func ConstantTimeCompare(x, y []byte) int {
	if len(x) != len(y) {
	return 0
	}

	var v byte

	for i := 0; i < len(x); i++ {
	v \|= x[i] ^ y[i]
	}

	return ConstantTimeByteEq(v, 0)
	}

	// ConstantTimeSelect returns x if v == 1 and y if v == 0.
	// Its behavior is undefined if v takes any other value.
	func ConstantTimeSelect(v, x, y int) int { return ^(v-1)&x \| (v-1)&y }

	// ConstantTimeByteEq returns 1 if x == y and 0 otherwise.
	func ConstantTimeByteEq(x, y uint8) int {
	return int((uint32(x^y) - 1) >> 31)
	}

	// ConstantTimeEq returns 1 if x == y and 0 otherwise.
	func ConstantTimeEq(x, y int32) int {
	return int((uint64(uint32(x^y)) - 1) >> 63)
	}

	// ConstantTimeCopy copies the contents of y into x (a slice of equal length)
	// if v == 1. If v == 0, x is left unchanged. Its behavior is undefined if v
	// takes any other value.
	func ConstantTimeCopy(v int, x, y []byte) {
	if len(x) != len(y) {
	panic("subtle: slices have different lengths")
	}

	xmask := byte(v - 1)
	ymask := byte(^(v - 1))
	for i := 0; i < len(x); i++ {
	x[i] = x[i]&xmask \| y[i]&ymask
	}
	}

	// ConstantTimeLessOrEq returns 1 if x <= y and 0 otherwise.
	// Its behavior is undefined if x or y are negative or > 2**31 - 1.
	func ConstantTimeLessOrEq(x, y int) int {
	x32 := int32(x)
	y32 := int32(y)
	return int(((x32 - y32 - 1) >> 31) & 1)
	}