Skip to main content

Choice

crypto_bigint

Struct Choice 

Source 
pub struct Choice(/* private fields */);
Expand description

Constant-time analogue of bool providing a “best effort” optimization barrier.

This type attempts to hint to the compiler and its codegen backends that optimizations should not be applied which depend on specific values of this type.

This is used as a “belt-and-suspenders” defense in addition to mechanisms like constant-time predication intrinsics provided by the cmov crate, and is never expected to be the only line of defense.

Implementations§

Source§

impl Choice

Source

pub const FALSE: Choice

Equivalent of false.

Source

pub const TRUE: Choice

Equivalent of true.

Source

pub const fn and(self, rhs: Choice) -> Choice

Apply an and conditional to the given Choices.

Source

pub const fn or(self, rhs: Choice) -> Choice

Apply an or conditional to the given Choices.

Source

pub const fn xor(self, rhs: Choice) -> Choice

Apply an xor conditional to the given Choices.

Source

pub const fn not(self) -> Choice

Compute the boolean inverse of self.

Source

pub const fn eq(self, other: Choice) -> Choice

const fn equality operation.

Source

pub const fn ne(self, other: Choice) -> Choice

const fn not equal operation.

Source

pub const fn from_i64_eq(x: i64, y: i64) -> Choice

Returns Choice::TRUE if x == y, and Choice::FALSE otherwise.

Source

pub const fn from_u8_eq(x: u8, y: u8) -> Choice

Returns Choice::TRUE if x == y, and Choice::FALSE otherwise.

Source

pub const fn from_u8_le(x: u8, y: u8) -> Choice

Returns Choice::TRUE if x <= y and Choice::FALSE otherwise.

Source

pub const fn from_u8_lsb(value: u8) -> Choice

Initialize from the least significant bit of a u8.

Source

pub const fn from_u8_lt(x: u8, y: u8) -> Choice

Returns Choice::TRUE if x < y, and Choice::FALSE otherwise.

Source

pub const fn from_u8_nz(value: u8) -> Choice

Returns Choice::TRUE if value != 0, and Choice::FALSE otherwise.

Source

pub const fn from_u16_eq(x: u16, y: u16) -> Choice

Returns Choice::TRUE if x == y, and Choice::FALSE otherwise.

Source

pub const fn from_u16_le(x: u16, y: u16) -> Choice

Returns Choice::TRUE if x <= y and Choice::FALSE otherwise.

Source

pub const fn from_u16_lsb(value: u16) -> Choice

Initialize from the least significant bit of a u16.

Source

pub const fn from_u16_lt(x: u16, y: u16) -> Choice

Returns Choice::TRUE if x < y, and Choice::FALSE otherwise.

Source

pub const fn from_u16_nz(value: u16) -> Choice

Returns Choice::TRUE if value != 0, and Choice::FALSE otherwise.

Source

pub const fn from_u32_eq(x: u32, y: u32) -> Choice

Returns Choice::TRUE if x == y, and Choice::FALSE otherwise.

Source

pub const fn from_u32_le(x: u32, y: u32) -> Choice

Returns Choice::TRUE if x <= y and Choice::FALSE otherwise.

Source

pub const fn from_u32_lsb(value: u32) -> Choice

Initialize from the least significant bit of a u32.

Source

pub const fn from_u32_lt(x: u32, y: u32) -> Choice

Returns Choice::TRUE if x < y, and Choice::FALSE otherwise.

Source

pub const fn from_u32_nz(value: u32) -> Choice

Returns Choice::TRUE if value != 0, and Choice::FALSE otherwise.

Source

pub const fn from_u64_eq(x: u64, y: u64) -> Choice

Returns Choice::TRUE if x == y, and Choice::FALSE otherwise.

Source

pub const fn from_u64_le(x: u64, y: u64) -> Choice

Returns Choice::TRUE if x <= y and Choice::FALSE otherwise.

Source

pub const fn from_u64_lsb(value: u64) -> Choice

Initialize from the least significant bit of a u64.

Source

pub const fn from_u64_lt(x: u64, y: u64) -> Choice

Returns Choice::TRUE if x < y, and Choice::FALSE otherwise.

Source

pub const fn from_u64_nz(value: u64) -> Choice

Returns Choice::TRUE if value != 0, and Choice::FALSE otherwise.

Source

pub const fn from_u128_eq(x: u128, y: u128) -> Choice

Returns Choice::TRUE if x == y, and Choice::FALSE otherwise.

Source

pub const fn from_u128_le(x: u128, y: u128) -> Choice

Returns Choice::TRUE if x <= y and Choice::FALSE otherwise.

Source

pub const fn from_u128_lsb(value: u128) -> Choice

Initialize from the least significant bit of a u128.

Source

pub const fn from_u128_lt(x: u128, y: u128) -> Choice

Returns Choice::TRUE if x < y, and Choice::FALSE otherwise.

Source

pub const fn from_u128_nz(value: u128) -> Choice

Returns Choice::TRUE if value != 0, and Choice::FALSE otherwise.

Source

pub const fn select_i64(self, a: i64, b: i64) -> i64

const fn helper: return b if self is Choice::TRUE, otherwise return a.

Only use this instead of the CtSelect trait in the event you’re in a const fn context and can’t use the trait. The former will provide better constant-time assurances.

Source

pub const fn select_u8(self, a: u8, b: u8) -> u8

const fn helper: return b if self is Choice::TRUE, otherwise return a.

Only use this instead of the CtSelect trait in the event you’re in a const fn context and can’t use the trait. The former will provide better constant-time assurances.

Source

pub const fn select_u16(self, a: u16, b: u16) -> u16

const fn helper: return b if self is Choice::TRUE, otherwise return a.

Only use this instead of the CtSelect trait in the event you’re in a const fn context and can’t use the trait. The former will provide better constant-time assurances.

Source

pub const fn select_u32(self, a: u32, b: u32) -> u32

const fn helper: return b if self is Choice::TRUE, otherwise return a.

Only use this instead of the CtSelect trait in the event you’re in a const fn context and can’t use the trait. The former will provide better constant-time assurances.

Source

pub const fn select_u64(self, a: u64, b: u64) -> u64

const fn helper: return b if self is Choice::TRUE, otherwise return a.

Only use this instead of the CtSelect trait in the event you’re in a const fn context and can’t use the trait. The former will provide better constant-time assurances.

Source

pub const fn select_u128(self, a: u128, b: u128) -> u128

const fn helper: return b if self is Choice::TRUE, otherwise return a.

Only use this instead of the CtSelect trait in the event you’re in a const fn context and can’t use the trait. The former will provide better constant-time assurances.

Source

pub fn to_bool(self) -> bool

Convert Choice into a bool.

Security Warning

Using this function will introduce timing variability, since computing this at all currently requires a branch.

This is intended to be used as either the one and only branch at the end of a constant-time operation to e.g. differentiate between success and failure, or in contexts where constant-time doesn’t matter, e.g. variable-time code that operates on “maybe secret” types which aren’t secrets in a particular context.

If you are trying to use this in the context of a constant-time operation, be warned that the small amount of timing variability it introduces can potentially be exploited. Whenever possible, prefer fully constant-time approaches instead.

Source

pub fn to_u8(self) -> u8

Convert Choice to a u8, attempting to apply a “best effort” optimization barrier.

Source

pub const fn to_bool_vartime(self) -> bool

HACK: workaround to allow const fn boolean support on Rust 1.85.

This does not apply black_box to the output.

Security Warning

See the security warnings for Choice::to_bool.

Source

pub const fn to_u8_vartime(self) -> u8

HACK: workaround to allow const fn boolean support on Rust 1.85.

This does not apply black_box to the output.

Source

pub const fn to_u8_mask(self) -> u8

Create a u8 bitmask.

§Returns
  • 0 for Choice::FALSE
  • u8::MAX for Choice::TRUE
Source

pub const fn to_u16_mask(self) -> u16

Create a u16 bitmask.

§Returns
  • 0 for Choice::FALSE
  • u16::MAX for Choice::TRUE
Source

pub const fn to_u32_mask(self) -> u32

Create a u32 bitmask.

§Returns
  • 0 for Choice::FALSE
  • u32::MAX for Choice::TRUE
Source

pub const fn to_u64_mask(self) -> u64

Create a u64 bitmask.

§Returns
  • 0 for Choice::FALSE
  • u64::MAX for Choice::TRUE
Source

pub const fn to_u128_mask(self) -> u128

Create a u128 bitmask.

§Returns
  • 0 for Choice::FALSE
  • u128::MAX for Choice::TRUE

Trait Implementations§

Source§

impl BitAnd for Choice

Source§

type Output = Choice

The resulting type after applying the & operator.
Source§

fn bitand(self, rhs: Choice) -> Choice

Performs the & operation. Read more
Source§

impl BitAndAssign for Choice

Source§

fn bitand_assign(&mut self, rhs: Choice)

Performs the &= operation. Read more
Source§

impl BitOr for Choice

Source§

type Output = Choice

The resulting type after applying the | operator.
Source§

fn bitor(self, rhs: Choice) -> Choice

Performs the | operation. Read more
Source§

impl BitOrAssign for Choice

Source§

fn bitor_assign(&mut self, rhs: Choice)

Performs the |= operation. Read more
Source§

impl BitXor for Choice

Source§

type Output = Choice

The resulting type after applying the ^ operator.
Source§

fn bitxor(self, rhs: Choice) -> Choice

Performs the ^ operation. Read more
Source§

impl BitXorAssign for Choice

Source§

fn bitxor_assign(&mut self, rhs: Choice)

Performs the ^= operation. Read more
Source§

impl Clone for Choice

Source§

fn clone(&self) -> Choice

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl ConditionallySelectable for Choice

Available on crate feature subtle only.
Source§

fn conditional_select(a: &Choice, b: &Choice, choice: Choice) -> Choice

Select a or b according to choice. Read more
Source§

fn conditional_assign(&mut self, other: &Self, choice: Choice)

Conditionally assign other to self, according to choice. Read more
Source§

fn conditional_swap(a: &mut Self, b: &mut Self, choice: Choice)

Conditionally swap self and other if choice == 1; otherwise, reassign both unto themselves. Read more
Source§

impl ConstantTimeEq for Choice

Available on crate feature subtle only.
Source§

fn ct_eq(&self, other: &Choice) -> Choice

Determine if two items are equal. Read more
Source§

fn ct_ne(&self, other: &Self) -> Choice

Determine if two items are NOT equal. Read more
Source§

impl CtAssign for Choice

Source§

fn ct_assign(&mut self, other: &Choice, choice: Choice)

Conditionally assign src to self if choice is Choice::TRUE.
Source§

impl CtAssignSlice for Choice

Source§

fn ct_assign_slice(dst: &mut [Self], src: &[Self], choice: Choice)

Conditionally assign src to dst if choice is Choice::TRUE, or leave it unchanged for Choice::FALSE.
Source§

impl CtEq for Choice

Source§

fn ct_eq(&self, other: &Choice) -> Choice

Determine if self is equal to other in constant-time.
Source§

fn ct_ne(&self, other: &Rhs) -> Choice

Determine if self is NOT equal to other in constant-time.
Source§

impl CtEqSlice for Choice

Source§

fn ct_eq_slice(a: &[Self], b: &[Self]) -> Choice

Determine if a is equal to b in constant-time.
Source§

fn ct_ne_slice(a: &[Self], b: &[Self]) -> Choice

Determine if a is NOT equal to b in constant-time.
Source§

impl Debug for Choice

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl From<Choice> for Choice

Available on crate feature subtle only.
Source§

fn from(choice: Choice) -> Choice

Converts to this type from the input type.
Source§

impl From<u8> for Choice

DEPRECATED: this exists to aid migrating code from subtle. Use Choice::from_u8_lsb instead.

Note

Rust doesn’t actually let us deprecate an impl block, however this comment is here to discourage future use and warn that this will be removed in a future release.

Source§

fn from(value: u8) -> Choice

Converts to this type from the input type.
Source§

impl Not for Choice

Source§

type Output = Choice

The resulting type after applying the ! operator.
Source§

fn not(self) -> Choice

Performs the unary ! operation. Read more
Source§

impl Copy for Choice

Source§

impl CtSelectUsingCtAssign for Choice

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> CtSelect for T
where T: CtSelectUsingCtAssign,

Source§

fn ct_select(&self, other: &T, choice: Choice) -> T

Select between self and other based on choice, returning a copy of the value. Read more
Source§

fn ct_swap(&mut self, other: &mut Self, choice: Choice)

Conditionally swap self and other if choice is Choice::TRUE.
Source§

impl<T, const N: usize> CtSelectArray<N> for T
where T: Clone + CtAssignSlice + CtSelect,

Source§

fn ct_select_array(a: &[T; N], b: &[T; N], choice: Choice) -> [T; N]

Select between a and b in constant-time based on choice.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.