Choice

Struct Choice

pub struct Choice(/* private fields */);

Expand description

Constant-time analogue of bool providing a “best effort” optimization barrier.

Attempts to hint to the compiler and its codegen backends that optimizations should not be applied which depend on a value.

This is used as a “belt-and-suspenders” defense in addition to mechanisms like constant-time predication intrinsics provided by the cmov crate, and is never expected to be the only line of defense.

Implementations§

impl Choice

pub const FALSE: Self

Equivalent of false.

pub const TRUE: Self

Equivalent of true.

pub const fn new(value: u8) -> Self

Create a new Choice from the given u8 value, which should be either 0 or 1.

pub fn to_bool(self) -> bool

Convert Choice into a bool.

Security Warning

Using this function will introduce timing variability, since computing this at all currently requires a branch.

This is intended to be used as either the one and only branch at the end of a constant-time operation to e.g. differentiate between success and failure, or in contexts where constant-time doesn’t matter, e.g. variable-time code that operates on “maybe secret” types which aren’t secrets in a particular context.

If you are trying to use this in the context of a constant-time operation, be warned that the small amount of timing variability it introduces can potentially be exploited. Whenever possible, prefer fully constant-time approaches instead.

pub fn to_u8(self) -> u8

Convert Choice to a u8, attempting to apply a “best effort” optimization barrier.

pub const fn and(self, rhs: Choice) -> Choice

Apply an and conditional to the given Choices.

pub const fn or(self, rhs: Choice) -> Choice

Apply an or conditional to the given Choices.

pub const fn xor(self, rhs: Choice) -> Choice

Apply an xor conditional to the given Choices.

pub const fn not(self) -> Choice

Compute the boolean inverse of self.

Trait Implementations§

impl BitAnd for Choice

type Output = Choice

The resulting type after applying the & operator.

fn bitand(self, rhs: Choice) -> Choice

Performs the & operation. Read more

impl BitAndAssign for Choice

fn bitand_assign(&mut self, rhs: Choice)

Performs the &= operation. Read more

impl BitOr for Choice

type Output = Choice

The resulting type after applying the | operator.

fn bitor(self, rhs: Choice) -> Choice

Performs the | operation. Read more

impl BitOrAssign for Choice

fn bitor_assign(&mut self, rhs: Choice)

Performs the |= operation. Read more

impl BitXor for Choice

type Output = Choice

The resulting type after applying the ^ operator.

fn bitxor(self, rhs: Choice) -> Choice

Performs the ^ operation. Read more

impl BitXorAssign for Choice

fn bitxor_assign(&mut self, rhs: Choice)

Performs the ^= operation. Read more

impl Clone for Choice

fn clone(&self) -> Choice

Returns a duplicate of the value. Read more

1.0.0§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl CtEq for Choice

fn ct_eq(&self, other: &Self) -> Self

Equality

fn ct_ne(&self, other: &Rhs) -> Choice

Inequality

impl CtSelect for Choice

fn ct_select(&self, other: &Self, choice: Choice) -> Self

Select between self and other based on choice, returning a copy of the value. Read more

fn ct_assign(&mut self, other: &Self, choice: Choice)

Conditionally assign other to self if choice is Choice::TRUE.

fn ct_swap(&mut self, other: &mut Self, choice: Choice)

Conditionally swap self and other if choice is Choice::TRUE.

impl Debug for Choice

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl From<Choice> for Choice

Available on crate feature subtle only.

fn from(choice: Choice) -> Choice

Converts to this type from the input type.

impl From<Choice> for Choice

Available on crate feature subtle only.

fn from(choice: Choice) -> Choice

Converts to this type from the input type.

impl From<Choice> for bool

fn from(choice: Choice) -> bool

Converts to this type from the input type.

impl From<Choice> for u8

fn from(choice: Choice) -> u8

Converts to this type from the input type.

impl Not for Choice

type Output = Choice

The resulting type after applying the ! operator.

fn not(self) -> Choice

Performs the unary ! operation. Read more

impl Copy for Choice

Auto Trait Implementations§

impl Freeze for Choice

impl RefUnwindSafe for Choice

impl Send for Choice

impl Sync for Choice

impl Unpin for Choice

impl UnwindSafe for Choice

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.